From a0b726daf0c03797d10980a0d1defa849ac055bb Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Fri, 3 May 2019 23:38:14 -0700
Subject: [PATCH 001/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services.md

---
 ...system-components-to-microsoft-services.md | 155 ++++++------------
 1 file changed, 53 insertions(+), 102 deletions(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
index 923bfedcb3..1616b648c6 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
@@ -48,55 +48,6 @@ Note that **Get Help** and **Give us Feedback** links no longer work after the W
 
 We are always striving to improve our documentation and welcome your feedback. You can provide feedback by contacting telmhelp@microsoft.com.
 
-## What's new in Windows 10, version 1809 Enterprise edition
-
-Here's a list of changes that were made to this article for Windows 10, version 1809:
-
-- Added a policy to disable Windows Defender SmartScreen
-
-## What's new in Windows 10, version 1803 Enterprise edition
-
-Here's a list of changes that were made to this article for Windows 10, version 1803:
-
-- Added a policy to turn off notifications network usage
-- Added a policy for Microsoft Edge to turn off configuration updates for the Books Library
-- Added a policy for Microsoft Edge to turn off Address Bar drop-down list suggestions
-
-## What's new in Windows 10, version 1709 Enterprise edition
-
-Here's a list of changes that were made to this article for Windows 10, version 1709:
-
-- Added the Phone calls section
-- Added the Storage Health section
-- Added discussion of apps for websites in the Microsoft Store section
-
-## What's new in Windows 10, version 1703 Enterprise edition
-
-Here's a list of changes that were made to this article for Windows 10, version 1703:
-
-- Added an MDM policy for Font streaming
-- Added an MDM policy for Network Connection Status Indicator
-- Added an MDM policy for the Micosoft Account Sign-In Assistant
-- Added instructions for removing the Sticky Notes app
-- Added registry paths for some Group Policies
-- Added the Find My Device section
-- Added the Tasks section
-- Added the App Diagnostics section
-
-- Added the following Group Policies:
-
-  - Prevent managing SmartScreen Filter
-  - Turn off Compatibility View
-  - Turn off Automatic Download and Install of updates
-  - Do not connect to any Windows Update locations
-  - Turn off access to all Windows Update features
-  - Specify Intranet Microsoft update service location
-  - Enable Windows NTP client
-  - Turn off Automatic download of the ActiveX VersionList
-  - Allow Automatic Update of Speech Data
-  - Accounts: Block Microsoft Accounts
-  - Do not use diagnostic data for tailored experiences
-
 ## <a href="" id="bkmk-othersettings"></a>Management options for each setting
 
 The following sections list the components that make network connections to Microsoft services by default. You can configure these settings to control the data that is sent to Microsoft. To prevent Windows from sending any data to Microsoft, configure diagnostic data at the Security level, turn off Windows Defender diagnostic data and MSRT reporting, and turn off all of these connections.
@@ -108,59 +59,59 @@ The following table lists management options for each setting, beginning with Wi
 >[!NOTE]
 >For some settings, MDM policies only partly cover capabilities available through Group Policy. See each setting’s section for more details.
 
-| Setting | UI | Group Policy | MDM policy | Registry | Command line |
-| - | :-: | :-: | :-: | :-: | :-: |
-| [1. Automatic Root Certificates Update](#automatic-root-certificates-update) | | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | |
-| [2. Cortana and Search](#bkmk-cortana) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| [3. Date & Time](#bkmk-datetime) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | |
-| [4. Device metadata retrieval](#bkmk-devinst) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| [5. Find My Device](#find-my-device) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | |
-| [6. Font streaming](#font-streaming) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| [7. Insider Preview builds](#bkmk-previewbuilds) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |  |
-| [8. Internet Explorer](#bkmk-ie) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | |
-| [9. License Manager](#bkmk-licmgr) | | | | ![Check mark](images/checkmark.png) | |
-| [10. Live Tiles](#live-tiles) | | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | |
-| [11. Mail synchronization](#bkmk-mailsync) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| [12. Microsoft Account](#bkmk-microsoft-account) | | ![Check mark](images/checkmark.png) |  ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| [13. Microsoft Edge](#bkmk-edge) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |  |
-| [14. Network Connection Status Indicator](#bkmk-ncsi) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| [15. Offline maps](#bkmk-offlinemaps) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | |
-| [16. OneDrive](#bkmk-onedrive) | | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | |
-| [17. Preinstalled apps](#bkmk-preinstalledapps) | ![Check mark](images/checkmark.png) | | | | ![Check mark](images/checkmark.png) |
-| [18. Settings > Privacy](#bkmk-settingssection) | | | | | |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.1 General](#bkmk-general) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.2 Location](#bkmk-priv-location) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.3 Camera](#bkmk-priv-camera) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.4 Microphone](#bkmk-priv-microphone) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.5 Notifications](#bkmk-priv-notifications) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png)| ![Check mark](images/checkmark.png) | |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.6 Speech](#bkmk-priv-speech) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.7 Account info](#bkmk-priv-accounts) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.8 Contacts](#bkmk-priv-contacts) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.9 Calendar](#bkmk-priv-calendar) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.10 Call history](#bkmk-priv-callhistory) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.11 Email](#bkmk-priv-email) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.12 Messaging](#bkmk-priv-messaging) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.13 Phone calls](#bkmk-priv-phone-calls) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.14 Radios](#bkmk-priv-radios) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.15 Other devices](#bkmk-priv-other-devices) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.16 Feedback & diagnostics](#bkmk-priv-feedback) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.17 Background apps](#bkmk-priv-background) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.18 Motion](#bkmk-priv-motion) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.19 Tasks](#bkmk-priv-tasks) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |  ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.20 App Diagnostics](#bkmk-priv-diag) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |  ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.21 Inking & Typing](#bkmk-priv-ink) | ![Check mark](images/checkmark.png) | |  ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| [19. Software Protection Platform](#bkmk-spp) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| [20. Storage Health](#bkmk-storage-health) | | ![Check mark](images/checkmark.png) |  |  | |
-| [21. Sync your settings](#bkmk-syncsettings) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| [22. Teredo](#bkmk-teredo) | | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| [23. Wi-Fi Sense](#bkmk-wifisense) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | |
-| [24. Windows Defender](#bkmk-defender) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| &nbsp;&nbsp;&nbsp;&nbsp;[24.1 Windows Defender Smartscreen](#bkmk-defender-smartscreen) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| [25. Windows Spotlight](#bkmk-spotlight) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| [26. Microsoft Store](#bkmk-windowsstore) | | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | |
-| &nbsp;&nbsp;&nbsp;&nbsp;[27.1 Apps for websites](#bkmk-apps-for-websites) | | ![Check mark](images/checkmark.png) |  | |
-| [27. Windows Update Delivery Optimization](#bkmk-updates) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| [28. Windows Update](#bkmk-wu) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | |
+| Setting | UI | Group Policy | MDM policy | Registry | 
+| - | :-: | :-: | :-: | :-: |
+| [1. Automatic Root Certificates Update](#automatic-root-certificates-update) | | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) |
+| [2. Cortana and Search](#bkmk-cortana) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [3. Date & Time](#bkmk-datetime) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) |
+| [4. Device metadata retrieval](#bkmk-devinst) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [5. Find My Device](#find-my-device) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) |
+| [6. Font streaming](#font-streaming) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [7. Insider Preview builds](#bkmk-previewbuilds) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [8. Internet Explorer](#bkmk-ie) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) |
+| [9. License Manager](#bkmk-licmgr) | | | | ![Check mark](images/checkmark.png) |
+| [10. Live Tiles](#live-tiles) | | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) |
+| [11. Mail synchronization](#bkmk-mailsync) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [12. Microsoft Account](#bkmk-microsoft-account) | | ![Check mark](images/checkmark.png) |  ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [13. Microsoft Edge](#bkmk-edge) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [14. Network Connection Status Indicator](#bkmk-ncsi) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [15. Offline maps](#bkmk-offlinemaps) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) |
+| [16. OneDrive](#bkmk-onedrive) | | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) |
+| [17. Preinstalled apps](#bkmk-preinstalledapps) | ![Check mark](images/checkmark.png) | | | |
+| [18. Settings > Privacy](#bkmk-settingssection) | | | | |
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.1 General](#bkmk-general) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.2 Location](#bkmk-priv-location) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.3 Camera](#bkmk-priv-camera) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.4 Microphone](#bkmk-priv-microphone) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.5 Notifications](#bkmk-priv-notifications) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png)| ![Check mark](images/checkmark.png) |
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.6 Speech](#bkmk-priv-speech) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.7 Account info](#bkmk-priv-accounts) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.8 Contacts](#bkmk-priv-contacts) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.9 Calendar](#bkmk-priv-calendar) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.10 Call history](#bkmk-priv-callhistory) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.11 Email](#bkmk-priv-email) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.12 Messaging](#bkmk-priv-messaging) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.13 Phone calls](#bkmk-priv-phone-calls) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.14 Radios](#bkmk-priv-radios) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.15 Other devices](#bkmk-priv-other-devices) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.16 Feedback & diagnostics](#bkmk-priv-feedback) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.17 Background apps](#bkmk-priv-background) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.18 Motion](#bkmk-priv-motion) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.19 Tasks](#bkmk-priv-tasks) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |  ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.20 App Diagnostics](#bkmk-priv-diag) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |  ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.21 Inking & Typing](#bkmk-priv-ink) | ![Check mark](images/checkmark.png) | |  ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [19. Software Protection Platform](#bkmk-spp) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [20. Storage Health](#bkmk-storage-health) | | ![Check mark](images/checkmark.png) |  |  |
+| [21. Sync your settings](#bkmk-syncsettings) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [22. Teredo](#bkmk-teredo) | | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) |
+| [23. Wi-Fi Sense](#bkmk-wifisense) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) |
+| [24. Windows Defender](#bkmk-defender) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| &nbsp;&nbsp;&nbsp;&nbsp;[24.1 Windows Defender Smartscreen](#bkmk-defender-smartscreen) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [25. Windows Spotlight](#bkmk-spotlight) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [26. Microsoft Store](#bkmk-windowsstore) | | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) |
+| &nbsp;&nbsp;&nbsp;&nbsp;[27.1 Apps for websites](#bkmk-apps-for-websites) | | ![Check mark](images/checkmark.png) |  |
+| [27. Windows Update Delivery Optimization](#bkmk-updates) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [28. Windows Update](#bkmk-wu) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
 
 
 ### Settings for Windows Server 2016 with Desktop Experience

From 903400c4d1b9e698b50eeb5aff849015b3e4569c Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Fri, 3 May 2019 23:55:14 -0700
Subject: [PATCH 002/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services.md

---
 ...system-components-to-microsoft-services.md | 178 +++++++++---------
 1 file changed, 89 insertions(+), 89 deletions(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
index 1616b648c6..99e29bee27 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
@@ -118,110 +118,110 @@ The following table lists management options for each setting, beginning with Wi
 
 See the following table for a summary of the management settings for Windows Server 2016 with Desktop Experience.
 
-| Setting | UI | Group Policy | Registry | Command line |
-| - | :-: | :-: | :-: | :-: |
-| [1. Automatic Root Certificates Update](#automatic-root-certificates-update) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| [2. Cortana and Search](#bkmk-cortana) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| [3. Date & Time](#bkmk-datetime) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| [4. Device metadata retrieval](#bkmk-devinst) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| [6. Font streaming](#font-streaming) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| [7. Insider Preview builds](#bkmk-previewbuilds) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| [8. Internet Explorer](#bkmk-ie) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| [10. Live Tiles](#live-tiles) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| [12. Microsoft Account](#bkmk-microsoft-account) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| [14. Network Connection Status Indicator](#bkmk-ncsi) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| [16. OneDrive](#bkmk-onedrive) | | ![Check mark](images/checkmark.png) | | |
-| [18. Settings > Privacy](#bkmk-settingssection) | | | | |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.1 General](#bkmk-general) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| [19. Software Protection Platform](#bkmk-spp) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| [20. Teredo](#bkmk-teredo) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| [24. Windows Defender](#bkmk-defender) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| [26. Microsoft Store](#bkmk-windowsstore) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| &nbsp;&nbsp;&nbsp;&nbsp;[27.1 Apps for websites](#bkmk-apps-for-websites) | | ![Check mark](images/checkmark.png) |  | |
-| [28. Windows Update](#bkmk-wu) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
+| Setting | UI | Group Policy | Registry | 
+| - | :-: | :-: | :-: | 
+| [1. Automatic Root Certificates Update](#automatic-root-certificates-update) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [2. Cortana and Search](#bkmk-cortana) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [3. Date & Time](#bkmk-datetime) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [4. Device metadata retrieval](#bkmk-devinst) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [6. Font streaming](#font-streaming) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [7. Insider Preview builds](#bkmk-previewbuilds) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [8. Internet Explorer](#bkmk-ie) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [10. Live Tiles](#live-tiles) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [12. Microsoft Account](#bkmk-microsoft-account) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [14. Network Connection Status Indicator](#bkmk-ncsi) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [16. OneDrive](#bkmk-onedrive) | | ![Check mark](images/checkmark.png) | |
+| [18. Settings > Privacy](#bkmk-settingssection) | | | |
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.1 General](#bkmk-general) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [19. Software Protection Platform](#bkmk-spp) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [20. Teredo](#bkmk-teredo) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [24. Windows Defender](#bkmk-defender) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [26. Microsoft Store](#bkmk-windowsstore) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| &nbsp;&nbsp;&nbsp;&nbsp;[27.1 Apps for websites](#bkmk-apps-for-websites) | | ![Check mark](images/checkmark.png) |  |
+| [28. Windows Update](#bkmk-wu) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
 
 ### Settings for Windows Server 2016 Server Core
 
 See the following table for a summary of the management settings for Windows Server 2016 Server Core.
 
-| Setting | Group Policy | Registry | Command line |
-| - | :-: | :-: | :-: | :-: | :-: |
-| [1. Automatic Root Certificates Update](#automatic-root-certificates-update) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| [3. Date & Time](#bkmk-datetime) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| [6. Font streaming](#font-streaming) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| [14. Network Connection Status Indicator](#bkmk-ncsi) | ![Check mark](images/checkmark.png) | | |
-| [19. Software Protection Platform](#bkmk-spp) | ![Check mark](images/checkmark.png) | | |
-| [22. Teredo](#bkmk-teredo) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) |
-| [24. Windows Defender](#bkmk-defender) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| [28. Windows Update](#bkmk-wu) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
+| Setting | Group Policy | Registry | 
+| - | :-: | :-: | 
+| [1. Automatic Root Certificates Update](#automatic-root-certificates-update) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [3. Date & Time](#bkmk-datetime) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [6. Font streaming](#font-streaming) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [14. Network Connection Status Indicator](#bkmk-ncsi) | ![Check mark](images/checkmark.png) | |
+| [19. Software Protection Platform](#bkmk-spp) | ![Check mark](images/checkmark.png) |
+| [22. Teredo](#bkmk-teredo) | ![Check mark](images/checkmark.png) | |
+| [24. Windows Defender](#bkmk-defender) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [28. Windows Update](#bkmk-wu) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
 
 ### Settings for Windows Server 2016 Nano Server
 
 See the following table for a summary of the management settings for Windows Server 2016 Nano Server.
 
-| Setting | Registry | Command line |
-| - | :-: | :-: | :-: | :-: | :-: |
-| [1. Automatic Root Certificates Update](#automatic-root-certificates-update) | ![Check mark](images/checkmark.png) | |
-| [3. Date & Time](#bkmk-datetime) | ![Check mark](images/checkmark.png) | |
-| [22. Teredo](#bkmk-teredo) | | ![Check mark](images/checkmark.png) |
-| [28. Windows Update](#bkmk-wu) | ![Check mark](images/checkmark.png) | |
+| Setting | Registry |
+| - | :-: | :-: | 
+| [1. Automatic Root Certificates Update](#automatic-root-certificates-update) | ![Check mark](images/checkmark.png) |
+| [3. Date & Time](#bkmk-datetime) | ![Check mark](images/checkmark.png) |
+| [22. Teredo](#bkmk-teredo) | |
+| [28. Windows Update](#bkmk-wu) | ![Check mark](images/checkmark.png) |
 
 ### Settings for Windows Server 2019
 
 See the following table for a summary of the management settings for Windows Server 2019.
 
-| Setting | UI | Group Policy | MDM policy | Registry | Command line |
-| - | :-: | :-: | :-: | :-: | :-: |
-| [1. Automatic Root Certificates Update](#automatic-root-certificates-update) | | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | |
-| [2. Cortana and Search](#bkmk-cortana) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| [3. Date & Time](#bkmk-datetime) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | |
-| [4. Device metadata retrieval](#bkmk-devinst) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| [5. Find My Device](#find-my-device) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | |
-| [6. Font streaming](#font-streaming) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| [7. Insider Preview builds](#bkmk-previewbuilds) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |  |
-| [8. Internet Explorer](#bkmk-ie) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | |
-| [10. Live Tiles](#live-tiles) | | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | |
-| [11. Mail synchronization](#bkmk-mailsync) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| [12. Microsoft Account](#bkmk-microsoft-account) | | ![Check mark](images/checkmark.png) |  ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| [13. Microsoft Edge](#bkmk-edge) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |  |
-| [14. Network Connection Status Indicator](#bkmk-ncsi) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| [15. Offline maps](#bkmk-offlinemaps) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | |
-| [16. OneDrive](#bkmk-onedrive) | | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | |
-| [17. Preinstalled apps](#bkmk-preinstalledapps) | ![Check mark](images/checkmark.png) | | | | ![Check mark](images/checkmark.png) |
-| [18. Settings > Privacy](#bkmk-settingssection) | | | | | |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.1 General](#bkmk-general) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.2 Location](#bkmk-priv-location) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.3 Camera](#bkmk-priv-camera) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.4 Microphone](#bkmk-priv-microphone) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.5 Notifications](#bkmk-priv-notifications) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png)| ![Check mark](images/checkmark.png) | |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.6 Speech](#bkmk-priv-speech) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.7 Account info](#bkmk-priv-accounts) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.8 Contacts](#bkmk-priv-contacts) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.9 Calendar](#bkmk-priv-calendar) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.10 Call history](#bkmk-priv-callhistory) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.11 Email](#bkmk-priv-email) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.12 Messaging](#bkmk-priv-messaging) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.13 Phone calls](#bkmk-priv-phone-calls) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.14 Radios](#bkmk-priv-radios) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.15 Other devices](#bkmk-priv-other-devices) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.16 Feedback & diagnostics](#bkmk-priv-feedback) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.17 Background apps](#bkmk-priv-background) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.18 Motion](#bkmk-priv-motion) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.19 Tasks](#bkmk-priv-tasks) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |  ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.20 App Diagnostics](#bkmk-priv-diag) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |  ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.21 Inking & Typing](#bkmk-priv-ink) | | |  ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| [19. Software Protection Platform](#bkmk-spp) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| [20. Storage Health](#bkmk-storage-health) | | ![Check mark](images/checkmark.png) |  |  | |
-| [21. Sync your settings](#bkmk-syncsettings) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| [22. Teredo](#bkmk-teredo) | | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| [23. Wi-Fi Sense](#bkmk-wifisense) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | |
-| [24. Windows Defender](#bkmk-defender) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| &nbsp;&nbsp;&nbsp;&nbsp;[24.1 Windows Defender Smartscreen](#bkmk-defender-smartscreen) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| [25. Windows Spotlight](#bkmk-spotlight) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| [26. Microsoft Store](#bkmk-windowsstore) | | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | |
-| &nbsp;&nbsp;&nbsp;&nbsp;[27.1 Apps for websites](#bkmk-apps-for-websites) | | ![Check mark](images/checkmark.png) |  | |
-| [27. Windows Update Delivery Optimization](#bkmk-updates) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| [28. Windows Update](#bkmk-wu) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | |
+| Setting | UI | Group Policy | MDM policy | Registry | 
+| - | :-: | :-: | :-: | :-: |
+| [1. Automatic Root Certificates Update](#automatic-root-certificates-update) | | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) |
+| [2. Cortana and Search](#bkmk-cortana) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [3. Date & Time](#bkmk-datetime) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) |
+| [4. Device metadata retrieval](#bkmk-devinst) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [5. Find My Device](#find-my-device) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) |
+| [6. Font streaming](#font-streaming) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [7. Insider Preview builds](#bkmk-previewbuilds) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [8. Internet Explorer](#bkmk-ie) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) |
+| [10. Live Tiles](#live-tiles) | | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) |
+| [11. Mail synchronization](#bkmk-mailsync) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [12. Microsoft Account](#bkmk-microsoft-account) | | ![Check mark](images/checkmark.png) |  ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [13. Microsoft Edge](#bkmk-edge) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [14. Network Connection Status Indicator](#bkmk-ncsi) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [15. Offline maps](#bkmk-offlinemaps) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) |
+| [16. OneDrive](#bkmk-onedrive) | | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) |
+| [17. Preinstalled apps](#bkmk-preinstalledapps) | ![Check mark](images/checkmark.png) | | | |
+| [18. Settings > Privacy](#bkmk-settingssection) | | | | |
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.1 General](#bkmk-general) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.2 Location](#bkmk-priv-location) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.3 Camera](#bkmk-priv-camera) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.4 Microphone](#bkmk-priv-microphone) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.5 Notifications](#bkmk-priv-notifications) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png)| ![Check mark](images/checkmark.png) |
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.6 Speech](#bkmk-priv-speech) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.7 Account info](#bkmk-priv-accounts) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.8 Contacts](#bkmk-priv-contacts) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.9 Calendar](#bkmk-priv-calendar) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.10 Call history](#bkmk-priv-callhistory) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.11 Email](#bkmk-priv-email) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.12 Messaging](#bkmk-priv-messaging) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.13 Phone calls](#bkmk-priv-phone-calls) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.14 Radios](#bkmk-priv-radios) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.15 Other devices](#bkmk-priv-other-devices) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.16 Feedback & diagnostics](#bkmk-priv-feedback) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.17 Background apps](#bkmk-priv-background) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.18 Motion](#bkmk-priv-motion) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.19 Tasks](#bkmk-priv-tasks) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |  ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.20 App Diagnostics](#bkmk-priv-diag) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |  ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.21 Inking & Typing](#bkmk-priv-ink) | | |  ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [19. Software Protection Platform](#bkmk-spp) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [20. Storage Health](#bkmk-storage-health) | | ![Check mark](images/checkmark.png) |  |  |
+| [21. Sync your settings](#bkmk-syncsettings) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [22. Teredo](#bkmk-teredo) | | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) |
+| [23. Wi-Fi Sense](#bkmk-wifisense) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) |
+| [24. Windows Defender](#bkmk-defender) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| &nbsp;&nbsp;&nbsp;&nbsp;[24.1 Windows Defender Smartscreen](#bkmk-defender-smartscreen) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [25. Windows Spotlight](#bkmk-spotlight) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [26. Microsoft Store](#bkmk-windowsstore) | | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) |
+| &nbsp;&nbsp;&nbsp;&nbsp;[27.1 Apps for websites](#bkmk-apps-for-websites) | | ![Check mark](images/checkmark.png) |  |
+| [27. Windows Update Delivery Optimization](#bkmk-updates) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [28. Windows Update](#bkmk-wu) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
 
 ## How to configure each setting
 

From ccf0f2ea9ab2b074c63d6860648d7a374edf96f4 Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Fri, 3 May 2019 23:58:37 -0700
Subject: [PATCH 003/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services.md

---
 ...windows-operating-system-components-to-microsoft-services.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
index 99e29bee27..a3902d9ea0 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
@@ -160,7 +160,7 @@ See the following table for a summary of the management settings for Windows Ser
 See the following table for a summary of the management settings for Windows Server 2016 Nano Server.
 
 | Setting | Registry |
-| - | :-: | :-: | 
+| - | :-: |  
 | [1. Automatic Root Certificates Update](#automatic-root-certificates-update) | ![Check mark](images/checkmark.png) |
 | [3. Date & Time](#bkmk-datetime) | ![Check mark](images/checkmark.png) |
 | [22. Teredo](#bkmk-teredo) | |

From bc561e1fe8930093b0ceeca03ca548c70f65e3ff Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Sat, 4 May 2019 00:07:13 -0700
Subject: [PATCH 004/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services.md

---
 ...system-components-to-microsoft-services.md | 100 +++++++++---------
 1 file changed, 50 insertions(+), 50 deletions(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
index a3902d9ea0..53d253142c 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
@@ -59,59 +59,59 @@ The following table lists management options for each setting, beginning with Wi
 >[!NOTE]
 >For some settings, MDM policies only partly cover capabilities available through Group Policy. See each setting’s section for more details.
 
-| Setting | UI | Group Policy | MDM policy | Registry | 
-| - | :-: | :-: | :-: | :-: |
-| [1. Automatic Root Certificates Update](#automatic-root-certificates-update) | | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) |
-| [2. Cortana and Search](#bkmk-cortana) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| [3. Date & Time](#bkmk-datetime) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) |
-| [4. Device metadata retrieval](#bkmk-devinst) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| [5. Find My Device](#find-my-device) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) |
-| [6. Font streaming](#font-streaming) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| [7. Insider Preview builds](#bkmk-previewbuilds) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| [8. Internet Explorer](#bkmk-ie) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) |
-| [9. License Manager](#bkmk-licmgr) | | | | ![Check mark](images/checkmark.png) |
-| [10. Live Tiles](#live-tiles) | | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) |
-| [11. Mail synchronization](#bkmk-mailsync) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| [12. Microsoft Account](#bkmk-microsoft-account) | | ![Check mark](images/checkmark.png) |  ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| [13. Microsoft Edge](#bkmk-edge) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| [14. Network Connection Status Indicator](#bkmk-ncsi) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| [15. Offline maps](#bkmk-offlinemaps) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) |
-| [16. OneDrive](#bkmk-onedrive) | | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) |
-| [17. Preinstalled apps](#bkmk-preinstalledapps) | ![Check mark](images/checkmark.png) | | | |
-| [18. Settings > Privacy](#bkmk-settingssection) | | | | |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.1 General](#bkmk-general) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.2 Location](#bkmk-priv-location) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.3 Camera](#bkmk-priv-camera) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.4 Microphone](#bkmk-priv-microphone) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.5 Notifications](#bkmk-priv-notifications) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png)| ![Check mark](images/checkmark.png) |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.6 Speech](#bkmk-priv-speech) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.7 Account info](#bkmk-priv-accounts) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.8 Contacts](#bkmk-priv-contacts) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.9 Calendar](#bkmk-priv-calendar) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.10 Call history](#bkmk-priv-callhistory) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.11 Email](#bkmk-priv-email) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.12 Messaging](#bkmk-priv-messaging) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.13 Phone calls](#bkmk-priv-phone-calls) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.14 Radios](#bkmk-priv-radios) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.15 Other devices](#bkmk-priv-other-devices) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.16 Feedback & diagnostics](#bkmk-priv-feedback) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.17 Background apps](#bkmk-priv-background) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.18 Motion](#bkmk-priv-motion) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.19 Tasks](#bkmk-priv-tasks) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |  ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.20 App Diagnostics](#bkmk-priv-diag) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |  ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.21 Inking & Typing](#bkmk-priv-ink) | ![Check mark](images/checkmark.png) | |  ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| [19. Software Protection Platform](#bkmk-spp) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| Setting | UI | Group Policy | Registry | 
+| - | :-: | :-: | :-: | 
+| [1. Automatic Root Certificates Update](#automatic-root-certificates-update) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [2. Cortana and Search](#bkmk-cortana) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [3. Date & Time](#bkmk-datetime) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [4. Device metadata retrieval](#bkmk-devinst) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [5. Find My Device](#find-my-device) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [6. Font streaming](#font-streaming) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [7. Insider Preview builds](#bkmk-previewbuilds) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [8. Internet Explorer](#bkmk-ie) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [9. License Manager](#bkmk-licmgr) | | |  ![Check mark](images/checkmark.png) |
+| [10. Live Tiles](#live-tiles) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [11. Mail synchronization](#bkmk-mailsync) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) |
+| [12. Microsoft Account](#bkmk-microsoft-account) | | ![Check mark](images/checkmark.png) |  ![Check mark](images/checkmark.png) |
+| [13. Microsoft Edge](#bkmk-edge) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [14. Network Connection Status Indicator](#bkmk-ncsi) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [15. Offline maps](#bkmk-offlinemaps) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [16. OneDrive](#bkmk-onedrive) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [17. Preinstalled apps](#bkmk-preinstalledapps) | ![Check mark](images/checkmark.png) | | | 
+| [18. Settings > Privacy](#bkmk-settingssection) | | | | 
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.1 General](#bkmk-general) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.2 Location](#bkmk-priv-location) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.3 Camera](#bkmk-priv-camera) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.4 Microphone](#bkmk-priv-microphone) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.5 Notifications](#bkmk-priv-notifications) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png)| 
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.6 Speech](#bkmk-priv-speech) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.7 Account info](#bkmk-priv-accounts) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.8 Contacts](#bkmk-priv-contacts) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.9 Calendar](#bkmk-priv-calendar) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.10 Call history](#bkmk-priv-callhistory) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.11 Email](#bkmk-priv-email) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.12 Messaging](#bkmk-priv-messaging) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.13 Phone calls](#bkmk-priv-phone-calls) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.14 Radios](#bkmk-priv-radios) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.15 Other devices](#bkmk-priv-other-devices) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.16 Feedback & diagnostics](#bkmk-priv-feedback) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.17 Background apps](#bkmk-priv-background) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.18 Motion](#bkmk-priv-motion) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.19 Tasks](#bkmk-priv-tasks) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |  ![Check mark](images/checkmark.png) | 
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.20 App Diagnostics](#bkmk-priv-diag) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |  ![Check mark](images/checkmark.png) | 
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.21 Inking & Typing](#bkmk-priv-ink) | ![Check mark](images/checkmark.png) | |  ![Check mark](images/checkmark.png) | 
+| [19. Software Protection Platform](#bkmk-spp) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
 | [20. Storage Health](#bkmk-storage-health) | | ![Check mark](images/checkmark.png) |  |  |
-| [21. Sync your settings](#bkmk-syncsettings) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [21. Sync your settings](#bkmk-syncsettings) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
 | [22. Teredo](#bkmk-teredo) | | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) |
-| [23. Wi-Fi Sense](#bkmk-wifisense) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) |
-| [24. Windows Defender](#bkmk-defender) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| &nbsp;&nbsp;&nbsp;&nbsp;[24.1 Windows Defender Smartscreen](#bkmk-defender-smartscreen) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| [25. Windows Spotlight](#bkmk-spotlight) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| [26. Microsoft Store](#bkmk-windowsstore) | | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) |
+| [23. Wi-Fi Sense](#bkmk-wifisense) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | 
+| [24. Windows Defender](#bkmk-defender) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
+| &nbsp;&nbsp;&nbsp;&nbsp;[24.1 Windows Defender Smartscreen](#bkmk-defender-smartscreen) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
+| [25. Windows Spotlight](#bkmk-spotlight) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
+| [26. Microsoft Store](#bkmk-windowsstore) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
 | &nbsp;&nbsp;&nbsp;&nbsp;[27.1 Apps for websites](#bkmk-apps-for-websites) | | ![Check mark](images/checkmark.png) |  |
-| [27. Windows Update Delivery Optimization](#bkmk-updates) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| [28. Windows Update](#bkmk-wu) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
+| [27. Windows Update Delivery Optimization](#bkmk-updates) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
+| [28. Windows Update](#bkmk-wu) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
 
 
 ### Settings for Windows Server 2016 with Desktop Experience

From 79db69e04c022b5e2529c3914165a208813953be Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Sat, 4 May 2019 00:19:24 -0700
Subject: [PATCH 005/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services.md

---
 ...system-components-to-microsoft-services.md | 102 +++++++++---------
 1 file changed, 51 insertions(+), 51 deletions(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
index 53d253142c..1b00182dc9 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
@@ -170,58 +170,58 @@ See the following table for a summary of the management settings for Windows Ser
 
 See the following table for a summary of the management settings for Windows Server 2019.
 
-| Setting | UI | Group Policy | MDM policy | Registry | 
-| - | :-: | :-: | :-: | :-: |
-| [1. Automatic Root Certificates Update](#automatic-root-certificates-update) | | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) |
+| Setting | UI | Group Policy | Registry | 
+| - | :-: | :-: | :-: |
+| [1. Automatic Root Certificates Update](#automatic-root-certificates-update) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
 | [2. Cortana and Search](#bkmk-cortana) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| [3. Date & Time](#bkmk-datetime) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) |
-| [4. Device metadata retrieval](#bkmk-devinst) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| [5. Find My Device](#find-my-device) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) |
-| [6. Font streaming](#font-streaming) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| [7. Insider Preview builds](#bkmk-previewbuilds) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| [8. Internet Explorer](#bkmk-ie) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) |
-| [10. Live Tiles](#live-tiles) | | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) |
-| [11. Mail synchronization](#bkmk-mailsync) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| [12. Microsoft Account](#bkmk-microsoft-account) | | ![Check mark](images/checkmark.png) |  ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| [13. Microsoft Edge](#bkmk-edge) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| [14. Network Connection Status Indicator](#bkmk-ncsi) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| [15. Offline maps](#bkmk-offlinemaps) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) |
-| [16. OneDrive](#bkmk-onedrive) | | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) |
-| [17. Preinstalled apps](#bkmk-preinstalledapps) | ![Check mark](images/checkmark.png) | | | |
-| [18. Settings > Privacy](#bkmk-settingssection) | | | | |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.1 General](#bkmk-general) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.2 Location](#bkmk-priv-location) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.3 Camera](#bkmk-priv-camera) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.4 Microphone](#bkmk-priv-microphone) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.5 Notifications](#bkmk-priv-notifications) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png)| ![Check mark](images/checkmark.png) |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.6 Speech](#bkmk-priv-speech) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.7 Account info](#bkmk-priv-accounts) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.8 Contacts](#bkmk-priv-contacts) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.9 Calendar](#bkmk-priv-calendar) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.10 Call history](#bkmk-priv-callhistory) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.11 Email](#bkmk-priv-email) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.12 Messaging](#bkmk-priv-messaging) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.13 Phone calls](#bkmk-priv-phone-calls) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.14 Radios](#bkmk-priv-radios) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.15 Other devices](#bkmk-priv-other-devices) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.16 Feedback & diagnostics](#bkmk-priv-feedback) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.17 Background apps](#bkmk-priv-background) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.18 Motion](#bkmk-priv-motion) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.19 Tasks](#bkmk-priv-tasks) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |  ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.20 App Diagnostics](#bkmk-priv-diag) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |  ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.21 Inking & Typing](#bkmk-priv-ink) | | |  ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| [19. Software Protection Platform](#bkmk-spp) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| [20. Storage Health](#bkmk-storage-health) | | ![Check mark](images/checkmark.png) |  |  |
-| [21. Sync your settings](#bkmk-syncsettings) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| [22. Teredo](#bkmk-teredo) | | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) |
-| [23. Wi-Fi Sense](#bkmk-wifisense) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) |
-| [24. Windows Defender](#bkmk-defender) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| &nbsp;&nbsp;&nbsp;&nbsp;[24.1 Windows Defender Smartscreen](#bkmk-defender-smartscreen) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| [25. Windows Spotlight](#bkmk-spotlight) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| [26. Microsoft Store](#bkmk-windowsstore) | | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) |
-| &nbsp;&nbsp;&nbsp;&nbsp;[27.1 Apps for websites](#bkmk-apps-for-websites) | | ![Check mark](images/checkmark.png) |  |
-| [27. Windows Update Delivery Optimization](#bkmk-updates) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| [28. Windows Update](#bkmk-wu) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
+| [3. Date & Time](#bkmk-datetime) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [4. Device metadata retrieval](#bkmk-devinst) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [5. Find My Device](#find-my-device) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [6. Font streaming](#font-streaming) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [7. Insider Preview builds](#bkmk-previewbuilds) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [8. Internet Explorer](#bkmk-ie) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [10. Live Tiles](#live-tiles) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [11. Mail synchronization](#bkmk-mailsync) | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) |
+| [12. Microsoft Account](#bkmk-microsoft-account) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [13. Microsoft Edge](#bkmk-edge) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [14. Network Connection Status Indicator](#bkmk-ncsi) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [15. Offline maps](#bkmk-offlinemaps) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [16. OneDrive](#bkmk-onedrive) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [17. Preinstalled apps](#bkmk-preinstalledapps) | ![Check mark](images/checkmark.png) | | |
+| [18. Settings > Privacy](#bkmk-settingssection) | | | |
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.1 General](#bkmk-general) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.2 Location](#bkmk-priv-location) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.3 Camera](#bkmk-priv-camera) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.4 Microphone](#bkmk-priv-microphone) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.5 Notifications](#bkmk-priv-notifications) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png)| 
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.6 Speech](#bkmk-priv-speech) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.7 Account info](#bkmk-priv-accounts) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.8 Contacts](#bkmk-priv-contacts) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.9 Calendar](#bkmk-priv-calendar) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.10 Call history](#bkmk-priv-callhistory) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.11 Email](#bkmk-priv-email) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.12 Messaging](#bkmk-priv-messaging) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.13 Phone calls](#bkmk-priv-phone-calls) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.14 Radios](#bkmk-priv-radios) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.15 Other devices](#bkmk-priv-other-devices) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.16 Feedback & diagnostics](#bkmk-priv-feedback) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.17 Background apps](#bkmk-priv-background) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.18 Motion](#bkmk-priv-motion) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.19 Tasks](#bkmk-priv-tasks) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |  ![Check mark](images/checkmark.png) | 
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.20 App Diagnostics](#bkmk-priv-diag) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |  ![Check mark](images/checkmark.png) | 
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.21 Inking & Typing](#bkmk-priv-ink) | | |  ![Check mark](images/checkmark.png) | 
+| [19. Software Protection Platform](#bkmk-spp) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
+| [20. Storage Health](#bkmk-storage-health) | | ![Check mark](images/checkmark.png) |   |
+| [21. Sync your settings](#bkmk-syncsettings) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [22. Teredo](#bkmk-teredo) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [23. Wi-Fi Sense](#bkmk-wifisense) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [24. Windows Defender](#bkmk-defender) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| &nbsp;&nbsp;&nbsp;&nbsp;[24.1 Windows Defender Smartscreen](#bkmk-defender-smartscreen) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
+| [25. Windows Spotlight](#bkmk-spotlight) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
+| [26. Microsoft Store](#bkmk-windowsstore) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| &nbsp;&nbsp;&nbsp;&nbsp;[27.1 Apps for websites](#bkmk-apps-for-websites) | | |
+| [27. Windows Update Delivery Optimization](#bkmk-updates) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [28. Windows Update](#bkmk-wu) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
 
 ## How to configure each setting
 

From 9d88227d5998fa30f911f3dfeda3a962f8291f1b Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Sat, 4 May 2019 00:21:54 -0700
Subject: [PATCH 006/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services.md

---
 ...ndows-operating-system-components-to-microsoft-services.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
index 1b00182dc9..77904998e6 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
@@ -109,7 +109,7 @@ The following table lists management options for each setting, beginning with Wi
 | &nbsp;&nbsp;&nbsp;&nbsp;[24.1 Windows Defender Smartscreen](#bkmk-defender-smartscreen) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
 | [25. Windows Spotlight](#bkmk-spotlight) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
 | [26. Microsoft Store](#bkmk-windowsstore) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| &nbsp;&nbsp;&nbsp;&nbsp;[27.1 Apps for websites](#bkmk-apps-for-websites) | | ![Check mark](images/checkmark.png) |  |
+| &nbsp;&nbsp;&nbsp;&nbsp;[26.1 Apps for websites](#bkmk-apps-for-websites) | | ![Check mark](images/checkmark.png) |  |
 | [27. Windows Update Delivery Optimization](#bkmk-updates) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
 | [28. Windows Update](#bkmk-wu) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
 
@@ -219,7 +219,7 @@ See the following table for a summary of the management settings for Windows Ser
 | &nbsp;&nbsp;&nbsp;&nbsp;[24.1 Windows Defender Smartscreen](#bkmk-defender-smartscreen) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
 | [25. Windows Spotlight](#bkmk-spotlight) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
 | [26. Microsoft Store](#bkmk-windowsstore) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| &nbsp;&nbsp;&nbsp;&nbsp;[27.1 Apps for websites](#bkmk-apps-for-websites) | | |
+| &nbsp;&nbsp;&nbsp;&nbsp;[26.1 Apps for websites](#bkmk-apps-for-websites) | | |
 | [27. Windows Update Delivery Optimization](#bkmk-updates) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
 | [28. Windows Update](#bkmk-wu) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
 

From 974f967c4580d243267ca923492f1361725dd740 Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Sat, 4 May 2019 00:25:48 -0700
Subject: [PATCH 007/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services.md

---
 ...ndows-operating-system-components-to-microsoft-services.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
index 77904998e6..53e0bf5f70 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
@@ -137,7 +137,7 @@ See the following table for a summary of the management settings for Windows Ser
 | [20. Teredo](#bkmk-teredo) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
 | [24. Windows Defender](#bkmk-defender) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
 | [26. Microsoft Store](#bkmk-windowsstore) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| &nbsp;&nbsp;&nbsp;&nbsp;[27.1 Apps for websites](#bkmk-apps-for-websites) | | ![Check mark](images/checkmark.png) |  |
+| &nbsp;&nbsp;&nbsp;&nbsp;[26.1 Apps for websites](#bkmk-apps-for-websites) | | ![Check mark](images/checkmark.png) |  |
 | [28. Windows Update](#bkmk-wu) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
 
 ### Settings for Windows Server 2016 Server Core
@@ -221,7 +221,7 @@ See the following table for a summary of the management settings for Windows Ser
 | [26. Microsoft Store](#bkmk-windowsstore) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
 | &nbsp;&nbsp;&nbsp;&nbsp;[26.1 Apps for websites](#bkmk-apps-for-websites) | | |
 | [27. Windows Update Delivery Optimization](#bkmk-updates) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| [28. Windows Update](#bkmk-wu) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
+| [28. Windows Update](#bkmk-wu) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
 
 ## How to configure each setting
 

From bcd69a998272ade26e8d20e1447c40171e9f0803 Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Sat, 4 May 2019 00:27:24 -0700
Subject: [PATCH 008/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services.md

---
 ...windows-operating-system-components-to-microsoft-services.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
index 53e0bf5f70..37c46d6aaf 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
@@ -446,7 +446,7 @@ To turn off Insider Preview builds for Windows 10:
 
 ### <a href="" id="bkmk-ie"></a>8. Internet Explorer
 > [!NOTE]
-> The following Group Policies and Registry Keys are for user interactive scenarios rather then the typical idle traffic scenario. Find the Internet Explorer Group Policy objects under **Computer Configuration > Administrative Templates > Windows Components > Internet Explorer** and make these settings: 
+> The following Group Policies and Registry Keys are for user interactive scenarios rather then the typical idle traffic scenario. Find the Internet Explorer Group Policy objects under **Computer Configuration > Administrative Templates > Windows Components > Internet Explorer** and make these settings:  
 
 | Policy                                               | Description                                                                                         |
 |------------------------------------------------------|-----------------------------------------------------------------------------------------------------|

From 81600f747eb272afa1dcc50a2e1e77e9ae1def95 Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Sat, 4 May 2019 00:41:15 -0700
Subject: [PATCH 009/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services.md

---
 ...system-components-to-microsoft-services.md | 290 +-----------------
 1 file changed, 1 insertion(+), 289 deletions(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
index 37c46d6aaf..72bb0cefbe 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
@@ -325,14 +325,6 @@ You can also apply the Group Policies using the following registry keys:
 
 If your organization tests network traffic, do not use a network proxy as Windows Firewall does not block proxy traffic. Instead, use a network traffic analyzer. Based on your needs, there are many network traffic analyzers available at no cost.
 
-### <a href="" id="bkmk-cortana-mdm"></a>2.2 Cortana and Search MDM policies
-
-For Windows 10 only, the following Cortana MDM policies are available in the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx).
-
-| Policy                                               | Description                                                                                         |
-|------------------------------------------------------|-----------------------------------------------------------------------------------------------------|
-| Experience/AllowCortana                              | Choose whether to let Cortana install and run on the device.                                        |
-| Search/AllowSearchToUseLocation                      | Choose whether Cortana and Search can provide location-aware search results. <br /> Default: Allowed|
 
 ### <a href="" id="bkmk-datetime"></a>3. Date & Time
 
@@ -363,9 +355,6 @@ To prevent Windows from retrieving device metadata from the Internet:
 
 - Create a new REG_DWORD registry setting named **PreventDeviceMetadataFromNetwork** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Device Metadata** and set it to 1 (one).
 
-  -or -
-
-- Apply the DeviceInstallation/PreventDeviceMetadataFromNetwork MDM policy from the [Policy CSP](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-deviceinstallation#deviceinstallation-preventdevicemetadatafromnetwork).
 
 ### <a href="" id="find-my-device"></a>5. Find My Device
 
@@ -393,13 +382,6 @@ If you're running Windows 10, version 1607, Windows Server 2016, or later:
 
 - Create a new REG_DWORD registry setting **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\System\\EnableFontProviders** to **0 (zero)**.
 
-  -or-
-
-- In Windows 10, version 1703, you can apply the System/AllowFontProviders MDM policy from the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx) where:
-
-  - **False**. Font streaming is Disabled.
-
-  - **True**. Font streaming is Enabled.
 
 > [!NOTE]
 > After you apply this policy, you must restart the device for it to take effect.
@@ -433,15 +415,6 @@ To turn off Insider Preview builds for Windows 10:
 
 - Create a new REG_DWORD registry setting named **AllowBuildPreview** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\PreviewBuilds** with a **value of 0 (zero)**
 
-  -or-
-
-- Apply the System/AllowBuildPreview MDM policy from the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx) where:
-
-  - **0**. Users cannot make their devices available for downloading and installing preview software.
-
-  - **1**. Users can make their devices available for downloading and installing preview software.
-
-  - **2**. (default) Not configured. Users can make their devices available for download and installing preview software.
 
 
 ### <a href="" id="bkmk-ie"></a>8. Internet Explorer
@@ -562,9 +535,6 @@ To turn off mail synchronization for Microsoft Accounts that are configured on a
 
 - Remove any Microsoft Accounts from the Mail app.
 
-  -or-
-
-- Apply the Accounts/AllowMicrosoftAccountConnection MDM policy from the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx) where 0 is not allowed and 1 is allowed. This does not apply to Microsoft Accounts that have already been configured on the device.
 
 To turn off the Windows Mail app:
 
@@ -583,8 +553,6 @@ To prevent communication to the Microsoft Account cloud authentication service.
 
 To disable the Microsoft Account Sign-In Assistant:
 
-- Apply the Accounts/AllowMicrosoftAccountSignInAssistant MDM policy from the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx) where 0 is turned off and 1 is turned on.
-
 - Change the **Start** REG_DWORD registry setting in **HKEY_LOCAL_MACHINE\\System\\CurrentControlSet\\Services\\wlidsvc** to a value of **4**.
 
 
@@ -627,21 +595,6 @@ Alternatively, you can configure the these Registry keys as described:
 | Choose whether employees can configure Compatibility View. | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\MicrosoftEdge\\BrowserEmulation<br/>REG_DWORD: MSCompatibilityMode <br />Value: **0**|
 
 
-### <a href="" id="bkmk-edge-mdm"></a>13.2 Microsoft Edge MDM policies
-
-The following Microsoft Edge MDM policies are available in the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx).
-
-| Policy                                               | Description                                                                                         |
-|------------------------------------------------------|-----------------------------------------------------------------------------------------------------|
-| Browser/AllowAutoFill                                | Choose whether employees can use autofill on websites. <br /> **Set to: Not Allowed**                      |
-| Browser/AllowDoNotTrack                              | Choose whether employees can send Do Not Track headers.<br /> **Set to: Allowed**                  |
-| Browser/AllowMicrosoftCompatbilityList               | Specify the Microsoft compatibility list in Microsoft Edge. <br /> **Set to: Not Allowed**                 |
-| Browser/AllowPasswordManager                         | Choose whether employees can save passwords locally on their devices. <br /> **Set to: Not Allowed**       |
-| Browser/AllowSearchSuggestionsinAddressBar           | Choose whether the Address Bar shows search suggestions.. <br /> **Set to: Not Allowed**                   |
-| Browser/AllowSmartScreen                             | Choose whether SmartScreen is turned on or off.  <br /> **Set to: Not Allowed**                            |
-| Browser/FirstRunURL                                  | Choose the home page for Microsoft Edge on Windows Mobile 10. <br /> **Set to:** blank                 |
-
-
 For a complete list of the Microsoft Edge policies, see [Available policies for Microsoft Edge](https://docs.microsoft.com/microsoft-edge/deploy/available-policies).
 
 ### <a href="" id="bkmk-ncsi"></a>14. Network Connection Status Indicator
@@ -654,7 +607,6 @@ You can turn off NCSI by doing one of the following:
 
 - **Enable** the Group Policy: **Computer Configuration** &gt; **Administrative Templates** &gt; **System** &gt; **Internet Communication Management** &gt; **Internet Communication Settings** &gt; **Turn off Windows Network Connectivity Status Indicator active tests**
 
-- In Windows 10, version 1703 and later, apply the Connectivity/DisallowNetworkConnectivityActiveTests MDM policy from the [Policy CSP](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-connectivity#connectivity-disallownetworkconnectivityactivetests) with a value of 1.
 
 > [!NOTE]
 > After you apply this policy, you must restart the device for the policy setting to take effect.
@@ -673,10 +625,6 @@ You can turn off the ability to download and update offline maps.
 
 - Create a REG_DWORD registry setting named **AutoDownloadAndUpdateMapData** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\Maps** with a **value of 0 (zero)**.
 
-  -or-
-
-- In Windows 10, version 1607 and later, apply the Maps/EnableOfflineMapsAutoUpdate MDM policy from the [Policy CSP](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-maps#maps-enableofflinemapsautoupdate) with a **value of 0**.
-
   -and-
 
 - In Windows 10, version 1607 and later, **Enable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Maps** > **Turn off unsolicited network traffic on the Offline Maps settings page**
@@ -703,10 +651,6 @@ To turn off OneDrive in your organization:
 
 - Create a REG_DWORD registry setting named **PreventNetworkTrafficPreUserSignIn** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\OneDrive** with a **value of 1 (one)** 
 
--or-
-
--   Set the System/DisableOneDriveFileSync MDM policy from the [Policy CSP](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-system#system-disableonedrivefilesync) to True (value 1) to disable OneDrive File Sync. 
-
 
 ### <a href="" id="bkmk-preinstalledapps"></a>17. Preinstalled apps
 
@@ -951,14 +895,6 @@ To turn off **Send Microsoft info about how I write to help us improve typing an
 
 - Turn off the feature in the UI.
 
-  -or-
-
-- Apply the TextInput/AllowLinguisticDataCollection MDM policy from the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx) where:
-
-    - **0**. Not allowed
-
-    - **1**. Allowed (default)
-
 To turn off **Let websites provide locally relevant content by accessing my language list**:
 
 - Turn off the feature in the UI.
@@ -999,18 +935,6 @@ To turn off **Location for this device**:
 
 - Create a REG_DWORD registry setting named **LetAppsAccessLocation** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a **value of 2 (two)**.
 
-  -or-
-
-- Apply the System/AllowLocation MDM policy from the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx), where:
-
-    - **0**. Turned off and the employee can't turn it back on.
-
-    - **1**. Turned on, but lets the employee choose whether to use it. (default)
-
-    - **2**. Turned on and the employee can't turn it off.
-
-    > [!NOTE]
-    > You can also set this MDM policy in System Center Configuration Manager using the [WMI Bridge Provider](https://msdn.microsoft.com/library/dn905224.aspx).
 
 To turn off **Location**:
 
@@ -1053,17 +977,6 @@ To turn off **Let apps use my camera**:
 
 - Create a REG_DWORD registry setting named **LetAppsAccessCamera** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two).
 
-  -or-
-
-- Apply the Camera/AllowCamera MDM policy from the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx), where:
-
-    - **0**. Apps can't use the camera.
-
-    - **1**. Apps can use the camera.
-
-    > [!NOTE]
-    > You can also set this MDM policy in System Center Configuration Manager using the [WMI Bridge Provider](https://msdn.microsoft.com/library/dn905224.aspx).
-
 
 To turn off **Choose apps that can use your camera**:
 
@@ -1085,14 +998,6 @@ To turn off **Let apps use my microphone**:
 
   -or-
 
--  Apply the Privacy/LetAppsAccessMicrophone MDM policy from the [Policy CSP](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#privacy-letappsaccessmicrophone), where:
-
-    - **0**. User in control
-    - **1**. Force allow
-    - **2**. Force deny
-
-  -or-
-
 - Create a REG_DWORD registry setting named **LetAppsAccessMicrophone** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two)
 
 To turn off **Choose apps that can use your microphone**:
@@ -1101,9 +1006,6 @@ To turn off **Choose apps that can use your microphone**:
 
 ### <a href="" id="bkmk-priv-notifications"></a>18.5 Notifications
 
->[!IMPORTANT]
->Disabling notifications will also disable the ability to manage the device through MDM. If you are using an MDM solution, make sure cloud notifications are enabled through one of the options below.
-
 To turn off notifications network usage:
 
 - Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **Start Menu and Taskbar** > **Notifications** > **Turn off Notifications network usage**
@@ -1114,13 +1016,6 @@ To turn off notifications network usage:
 
 - Create a REG_DWORD registry setting named **NoCloudApplicationNotification** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\PushNotifications** with a value of 1 (one)
 
-  -or-
-
-
-- Apply the Notifications/DisallowCloudNotification MDM policy from the [Policy CSP](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-notifications#notifications-disallowcloudnotification), where:
-
-    - **0**. WNS notifications allowed
-    - **1**. No WNS notifications allowed
 
 In the **Notifications** area, you can also choose which apps have access to notifications.
 
@@ -1136,14 +1031,6 @@ To turn off **Let apps access my notifications**:
 
   -or-
 
--  Apply the Privacy/LetAppsAccessNotifications MDM policy from the [Policy CSP](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#privacy-letappsaccessnotifications), where:
-
-     - **0**. User in control
-     - **1**. Force allow
-     - **2**. Force deny
-
-  -or-
-
 - Create a REG_DWORD registry setting named **LetAppsAccessNotifications** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two)
 
 ### <a href="" id="bkmk-priv-speech"></a>18.6 Speech
@@ -1160,10 +1047,6 @@ To turn off streaming audio to Microsoft Speech services,
 
   -or-
 
-- Set the Privacy\AllowInputPersonalization MDM Policy from the Policy CSP to **0 - Not allowed**
-
-  -or-
-
 - Create a REG_DWORD registry setting named **HasAccepted** in **HKEY_CURRENT_USER\\Software\\Microsoft\\Speech_OneCore\\Settings\\OnlineSpeechPrivacy** with a **value of 0 (zero)**
 
 ### <a href="" id="bkmk-priv-accounts"></a>18.7 Account info
@@ -1182,14 +1065,6 @@ To turn off **Let apps access my name, picture, and other account info**:
 
   -or-
 
--  Apply the Privacy/LetAppsAccessAccountInfo MDM policy from the [Policy CSP](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#privacy-letappsaccessaccountinfo), where:
-
-     - **0**. User in control
-     - **1**. Force allow
-     - **2**. Force deny
-
-  -or-
-
 - Create a REG_DWORD registry setting named **LetAppsAccessAccountInfo** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two).
 
 
@@ -1214,14 +1089,6 @@ To turn off **Choose apps that can access contacts**:
 
   -or-
 
--  Apply the Privacy/LetAppsAccessContacts MDM policy from the [Policy CSP](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#privacy-letappsaccesscontacts), where:
-
-     - **0**. User in control
-     - **1**. Force allow
-     - **2**. Force deny
-
-  -or-
-
 - Create a REG_DWORD registry setting named **LetAppsAccessContacts** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two).
 
 ### <a href="" id="bkmk-priv-calendar"></a>18.9 Calendar
@@ -1240,14 +1107,6 @@ To turn off **Let apps access my calendar**:
 
   -or-
 
--  Apply the Privacy/LetAppsAccessCalendar MDM policy from the [Policy CSP](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#privacy-letappsaccesscalendar), where:
-
-    - **0**. User in control
-    - **1**. Force allow
-    - **2**. Force deny
-
-  -or-
-
 - Create a REG_DWORD registry setting named **LetAppsAccessCalendar** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two).
 
 To turn off **Choose apps that can access calendar**:
@@ -1270,14 +1129,6 @@ To turn off **Let apps access my call history**:
 
   -or-
 
-  -  Apply the Privacy/LetAppsAccessCallHistory MDM policy from the [Policy CSP](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#privacy-letappsaccesscallhistory), where:
-
-    - **0**. User in control
-    - **1**. Force allow
-    - **2**. Force deny
-
-  -or-
-
 - Create a REG_DWORD registry setting named **LetAppsAccessCallHistory** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two).
 
 ### <a href="" id="bkmk-priv-email"></a>18.11 Email
@@ -1296,14 +1147,6 @@ To turn off **Let apps access and send email**:
 
   -or-
 
-  -  Apply the Privacy/LetAppsAccessEmail MDM policy from the [Policy CSP](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#privacy-letappsaccessemail), where:
-
-     - **0**. User in control
-     - **1**. Force allow
-     - **2**. Force deny
-
-  -or-
-
 - Create a REG_DWORD registry setting named **LetAppsAccessEmail** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two).
 
 ### <a href="" id="bkmk-priv-messaging"></a>18.12 Messaging
@@ -1322,14 +1165,6 @@ To turn off **Let apps read or send messages (text or MMS)**:
 
   -or-
 
--  Apply the Privacy/LetAppsAccessMessaging MDM policy from the [Policy CSP](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#privacy-letappsaccessmessaging), where:
-
-      - **0**. User in control
-      - **1**. Force allow
-      - **2**. Force deny
-
-  -or-
-
 - Create a REG_DWORD registry setting named **LetAppsAccessMessaging** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two).
 
 To turn off **Choose apps that can read or send messages**:
@@ -1362,14 +1197,6 @@ To turn off **Let apps make phone calls**:
 
   -or-
 
--  Apply the Privacy/LetAppsAccessPhone MDM policy from the [Policy CSP](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessphone), where:
-
-      - **0**. User in control
-      - **1**. Force allow
-      - **2**. Force deny
-
-  -or-
-
 - Create a REG_DWORD registry setting named **LetAppsAccessPhone** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two).
 
 
@@ -1393,14 +1220,6 @@ To turn off **Let apps control radios**:
 
   -or-
 
--  Apply the Privacy/LetAppsAccessRadios MDM policy from the [Policy CSP](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#privacy-letappsaccessradios), where:
-
-  - **0**. User in control
-  - **1**. Force allow
-  - **2**. Force deny
-
-  -or-
-
 - Create a REG_DWORD registry setting named **LetAppsAccessRadios** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a value of 2 (two).
 
 
@@ -1422,10 +1241,6 @@ To turn off **Let apps automatically share and sync info with wireless devices t
 
   -or-
 
-- Set the Privacy/LetAppsSyncWithDevices MDM policy from the [Policy CSP](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#privacy-letappssyncwithdevices) to **2**. Force deny
-
-  -or-
-
 - Create a REG_DWORD registry setting named **LetAppsSyncWithDevices** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a **value of 2 (two)**.
 
 To turn off **Let your apps use your trusted devices (hardware you've already connected, or comes with your PC, tablet, or phone)**:
@@ -1440,14 +1255,6 @@ To turn off **Let your apps use your trusted devices (hardware you've already co
 
 - Create a REG_DWORD registry setting named **LetAppsAccessTrustedDevices** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a **value of 2 (two)**.
 
-  -or-
-
-- Apply the **Privacy/LetAppsAccessTrustedDevices** MDM policy from the [Policy CSP](/windows/client-management/mdm/policy-csp-privacy.md#privacy-letappsaccesstrusteddevices
-), where:
-
-     - **0**. User in control
-     - **1**. Force allow
-     - **2**. Force deny
 
 ### <a href="" id="bkmk-priv-feedback"></a>18.16 Feedback & diagnostics
 
@@ -1502,19 +1309,7 @@ To change the level of diagnostic and usage data sent when you **Send your devic
 
 > [!NOTE]
 > If the **Security** option is configured by using Group Policy or the Registry, the value will not be reflected in the UI. The **Security** option is only available in Windows 10 Enterprise edition.
-
-  -or-
-
-- Apply the System/AllowTelemetry MDM policy from the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx), where:
-
-    - **0**. Maps to the **Security** level.
-
-    - **1**. Maps to the **Basic** level.
-
-    - **2**. Maps to the **Enhanced** level.
-
-    - **3**. Maps to the **Full** level.
-    
+  
 
 To turn off tailored experiences with relevant tips and recommendations by using your diagnostics data:
 
@@ -1557,9 +1352,6 @@ To turn off **Let apps run in the background**:
 
 - Create a REG_DWORD registry setting named **LetAppsRunInBackground** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a **value of 2 (two)**
 
-  -or-
-
--  Set the Privacy/LetAppsRunInBackground MDM policy from the [Policy CSP](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#privacy-letappsaccessruninbackground) to **2 Force Deny**.
 
 > [!NOTE]
 > Some apps, including Cortana and Search, might not function as expected if you set **Let apps run in the background** to **Force Deny**.
@@ -1580,14 +1372,6 @@ To turn off **Let Windows and your apps use your motion data and collect motion
 
 - Create a REG_DWORD registry setting named **LetAppsAccessMotion** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a **value of 2 (two)**.
 
-  -or-
-
--  Apply the Privacy/LetAppsAccessMotion MDM policy from the [Policy CSP](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#privacy-letappsaccessmotion), where:
-
-    - **0**. User in control
-    - **1**. Force allow
-    - **2**. Force deny
-
 
 ### <a href="" id="bkmk-priv-tasks"></a>18.19 Tasks
 
@@ -1605,13 +1389,6 @@ To turn this off:
 
 - Create a REG_DWORD registry setting named **LetAppsAccessTasks** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a **value of 2 (two)**.
 
-  -or-
-
--  Apply the Privacy/LetAppsAccessTasks MDM policy from the [Policy CSP](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#privacy-letappsaccesstasks), where:
-
-    - **0**. User in control
-    - **1**. Force allow
-    - **2**. Force deny
 
 ### <a href="" id="bkmk-priv-diag"></a>18.20 App Diagnostics
 
@@ -1629,10 +1406,6 @@ To turn this off:
 
 - Create a REG_DWORD registry setting named **LetAppsGetDiagnosticInfo** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a **value of 2 (two)**.
 
-  -or-
-
--  Set the Privacy/LetAppsGetDiagnosticInfo MDM policy from the [Policy CSP](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#privacy-letappsgetdiagnosticinfo) to **2**. Force deny
-
 
 ### <a href="" id="bkmk-priv-ink"></a>18.21 Inking & Typing
 
@@ -1646,11 +1419,6 @@ To turn off Inking & Typing data collection (note: there is no Group Policy for
 
  - Set **RestrictImplicitTextCollection** registry REG_DWORD setting in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\InputPersonalization** to a **value of 1 (one)**
 
-  -or-
-
- - Set the Privacy\AllowInputPersonalization MDM Policy from the Policy CSP. 
-  [TextInput/AllowLinguisticDataCollection](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-textinput#textinput-allowlinguisticdatacollection) to **0** (not allowed). This policy setting controls the ability to send inking and typing data to Microsoft to improve the language recognition and suggestion capabilities of apps and services running on Windows. 
-
 
 If you're running at least Windows 10, version 1703, you can turn off updates to the speech recognition and speech synthesis models:
 
@@ -1660,10 +1428,6 @@ If you're running at least Windows 10, version 1703, you can turn off updates to
 
  - Create a REG_DWORD registry setting named **AllowSpeechModelUpdate** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Speech** with a **value of 0 (zero)** 
 
-  -or-
-
- - Set the Speech/AllowSpeechModelUpdate MDM policy from the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962(v=vs.85).aspx#Speech_AllowSpeechModelUpdate) to **0**
-
 
 > [!NOTE]
 > Releases 1803 and earlier support **Speech, Inking, & Typing** as a combined settings area.  For customizing those setting please follow the below instructions.  For 1809 and above **Speech** and **Inking & Typing** are separate settings pages, please see the specific section (18.6 Speech or 18.21 Inking and Typing) above for those areas.
@@ -1702,10 +1466,6 @@ In the **Speech, Inking, & Typing** area, you can let Windows and Cortana better
 
   -or-
 
-  - Apply the Licensing/DisallowKMSClientOnlineAVSValidation MDM policy from the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx) and **set the value to 1 (Enabled)**.
-
-  -or-
-
   - Create a REG_DWORD registry setting named **NoGenTicket** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows NT\\CurrentVersion\\Software Protection Platform** with a **value of 1 (one)**.
 
 **For Windows Server 2019 or later:**
@@ -1749,11 +1509,6 @@ You can control if your settings are synchronized:
 
 - Create a REG_DWORD registry setting named **DisableSettingSync** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\SettingSync** with a value of 2 (two) and another named **DisableSettingSyncUserOverride** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\SettingSync** with a value of 1 (one).
 
-  -or-
-
-- Apply the Experience/AllowSyncMySettings MDM policy from the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx) and **set the value to 0 (not allowed)**.
-
-
 To turn off Messaging cloud sync:
 
 -   Note: There is no Group Policy corresponding to this registry key.
@@ -1812,10 +1567,6 @@ You can disconnect from the Microsoft Antimalware Protection Service.
 
 - Delete the registry setting **named** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows Defender\\Updates**.
 
--OR-
-
-- For Windows 10 only, apply the Defender/AllowClouldProtection MDM policy from the [Defender CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx).
-
 
 You can stop sending file samples back to Microsoft.
 
@@ -1823,10 +1574,6 @@ You can stop sending file samples back to Microsoft.
 
   -or-
 
-- For Windows 10 only, apply the Defender/SubmitSamplesConsent MDM policy from the [Policy CSP](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-defender) to **2 (two) for Never Send**.
-
-  -or-
-
 - Use the registry to set the REG_DWORD value **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows Defender\\Spynet\\SubmitSamplesConsent** to **2 (two) for Never Send**.
 
 
@@ -1893,10 +1640,6 @@ To disable Windows Defender Smartscreen:
 
 - Create a SZ registry setting named **ConfigureAppInstallControl** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows Defender\\SmartScreen** with a value of **Anywhere**.
 
--OR-
-
-- Set the Browser/AllowSmartScreen MDM policy from the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx) to **0 (turned Off)**.
-
 
 ### <a href="" id="bkmk-spotlight"></a>25. Windows Spotlight
 
@@ -1911,10 +1654,6 @@ If you're running Windows 10, version 1607 or later, you need to:
 
    -or-
 
-- For Windows 10 only, apply the Experience/AllowWindowsSpotlight MDM policy from the [Policy CSP](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-experience), with a value of 0 (zero).
-
-   -or-
-
 - Create a new REG_DWORD registry setting named **DisableWindowsSpotlightFeatures** in **HKEY_CURRENT_USER\\SOFTWARE\\Policies\\Microsoft\\Windows\\CloudContent** with a value of 1 (one).
 
 
@@ -2056,18 +1795,6 @@ You can find the Delivery Optimization Group Policy objects under **Computer Con
 
 - Create a new REG_DWORD registry setting named **DODownloadMode** in **HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\DeliveryOptimization** to a value of **100 (one hundred)**. 
 
-### <a href="" id="bkmk-wudo-mdm"></a>27.4 Delivery Optimization MDM policies
-
-The following Delivery Optimization MDM policies are available in the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx).
-
-| MDM Policy                | Description                                                                                         |
-|---------------------------|-----------------------------------------------------------------------------------------------------|
-| DeliveryOptimization/DODownloadMode            | Lets you choose where Delivery Optimization gets or sends updates and apps, including <ul><li><p><strong>0</strong>. Turns off Delivery Optimization.</p></li><li><p><strong>1</strong>. Gets or sends updates and apps to PCs on the same NAT only.</p></li><li><p><strong>2</strong>. Gets or sends updates and apps to PCs on the same local network domain.</p></li><li><p><strong>3</strong>. Gets or sends updates and apps to PCs on the Internet.</p></li><li><p><strong>99</strong>. Simple download mode with no peering.</p></li><li><p><strong>100</strong>. Use BITS instead of Windows Update Delivery Optimization.</p></li></ul>|
-| DeliveryOptimization/DOGroupID                 | Lets you provide a Group ID that limits which PCs can share apps and updates. <br /> **Note** This ID must be a GUID.|
-| DeliveryOptimization/DOMaxCacheAge             | Lets you specify the maximum time (in seconds) that a file is held in the Delivery Optimization cache. <br /> The default value is 259200 seconds (3 days).|
-| DeliveryOptimization/DOMaxCacheSize            | Lets you specify the maximum cache size as a percentage of disk size. <br /> The default value is 20, which represents 20% of the disk.|
-| DeliveryOptimization/DOMaxUploadBandwidth      | Lets you specify the maximum upload bandwidth (in KB/second) that a device uses across all concurrent upload activity. <br /> The default value is 0, which means unlimited possible bandwidth.|
-
 
 For more info about Delivery Optimization in general, see [Windows Update Delivery Optimization: FAQ](https://go.microsoft.com/fwlink/p/?LinkId=730684).
 
@@ -2118,21 +1845,6 @@ You can turn off automatic updates by doing one of the following. This is not re
 
 - Add a REG_DWORD value named **AutoDownload** to **HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\WindowsStore\\WindowsUpdate** and set the value to 5.
 
-  -or-
-
-- For Windows 10 only, apply the Update/AllowAutoUpdate MDM policy from the [Policy CSP](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-update), where:
-
-  - **0**. Notify the user before downloading the update.
-
-  - **1**. Auto install the update and then notify the user to schedule a device restart.
-
-  - **2** (default). Auto install and restart.
-
-  - **3**. Auto install and restart at a specified time.
-
-  - **4**. Auto install and restart without end-user control.
-
-  - **5**. Turn off automatic updates.
 
 For China releases of Windows 10 there is one additional Regkey to be set to prevent traffic:
 

From a214762af7e9a4335c0dd463fa450c40666d625a Mon Sep 17 00:00:00 2001
From: Justin Hall <justinha@microsoft.com>
Date: Mon, 6 May 2019 11:24:29 -0700
Subject: [PATCH 010/157] added new topic

---
 .../TOC.md                                    |  1 +
 ...win32-apps-on-windows-10-s-mode-devices.md | 47 +++++++++++++++++++
 2 files changed, 48 insertions(+)
 create mode 100644 windows/security/threat-protection/windows-defender-application-control/sideloading-win32-apps-on-windows-10-s-mode-devices.md

diff --git a/windows/security/threat-protection/windows-defender-application-control/TOC.md b/windows/security/threat-protection/windows-defender-application-control/TOC.md
index 8b71416a15..ee04e5c824 100644
--- a/windows/security/threat-protection/windows-defender-application-control/TOC.md
+++ b/windows/security/threat-protection/windows-defender-application-control/TOC.md
@@ -31,6 +31,7 @@
 ### [Use a Windows Defender Application Control policy to control specific plug-ins, add-ins, and modules](use-windows-defender-application-control-policy-to-control-specific-plug-ins-add-ins-and-modules.md)
 ### [Use signed policies to protect Windows Defender Application Control against tampering](use-signed-policies-to-protect-windows-defender-application-control-against-tampering.md)
 #### [Signing WDAC policies with SignTool.exe](signing-policies-with-signtool.md)
+### [Sideload Win32 apps on S mode](sideloading-win32-apps-on-windows-10-s-mode-devices.md)
 ### [Disable WDAC policies](disable-windows-defender-application-control-policies.md)
 ### [Device Guard and AppLocker](windows-defender-device-guard-and-applocker.md)
 
diff --git a/windows/security/threat-protection/windows-defender-application-control/sideloading-win32-apps-on-windows-10-s-mode-devices.md b/windows/security/threat-protection/windows-defender-application-control/sideloading-win32-apps-on-windows-10-s-mode-devices.md
new file mode 100644
index 0000000000..c9842bdb33
--- /dev/null
+++ b/windows/security/threat-protection/windows-defender-application-control/sideloading-win32-apps-on-windows-10-s-mode-devices.md
@@ -0,0 +1,47 @@
+---
+title: Sideloading Win32 apps on Windows 10 S mode devices  (Windows 10)
+description: Windows Defender Application Control restricts which applications users are allowed to run and the code that runs in the system core.
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.localizationpriority: medium
+author: jsuther1974
+ms.date: 05/06/2018
+---
+
+# Sideloading Win32 apps on Windows 10 S mode devices 
+
+**Applies to:**
+
+-   Windows 10
+-   Windows Server 2016
+
+Windows 10 S mode is a locked-down system that only runs Store apps. 
+Although it provides tight security and thereby promises reduced management, its application control restrictions make it difficult for some to adopt it widely. 
+Sideloading makes S mode a more viable proposition for enterprise and education workloads by allowing critical Desktop apps in addition to Store apps.
+
+## Process Overview
+
+To allow Win32 apps to run on a Windows 10 device in S mode, admins must ‘unlock’ the device so exceptions can be made to S mode policy, and then upload a corresponding signed catalog for each app to Intune. Here are the steps:
+
+1. Unlock S mode devices through Intune
+   - Admin uses the Device Guard Signing Service (DGSS) in the Microsoft Store for Business to generate a root certificate for the organization and upload it to Intune
+   - Intune will ensure this certificate is included in a device’s unlock token from OCDUS, and any app catalogs which are signed with it will be able to run on the unlocked device
+2. Create a supplemental policy to allow Win32 apps
+   - Admin uses Windows Defender Application Control tools to create a supplemental policy
+   - Admin uses DGSS to sign their supplemental policy
+   - Admin uploads signed supplemental policy to Intune
+3. Allow Win32 app catalogs through Intune 
+   - Admin creates catalog files (1 for every app) and signs them using DGSS or other certificate infrastructure 
+   - Admin submits the signed catalog to Intune 
+   - Intune applies the signed catalog to unlocked S mode device using Sidecar
+
+## [Admin] Setting up Business Store to use DGSS
+
+1.	In the Azure portal, create a new resource of type Azure Active Directory, then create an associated global admin user.
+2.	Log in to the Microsoft Store for Business as the global admin then go to Organization > Private Store and accept
+•	This will automatically generate a root certificate for the organization
+3.	To download a root cert or upload policies/catalogs to sign, navigate to Manage > Settings > Devices
+•	Note: you can only upload .bin and .cat files
+[Admin] Creating and Signing a Supplemental Policy

From a66303016109175aa7f35a1394aa7175ca8b0b9a Mon Sep 17 00:00:00 2001
From: Justin Hall <justinha@microsoft.com>
Date: Mon, 6 May 2019 11:48:20 -0700
Subject: [PATCH 011/157] added new topic

---
 ...win32-apps-on-windows-10-s-mode-devices.md | 54 ++++++++++++++++---
 1 file changed, 48 insertions(+), 6 deletions(-)

diff --git a/windows/security/threat-protection/windows-defender-application-control/sideloading-win32-apps-on-windows-10-s-mode-devices.md b/windows/security/threat-protection/windows-defender-application-control/sideloading-win32-apps-on-windows-10-s-mode-devices.md
index c9842bdb33..60b8c97f46 100644
--- a/windows/security/threat-protection/windows-defender-application-control/sideloading-win32-apps-on-windows-10-s-mode-devices.md
+++ b/windows/security/threat-protection/windows-defender-application-control/sideloading-win32-apps-on-windows-10-s-mode-devices.md
@@ -37,11 +37,53 @@ To allow Win32 apps to run on a Windows 10 device in S mode, admins must ‘unlo
    - Admin submits the signed catalog to Intune 
    - Intune applies the signed catalog to unlocked S mode device using Sidecar
 
-## [Admin] Setting up Business Store to use DGSS
+## Setting up Business Store to use DGSS
 
 1.	In the Azure portal, create a new resource of type Azure Active Directory, then create an associated global admin user.
-2.	Log in to the Microsoft Store for Business as the global admin then go to Organization > Private Store and accept
-•	This will automatically generate a root certificate for the organization
-3.	To download a root cert or upload policies/catalogs to sign, navigate to Manage > Settings > Devices
-•	Note: you can only upload .bin and .cat files
-[Admin] Creating and Signing a Supplemental Policy
+2.	Log in to the Microsoft Store for Business as the global admin then go to **Organization** > **Private Store** and accept.
+    This will automatically generate a root certificate for the organization.
+3.	To download a root cert or upload policies/catalogs to sign, navigate to **Manage** > **Settings** > **Devices**.
+    Note: you can only upload .bin and .cat files.
+
+## Creating and Signing a Supplemental Policy
+
+1.	Create new base policy using [New-CIPolicy](https://docs.microsoft.com/powershell/module/configci/new-cipolicy?view=win10-ps)
+    ```powershell
+    New-CIPolicy -Level PcaCertificate -UserPEs -ScanPath <path> -MultiplePolicyFormat 3> <path\CIPolicyLog.txt> -FilePath <path\SupplementalPolicy.xml>
+    ```
+2.	Change it to a supplemental policy using [Set-CIPolicyIdInfo](https://docs.microsoft.com/powershell/module/configci/set-cipolicyidinfo?view=win10-ps)
+    ```powershell
+    Set-CIPolicyIdInfo -BasePolicyToSupplementPath <path\SupplementalPolicy.xml> -SupplementsBasePolicyID 5951A96A-E0B5-4D3D-8FB8-3E5B61030784 -FilePath <path\SupplementalPolicy.xml>
+    ```
+    Note: ‘5951A96A-E0B5-4D3D-8FB8-3E5B61030784' is the S-mode Base Policy ID.
+3.	Put policy in enforce mode using [Set-RuleOption](https://docs.microsoft.com/powershell/module/configci/set-ruleoption?view=win10-ps)
+    ```powershell
+    Set-RuleOption -FilePath <path\SupplementalPolicy.xml> -Option 3 –Delete
+    ```
+    This deletes the ‘audit mode’ qualifier.
+4.	Convert to .bin using [ConvertFrom-CIPolicy](https://docs.microsoft.com/powershell/module/configci/convertfrom-cipolicy?view=win10-ps)
+    ```powershell
+    ConvertFrom-CIPolicy -XmlFilePath <path\SupplementalPolicy.xml> -BinaryFilePath <path\PolicyID>
+    ```
+    Note: PolicyID can be found by inspecting the Supplemental Policy XML. Convert to .bin to sign with DGSS (recommended) or .cip to sign locally.
+5.	To sign using the recommended DGSS option through the Microsoft Store for Business, click **Manage** > **Settings** > **Devices** > **Upload** > **Sign**.
+    To sign locally using signtool, see [Signing policies with signtool](signing-policies-with-signtool.md)
+
+## Creating and Signing an App Catalog
+An admin must generate an app catalog for every deployed app:
+1.	Use Package Inspector to [create a catalog](https://docs.microsoft.com/microsoft-store/add-unsigned-app-to-code-integrity-policy#a-href-idcreate-catalog-filesacreate-catalog-files-for-your-unsigned-app)
+    - Start Package Inspector to scan the installer:
+      ```console
+      PackageInspector.exe start C: -path <path to installer>
+      ```
+    - Open app installer
+    - Stop Package Inspector:
+      ```console
+      PackageInspector.exe stop C: -Name <path\app.cat> -cdfpath <path\app.cdf>
+      ```
+2.	To sign using the recommended DGSS option through the Microsoft Store for Business, click **Manage** > **Settings** > **Devices** > **Upload** > **Sign**.
+    To sign locally using signtool, see [Signing policies with signtool](signing-policies-with-signtool.md)
+
+## User experience 
+
+Users will either have apps pushed directly to their devices by their admins, or they can download apps that their admins have made available through Company Portal

From 23ac84be9b08141ee17b575da3bc986f7c47a65f Mon Sep 17 00:00:00 2001
From: Justin Hall <justinha@microsoft.com>
Date: Mon, 6 May 2019 11:50:30 -0700
Subject: [PATCH 012/157] edits

---
 ...sideloading-win32-apps-on-windows-10-s-mode-devices.md | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/windows/security/threat-protection/windows-defender-application-control/sideloading-win32-apps-on-windows-10-s-mode-devices.md b/windows/security/threat-protection/windows-defender-application-control/sideloading-win32-apps-on-windows-10-s-mode-devices.md
index 60b8c97f46..249ce3ddce 100644
--- a/windows/security/threat-protection/windows-defender-application-control/sideloading-win32-apps-on-windows-10-s-mode-devices.md
+++ b/windows/security/threat-protection/windows-defender-application-control/sideloading-win32-apps-on-windows-10-s-mode-devices.md
@@ -67,7 +67,7 @@ To allow Win32 apps to run on a Windows 10 device in S mode, admins must ‘unlo
     ```
     Note: PolicyID can be found by inspecting the Supplemental Policy XML. Convert to .bin to sign with DGSS (recommended) or .cip to sign locally.
 5.	To sign using the recommended DGSS option through the Microsoft Store for Business, click **Manage** > **Settings** > **Devices** > **Upload** > **Sign**.
-    To sign locally using signtool, see [Signing policies with signtool](signing-policies-with-signtool.md)
+    To sign locally using signtool, see [Signing policies with signtool](signing-policies-with-signtool.md).
 
 ## Creating and Signing an App Catalog
 An admin must generate an app catalog for every deployed app:
@@ -76,14 +76,14 @@ An admin must generate an app catalog for every deployed app:
       ```console
       PackageInspector.exe start C: -path <path to installer>
       ```
-    - Open app installer
+    - Open the app installer.
     - Stop Package Inspector:
       ```console
       PackageInspector.exe stop C: -Name <path\app.cat> -cdfpath <path\app.cdf>
       ```
 2.	To sign using the recommended DGSS option through the Microsoft Store for Business, click **Manage** > **Settings** > **Devices** > **Upload** > **Sign**.
-    To sign locally using signtool, see [Signing policies with signtool](signing-policies-with-signtool.md)
+    To sign locally using signtool, see [Signing policies with signtool](signing-policies-with-signtool.md).
 
 ## User experience 
 
-Users will either have apps pushed directly to their devices by their admins, or they can download apps that their admins have made available through Company Portal
+Users will either have apps pushed directly to their devices by their admins, or they can download apps that their admins have made available through the Company Portal.

From ec802e324eb6f1d8caf26495f7a7c1d1e9be267a Mon Sep 17 00:00:00 2001
From: Justin Hall <justinha@microsoft.com>
Date: Mon, 6 May 2019 12:08:33 -0700
Subject: [PATCH 013/157] adding path-based rules

---
 .../select-types-of-rules-to-create.md        | 33 +++++++++++++++++--
 1 file changed, 30 insertions(+), 3 deletions(-)

diff --git a/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md b/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md
index 1a987c35e7..22294479af 100644
--- a/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md
+++ b/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md
@@ -23,8 +23,6 @@ Windows Defender Application Control (WDAC) provides control over a computer run
 
 A common system imaging practice in today’s IT organization is to establish a “golden” image as a reference for what an ideal system should look like, and then use that image to clone additional company assets. WDAC policies follow a similar methodology, that begins with the establishment of a golden computer. As with imaging, you can have multiple golden computers based on model, department, application set, and so on. Although the thought process around the creation of WDAC policies is similar to imaging, these policies should be maintained independently. Assess the necessity of additional WDAC policies based on what should be allowed to be installed and run and for whom. For more details on doing this assessment, see the [WDAC Design Guide](windows-defender-application-control-design-guide.md).
 
-> **Note**&nbsp;&nbsp;Each computer can have only **one** WDAC policy at a time. Whichever way you deploy this policy, it is renamed to SIPolicy.p7b and copied to **C:\\Windows\\System32\\CodeIntegrity** and, for UEFI computers, **&lt;EFI System Partition&gt;\\Microsoft\\Boot**. Keep this in mind when you create your WDAC policies.
-
 Optionally, WDAC can align with your software catalog as well as any IT department–approved applications. One straightforward method to implement WDAC is to use existing images to create one master WDAC policy. You do so by creating a WDAC policy from each image, and then by merging the policies. This way, what is installed on all of those images will be allowed to run, if the applications are installed on a computer based on a different image. Alternatively, you may choose to create a base applications policy and add policies based on the computer’s role or department. Organizations have a choice of how their policies are created, merged or serviced, and managed.
 
 If you plan to use an internal CA to sign catalog files or WDAC policies, see the steps in [Optional: Create a code signing certificate for Windows Defender Application Control](create-code-signing-cert-for-windows-defender-application-control.md). 
@@ -103,4 +101,33 @@ To create the WDAC policy, they build a reference server on their standard hardw
 
 As part of normal operations, they will eventually install software updates, or perhaps add software from the same software providers. Because the "Publisher" remains the same on those updates and software, they will not need to update their WDAC policy. If they come to a time when the internally-written, unsigned application must be updated, they must also update the WDAC policy so that the hash in the policy matches the hash of the updated internal application.
 
-They could also choose to create a catalog that captures information about the unsigned internal application, then sign and distribute the catalog. Then the internal application could be handled by WDAC policies in the same way as any other signed application. An update to the internal application would only require that the catalog be regenerated, signed, and distributed (no restarts would be required).
\ No newline at end of file
+They could also choose to create a catalog that captures information about the unsigned internal application, then sign and distribute the catalog. Then the internal application could be handled by WDAC policies in the same way as any other signed application. An update to the internal application would only require that the catalog be regenerated, signed, and distributed (no restarts would be required).
+
+## Path-based rules
+
+Beginning with Windows 10 version 1903, WDAC policies can contain path-based rules.
+
+- New-CIPolicy parameters
+o	FilePath: create path rules under path <path to scan> for anything not user-writeable (at the individual file level)
+New-CIPolicy -f .\mypolicy.xml -l FilePath -s <path to scan> -u
+	Optionally, add -UserWriteablePaths to ignore user writeability
+o	FilePathRule: create a rule where filepath string is directly set to value of <any path string>
+New-CIPolicyRule -FilePathRule <any path string>
+•	Useful for wildcards like C:\foo\*
+•	Usage: same flow as per-app rules
+$rules = New-CIPolicyRule …
+$rules += New-CIPolicyRule …
+…
+New-CIPolicy -Rules $rules -f .\mypolicy.xml -u
+•	 Wildcards supported:
+o	Suffix (ex. C:\foo\*) OR Prefix (ex. *\foo\bar.exe)
+	One or the other, not both at the same time
+	Does not support wildcard in the middle (ex. C:\*\foo.exe)
+o	Examples:
+	%WINDIR%\...
+	%SYSTEM32%\...
+	%OSDRIVE%\...
+•	Disable default FilePath rule protection of enforcing user-writeability
+Set-RuleOption -o 18 .\policy.xml
+o	Adds “Disabled:Runtime FilePath Rule Protection” to the policy
+

From 44bb04a93af5d51764df038568758bab57e09d8e Mon Sep 17 00:00:00 2001
From: Justin Hall <justinha@microsoft.com>
Date: Mon, 6 May 2019 12:24:44 -0700
Subject: [PATCH 014/157] new section

---
 .../select-types-of-rules-to-create.md        | 60 ++++++++++++-------
 1 file changed, 38 insertions(+), 22 deletions(-)

diff --git a/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md b/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md
index 22294479af..14ae09388f 100644
--- a/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md
+++ b/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md
@@ -108,26 +108,42 @@ They could also choose to create a catalog that captures information about the u
 Beginning with Windows 10 version 1903, WDAC policies can contain path-based rules.
 
 - New-CIPolicy parameters
-o	FilePath: create path rules under path <path to scan> for anything not user-writeable (at the individual file level)
-New-CIPolicy -f .\mypolicy.xml -l FilePath -s <path to scan> -u
-	Optionally, add -UserWriteablePaths to ignore user writeability
-o	FilePathRule: create a rule where filepath string is directly set to value of <any path string>
-New-CIPolicyRule -FilePathRule <any path string>
-•	Useful for wildcards like C:\foo\*
-•	Usage: same flow as per-app rules
-$rules = New-CIPolicyRule …
-$rules += New-CIPolicyRule …
-…
-New-CIPolicy -Rules $rules -f .\mypolicy.xml -u
-•	 Wildcards supported:
-o	Suffix (ex. C:\foo\*) OR Prefix (ex. *\foo\bar.exe)
-	One or the other, not both at the same time
-	Does not support wildcard in the middle (ex. C:\*\foo.exe)
-o	Examples:
-	%WINDIR%\...
-	%SYSTEM32%\...
-	%OSDRIVE%\...
-•	Disable default FilePath rule protection of enforcing user-writeability
-Set-RuleOption -o 18 .\policy.xml
-o	Adds “Disabled:Runtime FilePath Rule Protection” to the policy
+  - FilePath: create path rules under path <path to scan> for anything not user-writeable (at the individual file level)
+    ```console
+    New-CIPolicy -f .\mypolicy.xml -l FilePath -s <path to scan> -u
+    ```
+    Optionally, add -UserWriteablePaths to ignore user writeability
+
+  - FilePathRule: create a rule where filepath string is directly set to value of <any path string>
+    ```console
+    New-CIPolicyRule -FilePathRule <any path string>
+    ```
+    Useful for wildcards like C:\foo\\*
+
+- Usage: same flow as per-app rules
+  ```xml
+  $rules = New-CIPolicyRule …
+  $rules += New-CIPolicyRule …
+  …
+  ```
+  
+  ```console
+  New-CIPolicyRule -f .\mypolicy.xml -u
+  ```
+
+- Wildcards supported:
+  Suffix (ex. C:\foo\\*) OR Prefix (ex. *\foo\bar.exe)
+  - One or the other, not both at the same time
+  - Does not support wildcard in the middle (ex. C:\\*\foo.exe)
+  - Examples:
+    - %WINDIR%\\...
+    - %SYSTEM32%\\...
+    - %OSDRIVE%\\...
+
+- Disable default FilePath rule protection of enforcing user-writeability
+  For example, to add “Disabled:Runtime FilePath Rule Protection” to the policy:
+  ```console
+  Set-RuleOption -o 18 .\policy.xml
+  ```
+
 

From 5b121e06fda2b52493fb9818c21f4441d71459ea Mon Sep 17 00:00:00 2001
From: Justin Hall <justinha@microsoft.com>
Date: Mon, 6 May 2019 12:29:36 -0700
Subject: [PATCH 015/157] escaped ex

---
 .../select-types-of-rules-to-create.md                        | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md b/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md
index 14ae09388f..9dca57a76c 100644
--- a/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md
+++ b/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md
@@ -108,13 +108,13 @@ They could also choose to create a catalog that captures information about the u
 Beginning with Windows 10 version 1903, WDAC policies can contain path-based rules.
 
 - New-CIPolicy parameters
-  - FilePath: create path rules under path <path to scan> for anything not user-writeable (at the individual file level)
+  - FilePath: create path rules under path \<path to scan> for anything not user-writeable (at the individual file level)
     ```console
     New-CIPolicy -f .\mypolicy.xml -l FilePath -s <path to scan> -u
     ```
     Optionally, add -UserWriteablePaths to ignore user writeability
 
-  - FilePathRule: create a rule where filepath string is directly set to value of <any path string>
+  - FilePathRule: create a rule where filepath string is directly set to value of \<any path string>
     ```console
     New-CIPolicyRule -FilePathRule <any path string>
     ```

From cab27d69904f9b3ab8c26581297700979e1d8af6 Mon Sep 17 00:00:00 2001
From: Justin Hall <justinha@microsoft.com>
Date: Mon, 6 May 2019 12:43:42 -0700
Subject: [PATCH 016/157] added new toc entry

---
 .../TOC.md                                    |  1 +
 .../select-types-of-rules-to-create.md        | 44 ------------
 ...improvements-in-windows-10-version-1903.md | 67 +++++++++++++++++++
 3 files changed, 68 insertions(+), 44 deletions(-)
 create mode 100644 windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-improvements-in-windows-10-version-1903.md

diff --git a/windows/security/threat-protection/windows-defender-application-control/TOC.md b/windows/security/threat-protection/windows-defender-application-control/TOC.md
index ee04e5c824..89a1b3bafb 100644
--- a/windows/security/threat-protection/windows-defender-application-control/TOC.md
+++ b/windows/security/threat-protection/windows-defender-application-control/TOC.md
@@ -34,6 +34,7 @@
 ### [Sideload Win32 apps on S mode](sideloading-win32-apps-on-windows-10-s-mode-devices.md)
 ### [Disable WDAC policies](disable-windows-defender-application-control-policies.md)
 ### [Device Guard and AppLocker](windows-defender-device-guard-and-applocker.md)
+### [Windows Defender Application Control improvements in Windows 10 version 1903](windows-defender-application-control-improvements-in-windows-10-version-1903.md)
 
 ## [AppLocker](applocker\applocker-overview.md) 
 ### [Administer AppLocker](applocker\administer-applocker.md)
diff --git a/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md b/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md
index 9dca57a76c..85b9f016f2 100644
--- a/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md
+++ b/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md
@@ -103,47 +103,3 @@ As part of normal operations, they will eventually install software updates, or
 
 They could also choose to create a catalog that captures information about the unsigned internal application, then sign and distribute the catalog. Then the internal application could be handled by WDAC policies in the same way as any other signed application. An update to the internal application would only require that the catalog be regenerated, signed, and distributed (no restarts would be required).
 
-## Path-based rules
-
-Beginning with Windows 10 version 1903, WDAC policies can contain path-based rules.
-
-- New-CIPolicy parameters
-  - FilePath: create path rules under path \<path to scan> for anything not user-writeable (at the individual file level)
-    ```console
-    New-CIPolicy -f .\mypolicy.xml -l FilePath -s <path to scan> -u
-    ```
-    Optionally, add -UserWriteablePaths to ignore user writeability
-
-  - FilePathRule: create a rule where filepath string is directly set to value of \<any path string>
-    ```console
-    New-CIPolicyRule -FilePathRule <any path string>
-    ```
-    Useful for wildcards like C:\foo\\*
-
-- Usage: same flow as per-app rules
-  ```xml
-  $rules = New-CIPolicyRule …
-  $rules += New-CIPolicyRule …
-  …
-  ```
-  
-  ```console
-  New-CIPolicyRule -f .\mypolicy.xml -u
-  ```
-
-- Wildcards supported:
-  Suffix (ex. C:\foo\\*) OR Prefix (ex. *\foo\bar.exe)
-  - One or the other, not both at the same time
-  - Does not support wildcard in the middle (ex. C:\\*\foo.exe)
-  - Examples:
-    - %WINDIR%\\...
-    - %SYSTEM32%\\...
-    - %OSDRIVE%\\...
-
-- Disable default FilePath rule protection of enforcing user-writeability
-  For example, to add “Disabled:Runtime FilePath Rule Protection” to the policy:
-  ```console
-  Set-RuleOption -o 18 .\policy.xml
-  ```
-
-
diff --git a/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-improvements-in-windows-10-version-1903.md b/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-improvements-in-windows-10-version-1903.md
new file mode 100644
index 0000000000..69413bcaca
--- /dev/null
+++ b/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-improvements-in-windows-10-version-1903.md
@@ -0,0 +1,67 @@
+---
+title: Windows Defender Application Control improvements in Windows 10 version 1903 (Windows 10)
+description: Windows Defender Application Control restricts which applications users are allowed to run and the code that runs in the system core.
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.localizationpriority: medium
+author: jsuther1974
+ms.date: 05/06/2018
+---
+
+# Windows Defender Application Control improvements in Windows 10 version 1903 
+
+**Applies to:**
+
+-   Windows 10
+-   Windows Server 2016
+
+## Path-based rules
+
+Beginning with Windows 10 version 1903, WDAC policies can contain path-based rules.
+
+- New-CIPolicy parameters
+  - FilePath: create path rules under path \<path to scan> for anything not user-writeable (at the individual file level)
+    ```console
+    New-CIPolicy -f .\mypolicy.xml -l FilePath -s <path to scan> -u
+    ```
+    Optionally, add -UserWriteablePaths to ignore user writeability
+
+  - FilePathRule: create a rule where filepath string is directly set to value of \<any path string>
+    ```console
+    New-CIPolicyRule -FilePathRule <any path string>
+    ```
+    Useful for wildcards like C:\foo\\*
+
+- Usage: same flow as per-app rules
+  ```xml
+  $rules = New-CIPolicyRule …
+  $rules += New-CIPolicyRule …
+  …
+  ```
+  
+  ```console
+  New-CIPolicyRule -f .\mypolicy.xml -u
+  ```
+
+- Wildcards supported:
+  Suffix (ex. C:\foo\\*) OR Prefix (ex. *\foo\bar.exe)
+  - One or the other, not both at the same time
+  - Does not support wildcard in the middle (ex. C:\\*\foo.exe)
+  - Examples:
+    - %WINDIR%\\...
+    - %SYSTEM32%\\...
+    - %OSDRIVE%\\...
+
+- Disable default FilePath rule protection of enforcing user-writeability
+  For example, to add “Disabled:Runtime FilePath Rule Protection” to the policy:
+  ```console
+  Set-RuleOption -o 18 .\policy.xml
+  ```
+
+## Multiple Policies
+
+Beginning with Windows 10 vesion 1903, WDAC supportd multiple code integrity policies for one device. 
+
+

From db7c319f3b849c3f30bd30b317083e59c33ed170 Mon Sep 17 00:00:00 2001
From: Justin Hall <justinha@microsoft.com>
Date: Mon, 6 May 2019 14:28:02 -0700
Subject: [PATCH 017/157] added preview text

---
 ...win32-apps-on-windows-10-s-mode-devices.md |  3 +++
 ...improvements-in-windows-10-version-1903.md | 27 ++++++++++---------
 2 files changed, 17 insertions(+), 13 deletions(-)

diff --git a/windows/security/threat-protection/windows-defender-application-control/sideloading-win32-apps-on-windows-10-s-mode-devices.md b/windows/security/threat-protection/windows-defender-application-control/sideloading-win32-apps-on-windows-10-s-mode-devices.md
index 249ce3ddce..5bbde4033e 100644
--- a/windows/security/threat-protection/windows-defender-application-control/sideloading-win32-apps-on-windows-10-s-mode-devices.md
+++ b/windows/security/threat-protection/windows-defender-application-control/sideloading-win32-apps-on-windows-10-s-mode-devices.md
@@ -17,6 +17,9 @@ ms.date: 05/06/2018
 -   Windows 10
 -   Windows Server 2016
 
+>[!IMPORTANT]
+>Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
+
 Windows 10 S mode is a locked-down system that only runs Store apps. 
 Although it provides tight security and thereby promises reduced management, its application control restrictions make it difficult for some to adopt it widely. 
 Sideloading makes S mode a more viable proposition for enterprise and education workloads by allowing critical Desktop apps in addition to Store apps.
diff --git a/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-improvements-in-windows-10-version-1903.md b/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-improvements-in-windows-10-version-1903.md
index 69413bcaca..d3c5ebd625 100644
--- a/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-improvements-in-windows-10-version-1903.md
+++ b/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-improvements-in-windows-10-version-1903.md
@@ -17,9 +17,14 @@ ms.date: 05/06/2018
 -   Windows 10
 -   Windows Server 2016
 
+>[!IMPORTANT]
+>Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
+
+This topic covers improvements introduced in Windows 10, version 1903.
+
 ## Path-based rules
 
-Beginning with Windows 10 version 1903, WDAC policies can contain path-based rules.
+Beginning with Windows 10 version 1903, Windows Defender Application Control (WDAC) policies can contain path-based rules.
 
 - New-CIPolicy parameters
   - FilePath: create path rules under path \<path to scan> for anything not user-writeable (at the individual file level)
@@ -34,29 +39,25 @@ Beginning with Windows 10 version 1903, WDAC policies can contain path-based rul
     ```
     Useful for wildcards like C:\foo\\*
 
-- Usage: same flow as per-app rules
-  ```xml
+- Usage follows the same flow as per-app rules:
+  ```powershell
   $rules = New-CIPolicyRule …
   $rules += New-CIPolicyRule …
   …
-  ```
-  
-  ```console
   New-CIPolicyRule -f .\mypolicy.xml -u
   ```
 
-- Wildcards supported:
-  Suffix (ex. C:\foo\\*) OR Prefix (ex. *\foo\bar.exe)
-  - One or the other, not both at the same time
-  - Does not support wildcard in the middle (ex. C:\\*\foo.exe)
+- Wildcards supported
+  - Suffix (ex. C:\foo\\*) OR Prefix (ex. *\foo\bar.exe)
+    - One or the other, not both at the same time
+    - Does not support wildcard in the middle (ex. C:\\*\foo.exe)
   - Examples:
     - %WINDIR%\\...
     - %SYSTEM32%\\...
     - %OSDRIVE%\\...
 
-- Disable default FilePath rule protection of enforcing user-writeability
-  For example, to add “Disabled:Runtime FilePath Rule Protection” to the policy:
-  ```console
+- Disable default FilePath rule protection of enforcing user-writeability. For example, to add “Disabled:Runtime FilePath Rule Protection” to the policy:
+  ```powershell
   Set-RuleOption -o 18 .\policy.xml
   ```
 

From a878d791762b0a5706f03e78be9aa0689303c967 Mon Sep 17 00:00:00 2001
From: Justin Hall <justinha@microsoft.com>
Date: Mon, 6 May 2019 14:29:59 -0700
Subject: [PATCH 018/157] Update
 windows-defender-application-control-improvements-in-windows-10-version-1903.md

---
 ...ication-control-improvements-in-windows-10-version-1903.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-improvements-in-windows-10-version-1903.md b/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-improvements-in-windows-10-version-1903.md
index d3c5ebd625..1cf88aa97e 100644
--- a/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-improvements-in-windows-10-version-1903.md
+++ b/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-improvements-in-windows-10-version-1903.md
@@ -28,13 +28,13 @@ Beginning with Windows 10 version 1903, Windows Defender Application Control (WD
 
 - New-CIPolicy parameters
   - FilePath: create path rules under path \<path to scan> for anything not user-writeable (at the individual file level)
-    ```console
+    ```powershell
     New-CIPolicy -f .\mypolicy.xml -l FilePath -s <path to scan> -u
     ```
     Optionally, add -UserWriteablePaths to ignore user writeability
 
   - FilePathRule: create a rule where filepath string is directly set to value of \<any path string>
-    ```console
+    ```powershell
     New-CIPolicyRule -FilePathRule <any path string>
     ```
     Useful for wildcards like C:\foo\\*

From 43571b22c515a289d7749145e97fe99fd6d97cbc Mon Sep 17 00:00:00 2001
From: Justin Hall <justinha@microsoft.com>
Date: Mon, 6 May 2019 14:31:41 -0700
Subject: [PATCH 019/157] edits

---
 ...ation-control-improvements-in-windows-10-version-1903.md | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-improvements-in-windows-10-version-1903.md b/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-improvements-in-windows-10-version-1903.md
index 1cf88aa97e..7aa79f9097 100644
--- a/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-improvements-in-windows-10-version-1903.md
+++ b/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-improvements-in-windows-10-version-1903.md
@@ -66,3 +66,9 @@ Beginning with Windows 10 version 1903, Windows Defender Application Control (WD
 Beginning with Windows 10 vesion 1903, WDAC supportd multiple code integrity policies for one device. 
 
 
+WDAC – Composable (stacked) code integrity policies for supporting multiple code integrity policies
+### Precedence
+- Multiple base policies: intersection
+  - Only applications allowed by both policies run without generating block events
+- Base + supplemental policy: union
+  - Files that are allowed by the base policy or the supplemental policy are not blocked

From fc8eff7139bd482802f06d98ef4c8a9262cfafbf Mon Sep 17 00:00:00 2001
From: Justin Hall <justinha@microsoft.com>
Date: Mon, 6 May 2019 17:16:22 -0700
Subject: [PATCH 020/157] added PS examples

---
 ...improvements-in-windows-10-version-1903.md | 170 +++++++++++++++++-
 1 file changed, 167 insertions(+), 3 deletions(-)

diff --git a/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-improvements-in-windows-10-version-1903.md b/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-improvements-in-windows-10-version-1903.md
index 7aa79f9097..86738f84e8 100644
--- a/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-improvements-in-windows-10-version-1903.md
+++ b/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-improvements-in-windows-10-version-1903.md
@@ -63,12 +63,176 @@ Beginning with Windows 10 version 1903, Windows Defender Application Control (WD
 
 ## Multiple Policies
 
-Beginning with Windows 10 vesion 1903, WDAC supportd multiple code integrity policies for one device. 
+Beginning with Windows 10 version 1903, WDAC supports multiple code integrity policies for one device. 
 
-
-WDAC – Composable (stacked) code integrity policies for supporting multiple code integrity policies
 ### Precedence
+
 - Multiple base policies: intersection
   - Only applications allowed by both policies run without generating block events
 - Base + supplemental policy: union
   - Files that are allowed by the base policy or the supplemental policy are not blocked
+
+### Newly Supported Scenarios
+
+WDAC brings you the ability to support multiple CI policies. Three scenarios are now supported:
+
+1.	Enforce and Audit Side-by-Side (Intersection)
+    - To validate policy changes before deploying in enforcement mode, deploy an audit-mode base policy side-by-side with an existing enforcement-mode base policy
+2.	Multiple Base Policies (Intersection)
+    - Enforce two or more base policies simultaneously to allow simpler policy targeting for policies with different scope/intent
+    - Ex. Base1 is a corporate standard policy that is relatively loose to accommodate all organizations while forcing minimum corp standards (e.g. Windows works + Managed Installer + path rules). Base2 is a team-specific policy that further restricts what is allowed to run (e.g. Windows works + Managed Installer + corporate signed apps only)
+3.	Supplemental Policies (Union)
+    - Deploy a supplemental policy (or policies) to expand a base policy
+    - Ex. The Azure host base policy restricts tightly to just allow Windows and hardware drivers. Can add a supplemental policy to allow just the additional signer rules needed to support signed code from the Exchange team.
+
+## COM Whitelisting
+
+•	https://docs.microsoft.com/en-us/windows/desktop/com/the-component-object-model
+
+Get GUID of application to allow by either:
+- Finding block event in Event Viewer (Application and Service Logs > Microsoft > Windows > AppLocker > MSI and Script) and extracting GUID
+- Creating audit policy (using New-CIPolicy –Audit), potentially with specific provider, and use info from block events to get GUID
+
+### Author setting
+
+Three elements:
+- Provider: platform on which code is running (values are  Powershell, WSH, IE, VBA, MSI, or a wildcard “AllHostIds”)
+- Key: GUID for the program you with to run, in the format Key="{33333333-4444-4444-1616-161616161616}"
+- ValueName: needs to be set to "EnterpriseDefinedClsId"
+One attribute:
+- Value: needs to be “true” for allow and “false” for deny
+  Note: without quotation marks
+  Note: deny only works in base policies
+- The setting needs to be placed in the order of ASCII values, first by Provider, then Key, then ValueName
+
+### Examples
+
+```xml
+    <Setting Provider="AllHostIds" Key="AllKeys" ValueName="EnterpriseDefinedClsId">
+      <Value>
+        <Boolean>true</Boolean>
+      </Value>
+    </Setting>
+    <Setting Provider="IE" Key="{00000000-4444-4444-1616-161616161616}" ValueName="EnterpriseDefinedClsId">
+      <Value>
+        <Boolean>false</Boolean>
+      </Value>
+    </Setting>
+    <Setting Provider="PowerShell" Key="{33333333-4444-4444-1616-161616161616}" ValueName="EnterpriseDefinedClsId">
+      <Value>
+        <Boolean>true</Boolean>
+      </Value>
+    </Setting>
+```
+
+## New PowerShell parameters
+
+New-CIPolicy
+- MultiplePolicyFormat: allows for multiple policies
+
+```powershell
+New-CIPolicy [-FilePath] <string> -Level {None | Hash | FileName | SignedVersion | Publisher | FilePublisher | LeafCertificate | PcaCertificate | RootCertificate | WHQL | WHQLPublisher | WHQLFilePublisher | PFN | FilePath}
+   [-DriverFiles <DriverFile[]>] [-Fallback {None | Hash | FileName | SignedVersion | Publisher | FilePublisher | LeafCertificate | PcaCertificate | RootCertificate | WHQL | WHQLPublisher | WHQLFilePublisher | PFN | FilePath}]
+   [-Audit] [-ScanPath <string>] [-ScriptFileNames] [-AllowFileNameFallbacks] [-SpecificFileNameLevel {None | OriginalFileName | InternalName | FileDescription | ProductName | PackageFamilyName | FilePath}] [-UserPEs] [-NoScript]
+   [-Deny] [-NoShadowCopy] [-MultiplePolicyFormat] [-OmitPaths <string[]>] [-PathToCatroot <string>]  [<CommonParameters>] – to generate new policy format(base policy and policy type and policy guid)
+```
+
+Set-CIPolicyIdInfo
+- **SupplementsBasePolicyID**: guid of new supplemental policy
+- **BasePolicyToSupplementPath**: base policy that the supplemental policy applies to
+- **ResetPolicyID**: reset the policy guids back to a random guid
+
+```powershell
+Set-CIPolicyIdInfo [-FilePath] <string> [-PolicyName <string>] [-SupplementsBasePolicyID <guid>] [-BasePolicyToSupplementPath <string>] [-ResetPolicyID] [-PolicyId <string>]  [<CommonParameters>]
+```
+
+Add-SignerRule
+- **Supplemental**: provides supplemental signers
+
+```powershell
+Add-SignerRule -FilePath <string> -CertificatePath <string> [-Kernel] [-User] [-Update] [-Supplemental] [-Deny]  [<CommonParameters>] 
+```
+
+Set-RuleOption
+- **Enabled:Allow Supplemental Policies**: makes base policy able to be supplemented
+
+### Examples
+
+**Scenario #1: Creating a new base policy**
+
+```powershell
+New-CiPolicy -MulitplePolicyFormat -foo –bar
+```
+
+- **MultiplePolicyFormat** switch results in 1) random GUIDs being generated for the policy ID and 2) the policy type being specified as base.
+  Can optionally choose to make it supplementable:
+  - Set-RuleOption has a new option **Enabled:Allow Supplemental Policies** to set for base policy
+- For signed policies that are being made supplementable, need to ensure that supplemental signers are defined. Use “Add-SignerRule” to provide supplemental signers.
+  ```powershell
+  Add-SignerRule -FilePath <string> -CertificatePath <string> [-Kernel] [-User] [-Update] [-Supplemental] [-Deny]  [<CommonParameters>]
+  ```
+
+**Scenario #2: Creating a new supplemental policy**
+
+1. Scan using `New-CiPolicy –MuliplePolicyFormat` to generate a base policy:
+   ```powershell
+   New-CIPolicy -Level PcaCertificate -UserPEs -ScanPath <path> -MultiplePolicyFormat 3> <path\CIPolicyLog.txt> -FilePath <path\SupplementalPolicy.xml>
+   ```
+2. Change this new base policy to a supplemental policy
+   - Provide path of base in `Set-CIPolicyIdInfo –BasePolicytoSupplementPath`
+   - Provide GUID of base in `Set-CIPolicyIdInfo –SupplementsBasePolicyID`
+   ```powershell
+   Set-CIPolicyIdInfo -BasePolicyToSupplementPath <path\SupplementalPolicy.xml> -SupplementsBasePolicyID <BasePolicyID> -FilePath <path\SupplementalPolicy.xml>
+   ```   
+   - Can revert the policy back to being a base policy using `-ResetPolicyID`
+   
+**Scenario #3: Merging policies**
+
+- When merging, the policy type and ID of the leftmost/first policy specified is used
+  - If the leftmost is a base policy with ID <ID>, then regardless of what the GUIDS and types are for any subsequent policies, the merged policy will be a base policy with ID <ID>
+
+## Packaged App Rules
+
+`New-CIPolicyRule -Package $Package -Deny` to block apps is your best use case, so something like:
+
+1. Get the info about an installed package.
+   ```powershell
+   $package = Get-AppxPackage -name <netflix>
+   ```
+   Dependencies field in output is full Package object, can be accessed and passed directly to New-CIPolicyRule.
+2. Make a rule.
+   ```powershell   
+   $Rule = New-CIPolicyRule -Package $package -deny
+   ```
+3. Repeat for other packages you want to block using $rule +=…. 
+4. Make a policy for just the blocks you created for packages.   
+   ```powershell
+   New-CIpolicy -rules $rule -f .\policy.xml -u
+   ```
+5. Merge with allow windows policy, or you could also use examplepolicies\AllowAll.xml.
+   ```powershell
+   Merge-CIPolicy -PolicyPaths .\policy.xml,C:\windows\Schemas\codeintegrity\examplepolicies\DefaultWindows_Audit.xml -o allowWindowsDenyPackages.xml
+   ```
+6. Disable audit mode.
+   ```powershell
+   Set-RuleOption -o 3 -Delete .\allowWindowsDenyPackages.xml
+   ```
+7. Enable invalidate EAs on reboot.
+   ```powershell
+   Set-RuleOption -o 15 .\allowWindowsDenyPackages.xml 
+   ```
+8. Compile the policy
+   ```powershell
+   ConvertFrom-CIPolicy .\AllowWindowsDenyPackages.xml C:\compiledpolicy.bin
+   ```
+9. Install the policy withwout restarting.
+   ```powershell
+   Invoke-CimMethod -Namespace root\Microsoft\Windows\CI -ClassName PS_UpdateAndCompareCIPolicy -MethodName Update -Arguments @{FilePath = "C:\compiledpolicy.bin"}
+   ```
+
+After doing this on the next build of Dev3, for the apps that you blocked, already installed apps should fail to launch, and should you put this policy on another machine that hasn’t yet installed the apps, store should block them from being purchased/installed.
+If you wanted to make a rule for an app that isn’t already installed, first make a rule for an app that is.  Then for the app you want to actually block take the store URL (from store page click … then share, then copy link to get something like: https://www.microsoft.com/store/productId/9WZDNCRFJ3TJ) and grab the hash code at the end (in bold) then replace the bolded bit below:
+https://bspmts.mp.microsoft.com/v1/public/catalog/Retail/Products/9wzdncrfj3tj/applockerdata
+then grab packagefamilyname and replace the one in the xml you got in step 4 with the PFN from the link above, then run through 5-9 again.
+
+

From 7bb830d8e386dde5fa961af312871748c931c9fa Mon Sep 17 00:00:00 2001
From: Justin Hall <justinha@microsoft.com>
Date: Mon, 6 May 2019 17:17:56 -0700
Subject: [PATCH 021/157] added faq

---
 ...improvements-in-windows-10-version-1903.md | 70 +++++++++++++++++++
 1 file changed, 70 insertions(+)

diff --git a/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-improvements-in-windows-10-version-1903.md b/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-improvements-in-windows-10-version-1903.md
index 86738f84e8..3bee320959 100644
--- a/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-improvements-in-windows-10-version-1903.md
+++ b/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-improvements-in-windows-10-version-1903.md
@@ -235,4 +235,74 @@ If you wanted to make a rule for an app that isn’t already installed, first ma
 https://bspmts.mp.microsoft.com/v1/public/catalog/Retail/Products/9wzdncrfj3tj/applockerdata
 then grab packagefamilyname and replace the one in the xml you got in step 4 with the PFN from the link above, then run through 5-9 again.
 
+## FAQs
+
+Misc
+a.	Questions:
+•	What uniquely identifies a “file”? SHA1, SHA256, either, both?
+o	What is the “Flat hash” vs. normal?
+Either hash works as a unique identifier, would recommend sha256 though just because lower collision chance.
+“Authenticode Hash” is the hash we use, it is calculated in a way that does not change even if the file is embed signed, whereas “flat hash” is just a direct hash on the bytes of the file and changes with signature.
+For Scripts/MSIs an embedded hash would use the SIP of the particular script type, while a catalog hash would use the flat hash (since catalogs are only aware of a few select SIPs, particularly the PE exe/dll one), so the 8028/8029 events log the “CatalogHash” as well, in case it differs from the hash used to evaluate against an embedded sig
+ 
+•	What property of a file is used to map out to a publisher?
+Files are tied to publishers via their signature (either embed signed or catalog signed via a signed catalog containing that files hash), correlate 3089 events in order to get publisher data
+ 
+•	Can you give a description/enumeration of values for “signing level”?
+ 
+Base signing levels are:
+#define SE_SIGNING_LEVEL_UNCHECKED         0x00000000
+#define SE_SIGNING_LEVEL_UNSIGNED          0x00000001
+#define SE_SIGNING_LEVEL_ENTERPRISE        0x00000002
+#define SE_SIGNING_LEVEL_CUSTOM_1          0x00000003
+#define SE_SIGNING_LEVEL_DEVELOPER         SE_SIGNING_LEVEL_CUSTOM_1
+#define SE_SIGNING_LEVEL_AUTHENTICODE      0x00000004
+#define SE_SIGNING_LEVEL_CUSTOM_2          0x00000005
+#define SE_SIGNING_LEVEL_STORE             0x00000006
+#define SE_SIGNING_LEVEL_CUSTOM_3          0x00000007
+#define SE_SIGNING_LEVEL_ANTIMALWARE       SE_SIGNING_LEVEL_CUSTOM_3
+#define SE_SIGNING_LEVEL_MICROSOFT         0x00000008
+#define SE_SIGNING_LEVEL_CUSTOM_4          0x00000009
+#define SE_SIGNING_LEVEL_CUSTOM_5          0x0000000A
+#define SE_SIGNING_LEVEL_DYNAMIC_CODEGEN   0x0000000B
+#define SE_SIGNING_LEVEL_WINDOWS           0x0000000C
+#define SE_SIGNING_LEVEL_CUSTOM_7          0x0000000D
+#define SE_SIGNING_LEVEL_WINDOWS_TCB       0x0000000E
+#define SE_SIGNING_LEVEL_CUSTOM_6          0x0000000F
+ 
+The TL;DR on signing levels is we have collections of certificates+EKUs that we use to define broad “security levels” based on signer, for example SE_SIGNING_LEVEL_WINDOWS generally maps to “signed as part of a production windows build)
+Some also inherit from others (e.g. signing level windows is a subset of microsoft)
+ 
+See minkernel\published\base\ntseapi_x.w and ntseapi.w, and/or poke around in onecore\base\ci\dll\cipolicy.c searching for references to se_signing_level* for more on signing levels and how they are used with CIPolicy
+ 
+•	What is the “SI Signing Scenario”?
+Pretty sure this one maps to either kernel or user mode (0 or 1 respectively), CIPolicy lets you configure whitelists for each separately, e.g. you probably wouldn’t want some random user mode app, say notepad++ to run as a kernel driver 😊 
+ 
+•	Can you also provide the “description” for the events? I know audit/block are each one of two values next to each other, but do they audit/block a specific file type only? Script? Exe?
+3076 Audit for exe/dll generated by CI in the createprocess stack
+3077 enforced version
+3089 Signing information event correlated with either a 3076/3077 event, contains # of signatures and an index as to which signature it is, one 3089 is generated for each signature of a file (so many 3089 map to one 3076/77).  Unsigned files will generate a single 3089 with TotalSignatureCount 0
+8028 Audit for scripts/msis generated by WLDP being called by the scripthosts themselves (scripthosts opt in to enforcement, so we don’t enforce on 3rd party scripthosts like python/ruby)
+8029 Enforce for scripts
+We don’t currently have signer information in the script events
+ 
+•	I don’t understand what the “Policy” fields are.
+Code Integrity Policy is at its core an enterprise whitelisting solution.  For these events to be generated, customers would have had to generate a policy xml, compile it, and deploy it.  PolicyName/PolicyID fields are optional fields customers can add to the policy to get propagated into the events, policy hash is literally the hash of the policy (and policy hash matching guarantees that two events were blocked by the same policy).  Since you can have multiple concurrent policies on one system supplementing each other, knowing what policy actually blocked the binary from running is useful
+ 
+•	Is this purely file based or do I need to worry about the “PackageName” grouping?
+o	Eg… do I need the packagename to get back to a publisher or are individual files from the package all mapped up directly?
+An event is generated for each individual binary that failed policy.  The PackageFamilyName is put in the process token of all binaries loading under an appx and is can be used in rules in policy to attempt to allow an entire package to run rather than whitelisting each individual binary, but we will still generate an individual event for each binary that fails
+I can’t currently remember if the PackageFamilyName field is even calculated or just zeroed out if there aren’t PFN rules in a policy
+ 
+•	What field in 3089 am I able to join on to map from File to Publisher?
+CorrelationID is actually not in the event templates I sent you and is actually an optional field in the metadata of every eventviewer event.  In the XML of the event the correlationID’s path is:
+<Event><System><Correlation ActivityID=”{GUID}” />
+For comparison, the rest of the fields look like:
+<Event><EventData><Data Name=”FileNameLength”>value</Data><Data Name=”FileName”>value2</Data>…
+ 
+•	3076/77 don’t seem to include ‘File Path’. Can this be deduced from ‘File Name’?
+•	8028/8029 don’t seem to include ‘File Name’. Can this be deduced from ‘File Path’?
+“File Name” in 3076/77 is actually the path in NT form (\Device\HarddiskVolume3\Windows\System32\myfile.dll), and the “originalfilename” field maps to what would be “File Name” in a file rule in policy XML
+For 8028/8029 File Path is the C:\ path to the file and you’ll notice a trend where we didn’t bother to include all the same fields we do for the PE files so there is no “originalFileName”
+
 

From fd96a3d538cf448adb87c3cb857d242e986a5f09 Mon Sep 17 00:00:00 2001
From: Justin Hall <justinha@microsoft.com>
Date: Mon, 6 May 2019 17:32:02 -0700
Subject: [PATCH 022/157] added Q&A

---
 ...improvements-in-windows-10-version-1903.md | 82 +++++++++++--------
 1 file changed, 49 insertions(+), 33 deletions(-)

diff --git a/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-improvements-in-windows-10-version-1903.md b/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-improvements-in-windows-10-version-1903.md
index 3bee320959..b563a2c54f 100644
--- a/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-improvements-in-windows-10-version-1903.md
+++ b/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-improvements-in-windows-10-version-1903.md
@@ -237,20 +237,23 @@ then grab packagefamilyname and replace the one in the xml you got in step 4 wit
 
 ## FAQs
 
-Misc
-a.	Questions:
-•	What uniquely identifies a “file”? SHA1, SHA256, either, both?
-o	What is the “Flat hash” vs. normal?
-Either hash works as a unique identifier, would recommend sha256 though just because lower collision chance.
+**Q:** What uniquely identifies a “file”? SHA1, SHA256, either, both? What is the “Flat hash” vs. normal?
+
+**A:** Either hash works as a unique identifier, would recommend sha256 though just because lower collision chance.
+
 “Authenticode Hash” is the hash we use, it is calculated in a way that does not change even if the file is embed signed, whereas “flat hash” is just a direct hash on the bytes of the file and changes with signature.
+
 For Scripts/MSIs an embedded hash would use the SIP of the particular script type, while a catalog hash would use the flat hash (since catalogs are only aware of a few select SIPs, particularly the PE exe/dll one), so the 8028/8029 events log the “CatalogHash” as well, in case it differs from the hash used to evaluate against an embedded sig
  
-•	What property of a file is used to map out to a publisher?
-Files are tied to publishers via their signature (either embed signed or catalog signed via a signed catalog containing that files hash), correlate 3089 events in order to get publisher data
+**Q:** What property of a file is used to map out to a publisher?
+
+**A:** Files are tied to publishers via their signature (either embed signed or catalog signed via a signed catalog containing that files hash), correlate 3089 events in order to get publisher data
  
-•	Can you give a description/enumeration of values for “signing level”?
+**Q:** Can you give a description/enumeration of values for “signing level”?
  
-Base signing levels are:
+**A:** Base signing levels are:
+
+```xml
 #define SE_SIGNING_LEVEL_UNCHECKED         0x00000000
 #define SE_SIGNING_LEVEL_UNSIGNED          0x00000001
 #define SE_SIGNING_LEVEL_ENTERPRISE        0x00000002
@@ -269,40 +272,53 @@ Base signing levels are:
 #define SE_SIGNING_LEVEL_CUSTOM_7          0x0000000D
 #define SE_SIGNING_LEVEL_WINDOWS_TCB       0x0000000E
 #define SE_SIGNING_LEVEL_CUSTOM_6          0x0000000F
+```
  
-The TL;DR on signing levels is we have collections of certificates+EKUs that we use to define broad “security levels” based on signer, for example SE_SIGNING_LEVEL_WINDOWS generally maps to “signed as part of a production windows build)
-Some also inherit from others (e.g. signing level windows is a subset of microsoft)
+The TL;DR on signing levels is we have collections of certificates+EKUs that we use to define broad “security levels” based on signer, for example SE_SIGNING_LEVEL_WINDOWS generally maps to “signed as part of a production Windows build)
+Some also inherit from others (e.g. signing level Windows is a subset of Microsoft)
  
-See minkernel\published\base\ntseapi_x.w and ntseapi.w, and/or poke around in onecore\base\ci\dll\cipolicy.c searching for references to se_signing_level* for more on signing levels and how they are used with CIPolicy
+**Q:** What is the “SI Signing Scenario”?
+This maps to either kernel or user mode (0 or 1 respectively). CIPolicy lets you configure whitelists for each separately.
  
-•	What is the “SI Signing Scenario”?
-Pretty sure this one maps to either kernel or user mode (0 or 1 respectively), CIPolicy lets you configure whitelists for each separately, e.g. you probably wouldn’t want some random user mode app, say notepad++ to run as a kernel driver 😊 
- 
-•	Can you also provide the “description” for the events? I know audit/block are each one of two values next to each other, but do they audit/block a specific file type only? Script? Exe?
-3076 Audit for exe/dll generated by CI in the createprocess stack
-3077 enforced version
-3089 Signing information event correlated with either a 3076/3077 event, contains # of signatures and an index as to which signature it is, one 3089 is generated for each signature of a file (so many 3089 map to one 3076/77).  Unsigned files will generate a single 3089 with TotalSignatureCount 0
-8028 Audit for scripts/msis generated by WLDP being called by the scripthosts themselves (scripthosts opt in to enforcement, so we don’t enforce on 3rd party scripthosts like python/ruby)
-8029 Enforce for scripts
+**Q:** Can you also provide the “description” for the events? 
+
+I know audit/block are each one of two values next to each other, but do they audit/block a specific file type only? Script? Exe?
+
+|-------|--------------------------|
+|Event ID| Description              |
+|3076 |Audit for exe/dll generated by CI in the createprocess stack|
+|3077 |Enforced version |
+|3089 |Signing information event correlated with either a 3076/3077 event, contains # of signatures and an index as to which signature it is, one 3089 is generated for each signature of a file (so many 3089 map to one 3076/77).  Unsigned files will generate a single 3089 with TotalSignatureCount 0 |
+|8028 |Audit for scripts/msis generated by WLDP being called by the scripthosts themselves (scripthosts opt in to enforcement, so we don’t enforce on 3rd party scripthosts like python/ruby)|
+|8029 |Enforce for scripts|
+
 We don’t currently have signer information in the script events
  
-•	I don’t understand what the “Policy” fields are.
-Code Integrity Policy is at its core an enterprise whitelisting solution.  For these events to be generated, customers would have had to generate a policy xml, compile it, and deploy it.  PolicyName/PolicyID fields are optional fields customers can add to the policy to get propagated into the events, policy hash is literally the hash of the policy (and policy hash matching guarantees that two events were blocked by the same policy).  Since you can have multiple concurrent policies on one system supplementing each other, knowing what policy actually blocked the binary from running is useful
+**Q:** I don’t understand what the “Policy” fields are.
+
+**A:** Code Integrity Policy is at its core an enterprise whitelisting solution.  For these events to be generated, customers would have had to generate a policy xml, compile it, and deploy it.  PolicyName/PolicyID fields are optional fields customers can add to the policy to get propagated into the events, policy hash is literally the hash of the policy (and policy hash matching guarantees that two events were blocked by the same policy).  Since you can have multiple concurrent policies on one system supplementing each other, knowing what policy actually blocked the binary from running is useful
  
-•	Is this purely file based or do I need to worry about the “PackageName” grouping?
-o	Eg… do I need the packagename to get back to a publisher or are individual files from the package all mapped up directly?
-An event is generated for each individual binary that failed policy.  The PackageFamilyName is put in the process token of all binaries loading under an appx and is can be used in rules in policy to attempt to allow an entire package to run rather than whitelisting each individual binary, but we will still generate an individual event for each binary that fails
-I can’t currently remember if the PackageFamilyName field is even calculated or just zeroed out if there aren’t PFN rules in a policy
+**Q:** Is this purely file based or do I need to worry about the “PackageName” grouping? For example, do I need the packagename to get back to a publisher or are individual files from the package all mapped up directly?
+
+**A:** An event is generated for each individual binary that failed policy.  The PackageFamilyName is put in the process token of all binaries loading under an appx and is can be used in rules in policy to attempt to allow an entire package to run rather than whitelisting each individual binary, but we will still generate an individual event for each binary that fails.
+
  
-•	What field in 3089 am I able to join on to map from File to Publisher?
-CorrelationID is actually not in the event templates I sent you and is actually an optional field in the metadata of every eventviewer event.  In the XML of the event the correlationID’s path is:
+**Q:** What field in 3089 am I able to join on to map from File to Publisher?
+
+**A:** CorrelationID is actually not in the event templates I sent you and is actually an optional field in the metadata of every eventviewer event.  In the XML of the event the correlationID’s path is:
+
+```xml
 <Event><System><Correlation ActivityID=”{GUID}” />
+```
 For comparison, the rest of the fields look like:
+```xml
 <Event><EventData><Data Name=”FileNameLength”>value</Data><Data Name=”FileName”>value2</Data>…
+```
+
  
-•	3076/77 don’t seem to include ‘File Path’. Can this be deduced from ‘File Name’?
-•	8028/8029 don’t seem to include ‘File Name’. Can this be deduced from ‘File Path’?
-“File Name” in 3076/77 is actually the path in NT form (\Device\HarddiskVolume3\Windows\System32\myfile.dll), and the “originalfilename” field maps to what would be “File Name” in a file rule in policy XML
-For 8028/8029 File Path is the C:\ path to the file and you’ll notice a trend where we didn’t bother to include all the same fields we do for the PE files so there is no “originalFileName”
+**Q:** 3076/77 don’t seem to include ‘File Path’. Can this be deduced from ‘File Name’? 8028/8029 don’t seem to include ‘File Name’. Can this be deduced from ‘File Path’?
+
+**A:** “File Name” in 3076/77 is actually the path in NT form (\Device\HarddiskVolume3\Windows\System32\myfile.dll), and the “originalfilename” field maps to what would be “File Name” in a file rule in policy XML.
+For 8028/8029, File Path is the C:\ path to the file and you’ll notice a trend where we didn’t bother to include all the same fields we do for the PE files so there is no “originalFileName”.
 
 

From ba046cc060498140ddec69490a6c8a2020520465 Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Thu, 9 May 2019 11:57:29 -0700
Subject: [PATCH 023/157] Create
 windows-endpoints-1903-non-enterprise-editions.md

---
 ...-endpoints-1903-non-enterprise-editions.md | 271 ++++++++++++++++++
 1 file changed, 271 insertions(+)
 create mode 100644 windows/privacy/windows-endpoints-1903-non-enterprise-editions.md

diff --git a/windows/privacy/windows-endpoints-1903-non-enterprise-editions.md b/windows/privacy/windows-endpoints-1903-non-enterprise-editions.md
new file mode 100644
index 0000000000..44fadd939e
--- /dev/null
+++ b/windows/privacy/windows-endpoints-1903-non-enterprise-editions.md
@@ -0,0 +1,271 @@
+---
+title: Windows 10, version 1809, connection endpoints for non-Enterprise editions
+description: Explains what Windows 10 endpoints are used in non-Enterprise editions.
+keywords: privacy, manage connections to Microsoft, Windows 10, Windows Server 2016
+ms.prod: w10
+ms.mktglfcycl: manage
+ms.sitesec: library
+ms.localizationpriority: high
+audience: ITPro
+author: danihalfin
+ms.author: daniha
+manager: dansimp
+ms.collection: M365-security-compliance
+ms.topic: article
+ms.date: 6/26/2018
+---
+# Windows 10, version 1809, connection endpoints for non-Enterprise editions
+
+ **Applies to**
+
+- Windows 10 Home, version 1809
+- Windows 10 Professional, version 1809
+- Windows 10 Education, version 1809
+
+In addition to the endpoints listed for [Windows 10 Enterprise](manage-windows-1809-endpoints.md), the following endpoints are available on other editions of Windows 10, version 1809.
+
+We used the following methodology to derive these network endpoints:
+
+1.	Set up the latest version of Windows 10 on a test virtual machine using the default settings. 
+2.	Leave the devices running idle for a week (that is, a user is not interacting with the system/device).
+3.	Use globally accepted network protocol analyzer/capturing tools and log all background egress traffic.  
+4.	Compile reports on traffic going to public IP addresses.
+5.  The test virtual machine was logged in using a local account and was not joined to a domain or Azure Active Directory.
+6.  All traffic was captured in our lab using a IPV4 network.  Therefore no IPV6 traffic is reported here. 
+
+> [!NOTE]
+> Microsoft uses global load balancers that can appear in network trace-routes. For example, an endpoint for *.akadns.net might be used to load balance requests to an Azure datacenter, which can change over time.
+
+## Windows 10 Family
+
+| **Destination** | **Protocol** | **Description** |
+| --- | --- | --- |
+|\*.aria.microsoft.com*|HTTPS|Microsoft Office Telemetry
+|\*.b.akamai*.net|HTTPS|Used to check for updates to Maps that have been downloaded for offline use
+|\*.c-msedge.net|HTTP|Microsoft Office 
+|\*.dl.delivery.mp.microsoft.com*|HTTP|Enables connections to Windows Update
+|\*.download.windowsupdate.com*|HTTP|Used to download operating system patches and updates
+|\*.g.akamai*.net|HTTPS|Used to check for updates to Maps that have been downloaded for offline use
+|\*.login.msa.*.net|HTTPS|Microsoft Account related
+|\*.msn.com*|TLSv1.2/HTTPS|Windows Spotlight 
+|\*.skype.com|HTTP/HTTPS|Skype 
+|\*.smartscreen.microsoft.com*|HTTPS|Windows Defender Smartscreen 
+|\*.telecommand.telemetry.microsoft.com*|HTTPS|Used by Windows Error Reporting
+|*cdn.onenote.net*|HTTP|OneNote 
+|*displaycatalog.*mp.microsoft.com*|HTTPS|Used to communicate with Microsoft Store 
+|*emdl.ws.microsoft.com*|HTTP|Windows Update 
+|*geo-prod.do.dsp.mp.microsoft.com*|TLSv1.2/HTTPS|Enables connections to Windows Update 
+|*hwcdn.net*|HTTP|Highwinds Content Delivery Network / Windows updates 
+|*img-prod-cms-rt-microsoft-com*|HTTPS|Microsoft Store or Inbox MSN Apps image download 
+|*licensing.*mp.microsoft.com*|HTTPS|Licensing 
+|*maps.windows.com*|HTTPS|Related to Maps application 
+|*msedge.net*|HTTPS|Used by Microsoft OfficeHub to get the metadata of Microsoft Office apps 
+|*nexusrules.officeapps.live.com*|HTTPS|Microsoft Office Telemetry
+|*photos.microsoft.com*|HTTPS|Photos App 
+|*prod.do.dsp.mp.microsoft.com*|TLSv1.2/HTTPS|Used for Windows Update downloads of apps and OS updates 
+|*purchase.md.mp.microsoft.com.akadns.net|HTTPS|Used to communicate with Microsoft Store 
+|*settings.data.microsoft.com.akadns.net|HTTPS|Used for Windows apps to dynamically update their configuration
+|*wac.phicdn.net*|HTTP|Windows Update 
+|*windowsupdate.com*|HTTP|Windows Update 
+|*wns.*windows.com*|TLSv1.2/HTTPS|Used for the Windows Push Notification Services (WNS)
+|*wpc.v0cdn.net*|HTTP|Windows Telemetry 
+|arc.msn.com|HTTPS|Spotlight  
+|auth.gfx.ms*|HTTPS|MSA related
+|cdn.onenote.net|HTTPS|OneNote Live Tile
+|dmd.metaservices.microsoft.com*|HTTP|Device Authentication 
+|e-0009.e-msedge.net|HTTPS|Microsoft Office 
+|e10198.b.akamaiedge.net|HTTPS|Maps application 
+|evoke-windowsservices-tas.msedge*|HTTPS|Photos app 
+|fe2.update.microsoft.com*|TLSv1.2/HTTPS|Enables connections to Windows Update, Microsoft Update, and the online services of Microsoft Store
+|fe3.*.mp.microsoft.com.*|TLSv1.2/HTTPS|Windows Update, Microsoft Update, and Microsoft Store services 
+|g.live.com*|HTTPS|OneDrive 
+|go.microsoft.com|HTTP|Windows Defender
+|iriscoremetadataprod.blob.core.windows.net|HTTPS|Windows Telemetry
+|login.live.com|HTTPS|Device Authentication  
+|msagfx.live.com|HTTP|OneDrive 
+|ocsp.digicert.com*|HTTP|CRL and OCSP checks to the issuing certificate authorities
+|officeclient.microsoft.com|HTTPS|Microsoft Office 
+|oneclient.sfx.ms*|HTTPS|Used by OneDrive for Business to download and verify app updates
+|onecollector.cloudapp.aria.akadns.net|HTTPS|Microsoft Office
+|ow1.res.office365.com|HTTP|Microsoft Office
+|pti.store.microsoft.com|HTTPS|Microsoft Store
+|purchase.mp.microsoft.com*|HTTPS|Used to communicate with Microsoft Store
+|query.prod.cms.rt.microsoft.com*|HTTPS|Used to retrieve Windows Spotlight metadata
+|ris.api.iris.microsoft.com*|TLSv1.2/HTTPS|Used to retrieve Windows Spotlight metadata
+|ris-prod-atm.trafficmanager.net|HTTPS|Azure traffic manager
+|s-0001.s-msedge.net|HTTPS|Microsoft Office
+|self.events.data.microsoft.com|HTTPS|Microsoft Office
+|settings.data.microsoft.com*|HTTPS|Used for Windows apps to dynamically update their configuration
+|settings-win.data.microsoft.com*|HTTPS|Used for Windows apps to dynamically update their configuration
+|share.microsoft.com|HTTPS|Microsoft Store
+|skypeecs-prod-usw-0.cloudapp.net|HTTPS|Microsoft Store
+|sls.update.microsoft.com*|TLSv1.2/HTTPS|Enables connections to Windows Update
+|slscr.update.microsoft.com*|HTTPS|Enables connections to Windows Update
+|store*.dsx.mp.microsoft.com*|HTTPS|Used to communicate with Microsoft Store
+|storecatalogrevocation.storequality.microsoft.com|HTTPS|Microsoft Store
+|storecatalogrevocation.storequality.microsoft.com*|HTTPS|Used to revoke licenses for malicious apps on the Microsoft Store
+|store-images.*microsoft.com*|HTTP|Used to get images that are used for Microsoft Store suggestions
+|storesdk.dsx.mp.microsoft.com|HTTP|Microsoft Store
+|tile-service.weather.microsoft.com*|HTTP|Used to download updates to the Weather app Live Tile
+|time.windows.com|HTTP|Microsoft Windows Time related
+|tsfe.trafficshaping.dsp.mp.microsoft.com*|TLSv1.2/HTTPS|Used for content regulation
+|v10.events.data.microsoft.com|HTTPS|Diagnostic Data
+|watson.telemetry.microsoft.com|HTTPS|Diagnostic Data
+|wdcp.microsoft.*|TLSv1.2, HTTPS|Used for Windows Defender when Cloud-based Protection is enabled
+|wd-prod-cp-us-west-1-fe.westus.cloudapp.azure.com|HTTPS|Windows Defender 
+|wusofficehome.msocdn.com|HTTPS|Microsoft Office
+|www.bing.com*|HTTP|Used for updates for Cortana, apps, and Live Tiles
+|www.msftconnecttest.com|HTTP|Network Connection (NCSI)
+|www.office.com|HTTPS|Microsoft Office
+
+
+## Windows 10 Pro
+
+| **Destination** | **Protocol** | **Description** |
+| --- | --- | --- |
+|\*.cloudapp.azure.com|HTTPS|Azure 
+|\*.delivery.dsp.mp.microsoft.com.nsatc.net|HTTPS|Windows Update, Microsoft Update, and Microsoft Store services 
+|\*.displaycatalog.md.mp.microsoft.com.akadns.net|HTTPS|Microsoft Store 
+|\*.dl.delivery.mp.microsoft.com*|HTTP|Enables connections to Windows Update
+|\*.e-msedge.net|HTTPS|Used by OfficeHub to get the metadata of Office apps
+|\*.g.akamaiedge.net|HTTPS|Used to check for updates to maps that have been downloaded for offline use
+|\*.s-msedge.net|HTTPS|Used by OfficeHub to get the metadata of Office apps
+|\*.windowsupdate.com*|HTTP|Enables connections to Windows Update
+|\*.wns.notify.windows.com.akadns.net|HTTPS|Used for the Windows Push Notification Services (WNS)
+|\*dsp.mp.microsoft.com.nsatc.net|HTTPS|Enables connections to Windows Update
+|\*c-msedge.net|HTTP|Office
+|a1158.g.akamai.net|HTTP|Maps application 
+|arc.msn.com*|HTTP / HTTPS|Used to retrieve Windows Spotlight metadata
+|blob.mwh01prdstr06a.store.core.windows.net|HTTPS|Microsoft Store 
+|browser.pipe.aria.microsoft.com|HTTPS|Microsoft Office 
+|bubblewitch3mobile.king.com|HTTPS|Bubble Witch application 
+|candycrush.king.com|HTTPS|Candy Crush application 
+|cdn.onenote.net|HTTP|Microsoft OneNote 
+|cds.p9u4n2q3.hwcdn.net|HTTP|Highwinds Content Delivery Network traffic for Windows updates
+|client.wns.windows.com|HTTPS|Winddows Notification System 
+|co4.telecommand.telemetry.microsoft.com.akadns.net|HTTPS|Windows Error Reporting 
+|config.edge.skype.com|HTTPS|Microsoft Skype 
+|cs11.wpc.v0cdn.net|HTTP|Windows Telemetry 
+|cs9.wac.phicdn.net|HTTP|Windows Update 
+|cy2.licensing.md.mp.microsoft.com.akadns.net|HTTPS|Used to communicate with Microsoft Store
+|cy2.purchase.md.mp.microsoft.com.akadns.net|HTTPS|Used to communicate with Microsoft Store
+|cy2.settings.data.microsoft.com.akadns.net|HTTPS|Used to communicate with Microsoft Store
+|dmd.metaservices.microsoft.com.akadns.net|HTTP|Device Authentication 
+|e-0009.e-msedge.net|HTTPS|Microsoft Office 
+|e10198.b.akamaiedge.net|HTTPS|Maps application 
+|fe3.update.microsoft.com|HTTPS|Windows Update 
+|g.live.com|HTTPS|Microsoft OneDrive 
+|g.msn.com.nsatc.net|HTTPS|Used to retrieve Windows Spotlight metadata
+|geo-prod.do.dsp.mp.microsoft.com|HTTPS|Windows Update 
+|go.microsoft.com|HTTP|Windows Defender 
+|iecvlist.microsoft.com|HTTPS|Microsoft Edge 
+|img-prod-cms-rt-microsoft-com.akamaized.net|HTTP / HTTPS|Microsoft Store 
+|ipv4.login.msa.akadns6.net|HTTPS|Used for Microsoft accounts to sign in
+|licensing.mp.microsoft.com|HTTP|Licensing 
+|location-inference-westus.cloudapp.net|HTTPS|Used for location data
+|login.live.com|HTTP|Device Authentication 
+|maps.windows.com|HTTP|Maps application 
+|modern.watson.data.microsoft.com.akadns.net|HTTPS|Used by Windows Error Reporting
+|msagfx.live.com|HTTP|OneDrive 
+|nav.smartscreen.microsoft.com|HTTPS|Windows Defender 
+|ocsp.digicert.com*|HTTP|CRL and OCSP checks to the issuing certificate authorities
+|oneclient.sfx.ms|HTTP|OneDrive 
+|pti.store.microsoft.com|HTTPS|Microsoft Store 
+|ris.api.iris.microsoft.com.akadns.net|HTTPS|Used to retrieve Windows Spotlight metadata
+|ris-prod-atm.trafficmanager.net|HTTPS|Azure 
+|s2s.config.skype.com|HTTP|Microsoft Skype 
+|settings-win.data.microsoft.com|HTTPS|Application settings 
+|share.microsoft.com|HTTPS|Microsoft Store 
+|skypeecs-prod-usw-0.cloudapp.net|HTTPS|Microsoft Skype 
+|slscr.update.microsoft.com|HTTPS|Windows Update 
+|storecatalogrevocation.storequality.microsoft.com|HTTPS|Microsoft Store 
+|store-images.microsoft.com|HTTPS|Microsoft Store 
+|tile-service.weather.microsoft.com/*|HTTP|Used to download updates to the Weather app Live Tile
+|time.windows.com|HTTP|Windows time 
+|tsfe.trafficshaping.dsp.mp.microsoft.com|HTTPS|Used for content regulation
+|v10.events.data.microsoft.com*|HTTPS|Microsoft Office 
+|vip5.afdorigin-prod-am02.afdogw.com|HTTPS|Used to serve office 365 experimentation traffic
+|watson.telemetry.microsoft.com|HTTPS|Telemetry 
+|wdcp.microsoft.com|HTTPS|Windows Defender 
+|wusofficehome.msocdn.com|HTTPS|Microsoft Office 
+|www.bing.com|HTTPS|Cortana and Search 
+|www.microsoft.com|HTTP|Diagnostic 
+|www.msftconnecttest.com|HTTP|Network connection 
+|www.office.com|HTTPS|Microsoft Office
+
+
+
+## Windows 10 Education
+
+| **Destination** | **Protocol** | **Description** |
+| --- | --- | --- |
+|\*.b.akamaiedge.net|HTTPS|Used to check for updates to maps that have been downloaded for offline use
+|\*.c-msedge.net|HTTP|Used by OfficeHub to get the metadata of Office apps
+|\*.dl.delivery.mp.microsoft.com*|HTTP|Windows Update
+|\*.e-msedge.net|HTTPS|Used by OfficeHub to get the metadata of Office apps
+|\*.g.akamaiedge.net|HTTPS|Used to check for updates to Maps that have been downloaded for offline use
+|\*.licensing.md.mp.microsoft.com.akadns.net|HTTPS|Microsoft Store
+|\*.settings.data.microsoft.com.akadns.net|HTTPS|Microsoft Store
+|\*.skype.com*|HTTPS|Used to retrieve Skype configuration values 
+|\*.smartscreen*.microsoft.com|HTTPS|Windows Defender 
+|\*.s-msedge.net|HTTPS|Used by OfficeHub to get the metadata of Office apps
+|\*.telecommand.telemetry.microsoft.com*|HTTPS|Used by Windows Error Reporting
+|\*.wac.phicdn.net|HTTP|Windows Update 
+|\*.windowsupdate.com*|HTTP|Windows Update
+|\*.wns.windows.com|HTTPS|Windows Notifications Service 
+|\*.wpc.*.net|HTTP|Diagnostic Data
+|\*displaycatalog.md.mp.microsoft.com.akadns.net|HTTPS|Microsoft Store
+|\*dsp.mp.microsoft.com|HTTPS|Windows Update
+|a1158.g.akamai.net|HTTP|Maps 
+|a122.dscg3.akamai.net|HTTP|Maps 
+|a767.dscg3.akamai.net|HTTP|Maps 
+|au.download.windowsupdate.com*|HTTP|Windows Update
+|bing.com/*|HTTPS|Used for updates for Cortana, apps, and Live Tiles
+|blob.dz5prdstr01a.store.core.windows.net|HTTPS|Microsoft Store 
+|browser.pipe.aria.microsoft.com|HTTP|Used by OfficeHub to get the metadata of Office apps
+|cdn.onenote.net/livetile/*|HTTPS|Used for OneNote Live Tile
+|cds.p9u4n2q3.hwcdn.net|HTTP|Used by the Highwinds Content Delivery Network to perform Windows updates
+|client-office365-tas.msedge.net/*|HTTPS|Office 365 porta and Office Online
+|ctldl.windowsupdate.com*|HTTP|Used to download certificates that are publicly known to be fraudulent
+|displaycatalog.mp.microsoft.com/*|HTTPS|Microsoft Store
+|dmd.metaservices.microsoft.com*|HTTP|Device Authentication
+|download.windowsupdate.com*|HTTPS|Windows Update
+|emdl.ws.microsoft.com/*|HTTP|Used to download apps from the Microsoft Store
+|evoke-windowsservices-tas.msedge.net|HTTPS|Photo app 
+|fe2.update.microsoft.com*|HTTPS|Windows Update, Microsoft Update, Microsoft Store services 
+|fe3.delivery.dsp.mp.microsoft.com.nsatc.net|HTTPS|Windows Update, Microsoft Update, Microsoft Store services 
+|fe3.delivery.mp.microsoft.com*|HTTPS|Windows Update, Microsoft Update, Microsoft Store services 
+|g.live.com*|HTTPS|Used by OneDrive for Business to download and verify app updates
+|g.msn.com.nsatc.net|HTTPS|Used to retrieve Windows Spotlight metadata
+|go.microsoft.com|HTTP|Windows Defender 
+|iecvlist.microsoft.com|HTTPS|Microsoft Edge browser 
+|ipv4.login.msa.akadns6.net|HTTPS|Used for Microsoft accounts to sign in
+|licensing.mp.microsoft.com*|HTTPS|Used for online activation and some app licensing
+|login.live.com|HTTPS|Device Authentication
+|maps.windows.com/windows-app-web-link|HTTPS|Maps application
+|modern.watson.data.microsoft.com.akadns.net|HTTPS|Used by Windows Error Reporting
+|msagfx.live.com|HTTPS|OneDrive 
+|ocos-office365-s2s.msedge.net/*|HTTPS|Used to connect to the Office 365 portal's shared infrastructure
+|ocsp.digicert.com*|HTTP|CRL and OCSP checks to the issuing certificate authorities
+|oneclient.sfx.ms/*|HTTPS|Used by OneDrive for Business to download and verify app updates
+|onecollector.cloudapp.aria.akadns.net|HTTPS|Microsoft Office 
+|pti.store.microsoft.com|HTTPS|Microsoft Store 
+|settings-win.data.microsoft.com/settings/*|HTTPS|Used as a way for apps to dynamically update their configuration 
+|share.microsoft.com|HTTPS|Microsoft Store 
+|skypeecs-prod-usw-0.cloudapp.net|HTTPS|Skype 
+|sls.update.microsoft.com*|HTTPS|Windows Update
+|storecatalogrevocation.storequality.microsoft.com*|HTTPS|Used to revoke licenses for malicious apps on the Microsoft Store
+|tile-service.weather.microsoft.com*|HTTP|Used to download updates to the Weather app Live Tile
+|tsfe.trafficshaping.dsp.mp.microsoft.com|HTTPS|Windows Update 
+|v10.events.data.microsoft.com*|HTTPS|Diagnostic Data
+|vip5.afdorigin-prod-ch02.afdogw.com|HTTPS|Used to serve Office 365 experimentation traffic
+|watson.telemetry.microsoft.com*|HTTPS|Used by Windows Error Reporting
+|wdcp.microsoft.com|HTTPS|Windows Defender 
+|wd-prod-cp-us-east-1-fe.eastus.cloudapp.azure.com|HTTPS|Azure 
+|wusofficehome.msocdn.com|HTTPS|Microsoft Office 
+|www.bing.com|HTTPS|Cortana and Search 
+|www.microsoft.com|HTTP|Diagnostic Data
+|www.microsoft.com/pkiops/certs/*|HTTP|CRL and OCSP checks to the issuing certificate authorities
+|www.msftconnecttest.com|HTTP|Network Connection 
+|www.office.com|HTTPS|Microsoft Office
+

From e936adc1bb432d397f45c9e3aac764d712c1240e Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Thu, 9 May 2019 12:35:53 -0700
Subject: [PATCH 024/157] Update
 windows-endpoints-1903-non-enterprise-editions.md

---
 ...-endpoints-1903-non-enterprise-editions.md | 20 +++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/windows/privacy/windows-endpoints-1903-non-enterprise-editions.md b/windows/privacy/windows-endpoints-1903-non-enterprise-editions.md
index 44fadd939e..2c3885c711 100644
--- a/windows/privacy/windows-endpoints-1903-non-enterprise-editions.md
+++ b/windows/privacy/windows-endpoints-1903-non-enterprise-editions.md
@@ -1,5 +1,5 @@
 ---
-title: Windows 10, version 1809, connection endpoints for non-Enterprise editions
+title: Windows 10, version 1903, connection endpoints for non-Enterprise editions
 description: Explains what Windows 10 endpoints are used in non-Enterprise editions.
 keywords: privacy, manage connections to Microsoft, Windows 10, Windows Server 2016
 ms.prod: w10
@@ -7,22 +7,22 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.localizationpriority: high
 audience: ITPro
-author: danihalfin
-ms.author: daniha
-manager: dansimp
+author: mikeedgar
+ms.author: v-medgar
+manager: sanashar
 ms.collection: M365-security-compliance
 ms.topic: article
-ms.date: 6/26/2018
+ms.date: 5/9/2019
 ---
-# Windows 10, version 1809, connection endpoints for non-Enterprise editions
+# Windows 10, version 1903, connection endpoints for non-Enterprise editions
 
  **Applies to**
 
-- Windows 10 Home, version 1809
-- Windows 10 Professional, version 1809
-- Windows 10 Education, version 1809
+- Windows 10 Home, version 1903
+- Windows 10 Professional, version 1903
+- Windows 10 Education, version 1903
 
-In addition to the endpoints listed for [Windows 10 Enterprise](manage-windows-1809-endpoints.md), the following endpoints are available on other editions of Windows 10, version 1809.
+In addition to the endpoints listed for [Windows 10 Enterprise](manage-windows-1903-endpoints.md), the following endpoints are available on other editions of Windows 10, version 1903.
 
 We used the following methodology to derive these network endpoints:
 

From 455b7236ea01925b0814ebb968321986a6e2f357 Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Thu, 9 May 2019 16:57:41 -0700
Subject: [PATCH 025/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services.md

---
 ...ating-system-components-to-microsoft-services.md | 13 ++++---------
 1 file changed, 4 insertions(+), 9 deletions(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
index 72bb0cefbe..1cd88e5243 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
@@ -39,9 +39,6 @@ However, some of the settings reduce the functionality and security configuratio
 Make sure you've chosen the right settings configuration for your environment before applying.
 You should not extract this package to the windows\\system32 folder because it will not apply correctly.
 
->[!IMPORTANT]
-> As part of the [Windows Restricted Traffic Limited Functionality Baseline](https://go.microsoft.com/fwlink/?linkid=828887), MDM functionallity is disabled. If you manage devices through MDM, make sure [cloud notifications are enabled](#bkmk-priv-notifications).
-
 Applying the Windows Restricted Traffic Limited Functionality Baseline is the same as applying each setting covered in this article.
 It is recommended that you restart a device after making configuration changes to it.
 Note that **Get Help** and **Give us Feedback** links no longer work after the Windows Restricted Traffic Limited Functionality Baseline is applied.
@@ -56,8 +53,6 @@ The following sections list the components that make network connections to Micr
 
 The following table lists management options for each setting, beginning with Windows 10 Enterprise version 1607.
 
->[!NOTE]
->For some settings, MDM policies only partly cover capabilities available through Group Policy. See each setting’s section for more details.
 
 | Setting | UI | Group Policy | Registry | 
 | - | :-: | :-: | :-: | 
@@ -268,7 +263,7 @@ On Windows Server 2016 Nano Server:
 
 ### <a href="" id="bkmk-cortana"></a>2. Cortana and Search
 
-Use either Group Policy or MDM policies to manage settings for Cortana. For more info, see [Cortana, Search, and privacy: FAQ](https://go.microsoft.com/fwlink/p/?LinkId=730683).
+Use Group Policies to manage settings for Cortana. For more info, see [Cortana, Search, and privacy: FAQ](https://go.microsoft.com/fwlink/p/?LinkId=730683).
 
 ### <a href="" id="bkmk-cortana-gp"></a>2.1 Cortana and Search Group Policies
 
@@ -558,7 +553,7 @@ To disable the Microsoft Account Sign-In Assistant:
 
 ### <a href="" id="bkmk-edge"></a>13. Microsoft Edge
 
-Use either Group Policy or MDM policies to manage settings for Microsoft Edge. For more info, see [Microsoft Edge and privacy: FAQ](https://go.microsoft.com/fwlink/p/?LinkId=730682).
+Use Group Policies to manage settings for Microsoft Edge. For more info, see [Microsoft Edge and privacy: FAQ](https://go.microsoft.com/fwlink/p/?LinkId=730682).
 
 ### <a href="" id="bkmk-edgegp"></a>13.1 Microsoft Edge Group Policies
 
@@ -1643,7 +1638,7 @@ To disable Windows Defender Smartscreen:
 
 ### <a href="" id="bkmk-spotlight"></a>25. Windows Spotlight
 
-Windows Spotlight provides features such as different background images and text on the lock screen, suggested apps, Microsoft account notifications, and Windows tips. You can control it by using the user interface, MDM policy, or through Group Policy.
+Windows Spotlight provides features such as different background images and text on the lock screen, suggested apps, Microsoft account notifications, and Windows tips. You can control it by using the user interface or Group Policy.
 
 If you're running Windows 10, version 1607 or later, you need to: 
 
@@ -1765,7 +1760,7 @@ Windows Update Delivery Optimization lets you get Windows updates and Microsoft
 
 By default, PCs running Windows 10 Enterprise and Windows 10 Education will only use Delivery Optimization to get and receive updates for PCs and apps on your local network.
 
-Use the UI, Group Policy, MDM policies, or Windows Provisioning to set up Delivery Optimization.
+Use the UI, Group Policy, or Registry Keys to set up Delivery Optimization.
 
 In Windows 10 version 1607 and above you can stop network traffic related to Windows Update Delivery Optimization by setting **Download Mode** to  **Bypass** (100), as described below.
 

From 3c8fc7a4ed6263938d394c3edb28ce1e49d77d37 Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Thu, 9 May 2019 19:08:30 -0700
Subject: [PATCH 026/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services.md

---
 ...ows-operating-system-components-to-microsoft-services.md | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
index 1cd88e5243..e86b33a16f 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
@@ -96,7 +96,7 @@ The following table lists management options for each setting, beginning with Wi
 | &nbsp;&nbsp;&nbsp;&nbsp;[18.20 App Diagnostics](#bkmk-priv-diag) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |  ![Check mark](images/checkmark.png) | 
 | &nbsp;&nbsp;&nbsp;&nbsp;[18.21 Inking & Typing](#bkmk-priv-ink) | ![Check mark](images/checkmark.png) | |  ![Check mark](images/checkmark.png) | 
 | [19. Software Protection Platform](#bkmk-spp) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
-| [20. Storage Health](#bkmk-storage-health) | | ![Check mark](images/checkmark.png) |  |  |
+| [20. Storage Health](#bkmk-storage-health) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |  |
 | [21. Sync your settings](#bkmk-syncsettings) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
 | [22. Teredo](#bkmk-teredo) | | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) |
 | [23. Wi-Fi Sense](#bkmk-wifisense) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | 
@@ -129,7 +129,7 @@ See the following table for a summary of the management settings for Windows Ser
 | [18. Settings > Privacy](#bkmk-settingssection) | | | |
 | &nbsp;&nbsp;&nbsp;&nbsp;[18.1 General](#bkmk-general) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
 | [19. Software Protection Platform](#bkmk-spp) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| [20. Teredo](#bkmk-teredo) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [22. Teredo](#bkmk-teredo) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
 | [24. Windows Defender](#bkmk-defender) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
 | [26. Microsoft Store](#bkmk-windowsstore) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
 | &nbsp;&nbsp;&nbsp;&nbsp;[26.1 Apps for websites](#bkmk-apps-for-websites) | | ![Check mark](images/checkmark.png) |  |
@@ -1488,7 +1488,7 @@ For Windows 10:
 
   -or-
 
-- Create a REG_DWORD registry setting named **AllowDiskHealthModelUpdates** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\StorageHealth** with a value of 0.
+- Create a REG_DWORD registry setting named **AllowDiskHealthModelUpdates** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\StorageHealth** with a **value of 0**.
 
 ### <a href="" id="bkmk-syncsettings"></a>21. Sync your settings
 

From bb3fc68af11c27d207e9b245ab56a43affc54c69 Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Thu, 9 May 2019 19:15:11 -0700
Subject: [PATCH 027/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services.md

---
 ...perating-system-components-to-microsoft-services.md | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
index e86b33a16f..5964599ef4 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
@@ -96,9 +96,9 @@ The following table lists management options for each setting, beginning with Wi
 | &nbsp;&nbsp;&nbsp;&nbsp;[18.20 App Diagnostics](#bkmk-priv-diag) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |  ![Check mark](images/checkmark.png) | 
 | &nbsp;&nbsp;&nbsp;&nbsp;[18.21 Inking & Typing](#bkmk-priv-ink) | ![Check mark](images/checkmark.png) | |  ![Check mark](images/checkmark.png) | 
 | [19. Software Protection Platform](#bkmk-spp) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
-| [20. Storage Health](#bkmk-storage-health) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |  |
+| [20. Storage Health](#bkmk-storage-health) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
 | [21. Sync your settings](#bkmk-syncsettings) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
-| [22. Teredo](#bkmk-teredo) | | ![Check mark](images/checkmark.png) | | ![Check mark](images/checkmark.png) |
+| [22. Teredo](#bkmk-teredo) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
 | [23. Wi-Fi Sense](#bkmk-wifisense) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | 
 | [24. Windows Defender](#bkmk-defender) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
 | &nbsp;&nbsp;&nbsp;&nbsp;[24.1 Windows Defender Smartscreen](#bkmk-defender-smartscreen) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
@@ -146,7 +146,7 @@ See the following table for a summary of the management settings for Windows Ser
 | [6. Font streaming](#font-streaming) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
 | [14. Network Connection Status Indicator](#bkmk-ncsi) | ![Check mark](images/checkmark.png) | |
 | [19. Software Protection Platform](#bkmk-spp) | ![Check mark](images/checkmark.png) |
-| [22. Teredo](#bkmk-teredo) | ![Check mark](images/checkmark.png) | |
+| [22. Teredo](#bkmk-teredo) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
 | [24. Windows Defender](#bkmk-defender) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
 | [28. Windows Update](#bkmk-wu) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
 
@@ -158,7 +158,7 @@ See the following table for a summary of the management settings for Windows Ser
 | - | :-: |  
 | [1. Automatic Root Certificates Update](#automatic-root-certificates-update) | ![Check mark](images/checkmark.png) |
 | [3. Date & Time](#bkmk-datetime) | ![Check mark](images/checkmark.png) |
-| [22. Teredo](#bkmk-teredo) | |
+| [22. Teredo](#bkmk-teredo) | ![Check mark](images/checkmark.png) |
 | [28. Windows Update](#bkmk-wu) | ![Check mark](images/checkmark.png) |
 
 ### Settings for Windows Server 2019
@@ -206,7 +206,7 @@ See the following table for a summary of the management settings for Windows Ser
 | &nbsp;&nbsp;&nbsp;&nbsp;[18.20 App Diagnostics](#bkmk-priv-diag) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |  ![Check mark](images/checkmark.png) | 
 | &nbsp;&nbsp;&nbsp;&nbsp;[18.21 Inking & Typing](#bkmk-priv-ink) | | |  ![Check mark](images/checkmark.png) | 
 | [19. Software Protection Platform](#bkmk-spp) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
-| [20. Storage Health](#bkmk-storage-health) | | ![Check mark](images/checkmark.png) |   |
+| [20. Storage Health](#bkmk-storage-health) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png)  |
 | [21. Sync your settings](#bkmk-syncsettings) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
 | [22. Teredo](#bkmk-teredo) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
 | [23. Wi-Fi Sense](#bkmk-wifisense) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |

From 1000661358f37cf87af06bcba38828acb560e92c Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Thu, 9 May 2019 19:19:05 -0700
Subject: [PATCH 028/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services.md

---
 ...windows-operating-system-components-to-microsoft-services.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
index 5964599ef4..ef98f3c09d 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
@@ -99,7 +99,7 @@ The following table lists management options for each setting, beginning with Wi
 | [20. Storage Health](#bkmk-storage-health) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
 | [21. Sync your settings](#bkmk-syncsettings) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
 | [22. Teredo](#bkmk-teredo) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| [23. Wi-Fi Sense](#bkmk-wifisense) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | | 
+| [23. Wi-Fi Sense](#bkmk-wifisense) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
 | [24. Windows Defender](#bkmk-defender) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
 | &nbsp;&nbsp;&nbsp;&nbsp;[24.1 Windows Defender Smartscreen](#bkmk-defender-smartscreen) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
 | [25. Windows Spotlight](#bkmk-spotlight) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 

From 5d4ef5882af406a1993bf5d8aa1175265df89e02 Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Thu, 9 May 2019 19:22:58 -0700
Subject: [PATCH 029/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services.md

---
 ...ows-operating-system-components-to-microsoft-services.md | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
index ef98f3c09d..af7aace6a4 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
@@ -104,7 +104,7 @@ The following table lists management options for each setting, beginning with Wi
 | &nbsp;&nbsp;&nbsp;&nbsp;[24.1 Windows Defender Smartscreen](#bkmk-defender-smartscreen) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
 | [25. Windows Spotlight](#bkmk-spotlight) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
 | [26. Microsoft Store](#bkmk-windowsstore) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| &nbsp;&nbsp;&nbsp;&nbsp;[26.1 Apps for websites](#bkmk-apps-for-websites) | | ![Check mark](images/checkmark.png) |  |
+| &nbsp;&nbsp;&nbsp;&nbsp;[26.1 Apps for websites](#bkmk-apps-for-websites) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
 | [27. Windows Update Delivery Optimization](#bkmk-updates) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
 | [28. Windows Update](#bkmk-wu) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
 
@@ -132,7 +132,7 @@ See the following table for a summary of the management settings for Windows Ser
 | [22. Teredo](#bkmk-teredo) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
 | [24. Windows Defender](#bkmk-defender) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
 | [26. Microsoft Store](#bkmk-windowsstore) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| &nbsp;&nbsp;&nbsp;&nbsp;[26.1 Apps for websites](#bkmk-apps-for-websites) | | ![Check mark](images/checkmark.png) |  |
+| &nbsp;&nbsp;&nbsp;&nbsp;[26.1 Apps for websites](#bkmk-apps-for-websites) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
 | [28. Windows Update](#bkmk-wu) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
 
 ### Settings for Windows Server 2016 Server Core
@@ -214,7 +214,7 @@ See the following table for a summary of the management settings for Windows Ser
 | &nbsp;&nbsp;&nbsp;&nbsp;[24.1 Windows Defender Smartscreen](#bkmk-defender-smartscreen) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
 | [25. Windows Spotlight](#bkmk-spotlight) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
 | [26. Microsoft Store](#bkmk-windowsstore) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| &nbsp;&nbsp;&nbsp;&nbsp;[26.1 Apps for websites](#bkmk-apps-for-websites) | | |
+| &nbsp;&nbsp;&nbsp;&nbsp;[26.1 Apps for websites](#bkmk-apps-for-websites) | | ![Check mark](images/checkmark.png) |![Check mark](images/checkmark.png) |
 | [27. Windows Update Delivery Optimization](#bkmk-updates) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
 | [28. Windows Update](#bkmk-wu) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
 

From b6bc7577d870a0007cf4dd4117f29f3f27f4316d Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Thu, 9 May 2019 19:25:53 -0700
Subject: [PATCH 030/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services.md

---
 ...windows-operating-system-components-to-microsoft-services.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
index af7aace6a4..94c2c9f4dd 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
@@ -106,7 +106,7 @@ The following table lists management options for each setting, beginning with Wi
 | [26. Microsoft Store](#bkmk-windowsstore) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
 | &nbsp;&nbsp;&nbsp;&nbsp;[26.1 Apps for websites](#bkmk-apps-for-websites) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
 | [27. Windows Update Delivery Optimization](#bkmk-updates) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
-| [28. Windows Update](#bkmk-wu) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
+| [28. Windows Update](#bkmk-wu) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
 
 
 ### Settings for Windows Server 2016 with Desktop Experience

From 4b445fe8cf340293684880184d40d5fb096a738e Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Thu, 9 May 2019 19:36:36 -0700
Subject: [PATCH 031/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services.md

---
 ...windows-operating-system-components-to-microsoft-services.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
index 94c2c9f4dd..91ea2a2d0a 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
@@ -125,7 +125,7 @@ See the following table for a summary of the management settings for Windows Ser
 | [10. Live Tiles](#live-tiles) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
 | [12. Microsoft Account](#bkmk-microsoft-account) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
 | [14. Network Connection Status Indicator](#bkmk-ncsi) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| [16. OneDrive](#bkmk-onedrive) | | ![Check mark](images/checkmark.png) | |
+| [16. OneDrive](#bkmk-onedrive) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
 | [18. Settings > Privacy](#bkmk-settingssection) | | | |
 | &nbsp;&nbsp;&nbsp;&nbsp;[18.1 General](#bkmk-general) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
 | [19. Software Protection Platform](#bkmk-spp) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |

From 2e7a4cf02e2b44f53b2e9bbdbbe64642ad437c6d Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Thu, 9 May 2019 19:38:28 -0700
Subject: [PATCH 032/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services.md

---
 ...ndows-operating-system-components-to-microsoft-services.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
index 91ea2a2d0a..4f37cf4f5a 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
@@ -144,8 +144,8 @@ See the following table for a summary of the management settings for Windows Ser
 | [1. Automatic Root Certificates Update](#automatic-root-certificates-update) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
 | [3. Date & Time](#bkmk-datetime) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
 | [6. Font streaming](#font-streaming) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| [14. Network Connection Status Indicator](#bkmk-ncsi) | ![Check mark](images/checkmark.png) | |
-| [19. Software Protection Platform](#bkmk-spp) | ![Check mark](images/checkmark.png) |
+| [14. Network Connection Status Indicator](#bkmk-ncsi) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [19. Software Protection Platform](#bkmk-spp) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
 | [22. Teredo](#bkmk-teredo) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
 | [24. Windows Defender](#bkmk-defender) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
 | [28. Windows Update](#bkmk-wu) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |

From cbac0ad6f2f8e9a057a565e7239504376228330c Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Thu, 9 May 2019 19:40:59 -0700
Subject: [PATCH 033/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services.md

---
 ...windows-operating-system-components-to-microsoft-services.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
index 4f37cf4f5a..01593aa1b1 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
@@ -200,7 +200,7 @@ See the following table for a summary of the management settings for Windows Ser
 | &nbsp;&nbsp;&nbsp;&nbsp;[18.14 Radios](#bkmk-priv-radios) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
 | &nbsp;&nbsp;&nbsp;&nbsp;[18.15 Other devices](#bkmk-priv-other-devices) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
 | &nbsp;&nbsp;&nbsp;&nbsp;[18.16 Feedback & diagnostics](#bkmk-priv-feedback) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.17 Background apps](#bkmk-priv-background) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | |
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.17 Background apps](#bkmk-priv-background) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
 | &nbsp;&nbsp;&nbsp;&nbsp;[18.18 Motion](#bkmk-priv-motion) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
 | &nbsp;&nbsp;&nbsp;&nbsp;[18.19 Tasks](#bkmk-priv-tasks) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |  ![Check mark](images/checkmark.png) | 
 | &nbsp;&nbsp;&nbsp;&nbsp;[18.20 App Diagnostics](#bkmk-priv-diag) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |  ![Check mark](images/checkmark.png) | 

From 36d3fb430d2bd55ce4cc1c1c15cf37b35fd07822 Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Thu, 9 May 2019 19:42:23 -0700
Subject: [PATCH 034/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services.md

---
 ...windows-operating-system-components-to-microsoft-services.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
index 01593aa1b1..5a69fa7d6e 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
@@ -204,7 +204,7 @@ See the following table for a summary of the management settings for Windows Ser
 | &nbsp;&nbsp;&nbsp;&nbsp;[18.18 Motion](#bkmk-priv-motion) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
 | &nbsp;&nbsp;&nbsp;&nbsp;[18.19 Tasks](#bkmk-priv-tasks) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |  ![Check mark](images/checkmark.png) | 
 | &nbsp;&nbsp;&nbsp;&nbsp;[18.20 App Diagnostics](#bkmk-priv-diag) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |  ![Check mark](images/checkmark.png) | 
-| &nbsp;&nbsp;&nbsp;&nbsp;[18.21 Inking & Typing](#bkmk-priv-ink) | | |  ![Check mark](images/checkmark.png) | 
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.21 Inking & Typing](#bkmk-priv-ink) | ![Check mark](images/checkmark.png) | |  ![Check mark](images/checkmark.png) | 
 | [19. Software Protection Platform](#bkmk-spp) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
 | [20. Storage Health](#bkmk-storage-health) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png)  |
 | [21. Sync your settings](#bkmk-syncsettings) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |

From cdecc3168902b9c4de822b9696641cd71f8873e7 Mon Sep 17 00:00:00 2001
From: Justin Hall <justinha@microsoft.com>
Date: Fri, 10 May 2019 15:25:55 -0700
Subject: [PATCH 035/157] new topic for multiple policies

---
 .../TOC.md                                    |  1 +
 ...s-defender-application-control-policies.md | 43 +++++++++++++++++++
 ...improvements-in-windows-10-version-1903.md | 25 +----------
 3 files changed, 45 insertions(+), 24 deletions(-)
 create mode 100644 windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies.md

diff --git a/windows/security/threat-protection/windows-defender-application-control/TOC.md b/windows/security/threat-protection/windows-defender-application-control/TOC.md
index 89a1b3bafb..bdaf9c0a68 100644
--- a/windows/security/threat-protection/windows-defender-application-control/TOC.md
+++ b/windows/security/threat-protection/windows-defender-application-control/TOC.md
@@ -16,6 +16,7 @@
 #### [Microsoft recommended block rules](microsoft-recommended-block-rules.md)
 ### [Audit WDAC policies](audit-windows-defender-application-control-policies.md)
 ### [Merge WDAC policies](merge-windows-defender-application-control-policies.md)
+### [Deploy multiple WDAC policies](deploy-multiple-windows-defender-application-control-policies.md)
 ### [Enforce WDAC policies](enforce-windows-defender-application-control-policies.md)
 ### [Deploy WDAC with a managed installer](use-windows-defender-application-control-with-managed-installer.md)
 ### [Deploy WDAC with Intelligent Security Graph (ISG)](use-windows-defender-application-control-with-intelligent-security-graph.md)
diff --git a/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies.md b/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies.md
new file mode 100644
index 0000000000..a542e82236
--- /dev/null
+++ b/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies.md
@@ -0,0 +1,43 @@
+---
+title: Deploy multiple Windows Defender Application Control Policies  (Windows 10)
+description: Windows Defender Application Control supports multiple code integrity policies for one device.
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.localizationpriority: medium
+author: jsuther1974
+ms.date: 05/10/2019
+---
+
+# Deploy multiple Windows Defender Application Control Policies 
+
+**Applies to:**
+
+-   Windows 10
+-   Windows Server 2016
+
+>[!IMPORTANT]
+>Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
+
+Beginning with Windows 10 version 1903, WDAC supports multiple code integrity policies for one device. 
+
+## Precedence
+
+- Multiple base policies: intersection
+  - Only applications allowed by both policies run without generating block events
+- Base + supplemental policy: union
+  - Files that are allowed by the base policy or the supplemental policy are not blocked
+
+## Newly Supported Scenarios
+
+WDAC brings you the ability to support multiple CI policies. Three scenarios are now supported:
+
+1.	Enforce and Audit Side-by-Side (Intersection)
+    - To validate policy changes before deploying in enforcement mode, deploy an audit-mode base policy side-by-side with an existing enforcement-mode base policy
+2.	Multiple Base Policies (Intersection)
+    - Enforce two or more base policies simultaneously to allow simpler policy targeting for policies with different scope/intent
+    - Ex. Base1 is a corporate standard policy that is relatively loose to accommodate all organizations while forcing minimum corp standards (e.g. Windows works + Managed Installer + path rules). Base2 is a team-specific policy that further restricts what is allowed to run (e.g. Windows works + Managed Installer + corporate signed apps only)
+3.	Supplemental Policies (Union)
+    - Deploy a supplemental policy (or policies) to expand a base policy
+    - Ex. The Azure host base policy restricts tightly to just allow Windows and hardware drivers. Can add a supplemental policy to allow just the additional signer rules needed to support signed code from the Exchange team.
diff --git a/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-improvements-in-windows-10-version-1903.md b/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-improvements-in-windows-10-version-1903.md
index b563a2c54f..95d58415d4 100644
--- a/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-improvements-in-windows-10-version-1903.md
+++ b/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-improvements-in-windows-10-version-1903.md
@@ -7,7 +7,7 @@ ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
 author: jsuther1974
-ms.date: 05/06/2018
+ms.date: 05/06/2019
 ---
 
 # Windows Defender Application Control improvements in Windows 10 version 1903 
@@ -61,29 +61,6 @@ Beginning with Windows 10 version 1903, Windows Defender Application Control (WD
   Set-RuleOption -o 18 .\policy.xml
   ```
 
-## Multiple Policies
-
-Beginning with Windows 10 version 1903, WDAC supports multiple code integrity policies for one device. 
-
-### Precedence
-
-- Multiple base policies: intersection
-  - Only applications allowed by both policies run without generating block events
-- Base + supplemental policy: union
-  - Files that are allowed by the base policy or the supplemental policy are not blocked
-
-### Newly Supported Scenarios
-
-WDAC brings you the ability to support multiple CI policies. Three scenarios are now supported:
-
-1.	Enforce and Audit Side-by-Side (Intersection)
-    - To validate policy changes before deploying in enforcement mode, deploy an audit-mode base policy side-by-side with an existing enforcement-mode base policy
-2.	Multiple Base Policies (Intersection)
-    - Enforce two or more base policies simultaneously to allow simpler policy targeting for policies with different scope/intent
-    - Ex. Base1 is a corporate standard policy that is relatively loose to accommodate all organizations while forcing minimum corp standards (e.g. Windows works + Managed Installer + path rules). Base2 is a team-specific policy that further restricts what is allowed to run (e.g. Windows works + Managed Installer + corporate signed apps only)
-3.	Supplemental Policies (Union)
-    - Deploy a supplemental policy (or policies) to expand a base policy
-    - Ex. The Azure host base policy restricts tightly to just allow Windows and hardware drivers. Can add a supplemental policy to allow just the additional signer rules needed to support signed code from the Exchange team.
 
 ## COM Whitelisting
 

From 30fc0eb470c713b6033ea489012349cee8376656 Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Mon, 13 May 2019 11:31:03 -0700
Subject: [PATCH 036/157] Update TOC.md

---
 windows/privacy/TOC.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/windows/privacy/TOC.md b/windows/privacy/TOC.md
index 35561d07af..b687b5bc1b 100644
--- a/windows/privacy/TOC.md
+++ b/windows/privacy/TOC.md
@@ -20,7 +20,9 @@
 ### [Connection endpoints for Windows 10, version 1709](manage-windows-1709-endpoints.md)
 ### [Connection endpoints for Windows 10, version 1803](manage-windows-1803-endpoints.md)
 ### [Connection endpoints for Windows 10, version 1809](manage-windows-1809-endpoints.md)
+### [Connection endpoints for Windows 10, version 1903](manage-windows-1903-endpoints.md)
 ### [Windows 10, version 1709, connection endpoints for non-Enterprise editions](windows-endpoints-1709-non-enterprise-editions.md)
 ### [Windows 10, version 1803, connection endpoints for non-Enterprise editions](windows-endpoints-1803-non-enterprise-editions.md)
 ### [Windows 10, version 1809, connection endpoints for non-Enterprise editions](windows-endpoints-1809-non-enterprise-editions.md)
+### [Windows 10, version 1903, connection endpoints for non-Enterprise editions](windows-endpoints-1903-non-enterprise-editions.md)
 ## [Manage connections from Windows operating system components to Microsoft services](manage-connections-from-windows-operating-system-components-to-microsoft-services.md)

From 7c68158598ccd74ed8ca65bb5ded545479bf40cf Mon Sep 17 00:00:00 2001
From: Justin Hall <justinha@microsoft.com>
Date: Tue, 14 May 2019 18:08:00 -0700
Subject: [PATCH 037/157] new pages

---
 .../TOC.md                                    |   2 +
 .../com-whitelisting.md                       |  60 ++++++
 .../create-path-based-rules.md                |  59 +++++
 ...s-defender-application-control-policies.md |  70 +++++-
 ...th-windows-defender-application-control.md |  45 +++-
 ...improvements-in-windows-10-version-1903.md | 201 +-----------------
 6 files changed, 237 insertions(+), 200 deletions(-)
 create mode 100644 windows/security/threat-protection/windows-defender-application-control/com-whitelisting.md
 create mode 100644 windows/security/threat-protection/windows-defender-application-control/create-path-based-rules.md

diff --git a/windows/security/threat-protection/windows-defender-application-control/TOC.md b/windows/security/threat-protection/windows-defender-application-control/TOC.md
index bdaf9c0a68..5644387f36 100644
--- a/windows/security/threat-protection/windows-defender-application-control/TOC.md
+++ b/windows/security/threat-protection/windows-defender-application-control/TOC.md
@@ -13,11 +13,13 @@
 ### [Types of devices](types-of-devices.md)
 ###Use WDAC with custom policies
 #### [Create an initial default policy](create-initial-default-policy.md)
+#### [Create path-based rules](create-path-based-rules.md)
 #### [Microsoft recommended block rules](microsoft-recommended-block-rules.md)
 ### [Audit WDAC policies](audit-windows-defender-application-control-policies.md)
 ### [Merge WDAC policies](merge-windows-defender-application-control-policies.md)
 ### [Deploy multiple WDAC policies](deploy-multiple-windows-defender-application-control-policies.md)
 ### [Enforce WDAC policies](enforce-windows-defender-application-control-policies.md)
+### [COM whitelisting](com-whitelisting.md)
 ### [Deploy WDAC with a managed installer](use-windows-defender-application-control-with-managed-installer.md)
 ### [Deploy WDAC with Intelligent Security Graph (ISG)](use-windows-defender-application-control-with-intelligent-security-graph.md)
 ### [Deploy WDAC policies using Group Policy](deploy-windows-defender-application-control-policies-using-group-policy.md)
diff --git a/windows/security/threat-protection/windows-defender-application-control/com-whitelisting.md b/windows/security/threat-protection/windows-defender-application-control/com-whitelisting.md
new file mode 100644
index 0000000000..9cd8ba8357
--- /dev/null
+++ b/windows/security/threat-protection/windows-defender-application-control/com-whitelisting.md
@@ -0,0 +1,60 @@
+---
+title: Windows Defender Application Control path-based rules (Windows 10)
+description: Windows Defender Application Control restricts which applications users are allowed to run and the code that runs in the system core.
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.localizationpriority: medium
+author: jsuther1974
+ms.date: 05/14/2019
+---
+
+# COM Whitelisting
+
+**Applies to:**
+
+-   Windows 10
+-   Windows Server 2016
+
+>[!IMPORTANT]
+>Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
+
+The [Microsoft Component Object Model (COM)](https://docs.microsoft.com/windows/desktop/com/the-component-object-model) is a platform-independent, distributed, object-oriented system for creating binary software components that can interact. COM specifies an object model and programming requirements that enable COM objects to interact with other objects.
+
+Get GUID of application to allow by either:
+- Finding block event in Event Viewer (Application and Service Logs > Microsoft > Windows > AppLocker > MSI and Script) and extracting GUID
+- Creating audit policy (using New-CIPolicy –Audit), potentially with specific provider, and use info from block events to get GUID
+
+### Author setting
+
+Three elements:
+- Provider: platform on which code is running (values are  Powershell, WSH, IE, VBA, MSI, or a wildcard “AllHostIds”)
+- Key: GUID for the program you with to run, in the format Key="{33333333-4444-4444-1616-161616161616}"
+- ValueName: needs to be set to "EnterpriseDefinedClsId"
+One attribute:
+- Value: needs to be “true” for allow and “false” for deny
+  Note: without quotation marks
+  Note: deny only works in base policies
+- The setting needs to be placed in the order of ASCII values, first by Provider, then Key, then ValueName
+
+### Examples
+
+```xml
+    <Setting Provider="AllHostIds" Key="AllKeys" ValueName="EnterpriseDefinedClsId">
+      <Value>
+        <Boolean>true</Boolean>
+      </Value>
+    </Setting>
+    <Setting Provider="IE" Key="{00000000-4444-4444-1616-161616161616}" ValueName="EnterpriseDefinedClsId">
+      <Value>
+        <Boolean>false</Boolean>
+      </Value>
+    </Setting>
+    <Setting Provider="PowerShell" Key="{33333333-4444-4444-1616-161616161616}" ValueName="EnterpriseDefinedClsId">
+      <Value>
+        <Boolean>true</Boolean>
+      </Value>
+    </Setting>
+```
+
diff --git a/windows/security/threat-protection/windows-defender-application-control/create-path-based-rules.md b/windows/security/threat-protection/windows-defender-application-control/create-path-based-rules.md
new file mode 100644
index 0000000000..852c003dc0
--- /dev/null
+++ b/windows/security/threat-protection/windows-defender-application-control/create-path-based-rules.md
@@ -0,0 +1,59 @@
+---
+title: Windows Defender Application Control path-based rules (Windows 10)
+description: Beginning with Windows 10 version 1903, Windows Defender Application Control (WDAC) policies can contain path-based rules.
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.localizationpriority: medium
+author: jsuther1974
+ms.date: 05/14/2019
+---
+
+# Create Windows Defender Application Control path-based rules 
+
+**Applies to:**
+
+-   Windows 10
+-   Windows Server 2016
+
+>[!IMPORTANT]
+>Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
+
+Beginning with Windows 10 version 1903, Windows Defender Application Control (WDAC) policies can contain path-based rules.
+
+- New-CIPolicy parameters
+  - FilePath: create path rules under path \<path to scan> for anything not user-writeable (at the individual file level)
+    ```powershell
+    New-CIPolicy -f .\mypolicy.xml -l FilePath -s <path to scan> -u
+    ```
+    Optionally, add -UserWriteablePaths to ignore user writeability
+
+  - FilePathRule: create a rule where filepath string is directly set to value of \<any path string>
+    ```powershell
+    New-CIPolicyRule -FilePathRule <any path string>
+    ```
+    Useful for wildcards like C:\foo\\*
+
+- Usage follows the same flow as per-app rules:
+  ```powershell
+  $rules = New-CIPolicyRule …
+  $rules += New-CIPolicyRule …
+  …
+  New-CIPolicyRule -f .\mypolicy.xml -u
+  ```
+
+- Wildcards supported
+  - Suffix (ex. C:\foo\\*) OR Prefix (ex. *\foo\bar.exe)
+    - One or the other, not both at the same time
+    - Does not support wildcard in the middle (ex. C:\\*\foo.exe)
+  - Examples:
+    - %WINDIR%\\...
+    - %SYSTEM32%\\...
+    - %OSDRIVE%\\...
+
+- Disable default FilePath rule protection of enforcing user-writeability. For example, to add “Disabled:Runtime FilePath Rule Protection” to the policy:
+  ```powershell
+  Set-RuleOption -o 18 .\policy.xml
+  ```
+
diff --git a/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies.md b/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies.md
index a542e82236..7408abf167 100644
--- a/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies.md
+++ b/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies.md
@@ -29,9 +29,9 @@ Beginning with Windows 10 version 1903, WDAC supports multiple code integrity po
 - Base + supplemental policy: union
   - Files that are allowed by the base policy or the supplemental policy are not blocked
 
-## Newly Supported Scenarios
+## Newly supported scenarios
 
-WDAC brings you the ability to support multiple CI policies. Three scenarios are now supported:
+With the ability to support multiple CI policies, three new scenarios are supported:
 
 1.	Enforce and Audit Side-by-Side (Intersection)
     - To validate policy changes before deploying in enforcement mode, deploy an audit-mode base policy side-by-side with an existing enforcement-mode base policy
@@ -41,3 +41,69 @@ WDAC brings you the ability to support multiple CI policies. Three scenarios are
 3.	Supplemental Policies (Union)
     - Deploy a supplemental policy (or policies) to expand a base policy
     - Ex. The Azure host base policy restricts tightly to just allow Windows and hardware drivers. Can add a supplemental policy to allow just the additional signer rules needed to support signed code from the Exchange team.
+
+## PowerShell parameters
+
+New-CIPolicy
+- MultiplePolicyFormat: allows for multiple policies
+
+```powershell
+New-CIPolicy [-FilePath] <string> -Level {None | Hash | FileName | SignedVersion | Publisher | FilePublisher | LeafCertificate | PcaCertificate | RootCertificate | WHQL | WHQLPublisher | WHQLFilePublisher | PFN | FilePath}
+   [-DriverFiles <DriverFile[]>] [-Fallback {None | Hash | FileName | SignedVersion | Publisher | FilePublisher | LeafCertificate | PcaCertificate | RootCertificate | WHQL | WHQLPublisher | WHQLFilePublisher | PFN | FilePath}]
+   [-Audit] [-ScanPath <string>] [-ScriptFileNames] [-AllowFileNameFallbacks] [-SpecificFileNameLevel {None | OriginalFileName | InternalName | FileDescription | ProductName | PackageFamilyName | FilePath}] [-UserPEs] [-NoScript]
+   [-Deny] [-NoShadowCopy] [-MultiplePolicyFormat] [-OmitPaths <string[]>] [-PathToCatroot <string>]  [<CommonParameters>] – to generate new policy format(base policy and policy type and policy guid)
+```
+
+Set-CIPolicyIdInfo
+- **SupplementsBasePolicyID**: guid of new supplemental policy
+- **BasePolicyToSupplementPath**: base policy that the supplemental policy applies to
+- **ResetPolicyID**: reset the policy guids back to a random guid
+
+```powershell
+Set-CIPolicyIdInfo [-FilePath] <string> [-PolicyName <string>] [-SupplementsBasePolicyID <guid>] [-BasePolicyToSupplementPath <string>] [-ResetPolicyID] [-PolicyId <string>]  [<CommonParameters>]
+```
+
+Add-SignerRule
+- **Supplemental**: provides supplemental signers
+
+```powershell
+Add-SignerRule -FilePath <string> -CertificatePath <string> [-Kernel] [-User] [-Update] [-Supplemental] [-Deny]  [<CommonParameters>] 
+```
+
+Set-RuleOption
+- **Enabled:Allow Supplemental Policies**: makes base policy able to be supplemented
+
+### Examples
+
+**Scenario #1: Creating a new base policy**
+
+```powershell
+New-CiPolicy -MulitplePolicyFormat -foo –bar
+```
+
+- **MultiplePolicyFormat** switch results in 1) random GUIDs being generated for the policy ID and 2) the policy type being specified as base.
+  Can optionally choose to make it supplementable:
+  - Set-RuleOption has a new option **Enabled:Allow Supplemental Policies** to set for base policy
+- For signed policies that are being made supplementable, need to ensure that supplemental signers are defined. Use “Add-SignerRule” to provide supplemental signers.
+  ```powershell
+  Add-SignerRule -FilePath <string> -CertificatePath <string> [-Kernel] [-User] [-Update] [-Supplemental] [-Deny]  [<CommonParameters>]
+  ```
+
+**Scenario #2: Creating a new supplemental policy**
+
+1. Scan using `New-CiPolicy –MuliplePolicyFormat` to generate a base policy:
+   ```powershell
+   New-CIPolicy -Level PcaCertificate -UserPEs -ScanPath <path> -MultiplePolicyFormat 3> <path\CIPolicyLog.txt> -FilePath <path\SupplementalPolicy.xml>
+   ```
+2. Change this new base policy to a supplemental policy
+   - Provide path of base in `Set-CIPolicyIdInfo –BasePolicytoSupplementPath`
+   - Provide GUID of base in `Set-CIPolicyIdInfo –SupplementsBasePolicyID`
+   ```powershell
+   Set-CIPolicyIdInfo -BasePolicyToSupplementPath <path\SupplementalPolicy.xml> -SupplementsBasePolicyID <BasePolicyID> -FilePath <path\SupplementalPolicy.xml>
+   ```   
+   - Can revert the policy back to being a base policy using `-ResetPolicyID`
+   
+**Scenario #3: Merging policies**
+
+- When merging, the policy type and ID of the leftmost/first policy specified is used
+  - If the leftmost is a base policy with ID <ID>, then regardless of what the GUIDS and types are for any subsequent policies, the merged policy will be a base policy with ID <ID>
diff --git a/windows/security/threat-protection/windows-defender-application-control/manage-packaged-apps-with-windows-defender-application-control.md b/windows/security/threat-protection/windows-defender-application-control/manage-packaged-apps-with-windows-defender-application-control.md
index 718fc4a51c..0cac5a2d54 100644
--- a/windows/security/threat-protection/windows-defender-application-control/manage-packaged-apps-with-windows-defender-application-control.md
+++ b/windows/security/threat-protection/windows-defender-application-control/manage-packaged-apps-with-windows-defender-application-control.md
@@ -8,7 +8,7 @@ ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
 author: jsuther1974
-ms.date: 05/03/2018
+ms.date: 05/14/2019
 ---
 
 # Manage packaged apps with Windows Defender Application Control 
@@ -48,3 +48,46 @@ Just as there are differences in managing each rule collection, you need to mana
 
 3.  Continue to update the WDAC policies as new package apps are introduced into your environment. To do this, see [Merge WDAC policies](merge-windows-defender-application-control-policies.md).
 
+## Blocking packaged apps
+
+You can use `New-CIPolicyRule -Package $Package -Deny` to block packaged apps:
+
+1. Get the info about an installed package.
+   ```powershell
+   $package = Get-AppxPackage -name <netflix>
+   ```
+   Dependencies field in output is full Package object, can be accessed and passed directly to New-CIPolicyRule.
+2. Make a rule.
+   ```powershell   
+   $Rule = New-CIPolicyRule -Package $package -deny
+   ```
+3. Repeat for other packages you want to block using $rule +=…. 
+4. Make a policy for just the blocks you created for packages.   
+   ```powershell
+   New-CIpolicy -rules $rule -f .\policy.xml -u
+   ```
+5. Merge with allow windows policy, or you could also use examplepolicies\AllowAll.xml.
+   ```powershell
+   Merge-CIPolicy -PolicyPaths .\policy.xml,C:\windows\Schemas\codeintegrity\examplepolicies\DefaultWindows_Audit.xml -o allowWindowsDenyPackages.xml
+   ```
+6. Disable audit mode.
+   ```powershell
+   Set-RuleOption -o 3 -Delete .\allowWindowsDenyPackages.xml
+   ```
+7. Enable invalidate EAs on reboot.
+   ```powershell
+   Set-RuleOption -o 15 .\allowWindowsDenyPackages.xml 
+   ```
+8. Compile the policy
+   ```powershell
+   ConvertFrom-CIPolicy .\AllowWindowsDenyPackages.xml C:\compiledpolicy.bin
+   ```
+9. Install the policy withwout restarting.
+   ```powershell
+   Invoke-CimMethod -Namespace root\Microsoft\Windows\CI -ClassName PS_UpdateAndCompareCIPolicy -MethodName Update -Arguments @{FilePath = "C:\compiledpolicy.bin"}
+   ```
+
+After doing this on the next build of Dev3, for the apps that you blocked, already installed apps should fail to launch, and should you put this policy on another machine that hasn’t yet installed the apps, store should block them from being purchased/installed.
+If you wanted to make a rule for an app that isn’t already installed, first make a rule for an app that is. Then for the app you want to actually block take the store URL (from store page click … then share, then copy link to get something like: https://www.microsoft.com/store/productId/9WZDNCRFJ3TJ) and grab the hash code at the end (in bold) then replace the bolded bit below:
+https://bspmts.mp.microsoft.com/v1/public/catalog/Retail/Products/9wzdncrfj3tj/applockerdata
+then grab packagefamilyname and replace the one in the xml you got in step 4 with the PFN from the link above, then run through 5-9 again.
diff --git a/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-improvements-in-windows-10-version-1903.md b/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-improvements-in-windows-10-version-1903.md
index 95d58415d4..810e645612 100644
--- a/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-improvements-in-windows-10-version-1903.md
+++ b/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-improvements-in-windows-10-version-1903.md
@@ -1,16 +1,16 @@
 ---
-title: Windows Defender Application Control improvements in Windows 10 version 1903 (Windows 10)
-description: Windows Defender Application Control restricts which applications users are allowed to run and the code that runs in the system core.
+title: Windows Defender Application Control Frequently asked questions (Windows 10)
+description: Frequently asked questions.
 ms.prod: w10
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
 author: jsuther1974
-ms.date: 05/06/2019
+ms.date: 05/14/2019
 ---
 
-# Windows Defender Application Control improvements in Windows 10 version 1903 
+# Frequently asked questions 
 
 **Applies to:**
 
@@ -20,199 +20,6 @@ ms.date: 05/06/2019
 >[!IMPORTANT]
 >Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
 
-This topic covers improvements introduced in Windows 10, version 1903.
-
-## Path-based rules
-
-Beginning with Windows 10 version 1903, Windows Defender Application Control (WDAC) policies can contain path-based rules.
-
-- New-CIPolicy parameters
-  - FilePath: create path rules under path \<path to scan> for anything not user-writeable (at the individual file level)
-    ```powershell
-    New-CIPolicy -f .\mypolicy.xml -l FilePath -s <path to scan> -u
-    ```
-    Optionally, add -UserWriteablePaths to ignore user writeability
-
-  - FilePathRule: create a rule where filepath string is directly set to value of \<any path string>
-    ```powershell
-    New-CIPolicyRule -FilePathRule <any path string>
-    ```
-    Useful for wildcards like C:\foo\\*
-
-- Usage follows the same flow as per-app rules:
-  ```powershell
-  $rules = New-CIPolicyRule …
-  $rules += New-CIPolicyRule …
-  …
-  New-CIPolicyRule -f .\mypolicy.xml -u
-  ```
-
-- Wildcards supported
-  - Suffix (ex. C:\foo\\*) OR Prefix (ex. *\foo\bar.exe)
-    - One or the other, not both at the same time
-    - Does not support wildcard in the middle (ex. C:\\*\foo.exe)
-  - Examples:
-    - %WINDIR%\\...
-    - %SYSTEM32%\\...
-    - %OSDRIVE%\\...
-
-- Disable default FilePath rule protection of enforcing user-writeability. For example, to add “Disabled:Runtime FilePath Rule Protection” to the policy:
-  ```powershell
-  Set-RuleOption -o 18 .\policy.xml
-  ```
-
-
-## COM Whitelisting
-
-•	https://docs.microsoft.com/en-us/windows/desktop/com/the-component-object-model
-
-Get GUID of application to allow by either:
-- Finding block event in Event Viewer (Application and Service Logs > Microsoft > Windows > AppLocker > MSI and Script) and extracting GUID
-- Creating audit policy (using New-CIPolicy –Audit), potentially with specific provider, and use info from block events to get GUID
-
-### Author setting
-
-Three elements:
-- Provider: platform on which code is running (values are  Powershell, WSH, IE, VBA, MSI, or a wildcard “AllHostIds”)
-- Key: GUID for the program you with to run, in the format Key="{33333333-4444-4444-1616-161616161616}"
-- ValueName: needs to be set to "EnterpriseDefinedClsId"
-One attribute:
-- Value: needs to be “true” for allow and “false” for deny
-  Note: without quotation marks
-  Note: deny only works in base policies
-- The setting needs to be placed in the order of ASCII values, first by Provider, then Key, then ValueName
-
-### Examples
-
-```xml
-    <Setting Provider="AllHostIds" Key="AllKeys" ValueName="EnterpriseDefinedClsId">
-      <Value>
-        <Boolean>true</Boolean>
-      </Value>
-    </Setting>
-    <Setting Provider="IE" Key="{00000000-4444-4444-1616-161616161616}" ValueName="EnterpriseDefinedClsId">
-      <Value>
-        <Boolean>false</Boolean>
-      </Value>
-    </Setting>
-    <Setting Provider="PowerShell" Key="{33333333-4444-4444-1616-161616161616}" ValueName="EnterpriseDefinedClsId">
-      <Value>
-        <Boolean>true</Boolean>
-      </Value>
-    </Setting>
-```
-
-## New PowerShell parameters
-
-New-CIPolicy
-- MultiplePolicyFormat: allows for multiple policies
-
-```powershell
-New-CIPolicy [-FilePath] <string> -Level {None | Hash | FileName | SignedVersion | Publisher | FilePublisher | LeafCertificate | PcaCertificate | RootCertificate | WHQL | WHQLPublisher | WHQLFilePublisher | PFN | FilePath}
-   [-DriverFiles <DriverFile[]>] [-Fallback {None | Hash | FileName | SignedVersion | Publisher | FilePublisher | LeafCertificate | PcaCertificate | RootCertificate | WHQL | WHQLPublisher | WHQLFilePublisher | PFN | FilePath}]
-   [-Audit] [-ScanPath <string>] [-ScriptFileNames] [-AllowFileNameFallbacks] [-SpecificFileNameLevel {None | OriginalFileName | InternalName | FileDescription | ProductName | PackageFamilyName | FilePath}] [-UserPEs] [-NoScript]
-   [-Deny] [-NoShadowCopy] [-MultiplePolicyFormat] [-OmitPaths <string[]>] [-PathToCatroot <string>]  [<CommonParameters>] – to generate new policy format(base policy and policy type and policy guid)
-```
-
-Set-CIPolicyIdInfo
-- **SupplementsBasePolicyID**: guid of new supplemental policy
-- **BasePolicyToSupplementPath**: base policy that the supplemental policy applies to
-- **ResetPolicyID**: reset the policy guids back to a random guid
-
-```powershell
-Set-CIPolicyIdInfo [-FilePath] <string> [-PolicyName <string>] [-SupplementsBasePolicyID <guid>] [-BasePolicyToSupplementPath <string>] [-ResetPolicyID] [-PolicyId <string>]  [<CommonParameters>]
-```
-
-Add-SignerRule
-- **Supplemental**: provides supplemental signers
-
-```powershell
-Add-SignerRule -FilePath <string> -CertificatePath <string> [-Kernel] [-User] [-Update] [-Supplemental] [-Deny]  [<CommonParameters>] 
-```
-
-Set-RuleOption
-- **Enabled:Allow Supplemental Policies**: makes base policy able to be supplemented
-
-### Examples
-
-**Scenario #1: Creating a new base policy**
-
-```powershell
-New-CiPolicy -MulitplePolicyFormat -foo –bar
-```
-
-- **MultiplePolicyFormat** switch results in 1) random GUIDs being generated for the policy ID and 2) the policy type being specified as base.
-  Can optionally choose to make it supplementable:
-  - Set-RuleOption has a new option **Enabled:Allow Supplemental Policies** to set for base policy
-- For signed policies that are being made supplementable, need to ensure that supplemental signers are defined. Use “Add-SignerRule” to provide supplemental signers.
-  ```powershell
-  Add-SignerRule -FilePath <string> -CertificatePath <string> [-Kernel] [-User] [-Update] [-Supplemental] [-Deny]  [<CommonParameters>]
-  ```
-
-**Scenario #2: Creating a new supplemental policy**
-
-1. Scan using `New-CiPolicy –MuliplePolicyFormat` to generate a base policy:
-   ```powershell
-   New-CIPolicy -Level PcaCertificate -UserPEs -ScanPath <path> -MultiplePolicyFormat 3> <path\CIPolicyLog.txt> -FilePath <path\SupplementalPolicy.xml>
-   ```
-2. Change this new base policy to a supplemental policy
-   - Provide path of base in `Set-CIPolicyIdInfo –BasePolicytoSupplementPath`
-   - Provide GUID of base in `Set-CIPolicyIdInfo –SupplementsBasePolicyID`
-   ```powershell
-   Set-CIPolicyIdInfo -BasePolicyToSupplementPath <path\SupplementalPolicy.xml> -SupplementsBasePolicyID <BasePolicyID> -FilePath <path\SupplementalPolicy.xml>
-   ```   
-   - Can revert the policy back to being a base policy using `-ResetPolicyID`
-   
-**Scenario #3: Merging policies**
-
-- When merging, the policy type and ID of the leftmost/first policy specified is used
-  - If the leftmost is a base policy with ID <ID>, then regardless of what the GUIDS and types are for any subsequent policies, the merged policy will be a base policy with ID <ID>
-
-## Packaged App Rules
-
-`New-CIPolicyRule -Package $Package -Deny` to block apps is your best use case, so something like:
-
-1. Get the info about an installed package.
-   ```powershell
-   $package = Get-AppxPackage -name <netflix>
-   ```
-   Dependencies field in output is full Package object, can be accessed and passed directly to New-CIPolicyRule.
-2. Make a rule.
-   ```powershell   
-   $Rule = New-CIPolicyRule -Package $package -deny
-   ```
-3. Repeat for other packages you want to block using $rule +=…. 
-4. Make a policy for just the blocks you created for packages.   
-   ```powershell
-   New-CIpolicy -rules $rule -f .\policy.xml -u
-   ```
-5. Merge with allow windows policy, or you could also use examplepolicies\AllowAll.xml.
-   ```powershell
-   Merge-CIPolicy -PolicyPaths .\policy.xml,C:\windows\Schemas\codeintegrity\examplepolicies\DefaultWindows_Audit.xml -o allowWindowsDenyPackages.xml
-   ```
-6. Disable audit mode.
-   ```powershell
-   Set-RuleOption -o 3 -Delete .\allowWindowsDenyPackages.xml
-   ```
-7. Enable invalidate EAs on reboot.
-   ```powershell
-   Set-RuleOption -o 15 .\allowWindowsDenyPackages.xml 
-   ```
-8. Compile the policy
-   ```powershell
-   ConvertFrom-CIPolicy .\AllowWindowsDenyPackages.xml C:\compiledpolicy.bin
-   ```
-9. Install the policy withwout restarting.
-   ```powershell
-   Invoke-CimMethod -Namespace root\Microsoft\Windows\CI -ClassName PS_UpdateAndCompareCIPolicy -MethodName Update -Arguments @{FilePath = "C:\compiledpolicy.bin"}
-   ```
-
-After doing this on the next build of Dev3, for the apps that you blocked, already installed apps should fail to launch, and should you put this policy on another machine that hasn’t yet installed the apps, store should block them from being purchased/installed.
-If you wanted to make a rule for an app that isn’t already installed, first make a rule for an app that is.  Then for the app you want to actually block take the store URL (from store page click … then share, then copy link to get something like: https://www.microsoft.com/store/productId/9WZDNCRFJ3TJ) and grab the hash code at the end (in bold) then replace the bolded bit below:
-https://bspmts.mp.microsoft.com/v1/public/catalog/Retail/Products/9wzdncrfj3tj/applockerdata
-then grab packagefamilyname and replace the one in the xml you got in step 4 with the PFN from the link above, then run through 5-9 again.
-
-## FAQs
 
 **Q:** What uniquely identifies a “file”? SHA1, SHA256, either, both? What is the “Flat hash” vs. normal?
 

From 457a7c7f478c56f804b0e881de0048bb4d2b13af Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Wed, 15 May 2019 11:08:55 -0700
Subject: [PATCH 038/157] Create
 configure-connections-to-microsoft-services-with-mdm.md

---
 ...nections-to-microsoft-services-with-mdm.md | 122 ++++++++++++++++++
 1 file changed, 122 insertions(+)
 create mode 100644 windows/privacy/configure-connections-to-microsoft-services-with-mdm.md

diff --git a/windows/privacy/configure-connections-to-microsoft-services-with-mdm.md b/windows/privacy/configure-connections-to-microsoft-services-with-mdm.md
new file mode 100644
index 0000000000..881ce64336
--- /dev/null
+++ b/windows/privacy/configure-connections-to-microsoft-services-with-mdm.md
@@ -0,0 +1,122 @@
+---
+title: Manage connections from Windows operating system components to Microsoft services using Microsoft Intune MDM Server
+description: Use MDM CSPs to minimize connections from Windows to Microsoft services, or to configure particular privacy settings.
+ms.assetid: ACCEB0DD-BC6F-41B1-B359-140B242183D9
+keywords: privacy, manage connections to Microsoft, Windows 10
+ms.prod: w10
+ms.mktglfcycl: manage
+ms.sitesec: library
+ms.localizationpriority: medium
+author: mikeedgar
+ms.author: v-medgar
+ms.date: 3/1/2019
+---
+
+# Manage connections from Windows operating system components to Microsoft services using Microsoft Intune MDM Server
+
+**Applies to**
+
+-   Windows 10 Enterprise 1903 version and later
+
+You can use Microsoft InTune with MDM CSPs and custom [OMA URIs](https://docs.microsoft.com/en-us/intune/custom-settings-windows-10) to minimize connections from Windows to Microsoft services, or to configure particular privacy settings. You can configure diagnostic data at the lowest level for your edition of Windows, and also evaluate which other connections Windows makes to Microsoft services you want to turn off in your environment from the list in this article.
+
+To ensure CSPs take priority over Group Policies in case of conflicts, use the [ControlPolicyConflict](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-controlpolicyconflict) policy.
+
+You can configure diagnostic data at the Security/Basic level, turn off Windows Defender diagnostic data and MSRT reporting, and turn off all other connections to Microsoft network endpoints as described in this article to help prevent Windows from sending any data to Microsoft. There are many reasons why these communications are enabled by default, such as updating malware definitions and maintain current certificate revocation lists, which is why we strongly recommend against this. This data helps us deliver a secure, reliable, and more delightful personalized experience.
+
+Note, there is some traffic which is required (i.e. "whitelisted") for the operation of Windows and the Microsoft InTune based management.  This traffic includes CRL and OCSP network traffic which will show up in network traces. CRL and OCSP checks are made to the issuing certificate authorities. Microsoft is one of them, but there are many others, such as DigiCert, Thawte, Google, Symantec, and VeriSign.  Additional whitelisted traffic specifically for MDM managed devices includes Windows Notification Service related traffic as well as some specific Microsoft InTune and Windows Update related traffic.
+
+For more information on Microsoft InTune please see [Transform IT service delivery for your modern workplace](https://www.microsoft.com/en-us/enterprise-mobility-security/microsoft-intune?rtc=1) and [Microsoft Intune documentation](https://docs.microsoft.com/en-us/intune/).
+
+For detailed information about managing network connections to Microsoft services using Baseline package/registries/Group policies/UI/Command line, see [Manage connections from Windows operating system components to Microsoft services](https://docs.microsoft.com/en-us/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services).
+
+### Settings for Windows 10 Enterprise edition 1903 and later
+
+The following table lists management options for each setting.
+
+For Windows 10, the following MDM policies are available in the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx).
+
+| Setting | MDM Policy | Description |
+| --- | --- | --- |
+| 1. Automatic Root Certificates Update | There is intentionally no MDM available for Automatic Root Certificate Update. | This MDM does not exist since it would prevent the operation and management of MDM management of devices.
+| 2. Cortana and Search | [Experience/AllowCortana](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-experience#experience-allowcortana) | Choose whether to let Cortana install and run on the device. 
+| | [Search/AllowSearchToUseLocation](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-search#search-allowsearchtouselocation) | Choose whether Cortana and Search can provide location-aware search results. <br /> Default: Allowed 
+| 3. Date & Time | [Settings/AllowDateTime](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-settings#settings-allowdatetime)| Allows the user to change date and time settings.  <br />**0** Not allowed.<br /> 1 (default) Allowed.
+| 4. Device metadata retrieval | [DeviceInstallation/PreventDeviceMetadataFromNetwork](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-deviceinstallation#deviceinstallation-preventdevicemetadatafromnetwork) | Choose whether to prevent Windows from retrieving device metadata from the Internet 
+| 5. Find My Device | [Experience/AllowFindMyDevice](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-experience#experience-allowfindmydevice)| This policy turns on Find My Device.  <br /> Set to **0** to disable.<br /> 
+| 6. Font streaming | [System/AllowFontProviders](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-system#system-allowfontproviders) | Set to 0 to disable font streaming <br /> Set to 1 to enable font streaming 
+| 7. Insider Preview builds | [System/AllowBuildPreview](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-system#system-allowbuildpreview) | **0**: users cannot make their devices available for downloading and installing preview software <br /> **1**: users can make their devices available for downloading and installing preview software <br /> **2**: (default) not configured; users can make their devices available for download and installing preview software 
+| 8. Internet Explorer | The following Microsoft Internet Explorer MDM policies are available in the [Internet Explorer CSP](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-internetexplorer) | 
+| | [InternetExplorer/AllowSuggestedSites](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-allowsuggestedsites) | Recommends websites based on the user’s browsing activity. 
+| | [InternetExplorer/PreventManagingSmartScreenFilter]( https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-preventmanagingsmartscreenfilter) | Prevents the user from managing SmartScreen Filter, which warns the user if the website being visited is known for fraudulent attempts to gather personal information through "phishing," or is known to host malware. 
+| | [InternetExplorer/DisableFlipAheadFeature]( https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-disableflipaheadfeature) | Determines whether a user can swipe across a screen or click Forward to go to the next pre-loaded page of a website. 
+| | [InternetExplorer/DisableHomePageChange]( https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-disablehomepagechange) | Determines whether users can change the default Home Page or not.
+| | [InternetExplorer/DisableFirstRunWizard]( https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-disablefirstrunwizard) | Prevents Internet Explorer from running the First Run wizard the first time a user starts the browser after installing Internet Explorer or Windows. 
+| 9. Live Tiles | [Notifications/DisallowTileNotification](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-notifications)| This policy setting turns off tile notifications. If you enable this policy setting applications and system features will not be able to update their tiles and tile badges in the Start screen.  Set value to **1** to disable Tile Notifications.
+| 10. Mail synchronization | [Accounts/AllowMicrosoftAccountConnection](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-accounts#accounts-allowmicrosoftaccountconnection) | **0**: not allowed <br /> **1**: allowed <br /> Does not apply to Microsoft Accounts that have already been configured on the device.
+| 11. Microsoft Account | [Accounts/AllowMicrosoftAccountSignInAssistant](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-accounts#accounts-allowmicrosoftaccountsigninassistant) | Disable the Microsoft Account Sign-In Assistant. <br /> **0**: turned off <br /> **1**: turned on
+| 12. Microsoft Edge | | The following Microsoft Edge MDM policies are available in the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx). For a complete list of the Microsoft Edge policies, see [Available policies for Microsoft Edge](https://docs.microsoft.com/microsoft-edge/deploy/available-policies). 
+| | [Browser/AllowAutoFill](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowautofill) | Choose whether employees can use autofill on websites. <br /> Default: Allowed 
+| | [Browser/AllowDoNotTrack](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowdonottrack) | Choose whether employees can send Do Not Track headers.<br /> Default: Not allowed 
+| | [Browser/AllowMicrosoftCompatbilityList](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowmicrosoftcompatibilitylist) | Specify the Microsoft compatibility list in Microsoft Edge. <br /> Default: Enabled 
+| | [Browser/AllowPasswordManager](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowpasswordmanager) | Choose whether employees can save passwords locally on their devices. <br /> Default: Allowed 
+| | [Browser/AllowSearchSuggestionsinAddressBar](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowsearchsuggestionsinaddressbar) | Choose whether the Address Bar shows search suggestions.. <br /> Default: Allowed 
+| | [Browser/AllowSmartScreen](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowsmartscreen) | Choose whether SmartScreen is turned on or off.  <br /> Default: Allowed 
+| | [Browser/FirstRunURL](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-firstrunurl) | Choose the home page for Microsoft Edge on Windows Mobile 10. <br /> Default: blank 
+| 13. Network Connection Status Indicator | [Connectivity/DisallowNetworkConnectivityActiveTests](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-connectivity#connectivity-disallownetworkconnectivityactivetests) | **1**: turn off NCSI <br /> Note:: After you apply this policy you must restart the device for the policy setting to take effect. 
+| 14. Offline maps | [AllowOfflineMapsDownloadOverMeteredConnection](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-maps)|Allows the download and update of map data over metered connections. <br /> **0** Disabled. Force disable auto-update over metered connection.<br />
+| | [EnableOfflineMapsAutoUpdate](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-maps#maps-enableofflinemapsautoupdate)|Disables the automatic download and update of map data. <br />**0** Disabled. Force off auto-update.<br /> 
+| 15. OneDrive | [DisableOneDriveFileSync](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-system#system-disableonedrivefilesync)| Allows IT Admins to prevent apps and features from working with files on OneDrive. <br />**1** True (sync disabled).<br />
+| 16. Preinstalled apps | N/A | N/A 
+| 17. Privacy settings | | Except for the Feedback & Diagnostics page, these settings must be configured for every user account that signs into the PC. 
+|   17.1 General | [TextInput/AllowLinguisticDataCollection](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-textinput#textinput-allowlinguisticdatacollection) | Turn off **Send Microsoft info about how I write to help us improve typing and writing in the future**. <br /> **0**: not allowed <br /> **1**: allowed (default) 
+|   17.2 Location | [System/AllowLocation](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-system#system-allowlocation) | Turn off **Location for this device**. <br /> **0**: turned off and the employee can't turn it back on <br /> **1**: turned on but lets the employee choose whether to use it (default) <br /> **2**: turned on and the employee can't turn it off <br /> Note:: You can also set this MDM policy in System Center Configuration Manager using the [WMI Bridge Provider](https://msdn.microsoft.com/library/dn905224.aspx). 
+|   17.3 Camera | [Camera/AllowCamera](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-camera#camera-allowcamera) | Turn off **Let apps use my camera**. <br /> **0**: apps can't use the camera <br /> **1** apps can use the camera <br /> Note:: You can also set this MDM policy in System Center Configuration Manager using the [WMI Bridge Provider](https://msdn.microsoft.com/library/dn905224.aspx). 
+|   17.4 Microphone | [Privacy/LetAppsAccessMicrophone](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessmicrophone) | Turn off **Let apps use my microphone**. <br /> **0**: user in control <br /> **1**: force allow <br /> **2**: force deny 
+|   17.5 Notifications | [Notifications/DisallowCloudNotification](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-notifications#notifications-disallowcloudnotification) | Turn off notifications network usage. <br /> **DO NOT TURN OFF WNS Notifications if you want manage your device(s) using Microsoft InTune** 
+| | [Privacy/LetAppsAccessNotifications](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessnotifications) | Turn off **Let apps access my notifications**. <br /> **0**: user in control <br /> **1**: force allow <br /> **2**: force deny 
+| | [Settings/Notifications & actions/AllowOnlineTips]( https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-settings#settings-allowonlinetips) | Disable **AllowOnlineTips** to prevent traffic 
+|   17.6 Speech, Inking, & Typing | [Speech/AllowSpeechModelUpdate](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-speech#speech-allowspeechmodelupdate) | Turn off updates to the speech recognition and speech synthesis models. <br /> **0**: not allowed (default) <br /> **1**: allowed 
+| | [TextInput/AllowLinguisticDataCollection](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-textinput#textinput-allowlinguisticdatacollection)|This policy setting controls the ability to send inking and typing data to Microsoft to improve the language recognition and suggestion capabilities of apps and services running on Windows. <br />**0**: disallow <br /> <br /> **1**: choice deferred to user's preference 
+|   17.7 Account info | [Privacy/LetAppsAccessAccountInfo](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessaccountinfo) | Turn off **Let apps access my name picture and other account info in the UI**. <br /> **0**: user in control <br /> **1**: force allow <br /> **2**: force deny 
+|   17.8 Contacts | [Privacy/LetAppsAccessContacts](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesscontacts) | Turn off **Choose apps that can access contacts** in the UI. <br /> **0**: user in control <br /> **1**: force allow <br /> **2**: force deny 
+|   17.9 Calendar | [Privacy/LetAppsAccessCalendar](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesscalendar) | Turn off **Let apps access my calendar** in the UI. <br /> **0**: user in control <br /> **1**: force allow <br /> **2**: force deny 
+|   17.10 Call history | [Privacy/LetAppsAccessCallHistory](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesscallhistory) | Turn off **Let apps access my call history** in the UI. <br /> **0**: user in control <br /> **1**: force allow <br /> **2**: force deny 
+|   17.11 Email | [Privacy/LetAppsAccessEmail](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessemail) | Turn off **Let apps access and send email** in the UI. <br /> **0**: user in control <br /> **1**: force allow <br /> **2**: force deny 
+|   17.12 Messaging | [Privacy/LetAppsAccessMessaging](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessmessaging) | Turn off **Let apps read or send messages (text or MMS)** in the UI. <br /> **0**: user in control <br /> **1**: force allow <br /> **2**: force deny 
+|   17.13 Phone calls | [Privacy/LetAppsAccessPhone](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessphone) | <br /> **0**: user in control <br /> **1**: force allow <br /> **2**: force deny 
+|   17.14 Radios | [Privacy/LetAppsAccessRadios](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessradios) | Turn off **Let apps control radios** in the UI. <br /> **0**: user in control <br /> **1**: force allow <br /> **2**: force deny 
+|   17.15 Other devices | [Privacy/LetAppsSyncWithDevices](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappssyncwithdevices) | Turn off **Let apps automatically share and sync info** with wireless devices that don't explicitly pair with your PC, tablet, or phone** in the UI. <br /> **0**: user in control <br /> **1**: force allow <br /> **2**: force deny 
+| | [Privacy/LetAppsAccessTrustedDevices](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesstrusteddevices) | Turn off **Let your apps use your trusted devices** (hardware you've already connected, or comes with your PC, tablet, or phone) in the UI. <br /> **0**: user in control <br /> **1**: force allow <br /> **2**: force deny 
+|   17.16 Feedback & diagnostics | [System/AllowTelemetry](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-system#system-allowtelemetry) | Change the level of diagnostic and usage data sent when you **Send your device data to Microsoft**. <br /> **0**: maps to the **Security** level <br /> **1**: maps to the **Basic** level <br /> **2**: maps to the **Enhanced** level <br /> **3**: maps to the **Full** level 
+|   17.17 Background apps | [Privacy/LetAppsRunInBackground](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsruninbackground) | Turn off **Let apps run in the background** in the UI. <br /> **0**: user in control <br /> **1**: force allow <br /> **2**: force deny <br /> Note: Some apps, including Cortana and Search, might not function as expected if you set **Let apps run in the background** to **Force Deny**. 
+|   17.18 Motion | [Privacy/LetAppsAccessMotion](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessmotion) | Turn off **Let Windows and your apps use your motion data and collect motion history** in the UI. <br /> **0**: user in control <br /> **1**: force allow <br /> **2**: force deny 
+|   17.19 Tasks | [Privacy/LetAppsAccessTasks](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesstasks) | Turn off the ability to choose which apps have access to tasks. <br /> **0**: user in control <br /> **1**: force allow <br /> **2**: force deny 
+|   17.20 App Diagnostics | [Privacy/LetAppsGetDiagnosticInfo](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsgetdiagnosticinfo) | Turn off the ability to choose which apps have access to diagnostic information. <br /> **0**: user in control <br /> **1**: force allow <br /> **2**: force deny 
+| 18. Software Protection Platform | [Licensing/DisallowKMSClientOnlineAVSValidation](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-licensing#licensing-disallowkmsclientonlineavsvalidation) | Opt out of sending KMS client activation data to Microsoft automatically. <br /> **0**: disabled (default) <br /> **1**: enabled 
+| 19. Storage Health | [Storage/AllowDiskHealthModelUpdates](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-storage#storage-allowdiskhealthmodelupdates) | Allows disk health model updates. <br /> **0** - Do not allow<br /> 
+| 20. Sync your settings | [Experience/AllowSyncMySettings](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-experience#experience-allowsyncmysettings) | Control whether your settings are synchronized. <br /> **0**: not allowed <br /> **1**: allowed 
+| 21. Teredo | No MDM needed or required|No MDM needed or required
+| 22. Wi-Fi Sense | No MDM needed or required|No MDM needed or required
+| 23. Windows Defender | [Defender/AllowCloudProtection](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-defender#defender-allowcloudprotection) | Disconnect from the Microsoft Antimalware Protection Service. <br /> **0** Not allowed.<br /> **1** (default) Allowed.
+| | [Defender/SubmitSamplesConsent](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-defender#defender-submitsamplesconsent) | Stop sending file samples back to Microsoft. <br /> **0**: always prompt <br /> **1**: send safe samples automatically (default) <br /> **2**: never send <br /> **3**: send all samples automatically 
+|   23.1 Windows Defender Smartscreen | [Browser/AllowSmartScreen](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowsmartscreen) | Disable Windows Defender Smartscreen. <br /> **0**: turned off <br /> **1**: turned on 
+|   23.2 Windows Defender Smartscreen EnableAppInstallControl | [SmartScreen/EnableAppInstallControl](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-smartscreen#smartscreen-enableappinstallcontrol) | Controls whether users are allowed to install apps from places other than the Microsoft Store <br /> **0**: Turns off traffic <br /> **1**: Allows traffic 
+| 24. Windows Media Player | N/A | N/A 
+| 25. Windows Spotlight | [Experience/AllowWindowsSpotlight](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-experience#experience-allowwindowsspotlight) | Disable Windows Spotlight. <br /> **0**: disabled 
+| 26. Microsoft Store | [ApplicationManagement/DisableStoreOriginatedApps](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-applicationmanagement#applicationmanagement-disablestoreoriginatedapps)| Boolean value that disables the launch of all apps from Microsoft Store that came pre-installed or were downloaded.  <br /> **0** (default) Enable launch of apps.<br /> **1** Disable launch of apps.
+| | [ApplicationManagement/AllowAppStoreAutoUpdate](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-applicationmanagement#applicationmanagement-allowappstoreautoupdate)| Specifies whether automatic update of apps from Microsoft Store are allowed. <br /> **1** (default)  Allowed.<br />  **0** Not allowed.
+| 26.1 Apps for websites | [ApplicationDefaults/EnableAppUriHandlers](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-applicationdefaults#applicationdefaults-enableappurihandlers) | This policy setting determines whether Windows supports web-to-app linking with app URI handlers. <br /> **0**: disabled  <br /> **1** enabled
+| 27. Windows Update Delivery Optimization | | The following Delivery Optimization MDM policies are available in the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx). 
+| | [DeliveryOptimization/DODownloadMode](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-deliveryoptimization#deliveryoptimization-dodownloadmode)             | Lets you choose where Delivery Optimization gets or sends updates and apps. <br />**0**: turns off Delivery Optimization <br /> **1**: gets or sends updates and apps to PCs on the same NAT only <br />**2**: gets or sends updates and apps to PCs on the same local network domain <br /> **3**: gets or sends updates and apps to PCs on the Internet <br /> **99**: simple download mode with no peering <br /> **100**: use BITS instead of Windows Update Delivery Optimization 
+| | [DeliveryOptimization/DOGroupID](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-deliveryoptimization#deliveryoptimization-dogroupid)                | Lets you provide a Group ID that limits which PCs can share apps and updates. <br /> Note: This ID must be a GUID.
+| | [DeliveryOptimization/DOMaxCacheAge](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-deliveryoptimization#deliveryoptimization-domaxcacheage)             | Lets you specify the maximum time (in seconds) that a file is held in the Delivery Optimization cache. <br /> The default value is 259200 seconds (3 days).
+| | [DeliveryOptimization/DOMaxCacheSize](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-deliveryoptimization#deliveryoptimization-domaxcachesize)           | Lets you specify the maximum cache size as a percentage of disk size. <br /> The default value is 20| which represents 20% of the disk.
+| | [DeliveryOptimization/DOMaxUploadBandwidth](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-deliveryoptimization#deliveryoptimization-domaxuploadbandwidth)      | Lets you specify the maximum upload bandwidth (in KB/second) that a device uses across all concurrent upload activity. <br /> The default value is 0, which means unlimited possible bandwidth.
+| | [DeliveryOptimization/DODownloadMode](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-deliveryoptimization#deliveryoptimization-dodownloadmode)| Specifies the download method that Delivery Optimization can use in downloads of Windows Updates, Apps and App updates. Set to **100** - Bypass mode. Do not use Delivery Optimization and use BITS instead. Added in Windows 10, version 1607.
+| 28. Windows Update | [Update/AllowAutoUpdate](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-update#update-allowautoupdate) | Control automatic updates. <br /> **0**: notify the user before downloading the update <br /> **1**: auto install the update and then notify the user to schedule a device restart <br /> **2**: auto install and restart (default) <br /> **3**: auto install and restart at a specified time <br /> **4**: auto install and restart without end-user control <br /> **5**: turn off automatic updates 
+
+
+
+
+

From dc813d358459496add78badc5af9efe55f11f663 Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Wed, 15 May 2019 12:01:15 -0700
Subject: [PATCH 039/157] Update
 configure-connections-to-microsoft-services-with-mdm.md

---
 .../configure-connections-to-microsoft-services-with-mdm.md     | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/privacy/configure-connections-to-microsoft-services-with-mdm.md b/windows/privacy/configure-connections-to-microsoft-services-with-mdm.md
index 881ce64336..58a96778b5 100644
--- a/windows/privacy/configure-connections-to-microsoft-services-with-mdm.md
+++ b/windows/privacy/configure-connections-to-microsoft-services-with-mdm.md
@@ -7,7 +7,7 @@ ms.prod: w10
 ms.mktglfcycl: manage
 ms.sitesec: library
 ms.localizationpriority: medium
-author: mikeedgar
+author: medgarmedgar
 ms.author: v-medgar
 ms.date: 3/1/2019
 ---

From 1bb0e75a6a7e985ce9dce893afcb4b122b4d453b Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Wed, 15 May 2019 12:10:54 -0700
Subject: [PATCH 040/157] Update TOC.md

---
 windows/privacy/TOC.md | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/windows/privacy/TOC.md b/windows/privacy/TOC.md
index b687b5bc1b..2b3934e585 100644
--- a/windows/privacy/TOC.md
+++ b/windows/privacy/TOC.md
@@ -17,12 +17,13 @@
 ### [Windows 10, version 1709 and newer diagnostic data for the Full level](windows-diagnostic-data.md)
 ### [Windows 10, version 1703 diagnostic data for the Full level](windows-diagnostic-data-1703.md)
 ## Manage Windows 10 connection endpoints
-### [Connection endpoints for Windows 10, version 1709](manage-windows-1709-endpoints.md)
-### [Connection endpoints for Windows 10, version 1803](manage-windows-1803-endpoints.md)
-### [Connection endpoints for Windows 10, version 1809](manage-windows-1809-endpoints.md)
 ### [Connection endpoints for Windows 10, version 1903](manage-windows-1903-endpoints.md)
-### [Windows 10, version 1709, connection endpoints for non-Enterprise editions](windows-endpoints-1709-non-enterprise-editions.md)
-### [Windows 10, version 1803, connection endpoints for non-Enterprise editions](windows-endpoints-1803-non-enterprise-editions.md)
-### [Windows 10, version 1809, connection endpoints for non-Enterprise editions](windows-endpoints-1809-non-enterprise-editions.md)
+### [Connection endpoints for Windows 10, version 1809](manage-windows-1809-endpoints.md)
+### [Connection endpoints for Windows 10, version 1803](manage-windows-1803-endpoints.md)
+### [Connection endpoints for Windows 10, version 1709](manage-windows-1709-endpoints.md)
 ### [Windows 10, version 1903, connection endpoints for non-Enterprise editions](windows-endpoints-1903-non-enterprise-editions.md)
+### [Windows 10, version 1809, connection endpoints for non-Enterprise editions](windows-endpoints-1809-non-enterprise-editions.md)
+### [Windows 10, version 1803, connection endpoints for non-Enterprise editions](windows-endpoints-1803-non-enterprise-editions.md)
+### [Windows 10, version 1709, connection endpoints for non-Enterprise editions](windows-endpoints-1709-non-enterprise-editions.md)
 ## [Manage connections from Windows operating system components to Microsoft services](manage-connections-from-windows-operating-system-components-to-microsoft-services.md)
+## [Manage connections from Windows operating system components to Microsoft services using MDM/CSPs](configure-connections-to-microsoft-services-with-mdm.md)

From 6cfd3cb0ee56fda652fac85ef7d25c3298078fce Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Wed, 15 May 2019 12:53:41 -0700
Subject: [PATCH 041/157] Rename
 configure-connections-to-microsoft-services-with-mdm.md to
 manage-connections-from-windows-operating-system-components-to-microsoft-services-with-MDM.md

---
 ...operating-system-components-to-microsoft-services-with-MDM.md} | 0
 1 file changed, 0 insertions(+), 0 deletions(-)
 rename windows/privacy/{configure-connections-to-microsoft-services-with-mdm.md => manage-connections-from-windows-operating-system-components-to-microsoft-services-with-MDM.md} (100%)

diff --git a/windows/privacy/configure-connections-to-microsoft-services-with-mdm.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-with-MDM.md
similarity index 100%
rename from windows/privacy/configure-connections-to-microsoft-services-with-mdm.md
rename to windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-with-MDM.md

From 0bb2b2f0691e2ada84e3b6953216187311c49cde Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Wed, 15 May 2019 12:54:05 -0700
Subject: [PATCH 042/157] Update TOC.md

---
 windows/privacy/TOC.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/privacy/TOC.md b/windows/privacy/TOC.md
index 2b3934e585..f1214e7bec 100644
--- a/windows/privacy/TOC.md
+++ b/windows/privacy/TOC.md
@@ -26,4 +26,4 @@
 ### [Windows 10, version 1803, connection endpoints for non-Enterprise editions](windows-endpoints-1803-non-enterprise-editions.md)
 ### [Windows 10, version 1709, connection endpoints for non-Enterprise editions](windows-endpoints-1709-non-enterprise-editions.md)
 ## [Manage connections from Windows operating system components to Microsoft services](manage-connections-from-windows-operating-system-components-to-microsoft-services.md)
-## [Manage connections from Windows operating system components to Microsoft services using MDM/CSPs](configure-connections-to-microsoft-services-with-mdm.md)
+## [Manage connections from Windows operating system components to Microsoft services using MDM](configure-connections-to-microsoft-services-with-mdm.md)

From 6d68ad0c7bde63730d6969a632c45281e56ee4a3 Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Wed, 15 May 2019 12:55:08 -0700
Subject: [PATCH 043/157] Rename
 manage-connections-from-windows-operating-system-components-to-microsoft-services-with-MDM.md
 to
 manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md

---
 ...perating-system-components-to-microsoft-services-using-MDM.md} | 0
 1 file changed, 0 insertions(+), 0 deletions(-)
 rename windows/privacy/{manage-connections-from-windows-operating-system-components-to-microsoft-services-with-MDM.md => manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md} (100%)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-with-MDM.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
similarity index 100%
rename from windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-with-MDM.md
rename to windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md

From 44a8cedab9ee2824824250a667140cdd36f07909 Mon Sep 17 00:00:00 2001
From: Justin Hall <justinha@microsoft.com>
Date: Wed, 15 May 2019 12:58:52 -0700
Subject: [PATCH 044/157] added path-based rules

---
 .../select-types-of-rules-to-create.md        | 39 +++++++++++++++++++
 1 file changed, 39 insertions(+)

diff --git a/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md b/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md
index 85b9f016f2..ccf9c4559b 100644
--- a/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md
+++ b/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md
@@ -103,3 +103,42 @@ As part of normal operations, they will eventually install software updates, or
 
 They could also choose to create a catalog that captures information about the unsigned internal application, then sign and distribute the catalog. Then the internal application could be handled by WDAC policies in the same way as any other signed application. An update to the internal application would only require that the catalog be regenerated, signed, and distributed (no restarts would be required).
 
+## Create path-based rules 
+
+Beginning with Windows 10 version 1903, Windows Defender Application Control (WDAC) policies can contain path-based rules.
+
+- New-CIPolicy parameters
+  - FilePath: create path rules under path \<path to scan> for anything not user-writeable (at the individual file level)
+    ```powershell
+    New-CIPolicy -f .\mypolicy.xml -l FilePath -s <path to scan> -u
+    ```
+    Optionally, add -UserWriteablePaths to ignore user writeability
+
+  - FilePathRule: create a rule where filepath string is directly set to value of \<any path string>
+    ```powershell
+    New-CIPolicyRule -FilePathRule <any path string>
+    ```
+    Useful for wildcards like C:\foo\\*
+
+- Usage follows the same flow as per-app rules:
+  ```powershell
+  $rules = New-CIPolicyRule …
+  $rules += New-CIPolicyRule …
+  …
+  New-CIPolicyRule -f .\mypolicy.xml -u
+  ```
+
+- Wildcards supported
+  - Suffix (ex. C:\foo\\*) OR Prefix (ex. *\foo\bar.exe)
+    - One or the other, not both at the same time
+    - Does not support wildcard in the middle (ex. C:\\*\foo.exe)
+  - Examples:
+    - %WINDIR%\\...
+    - %SYSTEM32%\\...
+    - %OSDRIVE%\\...
+
+- Disable default FilePath rule protection of enforcing user-writeability. For example, to add “Disabled:Runtime FilePath Rule Protection” to the policy:
+  ```powershell
+  Set-RuleOption -o 18 .\policy.xml
+  ```
+

From 06af7c649ba56f4b27189cdf662af25eef988a15 Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Wed, 15 May 2019 13:08:27 -0700
Subject: [PATCH 045/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services.md

---
 ...windows-operating-system-components-to-microsoft-services.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
index 5a69fa7d6e..dc7fcf967a 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
@@ -1032,7 +1032,7 @@ To turn off **Let apps access my notifications**:
 
 In the **Speech** area, you can configure the functionality as such: 
 
-To turn off streaming audio to Microsoft Speech services,
+To turn off the functionality to do voice dictation, speaking to Cortana and other apps, or sending voice input to Microsoft Speech services: 
 
 - Toggle the Settings -> Privacy -> Speech -> **Online speech recognition** switch to **Off** 
 

From a4a15783c649d48c07f91f5e275161660f03c472 Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Wed, 15 May 2019 13:10:53 -0700
Subject: [PATCH 046/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services.md

---
 ...windows-operating-system-components-to-microsoft-services.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
index dc7fcf967a..61476e9047 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
@@ -1032,7 +1032,7 @@ To turn off **Let apps access my notifications**:
 
 In the **Speech** area, you can configure the functionality as such: 
 
-To turn off the functionality to do voice dictation, speaking to Cortana and other apps, or sending voice input to Microsoft Speech services: 
+To turn off voice dictation, speaking to Cortana and other apps, or sending voice input to Microsoft Speech services:
 
 - Toggle the Settings -> Privacy -> Speech -> **Online speech recognition** switch to **Off** 
 

From e941711276000903b4978ac40659b3cffe51c617 Mon Sep 17 00:00:00 2001
From: Justin Hall <justinha@microsoft.com>
Date: Wed, 15 May 2019 13:38:15 -0700
Subject: [PATCH 047/157] renamed faq

---
 ...ws-defender-application-control-frequently-asked-questions.md} | 0
 1 file changed, 0 insertions(+), 0 deletions(-)
 rename windows/security/threat-protection/windows-defender-application-control/{windows-defender-application-control-improvements-in-windows-10-version-1903.md => windows-defender-application-control-frequently-asked-questions.md} (100%)

diff --git a/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-improvements-in-windows-10-version-1903.md b/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-frequently-asked-questions.md
similarity index 100%
rename from windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-improvements-in-windows-10-version-1903.md
rename to windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-frequently-asked-questions.md

From 302daa5ab494993274a9d80b4da54e8246852c39 Mon Sep 17 00:00:00 2001
From: Justin Hall <justinha@microsoft.com>
Date: Wed, 15 May 2019 13:51:54 -0700
Subject: [PATCH 048/157] renamed com whitelisting topic

---
 ...egistration-in-windows-defender-application-control-policy.md} | 0
 1 file changed, 0 insertions(+), 0 deletions(-)
 rename windows/security/threat-protection/windows-defender-application-control/{com-whitelisting.md => allow-com-object-registration-in-windows-defender-application-control-policy.md} (100%)

diff --git a/windows/security/threat-protection/windows-defender-application-control/com-whitelisting.md b/windows/security/threat-protection/windows-defender-application-control/allow-com-object-registration-in-windows-defender-application-control-policy.md
similarity index 100%
rename from windows/security/threat-protection/windows-defender-application-control/com-whitelisting.md
rename to windows/security/threat-protection/windows-defender-application-control/allow-com-object-registration-in-windows-defender-application-control-policy.md

From febe645dd5dc6e20a5b854cb5c6bd9ae88ecc671 Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Wed, 15 May 2019 14:22:42 -0700
Subject: [PATCH 049/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services.md

---
 ...ndows-operating-system-components-to-microsoft-services.md | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
index 61476e9047..b86d3299d7 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
@@ -1550,7 +1550,9 @@ When turned off, the Wi-Fi Sense settings still appear on the Wi-Fi Settings scr
 
 ### <a href="" id="bkmk-defender"></a>24. Windows Defender
 
-You can disconnect from the Microsoft Antimalware Protection Service.
+You can disconnect from the Microsoft Antimalware Protection Service. 
+
+On Windows 10 1903 Client operating systems and newer search on "Tamper Protection" from the Windows search button next to the Start button on the desktop commmand bar.  Scroll down to the Tamper Protection toggle and turn it **Off**.  This will allow you to modify the Registry key and allow the Group Policy to make the setting. Alternatively, go to Windows Security Settings -> Virus & threat protection, click on Manage settings and then scroll down to the Tamper Protection toggle and set it to **Off**. 
 
 - **Enable** the Group Policy **Computer Configuration** &gt; **Administrative Templates** &gt; **Windows Components** &gt; **Windows Defender Antivirus** &gt; **MAPS** &gt; **Join Microsoft MAPS** and then select **Disabled** from the drop down box named **Join Microsoft MAPS**
 

From 4b7f0fe31f204ee737b1750850cee4d39b65bb76 Mon Sep 17 00:00:00 2001
From: Justin Hall <justinha@microsoft.com>
Date: Wed, 15 May 2019 15:34:00 -0700
Subject: [PATCH 050/157] renamed toc entries

---
 .../windows-defender-application-control/TOC.md               | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/security/threat-protection/windows-defender-application-control/TOC.md b/windows/security/threat-protection/windows-defender-application-control/TOC.md
index 5644387f36..624c07a310 100644
--- a/windows/security/threat-protection/windows-defender-application-control/TOC.md
+++ b/windows/security/threat-protection/windows-defender-application-control/TOC.md
@@ -19,7 +19,7 @@
 ### [Merge WDAC policies](merge-windows-defender-application-control-policies.md)
 ### [Deploy multiple WDAC policies](deploy-multiple-windows-defender-application-control-policies.md)
 ### [Enforce WDAC policies](enforce-windows-defender-application-control-policies.md)
-### [COM whitelisting](com-whitelisting.md)
+### [Allow COM object registration](allow-com-object-registration-in-windows-defender-application-control-policy.md)
 ### [Deploy WDAC with a managed installer](use-windows-defender-application-control-with-managed-installer.md)
 ### [Deploy WDAC with Intelligent Security Graph (ISG)](use-windows-defender-application-control-with-intelligent-security-graph.md)
 ### [Deploy WDAC policies using Group Policy](deploy-windows-defender-application-control-policies-using-group-policy.md)
@@ -37,7 +37,7 @@
 ### [Sideload Win32 apps on S mode](sideloading-win32-apps-on-windows-10-s-mode-devices.md)
 ### [Disable WDAC policies](disable-windows-defender-application-control-policies.md)
 ### [Device Guard and AppLocker](windows-defender-device-guard-and-applocker.md)
-### [Windows Defender Application Control improvements in Windows 10 version 1903](windows-defender-application-control-improvements-in-windows-10-version-1903.md)
+### [FAQs](windows-defender-application-control-frequently-asked-questions.md)
 
 ## [AppLocker](applocker\applocker-overview.md) 
 ### [Administer AppLocker](applocker\administer-applocker.md)

From cd3b77704c0515b0cb40d7a8d518759e0fd577ce Mon Sep 17 00:00:00 2001
From: Justin Hall <justinha@microsoft.com>
Date: Wed, 15 May 2019 15:36:13 -0700
Subject: [PATCH 051/157] deleted faq

---
 .../TOC.md                                    |   1 -
 ...tion-control-frequently-asked-questions.md | 108 ------------------
 2 files changed, 109 deletions(-)
 delete mode 100644 windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-frequently-asked-questions.md

diff --git a/windows/security/threat-protection/windows-defender-application-control/TOC.md b/windows/security/threat-protection/windows-defender-application-control/TOC.md
index 624c07a310..075e728710 100644
--- a/windows/security/threat-protection/windows-defender-application-control/TOC.md
+++ b/windows/security/threat-protection/windows-defender-application-control/TOC.md
@@ -37,7 +37,6 @@
 ### [Sideload Win32 apps on S mode](sideloading-win32-apps-on-windows-10-s-mode-devices.md)
 ### [Disable WDAC policies](disable-windows-defender-application-control-policies.md)
 ### [Device Guard and AppLocker](windows-defender-device-guard-and-applocker.md)
-### [FAQs](windows-defender-application-control-frequently-asked-questions.md)
 
 ## [AppLocker](applocker\applocker-overview.md) 
 ### [Administer AppLocker](applocker\administer-applocker.md)
diff --git a/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-frequently-asked-questions.md b/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-frequently-asked-questions.md
deleted file mode 100644
index 810e645612..0000000000
--- a/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control-frequently-asked-questions.md
+++ /dev/null
@@ -1,108 +0,0 @@
----
-title: Windows Defender Application Control Frequently asked questions (Windows 10)
-description: Frequently asked questions.
-ms.prod: w10
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
-ms.localizationpriority: medium
-author: jsuther1974
-ms.date: 05/14/2019
----
-
-# Frequently asked questions 
-
-**Applies to:**
-
--   Windows 10
--   Windows Server 2016
-
->[!IMPORTANT]
->Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
-
-
-**Q:** What uniquely identifies a “file”? SHA1, SHA256, either, both? What is the “Flat hash” vs. normal?
-
-**A:** Either hash works as a unique identifier, would recommend sha256 though just because lower collision chance.
-
-“Authenticode Hash” is the hash we use, it is calculated in a way that does not change even if the file is embed signed, whereas “flat hash” is just a direct hash on the bytes of the file and changes with signature.
-
-For Scripts/MSIs an embedded hash would use the SIP of the particular script type, while a catalog hash would use the flat hash (since catalogs are only aware of a few select SIPs, particularly the PE exe/dll one), so the 8028/8029 events log the “CatalogHash” as well, in case it differs from the hash used to evaluate against an embedded sig
- 
-**Q:** What property of a file is used to map out to a publisher?
-
-**A:** Files are tied to publishers via their signature (either embed signed or catalog signed via a signed catalog containing that files hash), correlate 3089 events in order to get publisher data
- 
-**Q:** Can you give a description/enumeration of values for “signing level”?
- 
-**A:** Base signing levels are:
-
-```xml
-#define SE_SIGNING_LEVEL_UNCHECKED         0x00000000
-#define SE_SIGNING_LEVEL_UNSIGNED          0x00000001
-#define SE_SIGNING_LEVEL_ENTERPRISE        0x00000002
-#define SE_SIGNING_LEVEL_CUSTOM_1          0x00000003
-#define SE_SIGNING_LEVEL_DEVELOPER         SE_SIGNING_LEVEL_CUSTOM_1
-#define SE_SIGNING_LEVEL_AUTHENTICODE      0x00000004
-#define SE_SIGNING_LEVEL_CUSTOM_2          0x00000005
-#define SE_SIGNING_LEVEL_STORE             0x00000006
-#define SE_SIGNING_LEVEL_CUSTOM_3          0x00000007
-#define SE_SIGNING_LEVEL_ANTIMALWARE       SE_SIGNING_LEVEL_CUSTOM_3
-#define SE_SIGNING_LEVEL_MICROSOFT         0x00000008
-#define SE_SIGNING_LEVEL_CUSTOM_4          0x00000009
-#define SE_SIGNING_LEVEL_CUSTOM_5          0x0000000A
-#define SE_SIGNING_LEVEL_DYNAMIC_CODEGEN   0x0000000B
-#define SE_SIGNING_LEVEL_WINDOWS           0x0000000C
-#define SE_SIGNING_LEVEL_CUSTOM_7          0x0000000D
-#define SE_SIGNING_LEVEL_WINDOWS_TCB       0x0000000E
-#define SE_SIGNING_LEVEL_CUSTOM_6          0x0000000F
-```
- 
-The TL;DR on signing levels is we have collections of certificates+EKUs that we use to define broad “security levels” based on signer, for example SE_SIGNING_LEVEL_WINDOWS generally maps to “signed as part of a production Windows build)
-Some also inherit from others (e.g. signing level Windows is a subset of Microsoft)
- 
-**Q:** What is the “SI Signing Scenario”?
-This maps to either kernel or user mode (0 or 1 respectively). CIPolicy lets you configure whitelists for each separately.
- 
-**Q:** Can you also provide the “description” for the events? 
-
-I know audit/block are each one of two values next to each other, but do they audit/block a specific file type only? Script? Exe?
-
-|-------|--------------------------|
-|Event ID| Description              |
-|3076 |Audit for exe/dll generated by CI in the createprocess stack|
-|3077 |Enforced version |
-|3089 |Signing information event correlated with either a 3076/3077 event, contains # of signatures and an index as to which signature it is, one 3089 is generated for each signature of a file (so many 3089 map to one 3076/77).  Unsigned files will generate a single 3089 with TotalSignatureCount 0 |
-|8028 |Audit for scripts/msis generated by WLDP being called by the scripthosts themselves (scripthosts opt in to enforcement, so we don’t enforce on 3rd party scripthosts like python/ruby)|
-|8029 |Enforce for scripts|
-
-We don’t currently have signer information in the script events
- 
-**Q:** I don’t understand what the “Policy” fields are.
-
-**A:** Code Integrity Policy is at its core an enterprise whitelisting solution.  For these events to be generated, customers would have had to generate a policy xml, compile it, and deploy it.  PolicyName/PolicyID fields are optional fields customers can add to the policy to get propagated into the events, policy hash is literally the hash of the policy (and policy hash matching guarantees that two events were blocked by the same policy).  Since you can have multiple concurrent policies on one system supplementing each other, knowing what policy actually blocked the binary from running is useful
- 
-**Q:** Is this purely file based or do I need to worry about the “PackageName” grouping? For example, do I need the packagename to get back to a publisher or are individual files from the package all mapped up directly?
-
-**A:** An event is generated for each individual binary that failed policy.  The PackageFamilyName is put in the process token of all binaries loading under an appx and is can be used in rules in policy to attempt to allow an entire package to run rather than whitelisting each individual binary, but we will still generate an individual event for each binary that fails.
-
- 
-**Q:** What field in 3089 am I able to join on to map from File to Publisher?
-
-**A:** CorrelationID is actually not in the event templates I sent you and is actually an optional field in the metadata of every eventviewer event.  In the XML of the event the correlationID’s path is:
-
-```xml
-<Event><System><Correlation ActivityID=”{GUID}” />
-```
-For comparison, the rest of the fields look like:
-```xml
-<Event><EventData><Data Name=”FileNameLength”>value</Data><Data Name=”FileName”>value2</Data>…
-```
-
- 
-**Q:** 3076/77 don’t seem to include ‘File Path’. Can this be deduced from ‘File Name’? 8028/8029 don’t seem to include ‘File Name’. Can this be deduced from ‘File Path’?
-
-**A:** “File Name” in 3076/77 is actually the path in NT form (\Device\HarddiskVolume3\Windows\System32\myfile.dll), and the “originalfilename” field maps to what would be “File Name” in a file rule in policy XML.
-For 8028/8029, File Path is the C:\ path to the file and you’ll notice a trend where we didn’t bother to include all the same fields we do for the PE files so there is no “originalFileName”.
-
-

From 0c29692554807f296bd38a0ed7d090b9a1541613 Mon Sep 17 00:00:00 2001
From: brbrahm <43386070+brbrahm@users.noreply.github.com>
Date: Wed, 15 May 2019 16:40:39 -0700
Subject: [PATCH 052/157] Some introduction updates to WDAC multiple policies
 file

---
 ...windows-defender-application-control-policies.md | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies.md b/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies.md
index 7408abf167..296060880f 100644
--- a/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies.md
+++ b/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies.md
@@ -20,9 +20,18 @@ ms.date: 05/10/2019
 >[!IMPORTANT]
 >Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
 
-Beginning with Windows 10 version 1903, WDAC supports multiple code integrity policies for one device. 
+The restriction of only having a single code integrity policy active on a system at any given time has felt limiting for customers in situations where multiple policies with different intents would be useful. Beginning with Windows 10 version 1903, WDAC supports multiple simultaneous code integrity policies for one device in order to light up the following scenarios:
 
-## Precedence
+1.	Enforce and Audit Side-by-Side
+    - To validate policy changes before deploying in enforcement mode, users can now deploy an audit-mode base policy side-by-side with an existing enforcement-mode base policy
+2.	Multiple Base Policies
+    - Users can enforce two or more base policies simultaneously in order to allow simpler policy targeting for policies with different scope/intent
+3.	Supplemental Policies
+    - Users can deploy one or more supplemental policies to expand a base policy
+    - If two base policies exist on a device, an application has to be allowed by both to run
+    - For supplemental policies, applications that are allowed by either the base policy or its supplemental policy/policies are allowed to run
+
+## How do Base and Supplemental Policies Interact?
 
 - Multiple base policies: intersection
   - Only applications allowed by both policies run without generating block events

From 81777d60508c7cae317dd2ccecb826b7953df165 Mon Sep 17 00:00:00 2001
From: brbrahm <43386070+brbrahm@users.noreply.github.com>
Date: Wed, 15 May 2019 21:46:34 -0700
Subject: [PATCH 053/157] Removed duplicate "new supported scenarios" from
 multiple policies page

---
 ...ndows-defender-application-control-policies.md | 15 +--------------
 1 file changed, 1 insertion(+), 14 deletions(-)

diff --git a/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies.md b/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies.md
index 296060880f..73d0e16c9b 100644
--- a/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies.md
+++ b/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies.md
@@ -20,7 +20,7 @@ ms.date: 05/10/2019
 >[!IMPORTANT]
 >Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
 
-The restriction of only having a single code integrity policy active on a system at any given time has felt limiting for customers in situations where multiple policies with different intents would be useful. Beginning with Windows 10 version 1903, WDAC supports multiple simultaneous code integrity policies for one device in order to light up the following scenarios:
+The restriction of only having a single code integrity policy active on a system at any given time has felt limiting for customers in situations where multiple policies with different intents would be useful. Beginning with Windows 10 version 1903, WDAC supports multiple simultaneous code integrity policies for one device in order to enable the following scenarios:
 
 1.	Enforce and Audit Side-by-Side
     - To validate policy changes before deploying in enforcement mode, users can now deploy an audit-mode base policy side-by-side with an existing enforcement-mode base policy
@@ -38,19 +38,6 @@ The restriction of only having a single code integrity policy active on a system
 - Base + supplemental policy: union
   - Files that are allowed by the base policy or the supplemental policy are not blocked
 
-## Newly supported scenarios
-
-With the ability to support multiple CI policies, three new scenarios are supported:
-
-1.	Enforce and Audit Side-by-Side (Intersection)
-    - To validate policy changes before deploying in enforcement mode, deploy an audit-mode base policy side-by-side with an existing enforcement-mode base policy
-2.	Multiple Base Policies (Intersection)
-    - Enforce two or more base policies simultaneously to allow simpler policy targeting for policies with different scope/intent
-    - Ex. Base1 is a corporate standard policy that is relatively loose to accommodate all organizations while forcing minimum corp standards (e.g. Windows works + Managed Installer + path rules). Base2 is a team-specific policy that further restricts what is allowed to run (e.g. Windows works + Managed Installer + corporate signed apps only)
-3.	Supplemental Policies (Union)
-    - Deploy a supplemental policy (or policies) to expand a base policy
-    - Ex. The Azure host base policy restricts tightly to just allow Windows and hardware drivers. Can add a supplemental policy to allow just the additional signer rules needed to support signed code from the Exchange team.
-
 ## PowerShell parameters
 
 New-CIPolicy

From df1a051291c22f15ef9ff4ab7f5a5d25d4c0b980 Mon Sep 17 00:00:00 2001
From: brbrahm <43386070+brbrahm@users.noreply.github.com>
Date: Wed, 15 May 2019 21:54:11 -0700
Subject: [PATCH 054/157] Add intro to COM objects page

---
 ...-windows-defender-application-control-policy.md | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/windows/security/threat-protection/windows-defender-application-control/allow-com-object-registration-in-windows-defender-application-control-policy.md b/windows/security/threat-protection/windows-defender-application-control/allow-com-object-registration-in-windows-defender-application-control-policy.md
index 9cd8ba8357..4131cedc9a 100644
--- a/windows/security/threat-protection/windows-defender-application-control/allow-com-object-registration-in-windows-defender-application-control-policy.md
+++ b/windows/security/threat-protection/windows-defender-application-control/allow-com-object-registration-in-windows-defender-application-control-policy.md
@@ -22,7 +22,13 @@ ms.date: 05/14/2019
 
 The [Microsoft Component Object Model (COM)](https://docs.microsoft.com/windows/desktop/com/the-component-object-model) is a platform-independent, distributed, object-oriented system for creating binary software components that can interact. COM specifies an object model and programming requirements that enable COM objects to interact with other objects.
 
-Get GUID of application to allow by either:
+### COM object configurability in WDAC policy
+
+Prior to the Windows 10 1903 update, Windows Defender Application Control (WDAC) enforced a built-in allow list for COM object registration. While this mechanism works for most common application usage scenarios, customers have provided feedback that there are cases where additional COM objects need to be allowed. The 1903 update to Windows 10 introduces the ability to specify allowed COM objects via their GUID in the WDAC policy.
+
+### Get COM object GUID
+
+Get GUID of application to allow in one of the following ways:
 - Finding block event in Event Viewer (Application and Service Logs > Microsoft > Windows > AppLocker > MSI and Script) and extracting GUID
 - Creating audit policy (using New-CIPolicy –Audit), potentially with specific provider, and use info from block events to get GUID
 
@@ -32,11 +38,11 @@ Three elements:
 - Provider: platform on which code is running (values are  Powershell, WSH, IE, VBA, MSI, or a wildcard “AllHostIds”)
 - Key: GUID for the program you with to run, in the format Key="{33333333-4444-4444-1616-161616161616}"
 - ValueName: needs to be set to "EnterpriseDefinedClsId"
+
 One attribute:
 - Value: needs to be “true” for allow and “false” for deny
-  Note: without quotation marks
-  Note: deny only works in base policies
-- The setting needs to be placed in the order of ASCII values, first by Provider, then Key, then ValueName
+  - Note that deny only works in base policies, not supplemental
+- The setting needs to be placed in the order of ASCII values (first by Provider, then Key, then ValueName)
 
 ### Examples
 

From 373c66f301b9ce3488857dfc59ba67f2b0e131a0 Mon Sep 17 00:00:00 2001
From: Justin Hall <justinha@microsoft.com>
Date: Thu, 16 May 2019 10:29:51 -0700
Subject: [PATCH 055/157] syntax fixes

---
 ...n-windows-defender-application-control-policy.md |  1 +
 .../create-path-based-rules.md                      |  6 ++++++
 ...windows-defender-application-control-policies.md | 13 +++++++++++++
 .../select-types-of-rules-to-create.md              |  6 ++++++
 4 files changed, 26 insertions(+)

diff --git a/windows/security/threat-protection/windows-defender-application-control/allow-com-object-registration-in-windows-defender-application-control-policy.md b/windows/security/threat-protection/windows-defender-application-control/allow-com-object-registration-in-windows-defender-application-control-policy.md
index 9cd8ba8357..4e19b9193b 100644
--- a/windows/security/threat-protection/windows-defender-application-control/allow-com-object-registration-in-windows-defender-application-control-policy.md
+++ b/windows/security/threat-protection/windows-defender-application-control/allow-com-object-registration-in-windows-defender-application-control-policy.md
@@ -32,6 +32,7 @@ Three elements:
 - Provider: platform on which code is running (values are  Powershell, WSH, IE, VBA, MSI, or a wildcard “AllHostIds”)
 - Key: GUID for the program you with to run, in the format Key="{33333333-4444-4444-1616-161616161616}"
 - ValueName: needs to be set to "EnterpriseDefinedClsId"
+
 One attribute:
 - Value: needs to be “true” for allow and “false” for deny
   Note: without quotation marks
diff --git a/windows/security/threat-protection/windows-defender-application-control/create-path-based-rules.md b/windows/security/threat-protection/windows-defender-application-control/create-path-based-rules.md
index 852c003dc0..29db07a119 100644
--- a/windows/security/threat-protection/windows-defender-application-control/create-path-based-rules.md
+++ b/windows/security/threat-protection/windows-defender-application-control/create-path-based-rules.md
@@ -24,18 +24,23 @@ Beginning with Windows 10 version 1903, Windows Defender Application Control (WD
 
 - New-CIPolicy parameters
   - FilePath: create path rules under path \<path to scan> for anything not user-writeable (at the individual file level)
+
     ```powershell
     New-CIPolicy -f .\mypolicy.xml -l FilePath -s <path to scan> -u
     ```
+
     Optionally, add -UserWriteablePaths to ignore user writeability
 
   - FilePathRule: create a rule where filepath string is directly set to value of \<any path string>
+
     ```powershell
     New-CIPolicyRule -FilePathRule <any path string>
     ```
+
     Useful for wildcards like C:\foo\\*
 
 - Usage follows the same flow as per-app rules:
+
   ```powershell
   $rules = New-CIPolicyRule …
   $rules += New-CIPolicyRule …
@@ -53,6 +58,7 @@ Beginning with Windows 10 version 1903, Windows Defender Application Control (WD
     - %OSDRIVE%\\...
 
 - Disable default FilePath rule protection of enforcing user-writeability. For example, to add “Disabled:Runtime FilePath Rule Protection” to the policy:
+
   ```powershell
   Set-RuleOption -o 18 .\policy.xml
   ```
diff --git a/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies.md b/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies.md
index 7408abf167..2e1842d5c0 100644
--- a/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies.md
+++ b/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies.md
@@ -34,10 +34,14 @@ Beginning with Windows 10 version 1903, WDAC supports multiple code integrity po
 With the ability to support multiple CI policies, three new scenarios are supported:
 
 1.	Enforce and Audit Side-by-Side (Intersection)
+
     - To validate policy changes before deploying in enforcement mode, deploy an audit-mode base policy side-by-side with an existing enforcement-mode base policy
+
 2.	Multiple Base Policies (Intersection)
+
     - Enforce two or more base policies simultaneously to allow simpler policy targeting for policies with different scope/intent
     - Ex. Base1 is a corporate standard policy that is relatively loose to accommodate all organizations while forcing minimum corp standards (e.g. Windows works + Managed Installer + path rules). Base2 is a team-specific policy that further restricts what is allowed to run (e.g. Windows works + Managed Installer + corporate signed apps only)
+    
 3.	Supplemental Policies (Union)
     - Deploy a supplemental policy (or policies) to expand a base policy
     - Ex. The Azure host base policy restricts tightly to just allow Windows and hardware drivers. Can add a supplemental policy to allow just the additional signer rules needed to support signed code from the Exchange team.
@@ -83,8 +87,11 @@ New-CiPolicy -MulitplePolicyFormat -foo –bar
 
 - **MultiplePolicyFormat** switch results in 1) random GUIDs being generated for the policy ID and 2) the policy type being specified as base.
   Can optionally choose to make it supplementable:
+
   - Set-RuleOption has a new option **Enabled:Allow Supplemental Policies** to set for base policy
+
 - For signed policies that are being made supplementable, need to ensure that supplemental signers are defined. Use “Add-SignerRule” to provide supplemental signers.
+
   ```powershell
   Add-SignerRule -FilePath <string> -CertificatePath <string> [-Kernel] [-User] [-Update] [-Supplemental] [-Deny]  [<CommonParameters>]
   ```
@@ -92,18 +99,24 @@ New-CiPolicy -MulitplePolicyFormat -foo –bar
 **Scenario #2: Creating a new supplemental policy**
 
 1. Scan using `New-CiPolicy –MuliplePolicyFormat` to generate a base policy:
+
    ```powershell
    New-CIPolicy -Level PcaCertificate -UserPEs -ScanPath <path> -MultiplePolicyFormat 3> <path\CIPolicyLog.txt> -FilePath <path\SupplementalPolicy.xml>
    ```
+
 2. Change this new base policy to a supplemental policy
+
    - Provide path of base in `Set-CIPolicyIdInfo –BasePolicytoSupplementPath`
    - Provide GUID of base in `Set-CIPolicyIdInfo –SupplementsBasePolicyID`
+
    ```powershell
    Set-CIPolicyIdInfo -BasePolicyToSupplementPath <path\SupplementalPolicy.xml> -SupplementsBasePolicyID <BasePolicyID> -FilePath <path\SupplementalPolicy.xml>
    ```   
+
    - Can revert the policy back to being a base policy using `-ResetPolicyID`
    
 **Scenario #3: Merging policies**
 
 - When merging, the policy type and ID of the leftmost/first policy specified is used
+
   - If the leftmost is a base policy with ID <ID>, then regardless of what the GUIDS and types are for any subsequent policies, the merged policy will be a base policy with ID <ID>
diff --git a/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md b/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md
index ccf9c4559b..342163da92 100644
--- a/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md
+++ b/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create.md
@@ -109,18 +109,23 @@ Beginning with Windows 10 version 1903, Windows Defender Application Control (WD
 
 - New-CIPolicy parameters
   - FilePath: create path rules under path \<path to scan> for anything not user-writeable (at the individual file level)
+
     ```powershell
     New-CIPolicy -f .\mypolicy.xml -l FilePath -s <path to scan> -u
     ```
+
     Optionally, add -UserWriteablePaths to ignore user writeability
 
   - FilePathRule: create a rule where filepath string is directly set to value of \<any path string>
+
     ```powershell
     New-CIPolicyRule -FilePathRule <any path string>
     ```
+
     Useful for wildcards like C:\foo\\*
 
 - Usage follows the same flow as per-app rules:
+
   ```powershell
   $rules = New-CIPolicyRule …
   $rules += New-CIPolicyRule …
@@ -138,6 +143,7 @@ Beginning with Windows 10 version 1903, Windows Defender Application Control (WD
     - %OSDRIVE%\\...
 
 - Disable default FilePath rule protection of enforcing user-writeability. For example, to add “Disabled:Runtime FilePath Rule Protection” to the policy:
+
   ```powershell
   Set-RuleOption -o 18 .\policy.xml
   ```

From 3b41700ac303962aca1149d250c8aef11c09f49d Mon Sep 17 00:00:00 2001
From: Justin Hall <justinha@microsoft.com>
Date: Thu, 16 May 2019 12:43:59 -0700
Subject: [PATCH 056/157] edits to title

---
 ...tion-in-windows-defender-application-control-policy.md | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/windows/security/threat-protection/windows-defender-application-control/allow-com-object-registration-in-windows-defender-application-control-policy.md b/windows/security/threat-protection/windows-defender-application-control/allow-com-object-registration-in-windows-defender-application-control-policy.md
index 4e19b9193b..09fb275743 100644
--- a/windows/security/threat-protection/windows-defender-application-control/allow-com-object-registration-in-windows-defender-application-control-policy.md
+++ b/windows/security/threat-protection/windows-defender-application-control/allow-com-object-registration-in-windows-defender-application-control-policy.md
@@ -1,16 +1,16 @@
 ---
-title: Windows Defender Application Control path-based rules (Windows 10)
-description: Windows Defender Application Control restricts which applications users are allowed to run and the code that runs in the system core.
+title: Allow COM object registration in a Windows Defender Application Control policy (Windows 10)
+description: You can allow COM object registration in a Windows Defender Application Control policy.
 ms.prod: w10
 ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
 author: jsuther1974
-ms.date: 05/14/2019
+ms.date: 05/16/2019
 ---
 
-# COM Whitelisting
+# Allow COM object registration in a Windows Defender Application Control policy
 
 **Applies to:**
 

From 68ec9c0da46a6f374524b62708afa06ca36ac8a4 Mon Sep 17 00:00:00 2001
From: Justin Hall <justinha@microsoft.com>
Date: Thu, 16 May 2019 13:38:21 -0700
Subject: [PATCH 057/157] fixed syntax

---
 ...ith-windows-defender-application-control.md | 18 +++++++++++++++++-
 1 file changed, 17 insertions(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/windows-defender-application-control/manage-packaged-apps-with-windows-defender-application-control.md b/windows/security/threat-protection/windows-defender-application-control/manage-packaged-apps-with-windows-defender-application-control.md
index 0cac5a2d54..497501f819 100644
--- a/windows/security/threat-protection/windows-defender-application-control/manage-packaged-apps-with-windows-defender-application-control.md
+++ b/windows/security/threat-protection/windows-defender-application-control/manage-packaged-apps-with-windows-defender-application-control.md
@@ -53,36 +53,52 @@ Just as there are differences in managing each rule collection, you need to mana
 You can use `New-CIPolicyRule -Package $Package -Deny` to block packaged apps:
 
 1. Get the info about an installed package.
+
    ```powershell
    $package = Get-AppxPackage -name <netflix>
    ```
+
    Dependencies field in output is full Package object, can be accessed and passed directly to New-CIPolicyRule.
+
 2. Make a rule.
+
    ```powershell   
    $Rule = New-CIPolicyRule -Package $package -deny
    ```
+
 3. Repeat for other packages you want to block using $rule +=…. 
-4. Make a policy for just the blocks you created for packages.   
+4. Make a policy for just the blocks you created for packages.
+
    ```powershell
    New-CIpolicy -rules $rule -f .\policy.xml -u
    ```
+
 5. Merge with allow windows policy, or you could also use examplepolicies\AllowAll.xml.
+
    ```powershell
    Merge-CIPolicy -PolicyPaths .\policy.xml,C:\windows\Schemas\codeintegrity\examplepolicies\DefaultWindows_Audit.xml -o allowWindowsDenyPackages.xml
    ```
+
 6. Disable audit mode.
+
    ```powershell
    Set-RuleOption -o 3 -Delete .\allowWindowsDenyPackages.xml
    ```
+
 7. Enable invalidate EAs on reboot.
+
    ```powershell
    Set-RuleOption -o 15 .\allowWindowsDenyPackages.xml 
    ```
+
 8. Compile the policy
+
    ```powershell
    ConvertFrom-CIPolicy .\AllowWindowsDenyPackages.xml C:\compiledpolicy.bin
    ```
+
 9. Install the policy withwout restarting.
+
    ```powershell
    Invoke-CimMethod -Namespace root\Microsoft\Windows\CI -ClassName PS_UpdateAndCompareCIPolicy -MethodName Update -Arguments @{FilePath = "C:\compiledpolicy.bin"}
    ```

From ff61a29b9b9f684de59ba3d1ab6759f555007a4a Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Thu, 16 May 2019 13:43:10 -0700
Subject: [PATCH 058/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md

---
 ...ponents-to-microsoft-services-using-MDM.md | 19 ++++++++++++++++---
 1 file changed, 16 insertions(+), 3 deletions(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
index 58a96778b5..381e5fef6e 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
@@ -16,7 +16,7 @@ ms.date: 3/1/2019
 
 **Applies to**
 
--   Windows 10 Enterprise 1903 version and later
+-   Windows 10 Enterprise 1903 version and newer
 
 You can use Microsoft InTune with MDM CSPs and custom [OMA URIs](https://docs.microsoft.com/en-us/intune/custom-settings-windows-10) to minimize connections from Windows to Microsoft services, or to configure particular privacy settings. You can configure diagnostic data at the lowest level for your edition of Windows, and also evaluate which other connections Windows makes to Microsoft services you want to turn off in your environment from the list in this article.
 
@@ -30,7 +30,7 @@ For more information on Microsoft InTune please see [Transform IT service delive
 
 For detailed information about managing network connections to Microsoft services using Baseline package/registries/Group policies/UI/Command line, see [Manage connections from Windows operating system components to Microsoft services](https://docs.microsoft.com/en-us/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services).
 
-### Settings for Windows 10 Enterprise edition 1903 and later
+### Settings for Windows 10 Enterprise edition 1903 and newer
 
 The following table lists management options for each setting.
 
@@ -116,7 +116,20 @@ For Windows 10, the following MDM policies are available in the [Policy CSP](htt
 | | [DeliveryOptimization/DODownloadMode](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-deliveryoptimization#deliveryoptimization-dodownloadmode)| Specifies the download method that Delivery Optimization can use in downloads of Windows Updates, Apps and App updates. Set to **100** - Bypass mode. Do not use Delivery Optimization and use BITS instead. Added in Windows 10, version 1607.
 | 28. Windows Update | [Update/AllowAutoUpdate](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-update#update-allowautoupdate) | Control automatic updates. <br /> **0**: notify the user before downloading the update <br /> **1**: auto install the update and then notify the user to schedule a device restart <br /> **2**: auto install and restart (default) <br /> **3**: auto install and restart at a specified time <br /> **4**: auto install and restart without end-user control <br /> **5**: turn off automatic updates 
 
-
+### Allowed (aka "Whitelisted") traffic for Microsoft InTune / MDM configurations
+| Endpoint of Allowed traffic | 
+| --- | 
+|ctldl.windowsupdate.com|
+|cdn.onenote.net|
+|r.manage.microsoft.com|
+|tile-service.weather.microsoft.com|
+|settings-win.data.microsoft.com|
+|client.wns.windows.com|
+|dm3p.wns.windows.com|
+|crl.microsoft.com/pki/crl/*|
+|www.microsoft.com/pkiops/crl/*|
+|activation-v2.sls.microsoft.com/*|
+|ocsp.digicert.com/*|
 
 
 

From de27d90092f80321a0c9a7b3570cecabd5650c63 Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Thu, 16 May 2019 13:44:27 -0700
Subject: [PATCH 059/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md

---
 ...rating-system-components-to-microsoft-services-using-MDM.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
index 381e5fef6e..47198dac47 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
@@ -117,7 +117,8 @@ For Windows 10, the following MDM policies are available in the [Policy CSP](htt
 | 28. Windows Update | [Update/AllowAutoUpdate](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-update#update-allowautoupdate) | Control automatic updates. <br /> **0**: notify the user before downloading the update <br /> **1**: auto install the update and then notify the user to schedule a device restart <br /> **2**: auto install and restart (default) <br /> **3**: auto install and restart at a specified time <br /> **4**: auto install and restart without end-user control <br /> **5**: turn off automatic updates 
 
 ### Allowed (aka "Whitelisted") traffic for Microsoft InTune / MDM configurations
-| Endpoint of Allowed traffic | 
+
+|**Allowed traffic endpoints** | 
 | --- | 
 |ctldl.windowsupdate.com|
 |cdn.onenote.net|

From c8b453df2fd9b0083ee15ddbac0fe1017c0608fe Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Thu, 16 May 2019 13:45:21 -0700
Subject: [PATCH 060/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md

---
 ...ating-system-components-to-microsoft-services-using-MDM.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
index 47198dac47..5b371ce302 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
@@ -117,7 +117,7 @@ For Windows 10, the following MDM policies are available in the [Policy CSP](htt
 | 28. Windows Update | [Update/AllowAutoUpdate](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-update#update-allowautoupdate) | Control automatic updates. <br /> **0**: notify the user before downloading the update <br /> **1**: auto install the update and then notify the user to schedule a device restart <br /> **2**: auto install and restart (default) <br /> **3**: auto install and restart at a specified time <br /> **4**: auto install and restart without end-user control <br /> **5**: turn off automatic updates 
 
 ### Allowed (aka "Whitelisted") traffic for Microsoft InTune / MDM configurations
-
+ 
 |**Allowed traffic endpoints** | 
 | --- | 
 |ctldl.windowsupdate.com|
@@ -128,7 +128,7 @@ For Windows 10, the following MDM policies are available in the [Policy CSP](htt
 |client.wns.windows.com|
 |dm3p.wns.windows.com|
 |crl.microsoft.com/pki/crl/*|
-|www.microsoft.com/pkiops/crl/*|
+|*microsoft.com/pkiops/crl/*|
 |activation-v2.sls.microsoft.com/*|
 |ocsp.digicert.com/*|
 

From 6518bebae843fc8b7d902d20dd57293d7204ef53 Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Thu, 16 May 2019 13:46:38 -0700
Subject: [PATCH 061/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md

---
 ...erating-system-components-to-microsoft-services-using-MDM.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
index 5b371ce302..917e71196f 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
@@ -128,7 +128,7 @@ For Windows 10, the following MDM policies are available in the [Policy CSP](htt
 |client.wns.windows.com|
 |dm3p.wns.windows.com|
 |crl.microsoft.com/pki/crl/*|
-|*microsoft.com/pkiops/crl/*|
+|*microsoft.com/pkiops/crl/**|
 |activation-v2.sls.microsoft.com/*|
 |ocsp.digicert.com/*|
 

From efa711233502e9695cf9887f324005da1c7d823d Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Thu, 16 May 2019 13:47:34 -0700
Subject: [PATCH 062/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md

---
 ...ating-system-components-to-microsoft-services-using-MDM.md | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
index 917e71196f..5f3cce836a 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
@@ -117,7 +117,9 @@ For Windows 10, the following MDM policies are available in the [Policy CSP](htt
 | 28. Windows Update | [Update/AllowAutoUpdate](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-update#update-allowautoupdate) | Control automatic updates. <br /> **0**: notify the user before downloading the update <br /> **1**: auto install the update and then notify the user to schedule a device restart <br /> **2**: auto install and restart (default) <br /> **3**: auto install and restart at a specified time <br /> **4**: auto install and restart without end-user control <br /> **5**: turn off automatic updates 
 
 ### Allowed (aka "Whitelisted") traffic for Microsoft InTune / MDM configurations
- 
+
+
+
 |**Allowed traffic endpoints** | 
 | --- | 
 |ctldl.windowsupdate.com|

From a8272559d158d34bc12cf1844e969a53aa8df09d Mon Sep 17 00:00:00 2001
From: brbrahm <43386070+brbrahm@users.noreply.github.com>
Date: Thu, 16 May 2019 13:47:58 -0700
Subject: [PATCH 063/157] Update
 deploy-multiple-windows-defender-application-control-policies.md

---
 ...s-defender-application-control-policies.md | 80 ++++++-------------
 1 file changed, 26 insertions(+), 54 deletions(-)

diff --git a/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies.md b/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies.md
index 73d0e16c9b..4484f5fbe6 100644
--- a/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies.md
+++ b/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies.md
@@ -26,9 +26,10 @@ The restriction of only having a single code integrity policy active on a system
     - To validate policy changes before deploying in enforcement mode, users can now deploy an audit-mode base policy side-by-side with an existing enforcement-mode base policy
 2.	Multiple Base Policies
     - Users can enforce two or more base policies simultaneously in order to allow simpler policy targeting for policies with different scope/intent
+    - If two base policies exist on a device, an application has to be allowed by both to run
 3.	Supplemental Policies
     - Users can deploy one or more supplemental policies to expand a base policy
-    - If two base policies exist on a device, an application has to be allowed by both to run
+    - A supplemental policy expands a single base policy, and multiple supplemental policies can expand the same base policy
     - For supplemental policies, applications that are allowed by either the base policy or its supplemental policy/policies are allowed to run
 
 ## How do Base and Supplemental Policies Interact?
@@ -38,68 +39,39 @@ The restriction of only having a single code integrity policy active on a system
 - Base + supplemental policy: union
   - Files that are allowed by the base policy or the supplemental policy are not blocked
 
-## PowerShell parameters
+## Creating Multiple Base or Supplemental Policies
 
-New-CIPolicy
-- MultiplePolicyFormat: allows for multiple policies
+Note that multiple policies will not work on pre-1903 systems.
 
+### Allow Multiple Policies
+
+In order to allow multiple policies to exist and take effect on a single system, policies must be created using the new Multiple Policy Format. The "MultiplePolicyFormat" switch in New-CIPolicy results in 1) random GUIDs being generated for the policy ID and 2) the policy type being specified as base.
 ```powershell
-New-CIPolicy [-FilePath] <string> -Level {None | Hash | FileName | SignedVersion | Publisher | FilePublisher | LeafCertificate | PcaCertificate | RootCertificate | WHQL | WHQLPublisher | WHQLFilePublisher | PFN | FilePath}
-   [-DriverFiles <DriverFile[]>] [-Fallback {None | Hash | FileName | SignedVersion | Publisher | FilePublisher | LeafCertificate | PcaCertificate | RootCertificate | WHQL | WHQLPublisher | WHQLFilePublisher | PFN | FilePath}]
-   [-Audit] [-ScanPath <string>] [-ScriptFileNames] [-AllowFileNameFallbacks] [-SpecificFileNameLevel {None | OriginalFileName | InternalName | FileDescription | ProductName | PackageFamilyName | FilePath}] [-UserPEs] [-NoScript]
-   [-Deny] [-NoShadowCopy] [-MultiplePolicyFormat] [-OmitPaths <string[]>] [-PathToCatroot <string>]  [<CommonParameters>] – to generate new policy format(base policy and policy type and policy guid)
+New-CIPolicy -MultiplePolicyFormat -foo –bar
 ```
 
-Set-CIPolicyIdInfo
-- **SupplementsBasePolicyID**: guid of new supplemental policy
-- **BasePolicyToSupplementPath**: base policy that the supplemental policy applies to
-- **ResetPolicyID**: reset the policy guids back to a random guid
+Optionally, you can choose to make the new base policy supplementable (allow supplemental policies).
+```powershell
+Set-RuleOption -FilePath <string> Enabled:Allow Supplemental Policies
+```
+
+For signed base policies that are being made supplementable, you need to ensure that supplemental signers are defined. Use the "Supplemental" switch in Add-SignerRule to provide supplemental signers.
+  ```powershell
+  Add-SignerRule -FilePath <string> -CertificatePath <string> [-Kernel] [-User] [-Update] [-Supplemental] [-Deny]  [<CommonParameters>]
+  ```
+
+### Supplemental Policy Creation
+
+In order to create a supplemental policy, begin by creating a new policy in the Multiple Policy Format. From there, use Set-CIPolicyIdInfo to convert it to a supplemental policy and specify which base policy it expands.
+- "SupplementsBasePolicyID": guid of new supplemental policy
+- "BasePolicyToSupplementPath": base policy that the supplemental policy applies to
 
 ```powershell
 Set-CIPolicyIdInfo [-FilePath] <string> [-PolicyName <string>] [-SupplementsBasePolicyID <guid>] [-BasePolicyToSupplementPath <string>] [-ResetPolicyID] [-PolicyId <string>]  [<CommonParameters>]
 ```
 
-Add-SignerRule
-- **Supplemental**: provides supplemental signers
+Note that "ResetPolicyId" reverts a supplemental policy to a base policy, and resets the policy guids back to a random guid.
 
-```powershell
-Add-SignerRule -FilePath <string> -CertificatePath <string> [-Kernel] [-User] [-Update] [-Supplemental] [-Deny]  [<CommonParameters>] 
-```
+### Merging policies
 
-Set-RuleOption
-- **Enabled:Allow Supplemental Policies**: makes base policy able to be supplemented
-
-### Examples
-
-**Scenario #1: Creating a new base policy**
-
-```powershell
-New-CiPolicy -MulitplePolicyFormat -foo –bar
-```
-
-- **MultiplePolicyFormat** switch results in 1) random GUIDs being generated for the policy ID and 2) the policy type being specified as base.
-  Can optionally choose to make it supplementable:
-  - Set-RuleOption has a new option **Enabled:Allow Supplemental Policies** to set for base policy
-- For signed policies that are being made supplementable, need to ensure that supplemental signers are defined. Use “Add-SignerRule” to provide supplemental signers.
-  ```powershell
-  Add-SignerRule -FilePath <string> -CertificatePath <string> [-Kernel] [-User] [-Update] [-Supplemental] [-Deny]  [<CommonParameters>]
-  ```
-
-**Scenario #2: Creating a new supplemental policy**
-
-1. Scan using `New-CiPolicy –MuliplePolicyFormat` to generate a base policy:
-   ```powershell
-   New-CIPolicy -Level PcaCertificate -UserPEs -ScanPath <path> -MultiplePolicyFormat 3> <path\CIPolicyLog.txt> -FilePath <path\SupplementalPolicy.xml>
-   ```
-2. Change this new base policy to a supplemental policy
-   - Provide path of base in `Set-CIPolicyIdInfo –BasePolicytoSupplementPath`
-   - Provide GUID of base in `Set-CIPolicyIdInfo –SupplementsBasePolicyID`
-   ```powershell
-   Set-CIPolicyIdInfo -BasePolicyToSupplementPath <path\SupplementalPolicy.xml> -SupplementsBasePolicyID <BasePolicyID> -FilePath <path\SupplementalPolicy.xml>
-   ```   
-   - Can revert the policy back to being a base policy using `-ResetPolicyID`
-   
-**Scenario #3: Merging policies**
-
-- When merging, the policy type and ID of the leftmost/first policy specified is used
-  - If the leftmost is a base policy with ID <ID>, then regardless of what the GUIDS and types are for any subsequent policies, the merged policy will be a base policy with ID <ID>
+When merging, the policy type and ID of the leftmost/first policy specified is used. If the leftmost is a base policy with ID <ID>, then regardless of what the GUIDS and types are for any subsequent policies, the merged policy will be a base policy with ID <ID>.

From 81aaa14e58f21cfaf4659e5593f22e16b0fcc446 Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Thu, 16 May 2019 13:57:32 -0700
Subject: [PATCH 064/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md

---
 ...erating-system-components-to-microsoft-services-using-MDM.md | 2 --
 1 file changed, 2 deletions(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
index 5f3cce836a..0210fa442d 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
@@ -118,8 +118,6 @@ For Windows 10, the following MDM policies are available in the [Policy CSP](htt
 
 ### Allowed (aka "Whitelisted") traffic for Microsoft InTune / MDM configurations
 
-
-
 |**Allowed traffic endpoints** | 
 | --- | 
 |ctldl.windowsupdate.com|

From 63a0f2e1345b144a90d55cf8bd623c1e12a9d786 Mon Sep 17 00:00:00 2001
From: brbrahm <43386070+brbrahm@users.noreply.github.com>
Date: Thu, 16 May 2019 14:37:28 -0700
Subject: [PATCH 065/157] Additional content to packaged apps

---
 ...th-windows-defender-application-control.md | 77 +++++++++++++------
 1 file changed, 53 insertions(+), 24 deletions(-)

diff --git a/windows/security/threat-protection/windows-defender-application-control/manage-packaged-apps-with-windows-defender-application-control.md b/windows/security/threat-protection/windows-defender-application-control/manage-packaged-apps-with-windows-defender-application-control.md
index 497501f819..d1d521cfb4 100644
--- a/windows/security/threat-protection/windows-defender-application-control/manage-packaged-apps-with-windows-defender-application-control.md
+++ b/windows/security/threat-protection/windows-defender-application-control/manage-packaged-apps-with-windows-defender-application-control.md
@@ -11,23 +11,23 @@ author: jsuther1974
 ms.date: 05/14/2019
 ---
 
-# Manage packaged apps with Windows Defender Application Control 
+# Manage Packaged Apps with Windows Defender Application Control 
 
 **Applies to:**
 
 -   Windows 10
 -   Windows Server 2016
 
-This topic for IT professionals describes concepts and lists procedures to help you manage Packaged apps with Windows Defender Application Control (WDAC) as part of your overall application control strategy.
+This topic for IT professionals describes concepts and lists procedures to help you manage packaged apps with Windows Defender Application Control (WDAC) as part of your overall application control strategy.
 
-## Understanding Packaged apps and Packaged app installers
+## Understanding Packaged Apps and Packaged App Installers
 
 Packaged apps, also known as Universal Windows apps, are based on a model that ensures all the files within an app package share the same identity. With classic Windows apps, each file within the app could have a unique identity. 
 With packaged apps, it is possible to control the entire app by using a single WDAC rule.
  
 Typically, an app consists of multiple components: the installer that is used to install the app, and one or more exes, dlls, or scripts. With classic Windows apps, these components don't always share common attributes such as the software’s publisher name, product name, and product version. Therefore, WDAC controls each of these components separately through different rule collections, such as exe, dll, script, and Windows Installer rules. In contrast, all the components of a packaged app share the same publisher name, package name, and package version attributes. Therefore, you can control an entire app with a single rule.
 
-### <a href="" id="bkmk-compareclassicmetro"></a>Comparing classic Windows apps and packaged apps
+### <a href="" id="bkmk-compareclassicmetro"></a>Comparing classic Windows Apps and Packaged Apps
 
 WDAC policies for packaged apps can only be applied to apps installed on computers running at least Windows Server 2012 or Windows 8, but classic Windows apps can be controlled on devices running at least Windows Server 
 2008 R2 or Windows 7. The rules for classic Windows apps and packaged apps can be enforced in tandem. The differences between packaged apps and classic Windows apps that you should consider include:
@@ -38,54 +38,55 @@ WDAC policies for packaged apps can only be applied to apps installed on compute
 
 WDAC uses different rule collections to control packaged apps and classic Windows apps. You have the choice to control one type, the other type, or both.
 
-## Using WDAC to manage packaged apps
+## Using WDAC to Manage Packaged Apps
 
 Just as there are differences in managing each rule collection, you need to manage the packaged apps with the following strategy:
 
-1.  Gather information about which Packaged apps are running in your environment. 
+1.  Gather information about which packaged apps are running in your environment. 
 
 2.  Create WDAC rules for specific packaged apps based on your policy strategies. For more information, see [Deploy WDAC policy rules and file rules](select-types-of-rules-to-create.md).
 
 3.  Continue to update the WDAC policies as new package apps are introduced into your environment. To do this, see [Merge WDAC policies](merge-windows-defender-application-control-policies.md).
 
-## Blocking packaged apps
+## Blocking Packaged Apps
 
-You can use `New-CIPolicyRule -Package $Package -Deny` to block packaged apps:
+You can now use `New-CIPolicyRule -Package $Package -Deny` to block packaged apps.
 
-1. Get the info about an installed package.
+### Blocking Packaged Apps Which Are Installed on the System
+
+Below are the list of steps you can follow to block one or more packaged apps in the case that the apps are on the system you are using the WDAC PowerShell cmdlets on:
+
+1. Get the app identifier for an installed package
 
    ```powershell
-   $package = Get-AppxPackage -name <netflix>
+   $package = Get-AppxPackage -name <example_app>
    ```
-
-   Dependencies field in output is full Package object, can be accessed and passed directly to New-CIPolicyRule.
-
-2. Make a rule.
+2. Make a rule by using the New-CIPolicyRule cmdlet
 
    ```powershell   
    $Rule = New-CIPolicyRule -Package $package -deny
    ```
+3. Repeat for other packages you want to block using $rule +=…
 
-3. Repeat for other packages you want to block using $rule +=…. 
-4. Make a policy for just the blocks you created for packages.
+4. Make a policy for just the blocks you created for packages
 
    ```powershell
    New-CIpolicy -rules $rule -f .\policy.xml -u
    ```
 
-5. Merge with allow windows policy, or you could also use examplepolicies\AllowAll.xml.
+5. Merge with an existing policy that authorizes the other applications and system components required for your scenario. Here we use the sample Allow Windows policy
 
    ```powershell
    Merge-CIPolicy -PolicyPaths .\policy.xml,C:\windows\Schemas\codeintegrity\examplepolicies\DefaultWindows_Audit.xml -o allowWindowsDenyPackages.xml
    ```
 
-6. Disable audit mode.
+6. Disable audit mode if needed
 
    ```powershell
    Set-RuleOption -o 3 -Delete .\allowWindowsDenyPackages.xml
    ```
 
-7. Enable invalidate EAs on reboot.
+7. Enable invalidate EAs on reboot
 
    ```powershell
    Set-RuleOption -o 15 .\allowWindowsDenyPackages.xml 
@@ -97,13 +98,41 @@ You can use `New-CIPolicyRule -Package $Package -Deny` to block packaged apps:
    ConvertFrom-CIPolicy .\AllowWindowsDenyPackages.xml C:\compiledpolicy.bin
    ```
 
-9. Install the policy withwout restarting.
+9. Install the policy without restarting
 
    ```powershell
    Invoke-CimMethod -Namespace root\Microsoft\Windows\CI -ClassName PS_UpdateAndCompareCIPolicy -MethodName Update -Arguments @{FilePath = "C:\compiledpolicy.bin"}
    ```
+### Blocking Packaged Apps Which Are Not Installed on the System
 
-After doing this on the next build of Dev3, for the apps that you blocked, already installed apps should fail to launch, and should you put this policy on another machine that hasn’t yet installed the apps, store should block them from being purchased/installed.
-If you wanted to make a rule for an app that isn’t already installed, first make a rule for an app that is. Then for the app you want to actually block take the store URL (from store page click … then share, then copy link to get something like: https://www.microsoft.com/store/productId/9WZDNCRFJ3TJ) and grab the hash code at the end (in bold) then replace the bolded bit below:
-https://bspmts.mp.microsoft.com/v1/public/catalog/Retail/Products/9wzdncrfj3tj/applockerdata
-then grab packagefamilyname and replace the one in the xml you got in step 4 with the PFN from the link above, then run through 5-9 again.
+If the app you intend to block is not installed on the system you are using the WDAC PowerShell cmdlets on, then follow the steps below:
+
+1.	Create a dummy rule using Steps 1-5 in the Blocking Packaged Apps Which Are Installed on the System section above
+
+2.	Navigate to the app you want to block on the Store website
+
+3. Copy the GUID in the URL for the app
+    - Example: the GUID for the Microsoft To-Do app is 9nblggh5r558
+    - https://www.microsoft.com/en-us/p/microsoft-to-do-list-task-reminder/9nblggh5r558?activetab=pivot:overviewtab 
+4.	Use the GUID in the following REST query URL to retrieve the identifiers for the app
+    - Example: for the Microsoft To-Do app, the URL would be https://bspmts.mp.microsoft.com/v1/public/catalog/Retail/Products/9nblggh5r558/applockerdata
+    - The URL will return:
+   
+   ```
+   { "packageFamilyName": "Microsoft.Todos_8wekyb3d8bbwe", 
+     "packageIdentityName": "Microsoft.Todos", 
+     "windowsPhoneLegacyId": "6088f001-776c-462e-984d-25b6399c6607", 
+     "publisherCertificateName": "CN=Microsoft Corporation, O=Microsoft Corporation, L=Redmond, S=Washington, C=US" 
+   }
+   ```
+
+5.	Use the value returned by the query URL for the packageFamilyName to replace the package name generated earlier in the dummy rule from Step 1. 
+
+## Allowing Packaged Apps
+The method for allowing specific packaged apps is similar to the method outlined above for blocking packaged apps, with the only difference being the parameter to the New-CIPolicyRule cmdlet.
+
+```powershell   
+$Rule = New-CIPolicyRule -Package $package -allow
+```
+
+Since a lot of system apps are packaged apps, it is generally advised that customers rely on the sample policies in C:\Windows\schemas\CodeIntegrity\ExamplePolicies to help allow all inbox apps by the Store signature already included in the policies and control apps with deny rules. 

From 7f6b20f84cd84c4abc9d848586a0f5ed1ff9875e Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Thu, 16 May 2019 14:39:26 -0700
Subject: [PATCH 066/157] Update TOC.md

---
 windows/privacy/TOC.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/privacy/TOC.md b/windows/privacy/TOC.md
index f1214e7bec..3c6f3b4f16 100644
--- a/windows/privacy/TOC.md
+++ b/windows/privacy/TOC.md
@@ -26,4 +26,4 @@
 ### [Windows 10, version 1803, connection endpoints for non-Enterprise editions](windows-endpoints-1803-non-enterprise-editions.md)
 ### [Windows 10, version 1709, connection endpoints for non-Enterprise editions](windows-endpoints-1709-non-enterprise-editions.md)
 ## [Manage connections from Windows operating system components to Microsoft services](manage-connections-from-windows-operating-system-components-to-microsoft-services.md)
-## [Manage connections from Windows operating system components to Microsoft services using MDM](configure-connections-to-microsoft-services-with-mdm.md)
+## [Manage connections from Windows operating system components to Microsoft services using MDM](manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md)

From 14f76766db500c66185a878b82f0885271512ac2 Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Thu, 16 May 2019 17:08:21 -0700
Subject: [PATCH 067/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services.md

---
 ...system-components-to-microsoft-services.md | 54 +++++++++++++++++--
 1 file changed, 50 insertions(+), 4 deletions(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
index b86d3299d7..c6de4234bd 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
@@ -8,12 +8,12 @@ ms.mktglfcycl: manage
 ms.sitesec: library
 ms.localizationpriority: medium
 audience: ITPro
-author: danihalfin
-ms.author: daniha
-manager: dansimp
+author: medgarmedgar
+ms.author: v-medgar
+manager: sanashar
 ms.collection: M365-security-compliance
 ms.topic: article
-ms.date: 06/05/2018
+ms.date: 05/16/2019
 ---
 
 # Manage connections from Windows operating system components to Microsoft services
@@ -95,6 +95,8 @@ The following table lists management options for each setting, beginning with Wi
 | &nbsp;&nbsp;&nbsp;&nbsp;[18.19 Tasks](#bkmk-priv-tasks) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |  ![Check mark](images/checkmark.png) | 
 | &nbsp;&nbsp;&nbsp;&nbsp;[18.20 App Diagnostics](#bkmk-priv-diag) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |  ![Check mark](images/checkmark.png) | 
 | &nbsp;&nbsp;&nbsp;&nbsp;[18.21 Inking & Typing](#bkmk-priv-ink) | ![Check mark](images/checkmark.png) | |  ![Check mark](images/checkmark.png) | 
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.22 Activity History](#bkmk-act-history) | ![Check mark](images/checkmark.png) |![Check mark](images/checkmark.png) |  ![Check mark](images/checkmark.png) |
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.23 Voice Activation](#bkmk-voice-act) | ![Check mark](images/checkmark.png) |![Check mark](images/checkmark.png) |  ![Check mark](images/checkmark.png) |
 | [19. Software Protection Platform](#bkmk-spp) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
 | [20. Storage Health](#bkmk-storage-health) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
 | [21. Sync your settings](#bkmk-syncsettings) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
@@ -205,6 +207,8 @@ See the following table for a summary of the management settings for Windows Ser
 | &nbsp;&nbsp;&nbsp;&nbsp;[18.19 Tasks](#bkmk-priv-tasks) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |  ![Check mark](images/checkmark.png) | 
 | &nbsp;&nbsp;&nbsp;&nbsp;[18.20 App Diagnostics](#bkmk-priv-diag) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |  ![Check mark](images/checkmark.png) | 
 | &nbsp;&nbsp;&nbsp;&nbsp;[18.21 Inking & Typing](#bkmk-priv-ink) | ![Check mark](images/checkmark.png) | |  ![Check mark](images/checkmark.png) | 
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.22 Activity History](#bkmk-act-history) | ![Check mark](images/checkmark.png) |![Check mark](images/checkmark.png) |  ![Check mark](images/checkmark.png) |
+| &nbsp;&nbsp;&nbsp;&nbsp;[18.23 Voice Activation](#bkmk-voice-act) | ![Check mark](images/checkmark.png) |![Check mark](images/checkmark.png) |  ![Check mark](images/checkmark.png) |
 | [19. Software Protection Platform](#bkmk-spp) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | 
 | [20. Storage Health](#bkmk-storage-health) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png)  |
 | [21. Sync your settings](#bkmk-syncsettings) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
@@ -813,6 +817,10 @@ Use Settings &gt; Privacy to configure some settings that may be important to yo
 
 - [18.21 Inking & Typing](#bkmk-priv-ink)
 
+- [18.22 Activity History](#bkmk-act-history)
+
+- [18.23 Voice Activation(#bkmk-voice-act)
+
 ### <a href="" id="bkmk-general"></a>18.1 General
 
 **General** includes options that don't fall into other areas.
@@ -1424,6 +1432,44 @@ If you're running at least Windows 10, version 1703, you can turn off updates to
  - Create a REG_DWORD registry setting named **AllowSpeechModelUpdate** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Speech** with a **value of 0 (zero)** 
 
 
+
+
+### <a href="" id="bkmk-activity-history"></a>18.22 Activity History
+In the **Activity History** area, you can choose turn of tracking of your Activity History.  
+
+To turn this Off:
+
+    - Turn **Off** the feature in the UI by going to Settings -> Privacy -> Activity History and **un-checking** the **Store my activity history on this device** AND **unchecking** the **Send my activity History to Microsoft** checkboxes. 
+
+-OR-
+
+    - **Disable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **App Privacy** > **OS Policies** named **Enables Activity Feed**. 
+
+  -and-
+
+    - **Disable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **App Privacy** > **OS Policies** named **Allow publishing of User Activities**. 
+
+  -and-
+
+    - **Disable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **App Privacy** > **OS Policies** named **Allow upload of User Activities** 
+
+
+-OR-
+ 
+    - Create a REG_DWORD registry setting named **EnableActivityFeed** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\System** with a **value of 0 (zero)**.
+
+  -and-
+
+    - Create a REG_DWORD registry setting named **PublishUserActivities** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\System** with a **value of 0 (zero)**.
+
+  -and-
+
+    - Create a REG_DWORD registry setting named **UploadUserActivities** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\System** with a **value of 0 (zero)**.
+    
+
+### <a href="" id="bkmk-voice-activation"></a>18.23 Voice Activation
+
+
 > [!NOTE]
 > Releases 1803 and earlier support **Speech, Inking, & Typing** as a combined settings area.  For customizing those setting please follow the below instructions.  For 1809 and above **Speech** and **Inking & Typing** are separate settings pages, please see the specific section (18.6 Speech or 18.21 Inking and Typing) above for those areas.
 

From 8a0dd6b4d021f69bcbe844923c43343bf61e1b6a Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Thu, 16 May 2019 17:11:21 -0700
Subject: [PATCH 068/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services.md

---
 ...system-components-to-microsoft-services.md | 20 +++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
index c6de4234bd..6b2b34cfb1 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
@@ -819,7 +819,7 @@ Use Settings &gt; Privacy to configure some settings that may be important to yo
 
 - [18.22 Activity History](#bkmk-act-history)
 
-- [18.23 Voice Activation(#bkmk-voice-act)
+- [18.23 Voice Activation](#bkmk-voice-act)
 
 ### <a href="" id="bkmk-general"></a>18.1 General
 
@@ -1434,40 +1434,40 @@ If you're running at least Windows 10, version 1703, you can turn off updates to
 
 
 
-### <a href="" id="bkmk-activity-history"></a>18.22 Activity History
+### <a href="" id="bkmk-act-history"></a>18.22 Activity History
 In the **Activity History** area, you can choose turn of tracking of your Activity History.  
 
 To turn this Off:
 
-    - Turn **Off** the feature in the UI by going to Settings -> Privacy -> Activity History and **un-checking** the **Store my activity history on this device** AND **unchecking** the **Send my activity History to Microsoft** checkboxes. 
+   - Turn **Off** the feature in the UI by going to Settings -> Privacy -> Activity History and **un-checking** the **Store my activity history on this device** AND **unchecking** the **Send my activity History to Microsoft** checkboxes. 
 
 -OR-
 
-    - **Disable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **App Privacy** > **OS Policies** named **Enables Activity Feed**. 
+   - **Disable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **App Privacy** > **OS Policies** named **Enables Activity Feed**. 
 
   -and-
 
-    - **Disable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **App Privacy** > **OS Policies** named **Allow publishing of User Activities**. 
+   - **Disable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **App Privacy** > **OS Policies** named **Allow publishing of User Activities**. 
 
   -and-
 
-    - **Disable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **App Privacy** > **OS Policies** named **Allow upload of User Activities** 
+   - **Disable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **App Privacy** > **OS Policies** named **Allow upload of User Activities** 
 
 
 -OR-
  
-    - Create a REG_DWORD registry setting named **EnableActivityFeed** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\System** with a **value of 0 (zero)**.
+   - Create a REG_DWORD registry setting named **EnableActivityFeed** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\System** with a **value of 0 (zero)**.
 
   -and-
 
-    - Create a REG_DWORD registry setting named **PublishUserActivities** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\System** with a **value of 0 (zero)**.
+   - Create a REG_DWORD registry setting named **PublishUserActivities** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\System** with a **value of 0 (zero)**.
 
   -and-
 
-    - Create a REG_DWORD registry setting named **UploadUserActivities** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\System** with a **value of 0 (zero)**.
+  - Create a REG_DWORD registry setting named **UploadUserActivities** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\System** with a **value of 0 (zero)**.
     
 
-### <a href="" id="bkmk-voice-activation"></a>18.23 Voice Activation
+### <a href="" id="bkmk-voice-act"></a>18.23 Voice Activation
 
 
 > [!NOTE]

From 20757790a2a95050ca708859a333673ab2681e01 Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Thu, 16 May 2019 17:14:20 -0700
Subject: [PATCH 069/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services.md

---
 ...ows-operating-system-components-to-microsoft-services.md | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
index 6b2b34cfb1..ffd5fd2f7e 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
@@ -1432,8 +1432,6 @@ If you're running at least Windows 10, version 1703, you can turn off updates to
  - Create a REG_DWORD registry setting named **AllowSpeechModelUpdate** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Speech** with a **value of 0 (zero)** 
 
 
-
-
 ### <a href="" id="bkmk-act-history"></a>18.22 Activity History
 In the **Activity History** area, you can choose turn of tracking of your Activity History.  
 
@@ -1445,11 +1443,11 @@ To turn this Off:
 
    - **Disable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **App Privacy** > **OS Policies** named **Enables Activity Feed**. 
 
-  -and-
+    -and-
 
    - **Disable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **App Privacy** > **OS Policies** named **Allow publishing of User Activities**. 
 
-  -and-
+    -and-
 
    - **Disable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **App Privacy** > **OS Policies** named **Allow upload of User Activities** 
 

From e04b61d04f8c00aa0451e5892f5c539b0a938719 Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Thu, 16 May 2019 17:16:03 -0700
Subject: [PATCH 070/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services.md

---
 ...ndows-operating-system-components-to-microsoft-services.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
index ffd5fd2f7e..9c75815780 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
@@ -1443,11 +1443,11 @@ To turn this Off:
 
    - **Disable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **App Privacy** > **OS Policies** named **Enables Activity Feed**. 
 
-    -and-
+  -and-
 
    - **Disable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **App Privacy** > **OS Policies** named **Allow publishing of User Activities**. 
 
-    -and-
+  -and-
 
    - **Disable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **App Privacy** > **OS Policies** named **Allow upload of User Activities** 
 

From 41cc5f332b32ad331e10244c2508913fce51868d Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Thu, 16 May 2019 17:21:50 -0700
Subject: [PATCH 071/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services.md

---
 ...system-components-to-microsoft-services.md | 23 +++++++++----------
 1 file changed, 11 insertions(+), 12 deletions(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
index 9c75815780..2e3498df01 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
@@ -1437,32 +1437,31 @@ In the **Activity History** area, you can choose turn of tracking of your Activi
 
 To turn this Off:
 
-   - Turn **Off** the feature in the UI by going to Settings -> Privacy -> Activity History and **un-checking** the **Store my activity history on this device** AND **unchecking** the **Send my activity History to Microsoft** checkboxes. 
+- Turn **Off** the feature in the UI by going to Settings -> Privacy -> Activity History and **un-checking** the **Store my activity history on this device** AND **unchecking** the **Send my activity History to Microsoft** checkboxes. 
 
 -OR-
 
-   - **Disable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **App Privacy** > **OS Policies** named **Enables Activity Feed**. 
+- **Disable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **App Privacy** > **OS Policies** named **Enables Activity Feed**. 
 
-  -and-
+     -and-
 
-   - **Disable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **App Privacy** > **OS Policies** named **Allow publishing of User Activities**. 
+- **Disable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **App Privacy** > **OS Policies** named **Allow publishing of User Activities**. 
 
-  -and-
-
-   - **Disable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **App Privacy** > **OS Policies** named **Allow upload of User Activities** 
+     -and-
 
+- **Disable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **App Privacy** > **OS Policies** named **Allow upload of User Activities** 
 
 -OR-
  
-   - Create a REG_DWORD registry setting named **EnableActivityFeed** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\System** with a **value of 0 (zero)**.
+- Create a REG_DWORD registry setting named **EnableActivityFeed** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\System** with a **value of 0 (zero)**.
 
-  -and-
+     -and-
 
-   - Create a REG_DWORD registry setting named **PublishUserActivities** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\System** with a **value of 0 (zero)**.
+- Create a REG_DWORD registry setting named **PublishUserActivities** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\System** with a **value of 0 (zero)**.
 
-  -and-
+     -and-
 
-  - Create a REG_DWORD registry setting named **UploadUserActivities** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\System** with a **value of 0 (zero)**.
+- Create a REG_DWORD registry setting named **UploadUserActivities** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\System** with a **value of 0 (zero)**.
     
 
 ### <a href="" id="bkmk-voice-act"></a>18.23 Voice Activation

From 4315924ec2695c645bceedaaa21c10209aa9d0d8 Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Thu, 16 May 2019 17:35:27 -0700
Subject: [PATCH 072/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services.md

---
 ...system-components-to-microsoft-services.md | 38 +++++++++----------
 1 file changed, 17 insertions(+), 21 deletions(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
index 2e3498df01..eee8ddd817 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
@@ -1433,23 +1433,23 @@ If you're running at least Windows 10, version 1703, you can turn off updates to
 
 
 ### <a href="" id="bkmk-act-history"></a>18.22 Activity History
-In the **Activity History** area, you can choose turn of tracking of your Activity History.  
+In the **Activity History** area, you can choose turn Off tracking of your Activity History.  
 
-To turn this Off:
+To turn this Off in the UI:
 
 - Turn **Off** the feature in the UI by going to Settings -> Privacy -> Activity History and **un-checking** the **Store my activity history on this device** AND **unchecking** the **Send my activity History to Microsoft** checkboxes. 
 
 -OR-
 
-- **Disable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **App Privacy** > **OS Policies** named **Enables Activity Feed**. 
+- **Disable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **OS Policies** named **Enables Activity Feed**. 
 
      -and-
 
-- **Disable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **App Privacy** > **OS Policies** named **Allow publishing of User Activities**. 
+- **Disable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **OS Policies** named **Allow publishing of User Activities**. 
 
      -and-
 
-- **Disable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **App Privacy** > **OS Policies** named **Allow upload of User Activities** 
+- **Disable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **OS Policies** > named **Allow upload of User Activities** 
 
 -OR-
  
@@ -1463,36 +1463,32 @@ To turn this Off:
 
 - Create a REG_DWORD registry setting named **UploadUserActivities** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\System** with a **value of 0 (zero)**.
     
-
 ### <a href="" id="bkmk-voice-act"></a>18.23 Voice Activation
 
+In the **Vocie activation** area, you can choose turn Off apps ability to listen for a Voice keyword.  
 
-> [!NOTE]
-> Releases 1803 and earlier support **Speech, Inking, & Typing** as a combined settings area.  For customizing those setting please follow the below instructions.  For 1809 and above **Speech** and **Inking & Typing** are separate settings pages, please see the specific section (18.6 Speech or 18.21 Inking and Typing) above for those areas.
+To turn this Off in the UI:
 
-In the **Speech, Inking, & Typing** area, you can let Windows and Cortana better understand your employee's voice and written input by sampling their voice and writing, and by comparing verbal and written input to contact names and calendar entrees.
+- Turn **Off** the feature in the UI by going to **Settings -> Privacy -> Voice activation** and toggle **Off** the **Allow apps to use voice activation** AND also toggle **Off** the **Allow apps to use voice activation when this device is locked**. 
 
-  For more info on how to disable Cortana in your enterprise, see [Cortana](#bkmk-cortana) in this article.
+-OR-
 
-  To turn off the functionality:
+- **Disable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **App Privacy** >  named **Let Windows apps activate with voice**. 
 
-  - Click the **Stop getting to know me** button, and then click **Turn off**.
+     -and-
 
-      -or-
+- **Disable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **App Privacy** >  named **Let Windows apps activate with voice while the system is locked**. 
 
-  - Enable the Group Policy: **Computer Configuration** &gt; **Administrative Templates** &gt; **Control Panel** &gt; **Regional and Language Options** &gt; **Handwriting personalization** &gt; **Turn off automatic learning**
 
-      -or-
+-OR-
+ 
+- Create a REG_DWORD registry setting named **LetAppsActivateWithVoice** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a **value of 0 (zero)**.
 
-  - Create a REG_DWORD registry setting named **RestrictImplicitInkCollection** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\InputPersonalization** with a value of 1 (one).
+     -and-
 
-      -or-
+- Create a REG_DWORD registry setting named **PublishUserActivities** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a **value of 0 (zero)**.
 
-  - Create a REG_DWORD registry setting named **AcceptedPrivacyPolicy** in **HKEY_CURRENT_USER\\Software\\Microsoft\\Personalization\\Settings** with a value of 0 (zero).
 
-      -and-
-
-  -  Create a REG_DWORD registry setting named **HarvestContacts** in **HKEY_CURRENT_USER\\Software\\Microsoft\\InputPersonalization\\TrainedDataStore** with a value of **0 (zero)**.
 
 ### <a href="" id="bkmk-spp"></a>19. Software Protection Platform
 

From cfa95f5f54a0cef19bbefcea46399ed4d826a154 Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Thu, 16 May 2019 17:38:37 -0700
Subject: [PATCH 073/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services.md

---
 ...system-components-to-microsoft-services.md | 22 +++++++++----------
 1 file changed, 11 insertions(+), 11 deletions(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
index eee8ddd817..56ddc526f9 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
@@ -1437,15 +1437,15 @@ In the **Activity History** area, you can choose turn Off tracking of your Activ
 
 To turn this Off in the UI:
 
-- Turn **Off** the feature in the UI by going to Settings -> Privacy -> Activity History and **un-checking** the **Store my activity history on this device** AND **unchecking** the **Send my activity History to Microsoft** checkboxes. 
+- Turn **Off** the feature in the UI by going to Settings -> Privacy -> Activity History and **un-checking** the **Store my activity history on this device** AND **unchecking** the **Send my activity History to Microsoft** checkboxes 
 
 -OR-
 
-- **Disable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **OS Policies** named **Enables Activity Feed**. 
+- **Disable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **OS Policies** named **Enables Activity Feed** 
 
      -and-
 
-- **Disable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **OS Policies** named **Allow publishing of User Activities**. 
+- **Disable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **System** > **OS Policies** named **Allow publishing of User Activities** 
 
      -and-
 
@@ -1453,15 +1453,15 @@ To turn this Off in the UI:
 
 -OR-
  
-- Create a REG_DWORD registry setting named **EnableActivityFeed** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\System** with a **value of 0 (zero)**.
+- Create a REG_DWORD registry setting named **EnableActivityFeed** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\System** with a **value of 0 (zero)**
 
      -and-
 
-- Create a REG_DWORD registry setting named **PublishUserActivities** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\System** with a **value of 0 (zero)**.
+- Create a REG_DWORD registry setting named **PublishUserActivities** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\System** with a **value of 0 (zero)**
 
      -and-
 
-- Create a REG_DWORD registry setting named **UploadUserActivities** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\System** with a **value of 0 (zero)**.
+- Create a REG_DWORD registry setting named **UploadUserActivities** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\System** with a **value of 0 (zero)**
     
 ### <a href="" id="bkmk-voice-act"></a>18.23 Voice Activation
 
@@ -1469,24 +1469,24 @@ In the **Vocie activation** area, you can choose turn Off apps ability to listen
 
 To turn this Off in the UI:
 
-- Turn **Off** the feature in the UI by going to **Settings -> Privacy -> Voice activation** and toggle **Off** the **Allow apps to use voice activation** AND also toggle **Off** the **Allow apps to use voice activation when this device is locked**. 
+- Turn **Off** the feature in the UI by going to **Settings -> Privacy -> Voice activation** and toggle **Off** the **Allow apps to use voice activation** AND also toggle **Off** the **Allow apps to use voice activation when this device is locked** 
 
 -OR-
 
-- **Disable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **App Privacy** >  named **Let Windows apps activate with voice**. 
+- **Disable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **App Privacy** >  named **Let Windows apps activate with voice** 
 
      -and-
 
-- **Disable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **App Privacy** >  named **Let Windows apps activate with voice while the system is locked**. 
+- **Disable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **App Privacy** >  named **Let Windows apps activate with voice while the system is locked** 
 
 
 -OR-
  
-- Create a REG_DWORD registry setting named **LetAppsActivateWithVoice** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a **value of 0 (zero)**.
+- Create a REG_DWORD registry setting named **LetAppsActivateWithVoice** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a **value of 0 (zero)**
 
      -and-
 
-- Create a REG_DWORD registry setting named **PublishUserActivities** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a **value of 0 (zero)**.
+- Create a REG_DWORD registry setting named **PublishUserActivities** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Windows\\AppPrivacy** with a **value of 0 (zero)**
 
 
 

From 15253f3e3a032f457bfe405bf3a5eef2d8e3c035 Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Thu, 16 May 2019 17:40:49 -0700
Subject: [PATCH 074/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services.md

---
 ...windows-operating-system-components-to-microsoft-services.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
index 56ddc526f9..13d99f10af 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
@@ -1425,7 +1425,7 @@ To turn off Inking & Typing data collection (note: there is no Group Policy for
 
 If you're running at least Windows 10, version 1703, you can turn off updates to the speech recognition and speech synthesis models:
 
-  **Disable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Speech** > **Allow automatic update of Speech Data**
+ - **Disable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Speech** > **Allow automatic update of Speech Data**
 
   -or-
 

From e535736d8e846e8dc878783e2f237e5fc49e00ae Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Thu, 16 May 2019 17:51:51 -0700
Subject: [PATCH 075/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services.md

---
 ...windows-operating-system-components-to-microsoft-services.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
index 13d99f10af..f3912695a7 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
@@ -1425,7 +1425,7 @@ To turn off Inking & Typing data collection (note: there is no Group Policy for
 
 If you're running at least Windows 10, version 1703, you can turn off updates to the speech recognition and speech synthesis models:
 
- - **Disable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Speech** > **Allow automatic update of Speech Data**
+ - **Disable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Speech** > **Allow automatic update of Speech Data** 
 
   -or-
 

From fb799925c329663c180e0d28d7b24b2476b5b147 Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Thu, 16 May 2019 20:50:31 -0700
Subject: [PATCH 076/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services.md

---
 ...ows-operating-system-components-to-microsoft-services.md | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
index f3912695a7..11b1cd1dfe 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
@@ -170,7 +170,7 @@ See the following table for a summary of the management settings for Windows Ser
 | Setting | UI | Group Policy | Registry | 
 | - | :-: | :-: | :-: |
 | [1. Automatic Root Certificates Update](#automatic-root-certificates-update) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
-| [2. Cortana and Search](#bkmk-cortana) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
+| [2. Cortana and Search](#bkmk-cortana) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
 | [3. Date & Time](#bkmk-datetime) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
 | [4. Device metadata retrieval](#bkmk-devinst) | | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
 | [5. Find My Device](#find-my-device) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) | ![Check mark](images/checkmark.png) |
@@ -1104,9 +1104,7 @@ To turn off **Let apps access my calendar**:
 
   -or-
 
-- Apply the Group Policy: **Computer Configuration** &gt; **Administrative Templates** &gt; **Windows Components** &gt; **App Privacy** &gt; **Let Windows apps access the calendar**
-
-  - Set the **Select a setting** box to **Force Deny**.
+- Apply the Group Policy: **Computer Configuration** &gt; **Administrative Templates** &gt; **Windows Components** &gt; **App Privacy** &gt; **Let Windows apps access the calendar**.  Set the **Select a setting** box to **Force Deny**.
 
   -or-
 

From f16f0f807ca808e30862da9f76a11a7396b646b9 Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Fri, 17 May 2019 09:02:59 -0700
Subject: [PATCH 077/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md

---
 ...ng-system-components-to-microsoft-services-using-MDM.md | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
index 0210fa442d..6dc87da4de 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
@@ -28,7 +28,10 @@ Note, there is some traffic which is required (i.e. "whitelisted") for the opera
 
 For more information on Microsoft InTune please see [Transform IT service delivery for your modern workplace](https://www.microsoft.com/en-us/enterprise-mobility-security/microsoft-intune?rtc=1) and [Microsoft Intune documentation](https://docs.microsoft.com/en-us/intune/).
 
-For detailed information about managing network connections to Microsoft services using Baseline package/registries/Group policies/UI/Command line, see [Manage connections from Windows operating system components to Microsoft services](https://docs.microsoft.com/en-us/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services).
+For detailed information about managing network connections to Microsoft services using Registries, Group Policies, or UI see [Manage connections from Windows operating system components to Microsoft services](https://docs.microsoft.com/en-us/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services).
+
+The endpoints for the “whitelisted” traffic are in the [Whitelisted Traffic](#bkmk-mdm-whitelist). 
+
 
 ### Settings for Windows 10 Enterprise edition 1903 and newer
 
@@ -116,7 +119,7 @@ For Windows 10, the following MDM policies are available in the [Policy CSP](htt
 | | [DeliveryOptimization/DODownloadMode](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-deliveryoptimization#deliveryoptimization-dodownloadmode)| Specifies the download method that Delivery Optimization can use in downloads of Windows Updates, Apps and App updates. Set to **100** - Bypass mode. Do not use Delivery Optimization and use BITS instead. Added in Windows 10, version 1607.
 | 28. Windows Update | [Update/AllowAutoUpdate](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-update#update-allowautoupdate) | Control automatic updates. <br /> **0**: notify the user before downloading the update <br /> **1**: auto install the update and then notify the user to schedule a device restart <br /> **2**: auto install and restart (default) <br /> **3**: auto install and restart at a specified time <br /> **4**: auto install and restart without end-user control <br /> **5**: turn off automatic updates 
 
-### Allowed (aka "Whitelisted") traffic for Microsoft InTune / MDM configurations
+### <a href="" id="bkmk-mdm-whitelist"></a> Allowed (aka "Whitelisted") traffic for Microsoft InTune / MDM configurations
 
 |**Allowed traffic endpoints** | 
 | --- | 

From 3f3a7ad286e895dc69c2832670c252335344e9af Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Fri, 17 May 2019 09:03:58 -0700
Subject: [PATCH 078/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md

---
 ...erating-system-components-to-microsoft-services-using-MDM.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
index 6dc87da4de..6986ee5ce2 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
@@ -119,7 +119,7 @@ For Windows 10, the following MDM policies are available in the [Policy CSP](htt
 | | [DeliveryOptimization/DODownloadMode](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-deliveryoptimization#deliveryoptimization-dodownloadmode)| Specifies the download method that Delivery Optimization can use in downloads of Windows Updates, Apps and App updates. Set to **100** - Bypass mode. Do not use Delivery Optimization and use BITS instead. Added in Windows 10, version 1607.
 | 28. Windows Update | [Update/AllowAutoUpdate](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-update#update-allowautoupdate) | Control automatic updates. <br /> **0**: notify the user before downloading the update <br /> **1**: auto install the update and then notify the user to schedule a device restart <br /> **2**: auto install and restart (default) <br /> **3**: auto install and restart at a specified time <br /> **4**: auto install and restart without end-user control <br /> **5**: turn off automatic updates 
 
-### <a href="" id="bkmk-mdm-whitelist"></a> Allowed (aka "Whitelisted") traffic for Microsoft InTune / MDM configurations
+### <a href="" id="bkmk-mdm-whitelist"></a> Allowed traffic (aka "Whitelisted") for Microsoft InTune / MDM configurations
 
 |**Allowed traffic endpoints** | 
 | --- | 

From 4638ce3016e3234bc51055ab6014308e83f6159f Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Fri, 17 May 2019 09:25:42 -0700
Subject: [PATCH 079/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md

---
 ...g-system-components-to-microsoft-services-using-MDM.md | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
index 6986ee5ce2..0d87c0498f 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
@@ -111,10 +111,10 @@ For Windows 10, the following MDM policies are available in the [Policy CSP](htt
 | | [ApplicationManagement/AllowAppStoreAutoUpdate](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-applicationmanagement#applicationmanagement-allowappstoreautoupdate)| Specifies whether automatic update of apps from Microsoft Store are allowed. <br /> **1** (default)  Allowed.<br />  **0** Not allowed.
 | 26.1 Apps for websites | [ApplicationDefaults/EnableAppUriHandlers](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-applicationdefaults#applicationdefaults-enableappurihandlers) | This policy setting determines whether Windows supports web-to-app linking with app URI handlers. <br /> **0**: disabled  <br /> **1** enabled
 | 27. Windows Update Delivery Optimization | | The following Delivery Optimization MDM policies are available in the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx). 
-| | [DeliveryOptimization/DODownloadMode](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-deliveryoptimization#deliveryoptimization-dodownloadmode)             | Lets you choose where Delivery Optimization gets or sends updates and apps. <br />**0**: turns off Delivery Optimization <br /> **1**: gets or sends updates and apps to PCs on the same NAT only <br />**2**: gets or sends updates and apps to PCs on the same local network domain <br /> **3**: gets or sends updates and apps to PCs on the Internet <br /> **99**: simple download mode with no peering <br /> **100**: use BITS instead of Windows Update Delivery Optimization 
-| | [DeliveryOptimization/DOGroupID](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-deliveryoptimization#deliveryoptimization-dogroupid)                | Lets you provide a Group ID that limits which PCs can share apps and updates. <br /> Note: This ID must be a GUID.
-| | [DeliveryOptimization/DOMaxCacheAge](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-deliveryoptimization#deliveryoptimization-domaxcacheage)             | Lets you specify the maximum time (in seconds) that a file is held in the Delivery Optimization cache. <br /> The default value is 259200 seconds (3 days).
-| | [DeliveryOptimization/DOMaxCacheSize](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-deliveryoptimization#deliveryoptimization-domaxcachesize)           | Lets you specify the maximum cache size as a percentage of disk size. <br /> The default value is 20| which represents 20% of the disk.
+| | [DeliveryOptimization/DODownloadMode](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-deliveryoptimization#deliveryoptimization-dodownloadmode)| Lets you choose where Delivery Optimization gets or sends updates and apps. <br />**0**: turns off Delivery Optimization <br /> **1**: gets or sends updates and apps to PCs on the same NAT only <br />**2**: gets or sends updates and apps to PCs on the same local network domain <br /> **3**: gets or sends updates and apps to PCs on the Internet <br /> **99**: simple download mode with no peering <br /> **100**: use BITS instead of Windows Update Delivery Optimization 
+| | [DeliveryOptimization/DOGroupID](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-deliveryoptimization#deliveryoptimization-dogroupid)| Lets you provide a Group ID that limits which PCs can share apps and updates. <br /> Note: This ID must be a GUID.
+| | [DeliveryOptimization/DOMaxCacheAge](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-deliveryoptimization#deliveryoptimization-domaxcacheage)| Lets you specify the maximum time (in seconds) that a file is held in the Delivery Optimization cache. <br /> The default value is 259200 seconds (3 days).
+| | [DeliveryOptimization/DOMaxCacheSize](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-deliveryoptimization#deliveryoptimization-domaxcachesize)           | Lets you specify the maximum cache size as a percentage of disk size. <br /> The default value is 20 which represents 20% of the disk.
 | | [DeliveryOptimization/DOMaxUploadBandwidth](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-deliveryoptimization#deliveryoptimization-domaxuploadbandwidth)      | Lets you specify the maximum upload bandwidth (in KB/second) that a device uses across all concurrent upload activity. <br /> The default value is 0, which means unlimited possible bandwidth.
 | | [DeliveryOptimization/DODownloadMode](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-deliveryoptimization#deliveryoptimization-dodownloadmode)| Specifies the download method that Delivery Optimization can use in downloads of Windows Updates, Apps and App updates. Set to **100** - Bypass mode. Do not use Delivery Optimization and use BITS instead. Added in Windows 10, version 1607.
 | 28. Windows Update | [Update/AllowAutoUpdate](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-update#update-allowautoupdate) | Control automatic updates. <br /> **0**: notify the user before downloading the update <br /> **1**: auto install the update and then notify the user to schedule a device restart <br /> **2**: auto install and restart (default) <br /> **3**: auto install and restart at a specified time <br /> **4**: auto install and restart without end-user control <br /> **5**: turn off automatic updates 

From 8ea9ed0bf3385a1a5da6d69634e13d9715edf282 Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Fri, 17 May 2019 09:26:49 -0700
Subject: [PATCH 080/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md

---
 ...rating-system-components-to-microsoft-services-using-MDM.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
index 0d87c0498f..1169395f22 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
@@ -30,7 +30,8 @@ For more information on Microsoft InTune please see [Transform IT service delive
 
 For detailed information about managing network connections to Microsoft services using Registries, Group Policies, or UI see [Manage connections from Windows operating system components to Microsoft services](https://docs.microsoft.com/en-us/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services).
 
-The endpoints for the “whitelisted” traffic are in the [Whitelisted Traffic](#bkmk-mdm-whitelist). 
+
+The endpoints for the MDM “whitelisted” traffic are in the [Whitelisted Traffic](#bkmk-mdm-whitelist). 
 
 
 ### Settings for Windows 10 Enterprise edition 1903 and newer

From 4739a22778434a7f6b6d61cc70a8e364dd14cf08 Mon Sep 17 00:00:00 2001
From: Justin Hall <justinha@microsoft.com>
Date: Fri, 17 May 2019 10:07:04 -0700
Subject: [PATCH 081/157] edits from Sakib

---
 ...ows-defender-application-control-policy.md | 47 ++++++++++++-------
 .../create-path-based-rules.md                |  4 +-
 ...s-defender-application-control-policies.md | 13 +++--
 ...win32-apps-on-windows-10-s-mode-devices.md | 25 ++++++++--
 4 files changed, 60 insertions(+), 29 deletions(-)

diff --git a/windows/security/threat-protection/windows-defender-application-control/allow-com-object-registration-in-windows-defender-application-control-policy.md b/windows/security/threat-protection/windows-defender-application-control/allow-com-object-registration-in-windows-defender-application-control-policy.md
index c952c0c184..68a3ab2dcd 100644
--- a/windows/security/threat-protection/windows-defender-application-control/allow-com-object-registration-in-windows-defender-application-control-policy.md
+++ b/windows/security/threat-protection/windows-defender-application-control/allow-com-object-registration-in-windows-defender-application-control-policy.md
@@ -6,8 +6,8 @@ ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
-author: jsuther1974
-ms.date: 05/16/2019
+author: mdsakibMSFT
+ms.date: 05/17/2019
 ---
 
 # Allow COM object registration in a Windows Defender Application Control policy
@@ -32,7 +32,7 @@ Get GUID of application to allow in one of the following ways:
 - Finding block event in Event Viewer (Application and Service Logs > Microsoft > Windows > AppLocker > MSI and Script) and extracting GUID
 - Creating audit policy (using New-CIPolicy –Audit), potentially with specific provider, and use info from block events to get GUID
 
-### Author setting
+### Author policy setting to allow or deny COM object GUID
 
 Three elements:
 - Provider: platform on which code is running (values are  Powershell, WSH, IE, VBA, MSI, or a wildcard “AllHostIds”)
@@ -46,21 +46,32 @@ One attribute:
 
 ### Examples
 
+Example 1: Allows registration of all COM object GUIDs in any provider
+
 ```xml
-    <Setting Provider="AllHostIds" Key="AllKeys" ValueName="EnterpriseDefinedClsId">
-      <Value>
-        <Boolean>true</Boolean>
-      </Value>
-    </Setting>
-    <Setting Provider="IE" Key="{00000000-4444-4444-1616-161616161616}" ValueName="EnterpriseDefinedClsId">
-      <Value>
-        <Boolean>false</Boolean>
-      </Value>
-    </Setting>
-    <Setting Provider="PowerShell" Key="{33333333-4444-4444-1616-161616161616}" ValueName="EnterpriseDefinedClsId">
-      <Value>
-        <Boolean>true</Boolean>
-      </Value>
-    </Setting>
+<Setting Provider="AllHostIds" Key="AllKeys" ValueName="EnterpriseDefinedClsId">
+  <Value>
+    <Boolean>true</Boolean>
+  </Value>
+</Setting>
+```
+
+Example 2: Blocks a specific COM object from being registered via Internet Explorer (IE)
+
+```xml
+<Setting Provider="IE" Key="{00000000-4444-4444-1616-161616161616}" ValueName="EnterpriseDefinedClsId">
+  <Value>
+    <Boolean>false</Boolean>
+  </Value>
+</Setting>
+
+Example 3: Allows a specific COM object to register in PowerShell
+
+```xml
+<Setting Provider="PowerShell" Key="{33333333-4444-4444-1616-161616161616}" ValueName="EnterpriseDefinedClsId">
+  <Value>
+    <Boolean>true</Boolean>
+  </Value>
+</Setting>
 ```
 
diff --git a/windows/security/threat-protection/windows-defender-application-control/create-path-based-rules.md b/windows/security/threat-protection/windows-defender-application-control/create-path-based-rules.md
index 29db07a119..105f6a46bb 100644
--- a/windows/security/threat-protection/windows-defender-application-control/create-path-based-rules.md
+++ b/windows/security/threat-protection/windows-defender-application-control/create-path-based-rules.md
@@ -6,8 +6,8 @@ ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
-author: jsuther1974
-ms.date: 05/14/2019
+author: mdsakibMSFT
+ms.date: 05/17/2019
 ---
 
 # Create Windows Defender Application Control path-based rules 
diff --git a/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies.md b/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies.md
index adc318d407..6df51f6694 100644
--- a/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies.md
+++ b/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies.md
@@ -6,8 +6,8 @@ ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
-author: jsuther1974
-ms.date: 05/10/2019
+author: mdsakibMSFT
+ms.date: 05/17/2019
 ---
 
 # Deploy multiple Windows Defender Application Control Policies 
@@ -44,19 +44,22 @@ Note that multiple policies will not work on pre-1903 systems.
 ### Allow Multiple Policies
 
 In order to allow multiple policies to exist and take effect on a single system, policies must be created using the new Multiple Policy Format. The "MultiplePolicyFormat" switch in New-CIPolicy results in 1) random GUIDs being generated for the policy ID and 2) the policy type being specified as base.
+
 ```powershell
 New-CIPolicy -MultiplePolicyFormat -foo –bar
 ```
 
 Optionally, you can choose to make the new base policy supplementable (allow supplemental policies).
+
 ```powershell
 Set-RuleOption -FilePath <string> Enabled:Allow Supplemental Policies
 ```
 
 For signed base policies that are being made supplementable, you need to ensure that supplemental signers are defined. Use the "Supplemental" switch in Add-SignerRule to provide supplemental signers.
-  ```powershell
-  Add-SignerRule -FilePath <string> -CertificatePath <string> [-Kernel] [-User] [-Update] [-Supplemental] [-Deny]  [<CommonParameters>]
-  ```
+
+```powershell
+Add-SignerRule -FilePath <string> -CertificatePath <string> [-Kernel] [-User] [-Update] [-Supplemental] [-Deny]  [<CommonParameters>]
+```
 
 ### Supplemental Policy Creation
 
diff --git a/windows/security/threat-protection/windows-defender-application-control/sideloading-win32-apps-on-windows-10-s-mode-devices.md b/windows/security/threat-protection/windows-defender-application-control/sideloading-win32-apps-on-windows-10-s-mode-devices.md
index 5bbde4033e..25dc3efe37 100644
--- a/windows/security/threat-protection/windows-defender-application-control/sideloading-win32-apps-on-windows-10-s-mode-devices.md
+++ b/windows/security/threat-protection/windows-defender-application-control/sideloading-win32-apps-on-windows-10-s-mode-devices.md
@@ -6,8 +6,8 @@ ms.mktglfcycl: deploy
 ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
-author: jsuther1974
-ms.date: 05/06/2018
+author: mdsakibMSFT
+ms.date: 05/17/2018
 ---
 
 # Sideloading Win32 apps on Windows 10 S mode devices 
@@ -51,24 +51,37 @@ To allow Win32 apps to run on a Windows 10 device in S mode, admins must ‘unlo
 ## Creating and Signing a Supplemental Policy
 
 1.	Create new base policy using [New-CIPolicy](https://docs.microsoft.com/powershell/module/configci/new-cipolicy?view=win10-ps)
+
     ```powershell
     New-CIPolicy -Level PcaCertificate -UserPEs -ScanPath <path> -MultiplePolicyFormat 3> <path\CIPolicyLog.txt> -FilePath <path\SupplementalPolicy.xml>
     ```
+
 2.	Change it to a supplemental policy using [Set-CIPolicyIdInfo](https://docs.microsoft.com/powershell/module/configci/set-cipolicyidinfo?view=win10-ps)
+
     ```powershell
     Set-CIPolicyIdInfo -BasePolicyToSupplementPath <path\SupplementalPolicy.xml> -SupplementsBasePolicyID 5951A96A-E0B5-4D3D-8FB8-3E5B61030784 -FilePath <path\SupplementalPolicy.xml>
     ```
-    Note: ‘5951A96A-E0B5-4D3D-8FB8-3E5B61030784' is the S-mode Base Policy ID.
+
+    >[!NOTE]
+    >‘5951A96A-E0B5-4D3D-8FB8-3E5B61030784' is the S-mode Base Policy ID.
+
 3.	Put policy in enforce mode using [Set-RuleOption](https://docs.microsoft.com/powershell/module/configci/set-ruleoption?view=win10-ps)
+
     ```powershell
     Set-RuleOption -FilePath <path\SupplementalPolicy.xml> -Option 3 –Delete
     ```
+
     This deletes the ‘audit mode’ qualifier.
+
 4.	Convert to .bin using [ConvertFrom-CIPolicy](https://docs.microsoft.com/powershell/module/configci/convertfrom-cipolicy?view=win10-ps)
+
     ```powershell
     ConvertFrom-CIPolicy -XmlFilePath <path\SupplementalPolicy.xml> -BinaryFilePath <path\PolicyID>
     ```
-    Note: PolicyID can be found by inspecting the Supplemental Policy XML. Convert to .bin to sign with DGSS (recommended) or .cip to sign locally.
+
+    >[!NOTE]
+    >PolicyID can be found by inspecting the Supplemental Policy XML. Convert to .bin to sign with DGSS (recommended) or .cip to sign locally.
+
 5.	To sign using the recommended DGSS option through the Microsoft Store for Business, click **Manage** > **Settings** > **Devices** > **Upload** > **Sign**.
     To sign locally using signtool, see [Signing policies with signtool](signing-policies-with-signtool.md).
 
@@ -76,14 +89,18 @@ To allow Win32 apps to run on a Windows 10 device in S mode, admins must ‘unlo
 An admin must generate an app catalog for every deployed app:
 1.	Use Package Inspector to [create a catalog](https://docs.microsoft.com/microsoft-store/add-unsigned-app-to-code-integrity-policy#a-href-idcreate-catalog-filesacreate-catalog-files-for-your-unsigned-app)
     - Start Package Inspector to scan the installer:
+
       ```console
       PackageInspector.exe start C: -path <path to installer>
       ```
+
     - Open the app installer.
     - Stop Package Inspector:
+
       ```console
       PackageInspector.exe stop C: -Name <path\app.cat> -cdfpath <path\app.cdf>
       ```
+     
 2.	To sign using the recommended DGSS option through the Microsoft Store for Business, click **Manage** > **Settings** > **Devices** > **Upload** > **Sign**.
     To sign locally using signtool, see [Signing policies with signtool](signing-policies-with-signtool.md).
 

From 2717120544bbda0cd6c85afef7db3d58a1f1dd1f Mon Sep 17 00:00:00 2001
From: Justin Hall <justinha@microsoft.com>
Date: Fri, 17 May 2019 10:22:37 -0700
Subject: [PATCH 082/157] removed sideloading apps topic

---
 .../TOC.md                                    |   1 -
 ...win32-apps-on-windows-10-s-mode-devices.md | 109 ------------------
 2 files changed, 110 deletions(-)
 delete mode 100644 windows/security/threat-protection/windows-defender-application-control/sideloading-win32-apps-on-windows-10-s-mode-devices.md

diff --git a/windows/security/threat-protection/windows-defender-application-control/TOC.md b/windows/security/threat-protection/windows-defender-application-control/TOC.md
index 075e728710..ac99737410 100644
--- a/windows/security/threat-protection/windows-defender-application-control/TOC.md
+++ b/windows/security/threat-protection/windows-defender-application-control/TOC.md
@@ -34,7 +34,6 @@
 ### [Use a Windows Defender Application Control policy to control specific plug-ins, add-ins, and modules](use-windows-defender-application-control-policy-to-control-specific-plug-ins-add-ins-and-modules.md)
 ### [Use signed policies to protect Windows Defender Application Control against tampering](use-signed-policies-to-protect-windows-defender-application-control-against-tampering.md)
 #### [Signing WDAC policies with SignTool.exe](signing-policies-with-signtool.md)
-### [Sideload Win32 apps on S mode](sideloading-win32-apps-on-windows-10-s-mode-devices.md)
 ### [Disable WDAC policies](disable-windows-defender-application-control-policies.md)
 ### [Device Guard and AppLocker](windows-defender-device-guard-and-applocker.md)
 
diff --git a/windows/security/threat-protection/windows-defender-application-control/sideloading-win32-apps-on-windows-10-s-mode-devices.md b/windows/security/threat-protection/windows-defender-application-control/sideloading-win32-apps-on-windows-10-s-mode-devices.md
deleted file mode 100644
index 25dc3efe37..0000000000
--- a/windows/security/threat-protection/windows-defender-application-control/sideloading-win32-apps-on-windows-10-s-mode-devices.md
+++ /dev/null
@@ -1,109 +0,0 @@
----
-title: Sideloading Win32 apps on Windows 10 S mode devices  (Windows 10)
-description: Windows Defender Application Control restricts which applications users are allowed to run and the code that runs in the system core.
-ms.prod: w10
-ms.mktglfcycl: deploy
-ms.sitesec: library
-ms.pagetype: security
-ms.localizationpriority: medium
-author: mdsakibMSFT
-ms.date: 05/17/2018
----
-
-# Sideloading Win32 apps on Windows 10 S mode devices 
-
-**Applies to:**
-
--   Windows 10
--   Windows Server 2016
-
->[!IMPORTANT]
->Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
-
-Windows 10 S mode is a locked-down system that only runs Store apps. 
-Although it provides tight security and thereby promises reduced management, its application control restrictions make it difficult for some to adopt it widely. 
-Sideloading makes S mode a more viable proposition for enterprise and education workloads by allowing critical Desktop apps in addition to Store apps.
-
-## Process Overview
-
-To allow Win32 apps to run on a Windows 10 device in S mode, admins must ‘unlock’ the device so exceptions can be made to S mode policy, and then upload a corresponding signed catalog for each app to Intune. Here are the steps:
-
-1. Unlock S mode devices through Intune
-   - Admin uses the Device Guard Signing Service (DGSS) in the Microsoft Store for Business to generate a root certificate for the organization and upload it to Intune
-   - Intune will ensure this certificate is included in a device’s unlock token from OCDUS, and any app catalogs which are signed with it will be able to run on the unlocked device
-2. Create a supplemental policy to allow Win32 apps
-   - Admin uses Windows Defender Application Control tools to create a supplemental policy
-   - Admin uses DGSS to sign their supplemental policy
-   - Admin uploads signed supplemental policy to Intune
-3. Allow Win32 app catalogs through Intune 
-   - Admin creates catalog files (1 for every app) and signs them using DGSS or other certificate infrastructure 
-   - Admin submits the signed catalog to Intune 
-   - Intune applies the signed catalog to unlocked S mode device using Sidecar
-
-## Setting up Business Store to use DGSS
-
-1.	In the Azure portal, create a new resource of type Azure Active Directory, then create an associated global admin user.
-2.	Log in to the Microsoft Store for Business as the global admin then go to **Organization** > **Private Store** and accept.
-    This will automatically generate a root certificate for the organization.
-3.	To download a root cert or upload policies/catalogs to sign, navigate to **Manage** > **Settings** > **Devices**.
-    Note: you can only upload .bin and .cat files.
-
-## Creating and Signing a Supplemental Policy
-
-1.	Create new base policy using [New-CIPolicy](https://docs.microsoft.com/powershell/module/configci/new-cipolicy?view=win10-ps)
-
-    ```powershell
-    New-CIPolicy -Level PcaCertificate -UserPEs -ScanPath <path> -MultiplePolicyFormat 3> <path\CIPolicyLog.txt> -FilePath <path\SupplementalPolicy.xml>
-    ```
-
-2.	Change it to a supplemental policy using [Set-CIPolicyIdInfo](https://docs.microsoft.com/powershell/module/configci/set-cipolicyidinfo?view=win10-ps)
-
-    ```powershell
-    Set-CIPolicyIdInfo -BasePolicyToSupplementPath <path\SupplementalPolicy.xml> -SupplementsBasePolicyID 5951A96A-E0B5-4D3D-8FB8-3E5B61030784 -FilePath <path\SupplementalPolicy.xml>
-    ```
-
-    >[!NOTE]
-    >‘5951A96A-E0B5-4D3D-8FB8-3E5B61030784' is the S-mode Base Policy ID.
-
-3.	Put policy in enforce mode using [Set-RuleOption](https://docs.microsoft.com/powershell/module/configci/set-ruleoption?view=win10-ps)
-
-    ```powershell
-    Set-RuleOption -FilePath <path\SupplementalPolicy.xml> -Option 3 –Delete
-    ```
-
-    This deletes the ‘audit mode’ qualifier.
-
-4.	Convert to .bin using [ConvertFrom-CIPolicy](https://docs.microsoft.com/powershell/module/configci/convertfrom-cipolicy?view=win10-ps)
-
-    ```powershell
-    ConvertFrom-CIPolicy -XmlFilePath <path\SupplementalPolicy.xml> -BinaryFilePath <path\PolicyID>
-    ```
-
-    >[!NOTE]
-    >PolicyID can be found by inspecting the Supplemental Policy XML. Convert to .bin to sign with DGSS (recommended) or .cip to sign locally.
-
-5.	To sign using the recommended DGSS option through the Microsoft Store for Business, click **Manage** > **Settings** > **Devices** > **Upload** > **Sign**.
-    To sign locally using signtool, see [Signing policies with signtool](signing-policies-with-signtool.md).
-
-## Creating and Signing an App Catalog
-An admin must generate an app catalog for every deployed app:
-1.	Use Package Inspector to [create a catalog](https://docs.microsoft.com/microsoft-store/add-unsigned-app-to-code-integrity-policy#a-href-idcreate-catalog-filesacreate-catalog-files-for-your-unsigned-app)
-    - Start Package Inspector to scan the installer:
-
-      ```console
-      PackageInspector.exe start C: -path <path to installer>
-      ```
-
-    - Open the app installer.
-    - Stop Package Inspector:
-
-      ```console
-      PackageInspector.exe stop C: -Name <path\app.cat> -cdfpath <path\app.cdf>
-      ```
-     
-2.	To sign using the recommended DGSS option through the Microsoft Store for Business, click **Manage** > **Settings** > **Devices** > **Upload** > **Sign**.
-    To sign locally using signtool, see [Signing policies with signtool](signing-policies-with-signtool.md).
-
-## User experience 
-
-Users will either have apps pushed directly to their devices by their admins, or they can download apps that their admins have made available through the Company Portal.

From 0131237f1d67aab9d09a044bfd141fde38063b01 Mon Sep 17 00:00:00 2001
From: DocsPreview <49669258+DocsPreview@users.noreply.github.com>
Date: Fri, 17 May 2019 16:15:14 -0700
Subject: [PATCH 083/157] Revision moved to higher version when two versions
 available (#221) (#222)

---
 .../status-windows-10-1809-and-windows-server-2019.yml        | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml b/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml
index e94c90b28d..cccf3bdb7a 100644
--- a/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml
+++ b/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml
@@ -65,7 +65,7 @@ sections:
   - type: markdown
     text: "<div>This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.</div><br>
       <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Last updated</td></tr>
-      <tr><td><div id='383msg'></div><b>Unable to access some gov.uk websites</b><br>gov.uk websites that don’t support “HSTS” may not be accessible<br><br><a href = '#383msgdesc'>See details ></a></td><td>OS Build 17763.502<br><br>May 14, 2019<br><a href ='https://support.microsoft.com/help/4494441' target='_blank'>KB4494441</a></td><td>Investigating<br><a href = '' target='_blank'></a></td><td>May 16, 2019 <br>06:41 PM PT</td></tr>
+      <tr><td><div id='383msg'></div><b>Unable to access some gov.uk websites</b><br>gov.uk websites that don’t support “HSTS” may not be accessible<br><br><a href = '#383msgdesc'>See details ></a></td><td>OS Build 17763.503<br><br>May 14, 2019<br><a href ='https://support.microsoft.com/help/4494441' target='_blank'>KB4494441</a></td><td>Investigating<br><a href = '' target='_blank'></a></td><td>May 16, 2019 <br>06:41 PM PT</td></tr>
       <tr><td><div id='346msg'></div><b>Devices with some Asian language packs installed may receive an error</b><br>After installing the KB4493509 devices with some Asian language packs installed may receive the error, \"0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_F<br><br><a href = '#346msgdesc'>See details ></a></td><td>OS Build 17763.437<br><br>April 09, 2019<br><a href ='https://support.microsoft.com/help/4493509' target='_blank'>KB4493509</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 03, 2019 <br>10:59 AM PT</td></tr>
       <tr><td><div id='341msg'></div><b>Printing from Microsoft Edge or other UWP apps, you may receive the error 0x80070007</b><br>Attempting to print from Microsoft Edge or other Universal Windows Platform (UWP) applications, you may receive an error.<br><br><a href = '#341msgdesc'>See details ></a></td><td>OS Build 17763.379<br><br>March 12, 2019<br><a href ='https://support.microsoft.com/help/4489899' target='_blank'>KB4489899</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 02, 2019 <br>04:47 PM PT</td></tr>
       <tr><td><div id='239msg'></div><b>Issue using PXE to start a device from WDS</b><br>Using PXE to start a device from a WDS server configured to use Variable Window Extension may cause the connection to the WDS server to terminate prematurely.<br><br><a href = '#239msgdesc'>See details ></a></td><td>OS Build 17763.379<br><br>March 12, 2019<br><a href ='https://support.microsoft.com/help/4489899' target='_blank'>KB4489899</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>April 09, 2019 <br>10:00 AM PT</td></tr>
@@ -92,7 +92,7 @@ sections:
   - type: markdown
     text: "
       <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='383msgdesc'></div><b>Unable to access some gov.uk websites</b><div>After installing the May 14, 2019 update, some gov.uk websites that don’t support HTTP Strict Transport Security&nbsp;(HSTS)&nbsp;may not be accessible through Internet Explorer 11 or Microsoft Edge.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1809; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10, version 1507; Windows 8.1; Windows 7 SP1&nbsp;</li><li>Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1</li></ul><div></div><div><strong>Next Steps: </strong>Microsoft is working on a resolution and will provide an update as quickly as possible.</div><div>&nbsp;</div><div>&nbsp;</div><br><a href ='#383msg'>Back to top</a></td><td>OS Build 17763.502<br><br>May 14, 2019<br><a href ='https://support.microsoft.com/help/4494441' target='_blank'>KB4494441</a></td><td>Investigating<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 16, 2019 <br>06:41 PM PT<br><br>Opened:<br>May 16, 2019 <br>01:57 PM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='383msgdesc'></div><b>Unable to access some gov.uk websites</b><div>After installing the May 14, 2019 update, some gov.uk websites that don’t support HTTP Strict Transport Security&nbsp;(HSTS)&nbsp;may not be accessible through Internet Explorer 11 or Microsoft Edge.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1809; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10, version 1507; Windows 8.1; Windows 7 SP1&nbsp;</li><li>Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1</li></ul><div></div><div><strong>Next Steps: </strong>Microsoft is working on a resolution and will provide an update as quickly as possible.</div><div>&nbsp;</div><div>&nbsp;</div><br><a href ='#383msg'>Back to top</a></td><td>OS Build 17763.503<br><br>May 14, 2019<br><a href ='https://support.microsoft.com/help/4494441' target='_blank'>KB4494441</a></td><td>Investigating<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 16, 2019 <br>06:41 PM PT<br><br>Opened:<br>May 16, 2019 <br>01:57 PM PT</td></tr>
       <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='346msgdesc'></div><b>Devices with some Asian language packs installed may receive an error</b><div>After installing the April 2019 Cumulative Update (<a href=\"https://support.microsoft.com/help/4493509\" target=\"_blank\">KB4493509</a>), devices with some Asian language packs installed may receive the error, \"0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_FOUND.\"</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019</li><li>Server: Windows Server, version 1809; Windows Server 2019</li></ul><div></div><div><strong>Workaround: </strong></div><ol><li>Uninstall and reinstall any recently added language packs.&nbsp;For instructions, see \"<a href=\"https://support.microsoft.com/help/4496404/windows-10-manage-the-input-and-display-language\" target=\"_blank\">Manage the input and display language settings in Windows 10</a>\".</li><li>Click <strong>Check for Updates</strong> and install the April 2019 Cumulative Update. For instructions, see \"<a href=\"https://support.microsoft.com/help/4027667/windows-10-update\" target=\"_blank\">Update Windows 10</a>\".</li></ol><div><strong>Note: </strong>If reinstalling the language pack does not mitigate the issue, reset your PC as follows:</div><ol><li class=\"ql-indent-1\">Go to <strong>Settings app</strong> -&gt; <strong>Recovery</strong>.</li><li class=\"ql-indent-1\">Click on <strong>Get Started</strong> under <strong>\"Reset this PC\"</strong> recovery option.</li><li class=\"ql-indent-1\">Select <strong>\"Keep my Files\"</strong>.</li></ol><div><strong>Next steps: </strong>Microsoft is working on a resolution and will provide an update in an upcoming release.</div><br><a href ='#346msg'>Back to top</a></td><td>OS Build 17763.437<br><br>April 09, 2019<br><a href ='https://support.microsoft.com/help/4493509' target='_blank'>KB4493509</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 03, 2019 <br>10:59 AM PT<br><br>Opened:<br>May 02, 2019 <br>04:36 PM PT</td></tr>
       <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='341msgdesc'></div><b>Printing from Microsoft Edge or other UWP apps, you may receive the error 0x80070007</b><div>When attempting to print from Microsoft Edge or other Universal Windows Platform (UWP) applications you may receive the error, \"Your printer has experienced an unexpected configuration problem. 0x80070007e.\"</div><div>&nbsp;</div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019</li><li>Server: Windows Server, version 1809; Windows Server 2019</li></ul><div></div><div><strong>Workaround: </strong>You can use another browser, such as Internet Explorer to print your documents.</div><div>&nbsp;</div><div><strong>Next steps: </strong>Microsoft is working on a resolution and will provide an update in an upcoming release.</div><br><a href ='#341msg'>Back to top</a></td><td>OS Build 17763.379<br><br>March 12, 2019<br><a href ='https://support.microsoft.com/help/4489899' target='_blank'>KB4489899</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 02, 2019 <br>04:47 PM PT<br><br>Opened:<br>May 02, 2019 <br>04:47 PM PT</td></tr>
       <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='377msgdesc'></div><b>Windows 10, version 1809 update history may show an update installed twice</b><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1809</li></ul><div></div><div><strong>Cause:</strong></div><div>In certain situations, installing an update requires multiple download and restart steps. In cases where two intermediate steps of the installation complete successfully, the <strong>View your Update history</strong> page will report that installation completed successfully twice.&nbsp;</div><div><br></div><div><strong>Resolution:</strong></div><div>No action is required on your part. The update installation may take longer and may require more than one restart, but will install successfully after all intermediate installation steps have completed. We are working on improving this update experience to ensure the <strong>Update history</strong> correctly reflects the installation of the latest cumulative update (LCU).</div><br><a href ='#377msg'>Back to top</a></td><td>OS Build 17763.503<br><br>May 14, 2019<br><a href ='https://support.microsoft.com/help/4494441' target='_blank'>KB4494441</a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>Resolved:<br>May 16, 2019 <br>02:37 PM PT<br><br>Opened:<br>May 14, 2019 <br>02:56 PM PT</td></tr>

From 0ae2072b649889818f51dc43dc6c75126ac4cad8 Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Fri, 17 May 2019 17:08:42 -0700
Subject: [PATCH 084/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services.md

---
 ...system-components-to-microsoft-services.md | 20 ++++++++++---------
 1 file changed, 11 insertions(+), 9 deletions(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
index 11b1cd1dfe..bc3d6f1a45 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
@@ -1052,6 +1052,17 @@ To turn off voice dictation, speaking to Cortana and other apps, or sending voic
 
 - Create a REG_DWORD registry setting named **HasAccepted** in **HKEY_CURRENT_USER\\Software\\Microsoft\\Speech_OneCore\\Settings\\OnlineSpeechPrivacy** with a **value of 0 (zero)**
 
+
+If you're running at Windows 10, version 1703 up to Windows 10, version 1803, you can turn off updates to the speech recognition and speech synthesis models:
+
+ - **Disable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Speech** > **Allow automatic update of Speech Data** 
+
+  -or-
+
+ - Create a REG_DWORD registry setting named **AllowSpeechModelUpdate** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Speech** with a **value of 0 (zero)** 
+
+
+
 ### <a href="" id="bkmk-priv-accounts"></a>18.7 Account info
 
 In the **Account Info** area, you can choose which apps can access your name, picture, and other account info.
@@ -1421,15 +1432,6 @@ To turn off Inking & Typing data collection (note: there is no Group Policy for
  - Set **RestrictImplicitTextCollection** registry REG_DWORD setting in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\InputPersonalization** to a **value of 1 (one)**
 
 
-If you're running at least Windows 10, version 1703, you can turn off updates to the speech recognition and speech synthesis models:
-
- - **Disable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Speech** > **Allow automatic update of Speech Data** 
-
-  -or-
-
- - Create a REG_DWORD registry setting named **AllowSpeechModelUpdate** in **HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Speech** with a **value of 0 (zero)** 
-
-
 ### <a href="" id="bkmk-act-history"></a>18.22 Activity History
 In the **Activity History** area, you can choose turn Off tracking of your Activity History.  
 

From ff8b7d6a2131a26bb8597a4e80a0732a16b7bfd5 Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Fri, 17 May 2019 17:29:22 -0700
Subject: [PATCH 085/157] Update manage-windows-1903-endpoints.md

---
 windows/privacy/manage-windows-1903-endpoints.md | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/windows/privacy/manage-windows-1903-endpoints.md b/windows/privacy/manage-windows-1903-endpoints.md
index f73b24241a..5364d2ae65 100644
--- a/windows/privacy/manage-windows-1903-endpoints.md
+++ b/windows/privacy/manage-windows-1903-endpoints.md
@@ -30,16 +30,18 @@ Some Windows components, app, and related services transfer data to Microsoft ne
 
 This article lists different endpoints that are available on a clean installation of Windows 10, version 1709 and later.
 Details about the different ways to control traffic to these endpoints are covered in [Manage connections from Windows operating system components to Microsoft services](manage-connections-from-windows-operating-system-components-to-microsoft-services.md). 
-Where applicable, each endpoint covered in this topic includes a link to specific details about how to control traffic to it. 
+Where applicable, each endpoint covered in this topic includes a link to the specific details on how to control that traffic. 
 
 We used the following methodology to derive these network endpoints:
 
 1.	Set up the latest version of Windows 10 on a test virtual machine using the default settings. 
-2.	Leave the devices running idle for a week (that is, a user is not interacting with the system/device).
+2.	Leave the device(s) running idle for a week ("idle" means a user is not interacting with the system/device).
 3.	Use globally accepted network protocol analyzer/capturing tools and log all background egress traffic.  
 4.	Compile reports on traffic going to public IP addresses.
-5.  The test virtual machine was logged in using a local account and was not joined to a domain or Azure Active Directory.
-6.  All traffic was captured in our lab using a IPV4 network.  Therefore no IPV6 traffic is reported here. 
+5.  The test virtual machine(s) was logged into using a local account, and was not joined to a domain or Azure Active Directory.
+6.  All traffic was captured in our lab using a IPV4 network.  Therefore, no IPV6 traffic is reported here. 
+7.  These tests were conducted in an approved Microsoft lab.  It's possible your results may be different.
+8.  These tests were conducted for one week, but if you capture traffic for longer you may have different results.
 
 > [!NOTE]
 > Microsoft uses global load balancers that can appear in network trace-routes. For example, an endpoint for *.akadns.net might be used to load balance requests to an Azure datacenter, which can change over time.

From 6cc42989875be1a8ba938ede4a43490490ad6d5b Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Fri, 17 May 2019 17:31:19 -0700
Subject: [PATCH 086/157] Update manage-windows-1903-endpoints.md

---
 windows/privacy/manage-windows-1903-endpoints.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/privacy/manage-windows-1903-endpoints.md b/windows/privacy/manage-windows-1903-endpoints.md
index 5364d2ae65..c655b5307b 100644
--- a/windows/privacy/manage-windows-1903-endpoints.md
+++ b/windows/privacy/manage-windows-1903-endpoints.md
@@ -1,5 +1,5 @@
 ---
-title: Connection endpoints for Windows 10, version 1903
+title: Connection endpoints for Windows 10 Enterprise, version 1903
 description: Explains what Windows 10 endpoints are used for, how to turn off traffic to them, and the impact.
 keywords: privacy, manage connections to Microsoft, Windows 10, Windows Server 2016
 ms.prod: w10

From e6d8d209e26d2d88e278eed2e8d58af72aba77e7 Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Fri, 17 May 2019 17:32:11 -0700
Subject: [PATCH 087/157] Update manage-windows-1903-endpoints.md

---
 windows/privacy/manage-windows-1903-endpoints.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/privacy/manage-windows-1903-endpoints.md b/windows/privacy/manage-windows-1903-endpoints.md
index c655b5307b..01e2747cdc 100644
--- a/windows/privacy/manage-windows-1903-endpoints.md
+++ b/windows/privacy/manage-windows-1903-endpoints.md
@@ -18,7 +18,7 @@ ms.date: 5/3/2019
 
 **Applies to**
 
-- Windows 10, version 1903
+- Windows 10 Enterprise, version 1903
 
 Some Windows components, app, and related services transfer data to Microsoft network endpoints. Some examples include:
 

From bda0298a955442d29ad82168282b7e6235e7290e Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Fri, 17 May 2019 17:32:40 -0700
Subject: [PATCH 088/157] Update manage-windows-1903-endpoints.md

---
 windows/privacy/manage-windows-1903-endpoints.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/privacy/manage-windows-1903-endpoints.md b/windows/privacy/manage-windows-1903-endpoints.md
index 01e2747cdc..3ed84fa322 100644
--- a/windows/privacy/manage-windows-1903-endpoints.md
+++ b/windows/privacy/manage-windows-1903-endpoints.md
@@ -14,7 +14,7 @@ ms.collection: M365-security-compliance
 ms.topic: article
 ms.date: 5/3/2019
 ---
-# Manage connection endpoints for Windows 10, version 1903
+# Manage connection endpoints for Windows 10 Enterprise, version 1903
 
 **Applies to**
 

From 6445bf4b6416e6e7330c8c5a2c8899d2f2b7e33c Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Fri, 17 May 2019 17:41:26 -0700
Subject: [PATCH 089/157] Update
 windows-endpoints-1903-non-enterprise-editions.md

---
 .../windows-endpoints-1903-non-enterprise-editions.md | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/windows/privacy/windows-endpoints-1903-non-enterprise-editions.md b/windows/privacy/windows-endpoints-1903-non-enterprise-editions.md
index 2c3885c711..50b4192e0c 100644
--- a/windows/privacy/windows-endpoints-1903-non-enterprise-editions.md
+++ b/windows/privacy/windows-endpoints-1903-non-enterprise-editions.md
@@ -22,16 +22,19 @@ ms.date: 5/9/2019
 - Windows 10 Professional, version 1903
 - Windows 10 Education, version 1903
 
-In addition to the endpoints listed for [Windows 10 Enterprise](manage-windows-1903-endpoints.md), the following endpoints are available on other editions of Windows 10, version 1903.
+In addition to the endpoints listed for [Windows 10 Enterprise](manage-windows-1903-endpoints.md), the following endpoints are available on other non-Enterprise editions of Windows 10, version 1903.
 
 We used the following methodology to derive these network endpoints:
 
 1.	Set up the latest version of Windows 10 on a test virtual machine using the default settings. 
-2.	Leave the devices running idle for a week (that is, a user is not interacting with the system/device).
+2.	Leave the device(s) running idle for a week ("idle" means a user is not interacting with the system/device).
 3.	Use globally accepted network protocol analyzer/capturing tools and log all background egress traffic.  
 4.	Compile reports on traffic going to public IP addresses.
-5.  The test virtual machine was logged in using a local account and was not joined to a domain or Azure Active Directory.
-6.  All traffic was captured in our lab using a IPV4 network.  Therefore no IPV6 traffic is reported here. 
+5.  The test virtual machine(s) was logged into using a local account, and was not joined to a domain or Azure Active Directory.
+6.  All traffic was captured in our lab using a IPV4 network.  Therefore, no IPV6 traffic is reported here. 
+7.  These tests were conducted in an approved Microsoft lab.  It's possible your results may be different.
+8.  These tests were conducted for one week, but if you capture traffic for longer you may have different results.
+
 
 > [!NOTE]
 > Microsoft uses global load balancers that can appear in network trace-routes. For example, an endpoint for *.akadns.net might be used to load balance requests to an Azure datacenter, which can change over time.

From 24220c2623bcefb901badadc17a69bbd8743a709 Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Fri, 17 May 2019 17:49:30 -0700
Subject: [PATCH 090/157] Update manage-windows-1903-endpoints.md

---
 windows/privacy/manage-windows-1903-endpoints.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/privacy/manage-windows-1903-endpoints.md b/windows/privacy/manage-windows-1903-endpoints.md
index 3ed84fa322..1279552d91 100644
--- a/windows/privacy/manage-windows-1903-endpoints.md
+++ b/windows/privacy/manage-windows-1903-endpoints.md
@@ -32,7 +32,7 @@ This article lists different endpoints that are available on a clean installatio
 Details about the different ways to control traffic to these endpoints are covered in [Manage connections from Windows operating system components to Microsoft services](manage-connections-from-windows-operating-system-components-to-microsoft-services.md). 
 Where applicable, each endpoint covered in this topic includes a link to the specific details on how to control that traffic. 
 
-We used the following methodology to derive these network endpoints:
+The following methodology was used to derive these network endpoints:
 
 1.	Set up the latest version of Windows 10 on a test virtual machine using the default settings. 
 2.	Leave the device(s) running idle for a week ("idle" means a user is not interacting with the system/device).

From bb8d9e97576aad99e657b64f882328e1233e2f97 Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Fri, 17 May 2019 17:50:07 -0700
Subject: [PATCH 091/157] Update
 windows-endpoints-1903-non-enterprise-editions.md

---
 .../privacy/windows-endpoints-1903-non-enterprise-editions.md   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/privacy/windows-endpoints-1903-non-enterprise-editions.md b/windows/privacy/windows-endpoints-1903-non-enterprise-editions.md
index 50b4192e0c..a4b71349d5 100644
--- a/windows/privacy/windows-endpoints-1903-non-enterprise-editions.md
+++ b/windows/privacy/windows-endpoints-1903-non-enterprise-editions.md
@@ -24,7 +24,7 @@ ms.date: 5/9/2019
 
 In addition to the endpoints listed for [Windows 10 Enterprise](manage-windows-1903-endpoints.md), the following endpoints are available on other non-Enterprise editions of Windows 10, version 1903.
 
-We used the following methodology to derive these network endpoints:
+The following methodology was used to derive the network endpoints:
 
 1.	Set up the latest version of Windows 10 on a test virtual machine using the default settings. 
 2.	Leave the device(s) running idle for a week ("idle" means a user is not interacting with the system/device).

From 608f0993dee3bcf71926d7426199fc9a6635028d Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Fri, 17 May 2019 19:09:59 -0700
Subject: [PATCH 092/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md

---
 ...ponents-to-microsoft-services-using-MDM.md | 130 +++++++++---------
 1 file changed, 62 insertions(+), 68 deletions(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
index 1169395f22..2a3fcf8085 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
@@ -43,82 +43,76 @@ For Windows 10, the following MDM policies are available in the [Policy CSP](htt
 | Setting | MDM Policy | Description |
 | --- | --- | --- |
 | 1. Automatic Root Certificates Update | There is intentionally no MDM available for Automatic Root Certificate Update. | This MDM does not exist since it would prevent the operation and management of MDM management of devices.
-| 2. Cortana and Search | [Experience/AllowCortana](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-experience#experience-allowcortana) | Choose whether to let Cortana install and run on the device. 
-| | [Search/AllowSearchToUseLocation](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-search#search-allowsearchtouselocation) | Choose whether Cortana and Search can provide location-aware search results. <br /> Default: Allowed 
-| 3. Date & Time | [Settings/AllowDateTime](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-settings#settings-allowdatetime)| Allows the user to change date and time settings.  <br />**0** Not allowed.<br /> 1 (default) Allowed.
-| 4. Device metadata retrieval | [DeviceInstallation/PreventDeviceMetadataFromNetwork](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-deviceinstallation#deviceinstallation-preventdevicemetadatafromnetwork) | Choose whether to prevent Windows from retrieving device metadata from the Internet 
-| 5. Find My Device | [Experience/AllowFindMyDevice](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-experience#experience-allowfindmydevice)| This policy turns on Find My Device.  <br /> Set to **0** to disable.<br /> 
-| 6. Font streaming | [System/AllowFontProviders](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-system#system-allowfontproviders) | Set to 0 to disable font streaming <br /> Set to 1 to enable font streaming 
-| 7. Insider Preview builds | [System/AllowBuildPreview](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-system#system-allowbuildpreview) | **0**: users cannot make their devices available for downloading and installing preview software <br /> **1**: users can make their devices available for downloading and installing preview software <br /> **2**: (default) not configured; users can make their devices available for download and installing preview software 
+| 2. Cortana and Search | [Experience/AllowCortana](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-experience#experience-allowcortana) | Choose whether to let Cortana install and run on the device. **Set to 0 (zero)**
+| | [Search/AllowSearchToUseLocation](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-search#search-allowsearchtouselocation) | Choose whether Cortana and Search can provide location-aware search results. **Set to 0 (zero)**
+| 3. Date & Time | [Settings/AllowDateTime](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-settings#settings-allowdatetime)| Allows the user to change date and time settings.  **Set to 0 (zero)**
+| 4. Device metadata retrieval | [DeviceInstallation/PreventDeviceMetadataFromNetwork](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-deviceinstallation#deviceinstallation-preventdevicemetadatafromnetwork) | Choose whether to prevent Windows from retrieving device metadata from the Internet.  **Set to Enabled**
+| 5. Find My Device | [Experience/AllowFindMyDevice](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-experience#experience-allowfindmydevice)| This policy turns on Find My Device.  ** Set to 0  (zero)**  
+| 6. Font streaming | [System/AllowFontProviders](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-system#system-allowfontproviders) | ** Set to 0  (zero)**  
+| 7. Insider Preview builds | [System/AllowBuildPreview](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-system#system-allowbuildpreview) | ** Set to 0  (zero)** 
 | 8. Internet Explorer | The following Microsoft Internet Explorer MDM policies are available in the [Internet Explorer CSP](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-internetexplorer) | 
-| | [InternetExplorer/AllowSuggestedSites](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-allowsuggestedsites) | Recommends websites based on the user’s browsing activity. 
-| | [InternetExplorer/PreventManagingSmartScreenFilter]( https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-preventmanagingsmartscreenfilter) | Prevents the user from managing SmartScreen Filter, which warns the user if the website being visited is known for fraudulent attempts to gather personal information through "phishing," or is known to host malware. 
-| | [InternetExplorer/DisableFlipAheadFeature]( https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-disableflipaheadfeature) | Determines whether a user can swipe across a screen or click Forward to go to the next pre-loaded page of a website. 
-| | [InternetExplorer/DisableHomePageChange]( https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-disablehomepagechange) | Determines whether users can change the default Home Page or not.
-| | [InternetExplorer/DisableFirstRunWizard]( https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-disablefirstrunwizard) | Prevents Internet Explorer from running the First Run wizard the first time a user starts the browser after installing Internet Explorer or Windows. 
-| 9. Live Tiles | [Notifications/DisallowTileNotification](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-notifications)| This policy setting turns off tile notifications. If you enable this policy setting applications and system features will not be able to update their tiles and tile badges in the Start screen.  Set value to **1** to disable Tile Notifications.
-| 10. Mail synchronization | [Accounts/AllowMicrosoftAccountConnection](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-accounts#accounts-allowmicrosoftaccountconnection) | **0**: not allowed <br /> **1**: allowed <br /> Does not apply to Microsoft Accounts that have already been configured on the device.
-| 11. Microsoft Account | [Accounts/AllowMicrosoftAccountSignInAssistant](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-accounts#accounts-allowmicrosoftaccountsigninassistant) | Disable the Microsoft Account Sign-In Assistant. <br /> **0**: turned off <br /> **1**: turned on
+| | [InternetExplorer/AllowSuggestedSites](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-allowsuggestedsites) | Recommends websites based on the user’s browsing activity. **Set to Disabled**
+| | [InternetExplorer/PreventManagingSmartScreenFilter]( https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-preventmanagingsmartscreenfilter) | Prevents the user from managing SmartScreen Filter, which warns the user if the website being visited is known for fraudulent attempts to gather personal information through "phishing," or is known to host malware. **Set to Enabled**
+| | [InternetExplorer/DisableFlipAheadFeature]( https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-disableflipaheadfeature) | Determines whether a user can swipe across a screen or click Forward to go to the next pre-loaded page of a website. **Set to Enabled**
+| | [InternetExplorer/DisableHomePageChange]( https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-disablehomepagechange) | Determines whether users can change the default Home Page or not. **Set to Enabled**
+| | [InternetExplorer/DisableFirstRunWizard]( https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-disablefirstrunwizard) | Prevents Internet Explorer from running the First Run wizard the first time a user starts the browser after installing Internet Explorer or Windows. **Set to Enabled**
+| 9. Live Tiles | [Notifications/DisallowTileNotification](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-notifications)| This policy setting turns off tile notifications. If you enable this policy setting applications and system features will not be able to update their tiles and tile badges in the Start screen.  **Set to Enabled**
+| 10. Mail synchronization | [Accounts/AllowMicrosoftAccountConnection](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-accounts#accounts-allowmicrosoftaccountconnection) | ** Set to 0  (zero)**  
+| 11. Microsoft Account | [Accounts/AllowMicrosoftAccountSignInAssistant](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-accounts#accounts-allowmicrosoftaccountsigninassistant) | Disable the Microsoft Account Sign-In Assistant. ** Set to 0  (zero)**  
 | 12. Microsoft Edge | | The following Microsoft Edge MDM policies are available in the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx). For a complete list of the Microsoft Edge policies, see [Available policies for Microsoft Edge](https://docs.microsoft.com/microsoft-edge/deploy/available-policies). 
-| | [Browser/AllowAutoFill](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowautofill) | Choose whether employees can use autofill on websites. <br /> Default: Allowed 
-| | [Browser/AllowDoNotTrack](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowdonottrack) | Choose whether employees can send Do Not Track headers.<br /> Default: Not allowed 
-| | [Browser/AllowMicrosoftCompatbilityList](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowmicrosoftcompatibilitylist) | Specify the Microsoft compatibility list in Microsoft Edge. <br /> Default: Enabled 
-| | [Browser/AllowPasswordManager](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowpasswordmanager) | Choose whether employees can save passwords locally on their devices. <br /> Default: Allowed 
-| | [Browser/AllowSearchSuggestionsinAddressBar](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowsearchsuggestionsinaddressbar) | Choose whether the Address Bar shows search suggestions.. <br /> Default: Allowed 
-| | [Browser/AllowSmartScreen](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowsmartscreen) | Choose whether SmartScreen is turned on or off.  <br /> Default: Allowed 
-| | [Browser/FirstRunURL](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-firstrunurl) | Choose the home page for Microsoft Edge on Windows Mobile 10. <br /> Default: blank 
-| 13. Network Connection Status Indicator | [Connectivity/DisallowNetworkConnectivityActiveTests](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-connectivity#connectivity-disallownetworkconnectivityactivetests) | **1**: turn off NCSI <br /> Note:: After you apply this policy you must restart the device for the policy setting to take effect. 
-| 14. Offline maps | [AllowOfflineMapsDownloadOverMeteredConnection](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-maps)|Allows the download and update of map data over metered connections. <br /> **0** Disabled. Force disable auto-update over metered connection.<br />
-| | [EnableOfflineMapsAutoUpdate](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-maps#maps-enableofflinemapsautoupdate)|Disables the automatic download and update of map data. <br />**0** Disabled. Force off auto-update.<br /> 
-| 15. OneDrive | [DisableOneDriveFileSync](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-system#system-disableonedrivefilesync)| Allows IT Admins to prevent apps and features from working with files on OneDrive. <br />**1** True (sync disabled).<br />
+| | [Browser/AllowAutoFill](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowautofill) | Choose whether employees can use autofill on websites. ** Set to 0  (zero)**  
+| | [Browser/AllowDoNotTrack](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowdonottrack) | Choose whether employees can send Do Not Track headers. ** Set to 0  (zero)**  
+| | [Browser/AllowMicrosoftCompatbilityList](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowmicrosoftcompatibilitylist) | Specify the Microsoft compatibility list in Microsoft Edge. ** Set to 0  (zero)**  
+| | [Browser/AllowPasswordManager](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowpasswordmanager) | Choose whether employees can save passwords locally on their devices. ** Set to 0  (zero)**  
+| | [Browser/AllowSearchSuggestionsinAddressBar](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowsearchsuggestionsinaddressbar) | Choose whether the Address Bar shows search suggestions. ** Set to 0  (zero)**  
+| | [Browser/AllowSmartScreen](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowsmartscreen) | Choose whether SmartScreen is turned on or off.  ** Set to 0  (zero)**  
+| 13. Network Connection Status Indicator | [Connectivity/DisallowNetworkConnectivityActiveTests](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-connectivity#connectivity-disallownetworkconnectivityactivetests) | ** Set to 1 (one)**  Note:: After you apply this policy you must restart the device for the policy setting to take effect. 
+| 14. Offline maps | [AllowOfflineMapsDownloadOverMeteredConnection](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-maps)|Allows the download and update of map data over metered connections. <br /> ** Set to 0  (zero)**  
+| | [EnableOfflineMapsAutoUpdate](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-maps#maps-enableofflinemapsautoupdate)|Disables the automatic download and update of map data. ** Set to 0  (zero)**  
+| 15. OneDrive | [DisableOneDriveFileSync](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-system#system-disableonedrivefilesync)| Allows IT Admins to prevent apps and features from working with files on OneDrive. ** Set to 1  (one)**  
 | 16. Preinstalled apps | N/A | N/A 
 | 17. Privacy settings | | Except for the Feedback & Diagnostics page, these settings must be configured for every user account that signs into the PC. 
-|   17.1 General | [TextInput/AllowLinguisticDataCollection](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-textinput#textinput-allowlinguisticdatacollection) | Turn off **Send Microsoft info about how I write to help us improve typing and writing in the future**. <br /> **0**: not allowed <br /> **1**: allowed (default) 
-|   17.2 Location | [System/AllowLocation](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-system#system-allowlocation) | Turn off **Location for this device**. <br /> **0**: turned off and the employee can't turn it back on <br /> **1**: turned on but lets the employee choose whether to use it (default) <br /> **2**: turned on and the employee can't turn it off <br /> Note:: You can also set this MDM policy in System Center Configuration Manager using the [WMI Bridge Provider](https://msdn.microsoft.com/library/dn905224.aspx). 
-|   17.3 Camera | [Camera/AllowCamera](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-camera#camera-allowcamera) | Turn off **Let apps use my camera**. <br /> **0**: apps can't use the camera <br /> **1** apps can use the camera <br /> Note:: You can also set this MDM policy in System Center Configuration Manager using the [WMI Bridge Provider](https://msdn.microsoft.com/library/dn905224.aspx). 
-|   17.4 Microphone | [Privacy/LetAppsAccessMicrophone](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessmicrophone) | Turn off **Let apps use my microphone**. <br /> **0**: user in control <br /> **1**: force allow <br /> **2**: force deny 
-|   17.5 Notifications | [Notifications/DisallowCloudNotification](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-notifications#notifications-disallowcloudnotification) | Turn off notifications network usage. <br /> **DO NOT TURN OFF WNS Notifications if you want manage your device(s) using Microsoft InTune** 
-| | [Privacy/LetAppsAccessNotifications](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessnotifications) | Turn off **Let apps access my notifications**. <br /> **0**: user in control <br /> **1**: force allow <br /> **2**: force deny 
-| | [Settings/Notifications & actions/AllowOnlineTips]( https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-settings#settings-allowonlinetips) | Disable **AllowOnlineTips** to prevent traffic 
-|   17.6 Speech, Inking, & Typing | [Speech/AllowSpeechModelUpdate](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-speech#speech-allowspeechmodelupdate) | Turn off updates to the speech recognition and speech synthesis models. <br /> **0**: not allowed (default) <br /> **1**: allowed 
-| | [TextInput/AllowLinguisticDataCollection](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-textinput#textinput-allowlinguisticdatacollection)|This policy setting controls the ability to send inking and typing data to Microsoft to improve the language recognition and suggestion capabilities of apps and services running on Windows. <br />**0**: disallow <br /> <br /> **1**: choice deferred to user's preference 
-|   17.7 Account info | [Privacy/LetAppsAccessAccountInfo](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessaccountinfo) | Turn off **Let apps access my name picture and other account info in the UI**. <br /> **0**: user in control <br /> **1**: force allow <br /> **2**: force deny 
-|   17.8 Contacts | [Privacy/LetAppsAccessContacts](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesscontacts) | Turn off **Choose apps that can access contacts** in the UI. <br /> **0**: user in control <br /> **1**: force allow <br /> **2**: force deny 
-|   17.9 Calendar | [Privacy/LetAppsAccessCalendar](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesscalendar) | Turn off **Let apps access my calendar** in the UI. <br /> **0**: user in control <br /> **1**: force allow <br /> **2**: force deny 
-|   17.10 Call history | [Privacy/LetAppsAccessCallHistory](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesscallhistory) | Turn off **Let apps access my call history** in the UI. <br /> **0**: user in control <br /> **1**: force allow <br /> **2**: force deny 
-|   17.11 Email | [Privacy/LetAppsAccessEmail](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessemail) | Turn off **Let apps access and send email** in the UI. <br /> **0**: user in control <br /> **1**: force allow <br /> **2**: force deny 
-|   17.12 Messaging | [Privacy/LetAppsAccessMessaging](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessmessaging) | Turn off **Let apps read or send messages (text or MMS)** in the UI. <br /> **0**: user in control <br /> **1**: force allow <br /> **2**: force deny 
-|   17.13 Phone calls | [Privacy/LetAppsAccessPhone](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessphone) | <br /> **0**: user in control <br /> **1**: force allow <br /> **2**: force deny 
-|   17.14 Radios | [Privacy/LetAppsAccessRadios](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessradios) | Turn off **Let apps control radios** in the UI. <br /> **0**: user in control <br /> **1**: force allow <br /> **2**: force deny 
-|   17.15 Other devices | [Privacy/LetAppsSyncWithDevices](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappssyncwithdevices) | Turn off **Let apps automatically share and sync info** with wireless devices that don't explicitly pair with your PC, tablet, or phone** in the UI. <br /> **0**: user in control <br /> **1**: force allow <br /> **2**: force deny 
-| | [Privacy/LetAppsAccessTrustedDevices](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesstrusteddevices) | Turn off **Let your apps use your trusted devices** (hardware you've already connected, or comes with your PC, tablet, or phone) in the UI. <br /> **0**: user in control <br /> **1**: force allow <br /> **2**: force deny 
-|   17.16 Feedback & diagnostics | [System/AllowTelemetry](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-system#system-allowtelemetry) | Change the level of diagnostic and usage data sent when you **Send your device data to Microsoft**. <br /> **0**: maps to the **Security** level <br /> **1**: maps to the **Basic** level <br /> **2**: maps to the **Enhanced** level <br /> **3**: maps to the **Full** level 
-|   17.17 Background apps | [Privacy/LetAppsRunInBackground](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsruninbackground) | Turn off **Let apps run in the background** in the UI. <br /> **0**: user in control <br /> **1**: force allow <br /> **2**: force deny <br /> Note: Some apps, including Cortana and Search, might not function as expected if you set **Let apps run in the background** to **Force Deny**. 
-|   17.18 Motion | [Privacy/LetAppsAccessMotion](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessmotion) | Turn off **Let Windows and your apps use your motion data and collect motion history** in the UI. <br /> **0**: user in control <br /> **1**: force allow <br /> **2**: force deny 
-|   17.19 Tasks | [Privacy/LetAppsAccessTasks](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesstasks) | Turn off the ability to choose which apps have access to tasks. <br /> **0**: user in control <br /> **1**: force allow <br /> **2**: force deny 
-|   17.20 App Diagnostics | [Privacy/LetAppsGetDiagnosticInfo](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsgetdiagnosticinfo) | Turn off the ability to choose which apps have access to diagnostic information. <br /> **0**: user in control <br /> **1**: force allow <br /> **2**: force deny 
-| 18. Software Protection Platform | [Licensing/DisallowKMSClientOnlineAVSValidation](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-licensing#licensing-disallowkmsclientonlineavsvalidation) | Opt out of sending KMS client activation data to Microsoft automatically. <br /> **0**: disabled (default) <br /> **1**: enabled 
-| 19. Storage Health | [Storage/AllowDiskHealthModelUpdates](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-storage#storage-allowdiskhealthmodelupdates) | Allows disk health model updates. <br /> **0** - Do not allow<br /> 
-| 20. Sync your settings | [Experience/AllowSyncMySettings](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-experience#experience-allowsyncmysettings) | Control whether your settings are synchronized. <br /> **0**: not allowed <br /> **1**: allowed 
+|   17.1 General | [TextInput/AllowLinguisticDataCollection](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-textinput#textinput-allowlinguisticdatacollection) | Turn off **Send Microsoft info about how I write to help us improve typing and writing in the future**. ** Set to 0  (zero)** 
+|   17.2 Location | [System/AllowLocation](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-system#system-allowlocation) | Turn off **Location for this device**. ** Set to 0  (zero)**  Note:: You can also set this MDM policy in System Center Configuration Manager using the [WMI Bridge Provider](https://msdn.microsoft.com/library/dn905224.aspx). 
+|   17.3 Camera | [Camera/AllowCamera](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-camera#camera-allowcamera) | Turn off **Let apps use my camera**. ** Set to 0  (zero)**  Note:: You can also set this MDM policy in System Center Configuration Manager using the [WMI Bridge Provider](https://msdn.microsoft.com/library/dn905224.aspx). 
+|   17.4 Microphone | [Privacy/LetAppsAccessMicrophone](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessmicrophone) | Turn off **Let apps use my microphone**. ** Set to 2  (two)**   
+|   17.5 Notifications | [Notifications/DisallowCloudNotification](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-notifications#notifications-disallowcloudnotification) | Turn off notifications network usage.  **DO NOT TURN OFF WNS Notifications if you want manage your device(s) using Microsoft InTune** 
+| | [Privacy/LetAppsAccessNotifications](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessnotifications) | ** Set to 2  (two)**   
+| | [Settings/Notifications & actions/AllowOnlineTips]( https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-settings#settings-allowonlinetips) | **Set to Disabled**
+|   17.6 Speech, Inking, & Typing | [Speech/AllowSpeechModelUpdate](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-speech#speech-allowspeechmodelupdate) | Turn off updates to the speech recognition and speech synthesis models. ** Set to 0  (zero)**  
+| | [TextInput/AllowLinguisticDataCollection](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-textinput#textinput-allowlinguisticdatacollection)|This policy setting controls the ability to send inking and typing data to Microsoft to improve the language recognition and suggestion capabilities of apps and services running on Windows. ** Set to 0  (zero)**  
+|   17.7 Account info | [Privacy/LetAppsAccessAccountInfo](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessaccountinfo) | Turn off **Let apps access my name picture and other account info in the UI ** Set to 2  (two)**  
+|   17.8 Contacts | [Privacy/LetAppsAccessContacts](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesscontacts) | Turn off **Choose apps that can access contacts** in the UI. ** Set to 2  (two)**  
+|   17.9 Calendar | [Privacy/LetAppsAccessCalendar](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesscalendar) | ** Set to 2  (two)**  
+|   17.10 Call history | [Privacy/LetAppsAccessCallHistory](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesscallhistory) | ** Set to 2  (two)**  
+|   17.11 Email | [Privacy/LetAppsAccessEmail](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessemail) | ** Set to 2  (two)**  
+|   17.12 Messaging | [Privacy/LetAppsAccessMessaging](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessmessaging) | ** Set to 2  (two)**  
+|   17.13 Phone calls | [Privacy/LetAppsAccessPhone](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessphone) ** Set to 2  (two)**  
+|   17.14 Radios | [Privacy/LetAppsAccessRadios](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessradios) | ** Set to 2 (two)**  
+|   17.15 Other devices | [Privacy/LetAppsSyncWithDevices](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappssyncwithdevices) | ** Set to 2  (two)**  
+| | [Privacy/LetAppsAccessTrustedDevices](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesstrusteddevices) | ** Set to 2 (two)**  
+|   17.16 Feedback & diagnostics | [System/AllowTelemetry](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-system#system-allowtelemetry) | Change the level of diagnostic and usage data sent when you **Send your device data to Microsoft**. ** Set to 0 (zero)**  
+|   17.17 Background apps | [Privacy/LetAppsRunInBackground](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsruninbackground) | Turn off **Let apps run in the background** in the UI. ** Set to 2 (two)**  Note: Some apps, including Cortana and Search, might not function as expected if you set **Let apps run in the background** to **Force Deny**. 
+|   17.18 Motion | [Privacy/LetAppsAccessMotion](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessmotion) | ** Set to 2 (two)**  
+|   17.19 Tasks | [Privacy/LetAppsAccessTasks](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesstasks) | Turn off the ability to choose which apps have access to tasks. ** Set to 2 (two)**  
+|   17.20 App Diagnostics | [Privacy/LetAppsGetDiagnosticInfo](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsgetdiagnosticinfo) | ** Set to 2 (two)**  
+| 18. Software Protection Platform | [Licensing/DisallowKMSClientOnlineAVSValidation](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-licensing#licensing-disallowkmsclientonlineavsvalidation) | Opt out of sending KMS client activation data to Microsoft automatically. ** Set to 1 (one)**   
+| 19. Storage Health | [Storage/AllowDiskHealthModelUpdates](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-storage#storage-allowdiskhealthmodelupdates) | Allows disk health model updates. ** Set to 0 (zero)**  
+| 20. Sync your settings | [Experience/AllowSyncMySettings](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-experience#experience-allowsyncmysettings) | Control whether your settings are synchronized. ** Set to 0 (zero)**  
 | 21. Teredo | No MDM needed or required|No MDM needed or required
 | 22. Wi-Fi Sense | No MDM needed or required|No MDM needed or required
-| 23. Windows Defender | [Defender/AllowCloudProtection](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-defender#defender-allowcloudprotection) | Disconnect from the Microsoft Antimalware Protection Service. <br /> **0** Not allowed.<br /> **1** (default) Allowed.
-| | [Defender/SubmitSamplesConsent](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-defender#defender-submitsamplesconsent) | Stop sending file samples back to Microsoft. <br /> **0**: always prompt <br /> **1**: send safe samples automatically (default) <br /> **2**: never send <br /> **3**: send all samples automatically 
-|   23.1 Windows Defender Smartscreen | [Browser/AllowSmartScreen](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowsmartscreen) | Disable Windows Defender Smartscreen. <br /> **0**: turned off <br /> **1**: turned on 
-|   23.2 Windows Defender Smartscreen EnableAppInstallControl | [SmartScreen/EnableAppInstallControl](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-smartscreen#smartscreen-enableappinstallcontrol) | Controls whether users are allowed to install apps from places other than the Microsoft Store <br /> **0**: Turns off traffic <br /> **1**: Allows traffic 
+| 23. Windows Defender | [Defender/AllowCloudProtection](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-defender#defender-allowcloudprotection) | Disconnect from the Microsoft Antimalware Protection Service. ** Set to 0 (zero)**  
+| | [Defender/SubmitSamplesConsent](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-defender#defender-submitsamplesconsent) | Stop sending file samples back to Microsoft. ** Set to 2 (two)**  
+|   23.1 Windows Defender Smartscreen | [Browser/AllowSmartScreen](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowsmartscreen) | Disable Windows Defender Smartscreen. ** Set to 0 (zero)**  
+|   23.2 Windows Defender Smartscreen EnableAppInstallControl | [SmartScreen/EnableAppInstallControl](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-smartscreen#smartscreen-enableappinstallcontrol) | Controls whether users are allowed to install apps from places other than the Microsoft Store ** Set to 0 (zero)**  
 | 24. Windows Media Player | N/A | N/A 
-| 25. Windows Spotlight | [Experience/AllowWindowsSpotlight](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-experience#experience-allowwindowsspotlight) | Disable Windows Spotlight. <br /> **0**: disabled 
-| 26. Microsoft Store | [ApplicationManagement/DisableStoreOriginatedApps](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-applicationmanagement#applicationmanagement-disablestoreoriginatedapps)| Boolean value that disables the launch of all apps from Microsoft Store that came pre-installed or were downloaded.  <br /> **0** (default) Enable launch of apps.<br /> **1** Disable launch of apps.
-| | [ApplicationManagement/AllowAppStoreAutoUpdate](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-applicationmanagement#applicationmanagement-allowappstoreautoupdate)| Specifies whether automatic update of apps from Microsoft Store are allowed. <br /> **1** (default)  Allowed.<br />  **0** Not allowed.
-| 26.1 Apps for websites | [ApplicationDefaults/EnableAppUriHandlers](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-applicationdefaults#applicationdefaults-enableappurihandlers) | This policy setting determines whether Windows supports web-to-app linking with app URI handlers. <br /> **0**: disabled  <br /> **1** enabled
+| 25. Windows Spotlight | [Experience/AllowWindowsSpotlight](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-experience#experience-allowwindowsspotlight) | Disable Windows Spotlight. ** Set to 0 (zero)**  
+| 26. Microsoft Store | [ApplicationManagement/DisableStoreOriginatedApps](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-applicationmanagement#applicationmanagement-disablestoreoriginatedapps)| Boolean value that disables the launch of all apps from Microsoft Store that came pre-installed or were downloaded.  ** Set to 1 (one)**  
+| | [ApplicationManagement/AllowAppStoreAutoUpdate](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-applicationmanagement#applicationmanagement-allowappstoreautoupdate)| Specifies whether automatic update of apps from Microsoft Store are allowed. ** Set to 0 (zero)**  
+| 26.1 Apps for websites | [ApplicationDefaults/EnableAppUriHandlers](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-applicationdefaults#applicationdefaults-enableappurihandlers) | This policy setting determines whether Windows supports web-to-app linking with app URI handlers. ** Set to 0 (zero)**  
 | 27. Windows Update Delivery Optimization | | The following Delivery Optimization MDM policies are available in the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx). 
-| | [DeliveryOptimization/DODownloadMode](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-deliveryoptimization#deliveryoptimization-dodownloadmode)| Lets you choose where Delivery Optimization gets or sends updates and apps. <br />**0**: turns off Delivery Optimization <br /> **1**: gets or sends updates and apps to PCs on the same NAT only <br />**2**: gets or sends updates and apps to PCs on the same local network domain <br /> **3**: gets or sends updates and apps to PCs on the Internet <br /> **99**: simple download mode with no peering <br /> **100**: use BITS instead of Windows Update Delivery Optimization 
-| | [DeliveryOptimization/DOGroupID](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-deliveryoptimization#deliveryoptimization-dogroupid)| Lets you provide a Group ID that limits which PCs can share apps and updates. <br /> Note: This ID must be a GUID.
-| | [DeliveryOptimization/DOMaxCacheAge](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-deliveryoptimization#deliveryoptimization-domaxcacheage)| Lets you specify the maximum time (in seconds) that a file is held in the Delivery Optimization cache. <br /> The default value is 259200 seconds (3 days).
-| | [DeliveryOptimization/DOMaxCacheSize](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-deliveryoptimization#deliveryoptimization-domaxcachesize)           | Lets you specify the maximum cache size as a percentage of disk size. <br /> The default value is 20 which represents 20% of the disk.
-| | [DeliveryOptimization/DOMaxUploadBandwidth](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-deliveryoptimization#deliveryoptimization-domaxuploadbandwidth)      | Lets you specify the maximum upload bandwidth (in KB/second) that a device uses across all concurrent upload activity. <br /> The default value is 0, which means unlimited possible bandwidth.
-| | [DeliveryOptimization/DODownloadMode](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-deliveryoptimization#deliveryoptimization-dodownloadmode)| Specifies the download method that Delivery Optimization can use in downloads of Windows Updates, Apps and App updates. Set to **100** - Bypass mode. Do not use Delivery Optimization and use BITS instead. Added in Windows 10, version 1607.
-| 28. Windows Update | [Update/AllowAutoUpdate](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-update#update-allowautoupdate) | Control automatic updates. <br /> **0**: notify the user before downloading the update <br /> **1**: auto install the update and then notify the user to schedule a device restart <br /> **2**: auto install and restart (default) <br /> **3**: auto install and restart at a specified time <br /> **4**: auto install and restart without end-user control <br /> **5**: turn off automatic updates 
+| | [DeliveryOptimization/DODownloadMode](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-deliveryoptimization#deliveryoptimization-dodownloadmode)| Lets you choose where Delivery Optimization gets or sends updates and apps. ** Set to 100 (one hundred)**  
+| 28. Windows Update | [Update/AllowAutoUpdate](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-update#update-allowautoupdate) | Control automatic updates** Set to 5 (five)**  
 
 ### <a href="" id="bkmk-mdm-whitelist"></a> Allowed traffic (aka "Whitelisted") for Microsoft InTune / MDM configurations
 

From b36bf3a3c56a1b203b553558e6187a7398aed91a Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Fri, 17 May 2019 19:12:56 -0700
Subject: [PATCH 093/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md

---
 ...ponents-to-microsoft-services-using-MDM.md | 103 +++++++++---------
 1 file changed, 52 insertions(+), 51 deletions(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
index 2a3fcf8085..74a970cd78 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
@@ -47,9 +47,9 @@ For Windows 10, the following MDM policies are available in the [Policy CSP](htt
 | | [Search/AllowSearchToUseLocation](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-search#search-allowsearchtouselocation) | Choose whether Cortana and Search can provide location-aware search results. **Set to 0 (zero)**
 | 3. Date & Time | [Settings/AllowDateTime](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-settings#settings-allowdatetime)| Allows the user to change date and time settings.  **Set to 0 (zero)**
 | 4. Device metadata retrieval | [DeviceInstallation/PreventDeviceMetadataFromNetwork](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-deviceinstallation#deviceinstallation-preventdevicemetadatafromnetwork) | Choose whether to prevent Windows from retrieving device metadata from the Internet.  **Set to Enabled**
-| 5. Find My Device | [Experience/AllowFindMyDevice](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-experience#experience-allowfindmydevice)| This policy turns on Find My Device.  ** Set to 0  (zero)**  
-| 6. Font streaming | [System/AllowFontProviders](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-system#system-allowfontproviders) | ** Set to 0  (zero)**  
-| 7. Insider Preview builds | [System/AllowBuildPreview](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-system#system-allowbuildpreview) | ** Set to 0  (zero)** 
+| 5. Find My Device | [Experience/AllowFindMyDevice](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-experience#experience-allowfindmydevice)| This policy turns on Find My Device.  **Set to 0  (zero)** 
+| 6. Font streaming | [System/AllowFontProviders](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-system#system-allowfontproviders) | **Set to 0  (zero)** 
+| 7. Insider Preview builds | [System/AllowBuildPreview](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-system#system-allowbuildpreview) | **Set to 0  (zero)**
 | 8. Internet Explorer | The following Microsoft Internet Explorer MDM policies are available in the [Internet Explorer CSP](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-internetexplorer) | 
 | | [InternetExplorer/AllowSuggestedSites](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-allowsuggestedsites) | Recommends websites based on the user’s browsing activity. **Set to Disabled**
 | | [InternetExplorer/PreventManagingSmartScreenFilter]( https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-preventmanagingsmartscreenfilter) | Prevents the user from managing SmartScreen Filter, which warns the user if the website being visited is known for fraudulent attempts to gather personal information through "phishing," or is known to host malware. **Set to Enabled**
@@ -57,62 +57,63 @@ For Windows 10, the following MDM policies are available in the [Policy CSP](htt
 | | [InternetExplorer/DisableHomePageChange]( https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-disablehomepagechange) | Determines whether users can change the default Home Page or not. **Set to Enabled**
 | | [InternetExplorer/DisableFirstRunWizard]( https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-disablefirstrunwizard) | Prevents Internet Explorer from running the First Run wizard the first time a user starts the browser after installing Internet Explorer or Windows. **Set to Enabled**
 | 9. Live Tiles | [Notifications/DisallowTileNotification](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-notifications)| This policy setting turns off tile notifications. If you enable this policy setting applications and system features will not be able to update their tiles and tile badges in the Start screen.  **Set to Enabled**
-| 10. Mail synchronization | [Accounts/AllowMicrosoftAccountConnection](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-accounts#accounts-allowmicrosoftaccountconnection) | ** Set to 0  (zero)**  
-| 11. Microsoft Account | [Accounts/AllowMicrosoftAccountSignInAssistant](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-accounts#accounts-allowmicrosoftaccountsigninassistant) | Disable the Microsoft Account Sign-In Assistant. ** Set to 0  (zero)**  
+| 10. Mail synchronization | [Accounts/AllowMicrosoftAccountConnection](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-accounts#accounts-allowmicrosoftaccountconnection) | **Set to 0  (zero)** 
+| 11. Microsoft Account | [Accounts/AllowMicrosoftAccountSignInAssistant](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-accounts#accounts-allowmicrosoftaccountsigninassistant) | Disable the Microsoft Account Sign-In Assistant. **Set to 0  (zero)** 
 | 12. Microsoft Edge | | The following Microsoft Edge MDM policies are available in the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx). For a complete list of the Microsoft Edge policies, see [Available policies for Microsoft Edge](https://docs.microsoft.com/microsoft-edge/deploy/available-policies). 
-| | [Browser/AllowAutoFill](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowautofill) | Choose whether employees can use autofill on websites. ** Set to 0  (zero)**  
-| | [Browser/AllowDoNotTrack](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowdonottrack) | Choose whether employees can send Do Not Track headers. ** Set to 0  (zero)**  
-| | [Browser/AllowMicrosoftCompatbilityList](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowmicrosoftcompatibilitylist) | Specify the Microsoft compatibility list in Microsoft Edge. ** Set to 0  (zero)**  
-| | [Browser/AllowPasswordManager](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowpasswordmanager) | Choose whether employees can save passwords locally on their devices. ** Set to 0  (zero)**  
-| | [Browser/AllowSearchSuggestionsinAddressBar](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowsearchsuggestionsinaddressbar) | Choose whether the Address Bar shows search suggestions. ** Set to 0  (zero)**  
-| | [Browser/AllowSmartScreen](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowsmartscreen) | Choose whether SmartScreen is turned on or off.  ** Set to 0  (zero)**  
-| 13. Network Connection Status Indicator | [Connectivity/DisallowNetworkConnectivityActiveTests](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-connectivity#connectivity-disallownetworkconnectivityactivetests) | ** Set to 1 (one)**  Note:: After you apply this policy you must restart the device for the policy setting to take effect. 
-| 14. Offline maps | [AllowOfflineMapsDownloadOverMeteredConnection](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-maps)|Allows the download and update of map data over metered connections. <br /> ** Set to 0  (zero)**  
-| | [EnableOfflineMapsAutoUpdate](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-maps#maps-enableofflinemapsautoupdate)|Disables the automatic download and update of map data. ** Set to 0  (zero)**  
-| 15. OneDrive | [DisableOneDriveFileSync](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-system#system-disableonedrivefilesync)| Allows IT Admins to prevent apps and features from working with files on OneDrive. ** Set to 1  (one)**  
+| | [Browser/AllowAutoFill](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowautofill) | Choose whether employees can use autofill on websites. **Set to 0  (zero)** 
+| | [Browser/AllowDoNotTrack](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowdonottrack) | Choose whether employees can send Do Not Track headers. **Set to 0  (zero)** 
+| | [Browser/AllowMicrosoftCompatbilityList](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowmicrosoftcompatibilitylist) | Specify the Microsoft compatibility list in Microsoft Edge. **Set to 0  (zero)** 
+| | [Browser/AllowPasswordManager](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowpasswordmanager) | Choose whether employees can save passwords locally on their devices. **Set to 0  (zero)** 
+| | [Browser/AllowSearchSuggestionsinAddressBar](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowsearchsuggestionsinaddressbar) | Choose whether the Address Bar shows search suggestions. **Set to 0  (zero)** 
+| | [Browser/AllowSmartScreen](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowsmartscreen) | Choose whether SmartScreen is turned on or off.  **Set to 0  (zero)** 
+| 13. Network Connection Status Indicator | [Connectivity/DisallowNetworkConnectivityActiveTests](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-connectivity#connectivity-disallownetworkconnectivityactivetests) | **Set to 1 (one)** Note:: After you apply this policy you must restart the device for the policy setting to take effect. 
+| 14. Offline maps | [AllowOfflineMapsDownloadOverMeteredConnection](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-maps)|Allows the download and update of map data over metered connections. <br /> **Set to 0  (zero)** 
+| | [EnableOfflineMapsAutoUpdate](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-maps#maps-enableofflinemapsautoupdate)|Disables the automatic download and update of map data. **Set to 0  (zero)** 
+| 15. OneDrive | [DisableOneDriveFileSync](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-system#system-disableonedrivefilesync)| Allows IT Admins to prevent apps and features from working with files on OneDrive. **Set to 1  (one)** 
 | 16. Preinstalled apps | N/A | N/A 
 | 17. Privacy settings | | Except for the Feedback & Diagnostics page, these settings must be configured for every user account that signs into the PC. 
-|   17.1 General | [TextInput/AllowLinguisticDataCollection](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-textinput#textinput-allowlinguisticdatacollection) | Turn off **Send Microsoft info about how I write to help us improve typing and writing in the future**. ** Set to 0  (zero)** 
-|   17.2 Location | [System/AllowLocation](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-system#system-allowlocation) | Turn off **Location for this device**. ** Set to 0  (zero)**  Note:: You can also set this MDM policy in System Center Configuration Manager using the [WMI Bridge Provider](https://msdn.microsoft.com/library/dn905224.aspx). 
-|   17.3 Camera | [Camera/AllowCamera](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-camera#camera-allowcamera) | Turn off **Let apps use my camera**. ** Set to 0  (zero)**  Note:: You can also set this MDM policy in System Center Configuration Manager using the [WMI Bridge Provider](https://msdn.microsoft.com/library/dn905224.aspx). 
-|   17.4 Microphone | [Privacy/LetAppsAccessMicrophone](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessmicrophone) | Turn off **Let apps use my microphone**. ** Set to 2  (two)**   
-|   17.5 Notifications | [Notifications/DisallowCloudNotification](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-notifications#notifications-disallowcloudnotification) | Turn off notifications network usage.  **DO NOT TURN OFF WNS Notifications if you want manage your device(s) using Microsoft InTune** 
-| | [Privacy/LetAppsAccessNotifications](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessnotifications) | ** Set to 2  (two)**   
+|   17.1 General | [TextInput/AllowLinguisticDataCollection](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-textinput#textinput-allowlinguisticdatacollection) | Turn off **Send Microsoft info about how I write to help us improve typing and writing in the future**. **Set to 0  (zero)**
+|   17.2 Location | [System/AllowLocation](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-system#system-allowlocation) | Turn off **Location for this device**. **Set to 0  (zero)** Note:: You can also set this MDM policy in System Center Configuration Manager using the [WMI Bridge Provider](https://msdn.microsoft.com/library/dn905224.aspx). 
+|   17.3 Camera | [Camera/AllowCamera](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-camera#camera-allowcamera) | Turn off **Let apps use my camera**. **Set to 0  (zero)** Note:: You can also set this MDM policy in System Center Configuration Manager using the [WMI Bridge Provider](https://msdn.microsoft.com/library/dn905224.aspx). 
+|   17.4 Microphone | [Privacy/LetAppsAccessMicrophone](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessmicrophone) | Turn off **Let apps use my microphone**. **Set to 2  (two)**  
+|   17.5 Notifications | [Notifications/DisallowCloudNotification](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-notifications#notifications-disallowcloudnotification) | Turn off notifications network usage.  **DO NOT TURN OFF WNS Notifications if you want manage your device(s) using Microsoft InTune**
+| | [Privacy/LetAppsAccessNotifications](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessnotifications) | **Set to 2  (two)**  
 | | [Settings/Notifications & actions/AllowOnlineTips]( https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-settings#settings-allowonlinetips) | **Set to Disabled**
-|   17.6 Speech, Inking, & Typing | [Speech/AllowSpeechModelUpdate](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-speech#speech-allowspeechmodelupdate) | Turn off updates to the speech recognition and speech synthesis models. ** Set to 0  (zero)**  
-| | [TextInput/AllowLinguisticDataCollection](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-textinput#textinput-allowlinguisticdatacollection)|This policy setting controls the ability to send inking and typing data to Microsoft to improve the language recognition and suggestion capabilities of apps and services running on Windows. ** Set to 0  (zero)**  
-|   17.7 Account info | [Privacy/LetAppsAccessAccountInfo](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessaccountinfo) | Turn off **Let apps access my name picture and other account info in the UI ** Set to 2  (two)**  
-|   17.8 Contacts | [Privacy/LetAppsAccessContacts](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesscontacts) | Turn off **Choose apps that can access contacts** in the UI. ** Set to 2  (two)**  
-|   17.9 Calendar | [Privacy/LetAppsAccessCalendar](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesscalendar) | ** Set to 2  (two)**  
-|   17.10 Call history | [Privacy/LetAppsAccessCallHistory](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesscallhistory) | ** Set to 2  (two)**  
-|   17.11 Email | [Privacy/LetAppsAccessEmail](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessemail) | ** Set to 2  (two)**  
-|   17.12 Messaging | [Privacy/LetAppsAccessMessaging](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessmessaging) | ** Set to 2  (two)**  
-|   17.13 Phone calls | [Privacy/LetAppsAccessPhone](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessphone) ** Set to 2  (two)**  
-|   17.14 Radios | [Privacy/LetAppsAccessRadios](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessradios) | ** Set to 2 (two)**  
-|   17.15 Other devices | [Privacy/LetAppsSyncWithDevices](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappssyncwithdevices) | ** Set to 2  (two)**  
-| | [Privacy/LetAppsAccessTrustedDevices](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesstrusteddevices) | ** Set to 2 (two)**  
-|   17.16 Feedback & diagnostics | [System/AllowTelemetry](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-system#system-allowtelemetry) | Change the level of diagnostic and usage data sent when you **Send your device data to Microsoft**. ** Set to 0 (zero)**  
-|   17.17 Background apps | [Privacy/LetAppsRunInBackground](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsruninbackground) | Turn off **Let apps run in the background** in the UI. ** Set to 2 (two)**  Note: Some apps, including Cortana and Search, might not function as expected if you set **Let apps run in the background** to **Force Deny**. 
-|   17.18 Motion | [Privacy/LetAppsAccessMotion](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessmotion) | ** Set to 2 (two)**  
-|   17.19 Tasks | [Privacy/LetAppsAccessTasks](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesstasks) | Turn off the ability to choose which apps have access to tasks. ** Set to 2 (two)**  
-|   17.20 App Diagnostics | [Privacy/LetAppsGetDiagnosticInfo](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsgetdiagnosticinfo) | ** Set to 2 (two)**  
-| 18. Software Protection Platform | [Licensing/DisallowKMSClientOnlineAVSValidation](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-licensing#licensing-disallowkmsclientonlineavsvalidation) | Opt out of sending KMS client activation data to Microsoft automatically. ** Set to 1 (one)**   
-| 19. Storage Health | [Storage/AllowDiskHealthModelUpdates](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-storage#storage-allowdiskhealthmodelupdates) | Allows disk health model updates. ** Set to 0 (zero)**  
-| 20. Sync your settings | [Experience/AllowSyncMySettings](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-experience#experience-allowsyncmysettings) | Control whether your settings are synchronized. ** Set to 0 (zero)**  
+|   17.6 Speech, Inking, & Typing | [Speech/AllowSpeechModelUpdate](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-speech#speech-allowspeechmodelupdate) | Turn off updates to the speech recognition and speech synthesis models. **Set to 0  (zero)** 
+| | [TextInput/AllowLinguisticDataCollection](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-textinput#textinput-allowlinguisticdatacollection)|This policy setting controls the ability to send inking and typing data to Microsoft to improve the language recognition and suggestion capabilities of apps and services running on Windows. **Set to 0  (zero)** 
+|   17.7 Account info | [Privacy/LetAppsAccessAccountInfo](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessaccountinfo) | Turn off **Let apps access my name picture and other account info in the UI **Set to 2  (two)** 
+|   17.8 Contacts | [Privacy/LetAppsAccessContacts](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesscontacts) | Turn off **Choose apps that can access contacts**in the UI. **Set to 2  (two)** 
+|   17.9 Calendar | [Privacy/LetAppsAccessCalendar](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesscalendar) | **Set to 2  (two)** 
+|   17.10 Call history | [Privacy/LetAppsAccessCallHistory](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesscallhistory) | **Set to 2  (two)** 
+|   17.11 Email | [Privacy/LetAppsAccessEmail](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessemail) | **Set to 2  (two)** 
+|   17.12 Messaging | [Privacy/LetAppsAccessMessaging](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessmessaging) | **Set to 2  (two)** 
+|   17.13 Phone calls | [Privacy/LetAppsAccessPhone](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessphone) **Set to 2  (two)** 
+|   17.14 Radios | [Privacy/LetAppsAccessRadios](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessradios) | **Set to 2 (two)** 
+|   17.15 Other devices | [Privacy/LetAppsSyncWithDevices](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappssyncwithdevices) | **Set to 2  (two)** 
+| | [Privacy/LetAppsAccessTrustedDevices](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesstrusteddevices) | **Set to 2 (two)** 
+|   17.16 Feedback & diagnostics | [System/AllowTelemetry](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-system#system-allowtelemetry) | Change the level of diagnostic and usage data sent when you **Send your device data to Microsoft**. **Set to 0 (zero)** 
+|   17.17 Background apps | [Privacy/LetAppsRunInBackground](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsruninbackground) | Turn off **Let apps run in the background**in the UI. **Set to 2 (two)** Note: Some apps, including Cortana and Search, might not function as expected if you set **Let apps run in the background**to **Force Deny**. 
+|   17.18 Motion | [Privacy/LetAppsAccessMotion](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessmotion) | **Set to 2 (two)** 
+|   17.19 Tasks | [Privacy/LetAppsAccessTasks](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesstasks) | Turn off the ability to choose which apps have access to tasks. **Set to 2 (two)** 
+|   17.20 App Diagnostics | [Privacy/LetAppsGetDiagnosticInfo](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsgetdiagnosticinfo) | **Set to 2 (two)** 
+| 18. Software Protection Platform | [Licensing/DisallowKMSClientOnlineAVSValidation](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-licensing#licensing-disallowkmsclientonlineavsvalidation) | Opt out of sending KMS client activation data to Microsoft automatically. **Set to 1 (one)**  
+| 19. Storage Health | [Storage/AllowDiskHealthModelUpdates](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-storage#storage-allowdiskhealthmodelupdates) | Allows disk health model updates. **Set to 0 (zero)** 
+| 20. Sync your settings | [Experience/AllowSyncMySettings](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-experience#experience-allowsyncmysettings) | Control whether your settings are synchronized. **Set to 0 (zero)** 
 | 21. Teredo | No MDM needed or required|No MDM needed or required
 | 22. Wi-Fi Sense | No MDM needed or required|No MDM needed or required
-| 23. Windows Defender | [Defender/AllowCloudProtection](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-defender#defender-allowcloudprotection) | Disconnect from the Microsoft Antimalware Protection Service. ** Set to 0 (zero)**  
-| | [Defender/SubmitSamplesConsent](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-defender#defender-submitsamplesconsent) | Stop sending file samples back to Microsoft. ** Set to 2 (two)**  
-|   23.1 Windows Defender Smartscreen | [Browser/AllowSmartScreen](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowsmartscreen) | Disable Windows Defender Smartscreen. ** Set to 0 (zero)**  
-|   23.2 Windows Defender Smartscreen EnableAppInstallControl | [SmartScreen/EnableAppInstallControl](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-smartscreen#smartscreen-enableappinstallcontrol) | Controls whether users are allowed to install apps from places other than the Microsoft Store ** Set to 0 (zero)**  
+| 23. Windows Defender | [Defender/AllowCloudProtection](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-defender#defender-allowcloudprotection) | Disconnect from the Microsoft Antimalware Protection Service. **Set to 0 (zero)** 
+| | [Defender/SubmitSamplesConsent](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-defender#defender-submitsamplesconsent) | Stop sending file samples back to Microsoft. **Set to 2 (two)** 
+|   23.1 Windows Defender Smartscreen | [Browser/AllowSmartScreen](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowsmartscreen) | Disable Windows Defender Smartscreen. **Set to 0 (zero)** 
+|   23.2 Windows Defender Smartscreen EnableAppInstallControl | [SmartScreen/EnableAppInstallControl](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-smartscreen#smartscreen-enableappinstallcontrol) | Controls whether users are allowed to install apps from places other than the Microsoft Store **Set to 0 (zero)** 
 | 24. Windows Media Player | N/A | N/A 
-| 25. Windows Spotlight | [Experience/AllowWindowsSpotlight](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-experience#experience-allowwindowsspotlight) | Disable Windows Spotlight. ** Set to 0 (zero)**  
-| 26. Microsoft Store | [ApplicationManagement/DisableStoreOriginatedApps](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-applicationmanagement#applicationmanagement-disablestoreoriginatedapps)| Boolean value that disables the launch of all apps from Microsoft Store that came pre-installed or were downloaded.  ** Set to 1 (one)**  
-| | [ApplicationManagement/AllowAppStoreAutoUpdate](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-applicationmanagement#applicationmanagement-allowappstoreautoupdate)| Specifies whether automatic update of apps from Microsoft Store are allowed. ** Set to 0 (zero)**  
-| 26.1 Apps for websites | [ApplicationDefaults/EnableAppUriHandlers](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-applicationdefaults#applicationdefaults-enableappurihandlers) | This policy setting determines whether Windows supports web-to-app linking with app URI handlers. ** Set to 0 (zero)**  
+| 25. Windows Spotlight | [Experience/AllowWindowsSpotlight](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-experience#experience-allowwindowsspotlight) | Disable Windows Spotlight. **Set to 0 (zero)** 
+| 26. Microsoft Store | [ApplicationManagement/DisableStoreOriginatedApps](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-applicationmanagement#applicationmanagement-disablestoreoriginatedapps)| Boolean value that disables the launch of all apps from Microsoft Store that came pre-installed or were downloaded.  **Set to 1 (one)** 
+| | [ApplicationManagement/AllowAppStoreAutoUpdate](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-applicationmanagement#applicationmanagement-allowappstoreautoupdate)| Specifies whether automatic update of apps from Microsoft Store are allowed. **Set to 0 (zero)** 
+| 26.1 Apps for websites | [ApplicationDefaults/EnableAppUriHandlers](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-applicationdefaults#applicationdefaults-enableappurihandlers) | This policy setting determines whether Windows supports web-to-app linking with app URI handlers. **Set to 0 (zero)** 
 | 27. Windows Update Delivery Optimization | | The following Delivery Optimization MDM policies are available in the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx). 
-| | [DeliveryOptimization/DODownloadMode](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-deliveryoptimization#deliveryoptimization-dodownloadmode)| Lets you choose where Delivery Optimization gets or sends updates and apps. ** Set to 100 (one hundred)**  
-| 28. Windows Update | [Update/AllowAutoUpdate](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-update#update-allowautoupdate) | Control automatic updates** Set to 5 (five)**  
+| | [DeliveryOptimization/DODownloadMode](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-deliveryoptimization#deliveryoptimization-dodownloadmode)| Lets you choose where Delivery Optimization gets or sends updates and apps. **Set to 100 (one hundred)** 
+| 28. Windows Update | [Update/AllowAutoUpdate](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-update#update-allowautoupdate) | Control automatic updates**Set to 5 (five)** 
+
 
 ### <a href="" id="bkmk-mdm-whitelist"></a> Allowed traffic (aka "Whitelisted") for Microsoft InTune / MDM configurations
 

From 8eb9327855950b046999792d9ed0d9a70715e881 Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Fri, 17 May 2019 19:15:27 -0700
Subject: [PATCH 094/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md

---
 ...g-system-components-to-microsoft-services-using-MDM.md | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
index 74a970cd78..e49bfc19ea 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
@@ -66,22 +66,22 @@ For Windows 10, the following MDM policies are available in the [Policy CSP](htt
 | | [Browser/AllowPasswordManager](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowpasswordmanager) | Choose whether employees can save passwords locally on their devices. **Set to 0  (zero)** 
 | | [Browser/AllowSearchSuggestionsinAddressBar](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowsearchsuggestionsinaddressbar) | Choose whether the Address Bar shows search suggestions. **Set to 0  (zero)** 
 | | [Browser/AllowSmartScreen](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowsmartscreen) | Choose whether SmartScreen is turned on or off.  **Set to 0  (zero)** 
-| 13. Network Connection Status Indicator | [Connectivity/DisallowNetworkConnectivityActiveTests](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-connectivity#connectivity-disallownetworkconnectivityactivetests) | **Set to 1 (one)** Note:: After you apply this policy you must restart the device for the policy setting to take effect. 
+| 13. Network Connection Status Indicator | [Connectivity/DisallowNetworkConnectivityActiveTests](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-connectivity#connectivity-disallownetworkconnectivityactivetests) | **Set to 1 (one)** Note: After you apply this policy you must restart the device for the policy setting to take effect. 
 | 14. Offline maps | [AllowOfflineMapsDownloadOverMeteredConnection](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-maps)|Allows the download and update of map data over metered connections. <br /> **Set to 0  (zero)** 
 | | [EnableOfflineMapsAutoUpdate](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-maps#maps-enableofflinemapsautoupdate)|Disables the automatic download and update of map data. **Set to 0  (zero)** 
 | 15. OneDrive | [DisableOneDriveFileSync](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-system#system-disableonedrivefilesync)| Allows IT Admins to prevent apps and features from working with files on OneDrive. **Set to 1  (one)** 
 | 16. Preinstalled apps | N/A | N/A 
 | 17. Privacy settings | | Except for the Feedback & Diagnostics page, these settings must be configured for every user account that signs into the PC. 
 |   17.1 General | [TextInput/AllowLinguisticDataCollection](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-textinput#textinput-allowlinguisticdatacollection) | Turn off **Send Microsoft info about how I write to help us improve typing and writing in the future**. **Set to 0  (zero)**
-|   17.2 Location | [System/AllowLocation](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-system#system-allowlocation) | Turn off **Location for this device**. **Set to 0  (zero)** Note:: You can also set this MDM policy in System Center Configuration Manager using the [WMI Bridge Provider](https://msdn.microsoft.com/library/dn905224.aspx). 
-|   17.3 Camera | [Camera/AllowCamera](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-camera#camera-allowcamera) | Turn off **Let apps use my camera**. **Set to 0  (zero)** Note:: You can also set this MDM policy in System Center Configuration Manager using the [WMI Bridge Provider](https://msdn.microsoft.com/library/dn905224.aspx). 
+|   17.2 Location | [System/AllowLocation](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-system#system-allowlocation) | Turn off **Location for this device**. **Set to 0  (zero)** Note: You can also set this MDM policy in System Center Configuration Manager using the [WMI Bridge Provider](https://msdn.microsoft.com/library/dn905224.aspx). 
+|   17.3 Camera | [Camera/AllowCamera](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-camera#camera-allowcamera) | Turn off **Let apps use my camera**. **Set to 0  (zero)** Note: You can also set this MDM policy in System Center Configuration Manager using the [WMI Bridge Provider](https://msdn.microsoft.com/library/dn905224.aspx). 
 |   17.4 Microphone | [Privacy/LetAppsAccessMicrophone](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessmicrophone) | Turn off **Let apps use my microphone**. **Set to 2  (two)**  
 |   17.5 Notifications | [Notifications/DisallowCloudNotification](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-notifications#notifications-disallowcloudnotification) | Turn off notifications network usage.  **DO NOT TURN OFF WNS Notifications if you want manage your device(s) using Microsoft InTune**
 | | [Privacy/LetAppsAccessNotifications](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessnotifications) | **Set to 2  (two)**  
 | | [Settings/Notifications & actions/AllowOnlineTips]( https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-settings#settings-allowonlinetips) | **Set to Disabled**
 |   17.6 Speech, Inking, & Typing | [Speech/AllowSpeechModelUpdate](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-speech#speech-allowspeechmodelupdate) | Turn off updates to the speech recognition and speech synthesis models. **Set to 0  (zero)** 
 | | [TextInput/AllowLinguisticDataCollection](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-textinput#textinput-allowlinguisticdatacollection)|This policy setting controls the ability to send inking and typing data to Microsoft to improve the language recognition and suggestion capabilities of apps and services running on Windows. **Set to 0  (zero)** 
-|   17.7 Account info | [Privacy/LetAppsAccessAccountInfo](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessaccountinfo) | Turn off **Let apps access my name picture and other account info in the UI **Set to 2  (two)** 
+|   17.7 Account info | [Privacy/LetAppsAccessAccountInfo](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessaccountinfo) | Turn off **Let apps access my name picture and other account info in the UI** **Set to 2  (two)** 
 |   17.8 Contacts | [Privacy/LetAppsAccessContacts](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesscontacts) | Turn off **Choose apps that can access contacts**in the UI. **Set to 2  (two)** 
 |   17.9 Calendar | [Privacy/LetAppsAccessCalendar](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesscalendar) | **Set to 2  (two)** 
 |   17.10 Call history | [Privacy/LetAppsAccessCallHistory](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesscallhistory) | **Set to 2  (two)** 

From 0806bf3d5e242ca6ceb1068395688b77f4b663cd Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Fri, 17 May 2019 19:17:04 -0700
Subject: [PATCH 095/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md

---
 ...components-to-microsoft-services-using-MDM.md | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
index e49bfc19ea..fb247848e0 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
@@ -81,15 +81,15 @@ For Windows 10, the following MDM policies are available in the [Policy CSP](htt
 | | [Settings/Notifications & actions/AllowOnlineTips]( https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-settings#settings-allowonlinetips) | **Set to Disabled**
 |   17.6 Speech, Inking, & Typing | [Speech/AllowSpeechModelUpdate](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-speech#speech-allowspeechmodelupdate) | Turn off updates to the speech recognition and speech synthesis models. **Set to 0  (zero)** 
 | | [TextInput/AllowLinguisticDataCollection](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-textinput#textinput-allowlinguisticdatacollection)|This policy setting controls the ability to send inking and typing data to Microsoft to improve the language recognition and suggestion capabilities of apps and services running on Windows. **Set to 0  (zero)** 
-|   17.7 Account info | [Privacy/LetAppsAccessAccountInfo](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessaccountinfo) | Turn off **Let apps access my name picture and other account info in the UI** **Set to 2  (two)** 
-|   17.8 Contacts | [Privacy/LetAppsAccessContacts](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesscontacts) | Turn off **Choose apps that can access contacts**in the UI. **Set to 2  (two)** 
-|   17.9 Calendar | [Privacy/LetAppsAccessCalendar](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesscalendar) | **Set to 2  (two)** 
-|   17.10 Call history | [Privacy/LetAppsAccessCallHistory](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesscallhistory) | **Set to 2  (two)** 
-|   17.11 Email | [Privacy/LetAppsAccessEmail](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessemail) | **Set to 2  (two)** 
-|   17.12 Messaging | [Privacy/LetAppsAccessMessaging](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessmessaging) | **Set to 2  (two)** 
-|   17.13 Phone calls | [Privacy/LetAppsAccessPhone](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessphone) **Set to 2  (two)** 
+|   17.7 Account info | [Privacy/LetAppsAccessAccountInfo](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessaccountinfo) | **Set to 2 (two)** 
+|   17.8 Contacts | [Privacy/LetAppsAccessContacts](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesscontacts) | **Set to 2 (two)** 
+|   17.9 Calendar | [Privacy/LetAppsAccessCalendar](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesscalendar) | **Set to 2 (two)** 
+|   17.10 Call history | [Privacy/LetAppsAccessCallHistory](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesscallhistory) | **Set to 2 (two)** 
+|   17.11 Email | [Privacy/LetAppsAccessEmail](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessemail) | **Set to 2 (two)** 
+|   17.12 Messaging | [Privacy/LetAppsAccessMessaging](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessmessaging) | **Set to 2 (two)** 
+|   17.13 Phone calls | [Privacy/LetAppsAccessPhone](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessphone) **Set to 2 (two)** 
 |   17.14 Radios | [Privacy/LetAppsAccessRadios](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessradios) | **Set to 2 (two)** 
-|   17.15 Other devices | [Privacy/LetAppsSyncWithDevices](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappssyncwithdevices) | **Set to 2  (two)** 
+|   17.15 Other devices | [Privacy/LetAppsSyncWithDevices](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappssyncwithdevices) | **Set to 2 (two)** 
 | | [Privacy/LetAppsAccessTrustedDevices](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesstrusteddevices) | **Set to 2 (two)** 
 |   17.16 Feedback & diagnostics | [System/AllowTelemetry](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-system#system-allowtelemetry) | Change the level of diagnostic and usage data sent when you **Send your device data to Microsoft**. **Set to 0 (zero)** 
 |   17.17 Background apps | [Privacy/LetAppsRunInBackground](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsruninbackground) | Turn off **Let apps run in the background**in the UI. **Set to 2 (two)** Note: Some apps, including Cortana and Search, might not function as expected if you set **Let apps run in the background**to **Force Deny**. 

From 58e3b0985a177b17cd581b8d7b1a0e0d78ed520b Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Fri, 17 May 2019 19:19:58 -0700
Subject: [PATCH 096/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md

---
 ...ponents-to-microsoft-services-using-MDM.md | 28 +++++++++----------
 1 file changed, 14 insertions(+), 14 deletions(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
index fb247848e0..b792fff7f4 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
@@ -57,29 +57,29 @@ For Windows 10, the following MDM policies are available in the [Policy CSP](htt
 | | [InternetExplorer/DisableHomePageChange]( https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-disablehomepagechange) | Determines whether users can change the default Home Page or not. **Set to Enabled**
 | | [InternetExplorer/DisableFirstRunWizard]( https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-disablefirstrunwizard) | Prevents Internet Explorer from running the First Run wizard the first time a user starts the browser after installing Internet Explorer or Windows. **Set to Enabled**
 | 9. Live Tiles | [Notifications/DisallowTileNotification](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-notifications)| This policy setting turns off tile notifications. If you enable this policy setting applications and system features will not be able to update their tiles and tile badges in the Start screen.  **Set to Enabled**
-| 10. Mail synchronization | [Accounts/AllowMicrosoftAccountConnection](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-accounts#accounts-allowmicrosoftaccountconnection) | **Set to 0  (zero)** 
-| 11. Microsoft Account | [Accounts/AllowMicrosoftAccountSignInAssistant](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-accounts#accounts-allowmicrosoftaccountsigninassistant) | Disable the Microsoft Account Sign-In Assistant. **Set to 0  (zero)** 
+| 10. Mail synchronization | [Accounts/AllowMicrosoftAccountConnection](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-accounts#accounts-allowmicrosoftaccountconnection) | **Set to 0 (zero)** 
+| 11. Microsoft Account | [Accounts/AllowMicrosoftAccountSignInAssistant](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-accounts#accounts-allowmicrosoftaccountsigninassistant) | Disable the Microsoft Account Sign-In Assistant. **Set to 0 (zero)** 
 | 12. Microsoft Edge | | The following Microsoft Edge MDM policies are available in the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx). For a complete list of the Microsoft Edge policies, see [Available policies for Microsoft Edge](https://docs.microsoft.com/microsoft-edge/deploy/available-policies). 
-| | [Browser/AllowAutoFill](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowautofill) | Choose whether employees can use autofill on websites. **Set to 0  (zero)** 
-| | [Browser/AllowDoNotTrack](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowdonottrack) | Choose whether employees can send Do Not Track headers. **Set to 0  (zero)** 
-| | [Browser/AllowMicrosoftCompatbilityList](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowmicrosoftcompatibilitylist) | Specify the Microsoft compatibility list in Microsoft Edge. **Set to 0  (zero)** 
-| | [Browser/AllowPasswordManager](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowpasswordmanager) | Choose whether employees can save passwords locally on their devices. **Set to 0  (zero)** 
+| | [Browser/AllowAutoFill](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowautofill) | Choose whether employees can use autofill on websites. **Set to 0 (zero)** 
+| | [Browser/AllowDoNotTrack](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowdonottrack) | Choose whether employees can send Do Not Track headers. **Set to 0 (zero)** 
+| | [Browser/AllowMicrosoftCompatbilityList](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowmicrosoftcompatibilitylist) | Specify the Microsoft compatibility list in Microsoft Edge. **Set to 0 (zero)** 
+| | [Browser/AllowPasswordManager](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowpasswordmanager) | Choose whether employees can save passwords locally on their devices. **Set to 0 (zero)** 
 | | [Browser/AllowSearchSuggestionsinAddressBar](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowsearchsuggestionsinaddressbar) | Choose whether the Address Bar shows search suggestions. **Set to 0  (zero)** 
 | | [Browser/AllowSmartScreen](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowsmartscreen) | Choose whether SmartScreen is turned on or off.  **Set to 0  (zero)** 
 | 13. Network Connection Status Indicator | [Connectivity/DisallowNetworkConnectivityActiveTests](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-connectivity#connectivity-disallownetworkconnectivityactivetests) | **Set to 1 (one)** Note: After you apply this policy you must restart the device for the policy setting to take effect. 
-| 14. Offline maps | [AllowOfflineMapsDownloadOverMeteredConnection](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-maps)|Allows the download and update of map data over metered connections. <br /> **Set to 0  (zero)** 
+| 14. Offline maps | [AllowOfflineMapsDownloadOverMeteredConnection](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-maps)|Allows the download and update of map data over metered connections. <br /> **Set to 0 (zero)** 
 | | [EnableOfflineMapsAutoUpdate](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-maps#maps-enableofflinemapsautoupdate)|Disables the automatic download and update of map data. **Set to 0  (zero)** 
-| 15. OneDrive | [DisableOneDriveFileSync](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-system#system-disableonedrivefilesync)| Allows IT Admins to prevent apps and features from working with files on OneDrive. **Set to 1  (one)** 
+| 15. OneDrive | [DisableOneDriveFileSync](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-system#system-disableonedrivefilesync)| Allows IT Admins to prevent apps and features from working with files on OneDrive. **Set to 1 (one)** 
 | 16. Preinstalled apps | N/A | N/A 
 | 17. Privacy settings | | Except for the Feedback & Diagnostics page, these settings must be configured for every user account that signs into the PC. 
-|   17.1 General | [TextInput/AllowLinguisticDataCollection](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-textinput#textinput-allowlinguisticdatacollection) | Turn off **Send Microsoft info about how I write to help us improve typing and writing in the future**. **Set to 0  (zero)**
-|   17.2 Location | [System/AllowLocation](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-system#system-allowlocation) | Turn off **Location for this device**. **Set to 0  (zero)** Note: You can also set this MDM policy in System Center Configuration Manager using the [WMI Bridge Provider](https://msdn.microsoft.com/library/dn905224.aspx). 
-|   17.3 Camera | [Camera/AllowCamera](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-camera#camera-allowcamera) | Turn off **Let apps use my camera**. **Set to 0  (zero)** Note: You can also set this MDM policy in System Center Configuration Manager using the [WMI Bridge Provider](https://msdn.microsoft.com/library/dn905224.aspx). 
-|   17.4 Microphone | [Privacy/LetAppsAccessMicrophone](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessmicrophone) | Turn off **Let apps use my microphone**. **Set to 2  (two)**  
+|   17.1 General | [TextInput/AllowLinguisticDataCollection](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-textinput#textinput-allowlinguisticdatacollection) | **Set to 0 (zero)**
+|   17.2 Location | [System/AllowLocation](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-system#system-allowlocation) | **Set to 0  (zero)** Note: You can also set this MDM policy in System Center Configuration Manager using the [WMI Bridge Provider](https://msdn.microsoft.com/library/dn905224.aspx). 
+|   17.3 Camera | [Camera/AllowCamera](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-camera#camera-allowcamera) | **Set to 0  (zero)** Note: You can also set this MDM policy in System Center Configuration Manager using the [WMI Bridge Provider](https://msdn.microsoft.com/library/dn905224.aspx). 
+|   17.4 Microphone | [Privacy/LetAppsAccessMicrophone](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessmicrophone) | **Set to 2 (two)**  
 |   17.5 Notifications | [Notifications/DisallowCloudNotification](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-notifications#notifications-disallowcloudnotification) | Turn off notifications network usage.  **DO NOT TURN OFF WNS Notifications if you want manage your device(s) using Microsoft InTune**
-| | [Privacy/LetAppsAccessNotifications](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessnotifications) | **Set to 2  (two)**  
+| | [Privacy/LetAppsAccessNotifications](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessnotifications) | **Set to 2 (two)**  
 | | [Settings/Notifications & actions/AllowOnlineTips]( https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-settings#settings-allowonlinetips) | **Set to Disabled**
-|   17.6 Speech, Inking, & Typing | [Speech/AllowSpeechModelUpdate](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-speech#speech-allowspeechmodelupdate) | Turn off updates to the speech recognition and speech synthesis models. **Set to 0  (zero)** 
+|   17.6 Speech, Inking, & Typing | [Speech/AllowSpeechModelUpdate](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-speech#speech-allowspeechmodelupdate) | Turn off updates to the speech recognition and speech synthesis models. **Set to 0 (zero)** 
 | | [TextInput/AllowLinguisticDataCollection](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-textinput#textinput-allowlinguisticdatacollection)|This policy setting controls the ability to send inking and typing data to Microsoft to improve the language recognition and suggestion capabilities of apps and services running on Windows. **Set to 0  (zero)** 
 |   17.7 Account info | [Privacy/LetAppsAccessAccountInfo](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessaccountinfo) | **Set to 2 (two)** 
 |   17.8 Contacts | [Privacy/LetAppsAccessContacts](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesscontacts) | **Set to 2 (two)** 

From ffc0b9a55704278aa043c8dee40100c489870db1 Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Fri, 17 May 2019 19:21:20 -0700
Subject: [PATCH 097/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md

---
 ...ating-system-components-to-microsoft-services-using-MDM.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
index b792fff7f4..6fce0ff38f 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
@@ -79,7 +79,7 @@ For Windows 10, the following MDM policies are available in the [Policy CSP](htt
 |   17.5 Notifications | [Notifications/DisallowCloudNotification](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-notifications#notifications-disallowcloudnotification) | Turn off notifications network usage.  **DO NOT TURN OFF WNS Notifications if you want manage your device(s) using Microsoft InTune**
 | | [Privacy/LetAppsAccessNotifications](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessnotifications) | **Set to 2 (two)**  
 | | [Settings/Notifications & actions/AllowOnlineTips]( https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-settings#settings-allowonlinetips) | **Set to Disabled**
-|   17.6 Speech, Inking, & Typing | [Speech/AllowSpeechModelUpdate](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-speech#speech-allowspeechmodelupdate) | Turn off updates to the speech recognition and speech synthesis models. **Set to 0 (zero)** 
+|   17.6 Speech, Inking, & Typing | [Speech/AllowSpeechModelUpdate](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-speech#speech-allowspeechmodelupdate) | **Set to 0 (zero)** 
 | | [TextInput/AllowLinguisticDataCollection](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-textinput#textinput-allowlinguisticdatacollection)|This policy setting controls the ability to send inking and typing data to Microsoft to improve the language recognition and suggestion capabilities of apps and services running on Windows. **Set to 0  (zero)** 
 |   17.7 Account info | [Privacy/LetAppsAccessAccountInfo](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessaccountinfo) | **Set to 2 (two)** 
 |   17.8 Contacts | [Privacy/LetAppsAccessContacts](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesscontacts) | **Set to 2 (two)** 
@@ -87,7 +87,7 @@ For Windows 10, the following MDM policies are available in the [Policy CSP](htt
 |   17.10 Call history | [Privacy/LetAppsAccessCallHistory](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesscallhistory) | **Set to 2 (two)** 
 |   17.11 Email | [Privacy/LetAppsAccessEmail](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessemail) | **Set to 2 (two)** 
 |   17.12 Messaging | [Privacy/LetAppsAccessMessaging](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessmessaging) | **Set to 2 (two)** 
-|   17.13 Phone calls | [Privacy/LetAppsAccessPhone](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessphone) **Set to 2 (two)** 
+|   17.13 Phone calls | [Privacy/LetAppsAccessPhone](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessphone) | **Set to 2 (two)** 
 |   17.14 Radios | [Privacy/LetAppsAccessRadios](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessradios) | **Set to 2 (two)** 
 |   17.15 Other devices | [Privacy/LetAppsSyncWithDevices](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappssyncwithdevices) | **Set to 2 (two)** 
 | | [Privacy/LetAppsAccessTrustedDevices](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesstrusteddevices) | **Set to 2 (two)** 

From ea68a77d4e1df00a956171f6b27ee6800b3f16ae Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Fri, 17 May 2019 19:23:38 -0700
Subject: [PATCH 098/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md

---
 ...ing-system-components-to-microsoft-services-using-MDM.md | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
index 6fce0ff38f..e6236b50f8 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
@@ -80,7 +80,7 @@ For Windows 10, the following MDM policies are available in the [Policy CSP](htt
 | | [Privacy/LetAppsAccessNotifications](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessnotifications) | **Set to 2 (two)**  
 | | [Settings/Notifications & actions/AllowOnlineTips]( https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-settings#settings-allowonlinetips) | **Set to Disabled**
 |   17.6 Speech, Inking, & Typing | [Speech/AllowSpeechModelUpdate](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-speech#speech-allowspeechmodelupdate) | **Set to 0 (zero)** 
-| | [TextInput/AllowLinguisticDataCollection](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-textinput#textinput-allowlinguisticdatacollection)|This policy setting controls the ability to send inking and typing data to Microsoft to improve the language recognition and suggestion capabilities of apps and services running on Windows. **Set to 0  (zero)** 
+| | [TextInput/AllowLinguisticDataCollection](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-textinput#textinput-allowlinguisticdatacollection)| **Set to 0 (zero)** 
 |   17.7 Account info | [Privacy/LetAppsAccessAccountInfo](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessaccountinfo) | **Set to 2 (two)** 
 |   17.8 Contacts | [Privacy/LetAppsAccessContacts](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesscontacts) | **Set to 2 (two)** 
 |   17.9 Calendar | [Privacy/LetAppsAccessCalendar](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesscalendar) | **Set to 2 (two)** 
@@ -91,8 +91,8 @@ For Windows 10, the following MDM policies are available in the [Policy CSP](htt
 |   17.14 Radios | [Privacy/LetAppsAccessRadios](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessradios) | **Set to 2 (two)** 
 |   17.15 Other devices | [Privacy/LetAppsSyncWithDevices](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappssyncwithdevices) | **Set to 2 (two)** 
 | | [Privacy/LetAppsAccessTrustedDevices](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesstrusteddevices) | **Set to 2 (two)** 
-|   17.16 Feedback & diagnostics | [System/AllowTelemetry](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-system#system-allowtelemetry) | Change the level of diagnostic and usage data sent when you **Send your device data to Microsoft**. **Set to 0 (zero)** 
-|   17.17 Background apps | [Privacy/LetAppsRunInBackground](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsruninbackground) | Turn off **Let apps run in the background**in the UI. **Set to 2 (two)** Note: Some apps, including Cortana and Search, might not function as expected if you set **Let apps run in the background**to **Force Deny**. 
+|   17.16 Feedback & diagnostics | [System/AllowTelemetry](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-system#system-allowtelemetry) | **Set to 0 (zero)** 
+|   17.17 Background apps | [Privacy/LetAppsRunInBackground](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsruninbackground) | **Set to 2 (two)** 
 |   17.18 Motion | [Privacy/LetAppsAccessMotion](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessmotion) | **Set to 2 (two)** 
 |   17.19 Tasks | [Privacy/LetAppsAccessTasks](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesstasks) | Turn off the ability to choose which apps have access to tasks. **Set to 2 (two)** 
 |   17.20 App Diagnostics | [Privacy/LetAppsGetDiagnosticInfo](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsgetdiagnosticinfo) | **Set to 2 (two)** 

From 998bc3e9947a89016382f12f26e6e960ae389fe4 Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Mon, 20 May 2019 11:42:24 -0700
Subject: [PATCH 099/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services.md

---
 ...windows-operating-system-components-to-microsoft-services.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
index bc3d6f1a45..f7dbf02210 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
@@ -43,6 +43,8 @@ Applying the Windows Restricted Traffic Limited Functionality Baseline is the sa
 It is recommended that you restart a device after making configuration changes to it.
 Note that **Get Help** and **Give us Feedback** links no longer work after the Windows Restricted Traffic Limited Functionality Baseline is applied.
 
+To use Microsoft InTune cloud based device managment for restricting traffic please refer to the [Manage connections from Windows operating system components to Microsoft services using MDM](https://docs.microsoft.com/en-us/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-mdm).
+
 We are always striving to improve our documentation and welcome your feedback. You can provide feedback by contacting telmhelp@microsoft.com.
 
 ## <a href="" id="bkmk-othersettings"></a>Management options for each setting

From b23eb43aecfcfb6a47cacd9e9c5bdd401e3c16e8 Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Mon, 20 May 2019 11:58:57 -0700
Subject: [PATCH 100/157] Update TOC.md

---
 windows/privacy/TOC.md | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/windows/privacy/TOC.md b/windows/privacy/TOC.md
index 3c6f3b4f16..1503b46220 100644
--- a/windows/privacy/TOC.md
+++ b/windows/privacy/TOC.md
@@ -21,9 +21,9 @@
 ### [Connection endpoints for Windows 10, version 1809](manage-windows-1809-endpoints.md)
 ### [Connection endpoints for Windows 10, version 1803](manage-windows-1803-endpoints.md)
 ### [Connection endpoints for Windows 10, version 1709](manage-windows-1709-endpoints.md)
-### [Windows 10, version 1903, connection endpoints for non-Enterprise editions](windows-endpoints-1903-non-enterprise-editions.md)
-### [Windows 10, version 1809, connection endpoints for non-Enterprise editions](windows-endpoints-1809-non-enterprise-editions.md)
-### [Windows 10, version 1803, connection endpoints for non-Enterprise editions](windows-endpoints-1803-non-enterprise-editions.md)
-### [Windows 10, version 1709, connection endpoints for non-Enterprise editions](windows-endpoints-1709-non-enterprise-editions.md)
+### [Connection endpoints for non-Enterprise editions of Windows 10, version 1903](windows-endpoints-1903-non-enterprise-editions.md)
+### [Connection endpoints for non-Enterprise editions of Windows 10, version 1809](windows-endpoints-1809-non-enterprise-editions.md)
+### [Connection endpoints for non-Enterprise editions of Windows 10, version 1803](windows-endpoints-1803-non-enterprise-editions.md)
+### [Connection endpoints for non-Enterprise editions of Windows 10, version 1709](windows-endpoints-1709-non-enterprise-editions.md)
 ## [Manage connections from Windows operating system components to Microsoft services](manage-connections-from-windows-operating-system-components-to-microsoft-services.md)
 ## [Manage connections from Windows operating system components to Microsoft services using MDM](manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md)

From 219da799bd5e827d7ef95ae5bb25cbae6dfc9bd3 Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Mon, 20 May 2019 12:02:11 -0700
Subject: [PATCH 101/157] Update TOC.md

---
 windows/privacy/TOC.md | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/windows/privacy/TOC.md b/windows/privacy/TOC.md
index 1503b46220..b3981fb3c1 100644
--- a/windows/privacy/TOC.md
+++ b/windows/privacy/TOC.md
@@ -17,6 +17,8 @@
 ### [Windows 10, version 1709 and newer diagnostic data for the Full level](windows-diagnostic-data.md)
 ### [Windows 10, version 1703 diagnostic data for the Full level](windows-diagnostic-data-1703.md)
 ## Manage Windows 10 connection endpoints
+### [Manage connections from Windows operating system components to Microsoft services](manage-connections-from-windows-operating-system-components-to-microsoft-services.md)
+### [Manage connections from Windows operating system components to Microsoft services using MDM](manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md)
 ### [Connection endpoints for Windows 10, version 1903](manage-windows-1903-endpoints.md)
 ### [Connection endpoints for Windows 10, version 1809](manage-windows-1809-endpoints.md)
 ### [Connection endpoints for Windows 10, version 1803](manage-windows-1803-endpoints.md)
@@ -25,5 +27,4 @@
 ### [Connection endpoints for non-Enterprise editions of Windows 10, version 1809](windows-endpoints-1809-non-enterprise-editions.md)
 ### [Connection endpoints for non-Enterprise editions of Windows 10, version 1803](windows-endpoints-1803-non-enterprise-editions.md)
 ### [Connection endpoints for non-Enterprise editions of Windows 10, version 1709](windows-endpoints-1709-non-enterprise-editions.md)
-## [Manage connections from Windows operating system components to Microsoft services](manage-connections-from-windows-operating-system-components-to-microsoft-services.md)
-## [Manage connections from Windows operating system components to Microsoft services using MDM](manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md)
+

From a84f0c0467333099acad082432903f5fadbcff6a Mon Sep 17 00:00:00 2001
From: Joey Caparas <macapara@microsoft.com>
Date: Mon, 20 May 2019 14:30:06 -0700
Subject: [PATCH 102/157] update preview page

---
 .../threat-protection/microsoft-defender-atp/preview.md         | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/preview.md b/windows/security/threat-protection/microsoft-defender-atp/preview.md
index 3659e79b88..33e4e853c2 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/preview.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/preview.md
@@ -42,6 +42,8 @@ Turn on the preview experience setting to be among the first to try upcoming fea
 ## Preview features
 The following features are included in the preview release:
 
+- [Microsoft Defender ATP for Mac](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac) <BR> Microsoft Defender ATP for Mac brings the next-generation protection, and endpoint detection and response coverage to Mac devices. Core components of the unified endpoint security platform will now be available for Mac devices.
+
 - [Live response](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/live-response)<BR> Get instantaneous access to a machine using a remote shell connection. Do in-depth investigative work and take immediate response actions to promptly contain identified threats – real-time.
 
 - [Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md) <BR> A new built-in capability that uses a risk-based approach to the discovery, prioritization, and remediation of endpoint vulnerabilities and misconfigurations.

From 101821908fc113d37d42c300360b340ca8b6f7bb Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Mon, 20 May 2019 15:22:22 -0700
Subject: [PATCH 103/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md

---
 ...ponents-to-microsoft-services-using-MDM.md | 38 +++++++++----------
 1 file changed, 19 insertions(+), 19 deletions(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
index e6236b50f8..8f37a7aa8b 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
@@ -57,7 +57,7 @@ For Windows 10, the following MDM policies are available in the [Policy CSP](htt
 | | [InternetExplorer/DisableHomePageChange]( https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-disablehomepagechange) | Determines whether users can change the default Home Page or not. **Set to Enabled**
 | | [InternetExplorer/DisableFirstRunWizard]( https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-disablefirstrunwizard) | Prevents Internet Explorer from running the First Run wizard the first time a user starts the browser after installing Internet Explorer or Windows. **Set to Enabled**
 | 9. Live Tiles | [Notifications/DisallowTileNotification](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-notifications)| This policy setting turns off tile notifications. If you enable this policy setting applications and system features will not be able to update their tiles and tile badges in the Start screen.  **Set to Enabled**
-| 10. Mail synchronization | [Accounts/AllowMicrosoftAccountConnection](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-accounts#accounts-allowmicrosoftaccountconnection) | **Set to 0 (zero)** 
+| 10. Mail synchronization | [Accounts/AllowMicrosoftAccountConnection](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-accounts#accounts-allowmicrosoftaccountconnection) | Specifies whether the user is allowed to use an MSA account for non-email related connection authentication and services. **Set to 0 (zero)** 
 | 11. Microsoft Account | [Accounts/AllowMicrosoftAccountSignInAssistant](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-accounts#accounts-allowmicrosoftaccountsigninassistant) | Disable the Microsoft Account Sign-In Assistant. **Set to 0 (zero)** 
 | 12. Microsoft Edge | | The following Microsoft Edge MDM policies are available in the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx). For a complete list of the Microsoft Edge policies, see [Available policies for Microsoft Edge](https://docs.microsoft.com/microsoft-edge/deploy/available-policies). 
 | | [Browser/AllowAutoFill](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowautofill) | Choose whether employees can use autofill on websites. **Set to 0 (zero)** 
@@ -75,27 +75,27 @@ For Windows 10, the following MDM policies are available in the [Policy CSP](htt
 |   17.1 General | [TextInput/AllowLinguisticDataCollection](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-textinput#textinput-allowlinguisticdatacollection) | **Set to 0 (zero)**
 |   17.2 Location | [System/AllowLocation](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-system#system-allowlocation) | **Set to 0  (zero)** Note: You can also set this MDM policy in System Center Configuration Manager using the [WMI Bridge Provider](https://msdn.microsoft.com/library/dn905224.aspx). 
 |   17.3 Camera | [Camera/AllowCamera](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-camera#camera-allowcamera) | **Set to 0  (zero)** Note: You can also set this MDM policy in System Center Configuration Manager using the [WMI Bridge Provider](https://msdn.microsoft.com/library/dn905224.aspx). 
-|   17.4 Microphone | [Privacy/LetAppsAccessMicrophone](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessmicrophone) | **Set to 2 (two)**  
+|   17.4 Microphone | [Privacy/LetAppsAccessMicrophone](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessmicrophone) | Specifies whether Windows apps can access the microphone. **Set to 2 (two)**  
 |   17.5 Notifications | [Notifications/DisallowCloudNotification](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-notifications#notifications-disallowcloudnotification) | Turn off notifications network usage.  **DO NOT TURN OFF WNS Notifications if you want manage your device(s) using Microsoft InTune**
-| | [Privacy/LetAppsAccessNotifications](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessnotifications) | **Set to 2 (two)**  
-| | [Settings/Notifications & actions/AllowOnlineTips]( https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-settings#settings-allowonlinetips) | **Set to Disabled**
-|   17.6 Speech, Inking, & Typing | [Speech/AllowSpeechModelUpdate](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-speech#speech-allowspeechmodelupdate) | **Set to 0 (zero)** 
-| | [TextInput/AllowLinguisticDataCollection](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-textinput#textinput-allowlinguisticdatacollection)| **Set to 0 (zero)** 
-|   17.7 Account info | [Privacy/LetAppsAccessAccountInfo](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessaccountinfo) | **Set to 2 (two)** 
-|   17.8 Contacts | [Privacy/LetAppsAccessContacts](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesscontacts) | **Set to 2 (two)** 
-|   17.9 Calendar | [Privacy/LetAppsAccessCalendar](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesscalendar) | **Set to 2 (two)** 
-|   17.10 Call history | [Privacy/LetAppsAccessCallHistory](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesscallhistory) | **Set to 2 (two)** 
-|   17.11 Email | [Privacy/LetAppsAccessEmail](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessemail) | **Set to 2 (two)** 
-|   17.12 Messaging | [Privacy/LetAppsAccessMessaging](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessmessaging) | **Set to 2 (two)** 
-|   17.13 Phone calls | [Privacy/LetAppsAccessPhone](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessphone) | **Set to 2 (two)** 
-|   17.14 Radios | [Privacy/LetAppsAccessRadios](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessradios) | **Set to 2 (two)** 
-|   17.15 Other devices | [Privacy/LetAppsSyncWithDevices](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappssyncwithdevices) | **Set to 2 (two)** 
-| | [Privacy/LetAppsAccessTrustedDevices](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesstrusteddevices) | **Set to 2 (two)** 
-|   17.16 Feedback & diagnostics | [System/AllowTelemetry](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-system#system-allowtelemetry) | **Set to 0 (zero)** 
-|   17.17 Background apps | [Privacy/LetAppsRunInBackground](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsruninbackground) | **Set to 2 (two)** 
+| | [Privacy/LetAppsAccessNotifications](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessnotifications) | Specifies whether Windows apps can access notifications. **Set to 2 (two)**  
+| | [Settings/Notifications & actions/AllowOnlineTips]( https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-settings#settings-allowonlinetips) | Enables or disables the retrieval of online tips and help for the Settings app. **Set to Disabled**
+|   17.6 Speech, Inking, & Typing | [Speech/AllowSpeechModelUpdate](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-speech#speech-allowspeechmodelupdate) | Specifies whether the device will receive updates to the speech recognition and speech synthesis models.  **Set to 0 (zero)** 
+| | [TextInput/AllowLinguisticDataCollection](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-textinput#textinput-allowlinguisticdatacollection)| This policy setting controls the ability to send inking and typing data to Microsoft  **Set to 0 (zero)** 
+|   17.7 Account info | [Privacy/LetAppsAccessAccountInfo](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessaccountinfo) | Specifies whether Windows apps can access account information. **Set to 2 (two)** 
+|   17.8 Contacts | [Privacy/LetAppsAccessContacts](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesscontacts) | Specifies whether Windows apps can access contacts. **Set to 2 (two)** 
+|   17.9 Calendar | [Privacy/LetAppsAccessCalendar](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesscalendar) | Specifies whether Windows apps can access the calendar. **Set to 2 (two)** 
+|   17.10 Call history | [Privacy/LetAppsAccessCallHistory](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesscallhistory) | Specifies whether Windows apps can access account information.**Set to 2 (two)** 
+|   17.11 Email | [Privacy/LetAppsAccessEmail](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessemail) | Specifies whether Windows apps can access email. **Set to 2 (two)** 
+|   17.12 Messaging | [Privacy/LetAppsAccessMessaging](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessmessaging) | Specifies whether Windows apps can read or send messages (text or MMS). **Set to 2 (two)** 
+|   17.13 Phone calls | [Privacy/LetAppsAccessPhone](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessphone) | Specifies whether Windows apps can make phone calls. **Set to 2 (two)** 
+|   17.14 Radios | [Privacy/LetAppsAccessRadios](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessradios) | Specifies whether Windows apps have access to control radios. **Set to 2 (two)** 
+|   17.15 Other devices | [Privacy/LetAppsSyncWithDevices](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappssyncwithdevices) | Specifies whether Windows apps can sync with devices. **Set to 2 (two)** 
+| | [Privacy/LetAppsAccessTrustedDevices](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesstrusteddevices) | Specifies whether Windows apps can access trusted devices. **Set to 2 (two)** 
+|   17.16 Feedback & diagnostics | [System/AllowTelemetry](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-system#system-allowtelemetry) | Allow the device to send diagnostic and usage telemetry data, such as Watson. **Set to 0 (zero)** 
+|   17.17 Background apps | [Privacy/LetAppsRunInBackground](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsruninbackground) | Specifies whether Windows apps can run in the background. **Set to 2 (two)** 
 |   17.18 Motion | [Privacy/LetAppsAccessMotion](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessmotion) | **Set to 2 (two)** 
 |   17.19 Tasks | [Privacy/LetAppsAccessTasks](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesstasks) | Turn off the ability to choose which apps have access to tasks. **Set to 2 (two)** 
-|   17.20 App Diagnostics | [Privacy/LetAppsGetDiagnosticInfo](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsgetdiagnosticinfo) | **Set to 2 (two)** 
+|   17.20 App Diagnostics | [Privacy/LetAppsGetDiagnosticInfo](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsgetdiagnosticinfo) | Force allow, force deny or give user control of apps that can get diagnostic information about other running apps. **Set to 2 (two)** 
 | 18. Software Protection Platform | [Licensing/DisallowKMSClientOnlineAVSValidation](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-licensing#licensing-disallowkmsclientonlineavsvalidation) | Opt out of sending KMS client activation data to Microsoft automatically. **Set to 1 (one)**  
 | 19. Storage Health | [Storage/AllowDiskHealthModelUpdates](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-storage#storage-allowdiskhealthmodelupdates) | Allows disk health model updates. **Set to 0 (zero)** 
 | 20. Sync your settings | [Experience/AllowSyncMySettings](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-experience#experience-allowsyncmysettings) | Control whether your settings are synchronized. **Set to 0 (zero)** 

From df7b3d61c170cb7b57f4bf788b27b38f66f78c68 Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Mon, 20 May 2019 15:26:50 -0700
Subject: [PATCH 104/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md

---
 ...ating-system-components-to-microsoft-services-using-MDM.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
index 8f37a7aa8b..0f01d0c337 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
@@ -48,8 +48,8 @@ For Windows 10, the following MDM policies are available in the [Policy CSP](htt
 | 3. Date & Time | [Settings/AllowDateTime](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-settings#settings-allowdatetime)| Allows the user to change date and time settings.  **Set to 0 (zero)**
 | 4. Device metadata retrieval | [DeviceInstallation/PreventDeviceMetadataFromNetwork](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-deviceinstallation#deviceinstallation-preventdevicemetadatafromnetwork) | Choose whether to prevent Windows from retrieving device metadata from the Internet.  **Set to Enabled**
 | 5. Find My Device | [Experience/AllowFindMyDevice](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-experience#experience-allowfindmydevice)| This policy turns on Find My Device.  **Set to 0  (zero)** 
-| 6. Font streaming | [System/AllowFontProviders](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-system#system-allowfontproviders) | **Set to 0  (zero)** 
-| 7. Insider Preview builds | [System/AllowBuildPreview](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-system#system-allowbuildpreview) | **Set to 0  (zero)**
+| 6. Font streaming | [System/AllowFontProviders](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-system#system-allowfontproviders) | Setting that determines whether Windows is allowed to download fonts and font catalog data from an online font provider. **Set to 0  (zero)** 
+| 7. Insider Preview builds | [System/AllowBuildPreview](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-system#system-allowbuildpreview) | This policy setting determines whether users can access the Insider build controls in the Advanced Options for Windows Update. **Set to 0  (zero)**
 | 8. Internet Explorer | The following Microsoft Internet Explorer MDM policies are available in the [Internet Explorer CSP](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-internetexplorer) | 
 | | [InternetExplorer/AllowSuggestedSites](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-allowsuggestedsites) | Recommends websites based on the user’s browsing activity. **Set to Disabled**
 | | [InternetExplorer/PreventManagingSmartScreenFilter]( https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-internetexplorer#internetexplorer-preventmanagingsmartscreenfilter) | Prevents the user from managing SmartScreen Filter, which warns the user if the website being visited is known for fraudulent attempts to gather personal information through "phishing," or is known to host malware. **Set to Enabled**

From 90d8d0f993004f5ebba8d90d6cdcca05fe4f81dd Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Mon, 20 May 2019 17:22:17 -0700
Subject: [PATCH 105/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md

---
 ...ating-system-components-to-microsoft-services-using-MDM.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
index 0f01d0c337..38ee64aa0b 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
@@ -99,8 +99,8 @@ For Windows 10, the following MDM policies are available in the [Policy CSP](htt
 | 18. Software Protection Platform | [Licensing/DisallowKMSClientOnlineAVSValidation](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-licensing#licensing-disallowkmsclientonlineavsvalidation) | Opt out of sending KMS client activation data to Microsoft automatically. **Set to 1 (one)**  
 | 19. Storage Health | [Storage/AllowDiskHealthModelUpdates](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-storage#storage-allowdiskhealthmodelupdates) | Allows disk health model updates. **Set to 0 (zero)** 
 | 20. Sync your settings | [Experience/AllowSyncMySettings](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-experience#experience-allowsyncmysettings) | Control whether your settings are synchronized. **Set to 0 (zero)** 
-| 21. Teredo | No MDM needed or required|No MDM needed or required
-| 22. Wi-Fi Sense | No MDM needed or required|No MDM needed or required
+| 21. Teredo | No MDM needed | Teredo is **Off by default**. Delivery Optimization (DO) can turn on Teredo, but DO itself is turned Off via MDM. 
+| 22. Wi-Fi Sense | No MDM needed | Wi-Fi Sense is no longer available from Windows 10 version 1803 and newer. 
 | 23. Windows Defender | [Defender/AllowCloudProtection](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-defender#defender-allowcloudprotection) | Disconnect from the Microsoft Antimalware Protection Service. **Set to 0 (zero)** 
 | | [Defender/SubmitSamplesConsent](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-defender#defender-submitsamplesconsent) | Stop sending file samples back to Microsoft. **Set to 2 (two)** 
 |   23.1 Windows Defender Smartscreen | [Browser/AllowSmartScreen](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowsmartscreen) | Disable Windows Defender Smartscreen. **Set to 0 (zero)** 

From 2ccd9554f1f3437a7a2731eb30a8246f968d4ffd Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Mon, 20 May 2019 17:24:42 -0700
Subject: [PATCH 106/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md

---
 ...erating-system-components-to-microsoft-services-using-MDM.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
index 38ee64aa0b..17d8702e1c 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
@@ -72,7 +72,7 @@ For Windows 10, the following MDM policies are available in the [Policy CSP](htt
 | 15. OneDrive | [DisableOneDriveFileSync](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-system#system-disableonedrivefilesync)| Allows IT Admins to prevent apps and features from working with files on OneDrive. **Set to 1 (one)** 
 | 16. Preinstalled apps | N/A | N/A 
 | 17. Privacy settings | | Except for the Feedback & Diagnostics page, these settings must be configured for every user account that signs into the PC. 
-|   17.1 General | [TextInput/AllowLinguisticDataCollection](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-textinput#textinput-allowlinguisticdatacollection) | **Set to 0 (zero)**
+|   17.1 General | [TextInput/AllowLinguisticDataCollection](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-textinput#textinput-allowlinguisticdatacollection) | This policy setting controls the ability to send inking and typing data to Microsoft. **Set to 0 (zero)**
 |   17.2 Location | [System/AllowLocation](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-system#system-allowlocation) | **Set to 0  (zero)** Note: You can also set this MDM policy in System Center Configuration Manager using the [WMI Bridge Provider](https://msdn.microsoft.com/library/dn905224.aspx). 
 |   17.3 Camera | [Camera/AllowCamera](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-camera#camera-allowcamera) | **Set to 0  (zero)** Note: You can also set this MDM policy in System Center Configuration Manager using the [WMI Bridge Provider](https://msdn.microsoft.com/library/dn905224.aspx). 
 |   17.4 Microphone | [Privacy/LetAppsAccessMicrophone](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessmicrophone) | Specifies whether Windows apps can access the microphone. **Set to 2 (two)**  

From 86813c5e5c116286293a263b10c324fa5e16f261 Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Mon, 20 May 2019 17:28:42 -0700
Subject: [PATCH 107/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md

---
 ...ing-system-components-to-microsoft-services-using-MDM.md | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
index 17d8702e1c..ce24ada4b1 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
@@ -66,15 +66,15 @@ For Windows 10, the following MDM policies are available in the [Policy CSP](htt
 | | [Browser/AllowPasswordManager](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowpasswordmanager) | Choose whether employees can save passwords locally on their devices. **Set to 0 (zero)** 
 | | [Browser/AllowSearchSuggestionsinAddressBar](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowsearchsuggestionsinaddressbar) | Choose whether the Address Bar shows search suggestions. **Set to 0  (zero)** 
 | | [Browser/AllowSmartScreen](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowsmartscreen) | Choose whether SmartScreen is turned on or off.  **Set to 0  (zero)** 
-| 13. Network Connection Status Indicator | [Connectivity/DisallowNetworkConnectivityActiveTests](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-connectivity#connectivity-disallownetworkconnectivityactivetests) | **Set to 1 (one)** Note: After you apply this policy you must restart the device for the policy setting to take effect. 
+| 13. Network Connection Status Indicator | [Connectivity/DisallowNetworkConnectivityActiveTests](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-connectivity#connectivity-disallownetworkconnectivityactivetests) | Note: After you apply this policy you must restart the device for the policy setting to take effect. **Set to 1 (one)** 
 | 14. Offline maps | [AllowOfflineMapsDownloadOverMeteredConnection](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-maps)|Allows the download and update of map data over metered connections. <br /> **Set to 0 (zero)** 
 | | [EnableOfflineMapsAutoUpdate](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-maps#maps-enableofflinemapsautoupdate)|Disables the automatic download and update of map data. **Set to 0  (zero)** 
 | 15. OneDrive | [DisableOneDriveFileSync](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-system#system-disableonedrivefilesync)| Allows IT Admins to prevent apps and features from working with files on OneDrive. **Set to 1 (one)** 
 | 16. Preinstalled apps | N/A | N/A 
 | 17. Privacy settings | | Except for the Feedback & Diagnostics page, these settings must be configured for every user account that signs into the PC. 
 |   17.1 General | [TextInput/AllowLinguisticDataCollection](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-textinput#textinput-allowlinguisticdatacollection) | This policy setting controls the ability to send inking and typing data to Microsoft. **Set to 0 (zero)**
-|   17.2 Location | [System/AllowLocation](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-system#system-allowlocation) | **Set to 0  (zero)** Note: You can also set this MDM policy in System Center Configuration Manager using the [WMI Bridge Provider](https://msdn.microsoft.com/library/dn905224.aspx). 
-|   17.3 Camera | [Camera/AllowCamera](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-camera#camera-allowcamera) | **Set to 0  (zero)** Note: You can also set this MDM policy in System Center Configuration Manager using the [WMI Bridge Provider](https://msdn.microsoft.com/library/dn905224.aspx). 
+|   17.2 Location | [System/AllowLocation](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-system#system-allowlocation) | Specifies whether to allow app access to the Location service. **Set to 0  (zero)**
+|   17.3 Camera | [Camera/AllowCamera](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-camera#camera-allowcamera) | Disables or enables the camera. **Set to 0  (zero)**
 |   17.4 Microphone | [Privacy/LetAppsAccessMicrophone](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessmicrophone) | Specifies whether Windows apps can access the microphone. **Set to 2 (two)**  
 |   17.5 Notifications | [Notifications/DisallowCloudNotification](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-notifications#notifications-disallowcloudnotification) | Turn off notifications network usage.  **DO NOT TURN OFF WNS Notifications if you want manage your device(s) using Microsoft InTune**
 | | [Privacy/LetAppsAccessNotifications](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessnotifications) | Specifies whether Windows apps can access notifications. **Set to 2 (two)**  

From 2af7e414907146cc401bb1319647b0860eb76e5f Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Mon, 20 May 2019 17:30:05 -0700
Subject: [PATCH 108/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md

---
 ...erating-system-components-to-microsoft-services-using-MDM.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
index ce24ada4b1..4ed4c5bf4b 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
@@ -93,7 +93,7 @@ For Windows 10, the following MDM policies are available in the [Policy CSP](htt
 | | [Privacy/LetAppsAccessTrustedDevices](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesstrusteddevices) | Specifies whether Windows apps can access trusted devices. **Set to 2 (two)** 
 |   17.16 Feedback & diagnostics | [System/AllowTelemetry](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-system#system-allowtelemetry) | Allow the device to send diagnostic and usage telemetry data, such as Watson. **Set to 0 (zero)** 
 |   17.17 Background apps | [Privacy/LetAppsRunInBackground](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsruninbackground) | Specifies whether Windows apps can run in the background. **Set to 2 (two)** 
-|   17.18 Motion | [Privacy/LetAppsAccessMotion](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessmotion) | **Set to 2 (two)** 
+|   17.18 Motion | [Privacy/LetAppsAccessMotion](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessmotion) | Specifies whether Windows apps can access motion data. **Set to 2 (two)** 
 |   17.19 Tasks | [Privacy/LetAppsAccessTasks](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesstasks) | Turn off the ability to choose which apps have access to tasks. **Set to 2 (two)** 
 |   17.20 App Diagnostics | [Privacy/LetAppsGetDiagnosticInfo](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsgetdiagnosticinfo) | Force allow, force deny or give user control of apps that can get diagnostic information about other running apps. **Set to 2 (two)** 
 | 18. Software Protection Platform | [Licensing/DisallowKMSClientOnlineAVSValidation](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-licensing#licensing-disallowkmsclientonlineavsvalidation) | Opt out of sending KMS client activation data to Microsoft automatically. **Set to 1 (one)**  

From 88bf10adf04bae835a6c77e640afac94094928d9 Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Mon, 20 May 2019 17:32:06 -0700
Subject: [PATCH 109/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md

---
 ...ating-system-components-to-microsoft-services-using-MDM.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
index 4ed4c5bf4b..972eaa2038 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
@@ -104,7 +104,7 @@ For Windows 10, the following MDM policies are available in the [Policy CSP](htt
 | 23. Windows Defender | [Defender/AllowCloudProtection](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-defender#defender-allowcloudprotection) | Disconnect from the Microsoft Antimalware Protection Service. **Set to 0 (zero)** 
 | | [Defender/SubmitSamplesConsent](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-defender#defender-submitsamplesconsent) | Stop sending file samples back to Microsoft. **Set to 2 (two)** 
 |   23.1 Windows Defender Smartscreen | [Browser/AllowSmartScreen](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowsmartscreen) | Disable Windows Defender Smartscreen. **Set to 0 (zero)** 
-|   23.2 Windows Defender Smartscreen EnableAppInstallControl | [SmartScreen/EnableAppInstallControl](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-smartscreen#smartscreen-enableappinstallcontrol) | Controls whether users are allowed to install apps from places other than the Microsoft Store **Set to 0 (zero)** 
+|   23.2 Windows Defender Smartscreen EnableAppInstallControl | [SmartScreen/EnableAppInstallControl](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-smartscreen#smartscreen-enableappinstallcontrol) | Controls whether users are allowed to install apps from places other than the Microsoft Store. **Set to 0 (zero)** 
 | 24. Windows Media Player | N/A | N/A 
 | 25. Windows Spotlight | [Experience/AllowWindowsSpotlight](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-experience#experience-allowwindowsspotlight) | Disable Windows Spotlight. **Set to 0 (zero)** 
 | 26. Microsoft Store | [ApplicationManagement/DisableStoreOriginatedApps](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-applicationmanagement#applicationmanagement-disablestoreoriginatedapps)| Boolean value that disables the launch of all apps from Microsoft Store that came pre-installed or were downloaded.  **Set to 1 (one)** 
@@ -112,7 +112,7 @@ For Windows 10, the following MDM policies are available in the [Policy CSP](htt
 | 26.1 Apps for websites | [ApplicationDefaults/EnableAppUriHandlers](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-applicationdefaults#applicationdefaults-enableappurihandlers) | This policy setting determines whether Windows supports web-to-app linking with app URI handlers. **Set to 0 (zero)** 
 | 27. Windows Update Delivery Optimization | | The following Delivery Optimization MDM policies are available in the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx). 
 | | [DeliveryOptimization/DODownloadMode](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-deliveryoptimization#deliveryoptimization-dodownloadmode)| Lets you choose where Delivery Optimization gets or sends updates and apps. **Set to 100 (one hundred)** 
-| 28. Windows Update | [Update/AllowAutoUpdate](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-update#update-allowautoupdate) | Control automatic updates**Set to 5 (five)** 
+| 28. Windows Update | [Update/AllowAutoUpdate](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-update#update-allowautoupdate) | Control automatic updates. **Set to 5 (five)** 
 
 
 ### <a href="" id="bkmk-mdm-whitelist"></a> Allowed traffic (aka "Whitelisted") for Microsoft InTune / MDM configurations

From fef188631a53a41e2d13bbe8f64f93b1a4db5d9c Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Mon, 20 May 2019 17:35:51 -0700
Subject: [PATCH 110/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md

---
 ...ating-system-components-to-microsoft-services-using-MDM.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
index 972eaa2038..9e17cd20d0 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
@@ -79,12 +79,12 @@ For Windows 10, the following MDM policies are available in the [Policy CSP](htt
 |   17.5 Notifications | [Notifications/DisallowCloudNotification](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-notifications#notifications-disallowcloudnotification) | Turn off notifications network usage.  **DO NOT TURN OFF WNS Notifications if you want manage your device(s) using Microsoft InTune**
 | | [Privacy/LetAppsAccessNotifications](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessnotifications) | Specifies whether Windows apps can access notifications. **Set to 2 (two)**  
 | | [Settings/Notifications & actions/AllowOnlineTips]( https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-settings#settings-allowonlinetips) | Enables or disables the retrieval of online tips and help for the Settings app. **Set to Disabled**
-|   17.6 Speech, Inking, & Typing | [Speech/AllowSpeechModelUpdate](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-speech#speech-allowspeechmodelupdate) | Specifies whether the device will receive updates to the speech recognition and speech synthesis models.  **Set to 0 (zero)** 
+|   17.6 Speech, Inking, & Typing | [Speech/AllowSpeechModelUpdate](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-speech#speech-allowspeechmodelupdate) | Specifies whether the device will receive updates to the speech recognition and speech synthesis models. **Set to 0 (zero)** 
 | | [TextInput/AllowLinguisticDataCollection](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-textinput#textinput-allowlinguisticdatacollection)| This policy setting controls the ability to send inking and typing data to Microsoft  **Set to 0 (zero)** 
 |   17.7 Account info | [Privacy/LetAppsAccessAccountInfo](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessaccountinfo) | Specifies whether Windows apps can access account information. **Set to 2 (two)** 
 |   17.8 Contacts | [Privacy/LetAppsAccessContacts](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesscontacts) | Specifies whether Windows apps can access contacts. **Set to 2 (two)** 
 |   17.9 Calendar | [Privacy/LetAppsAccessCalendar](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesscalendar) | Specifies whether Windows apps can access the calendar. **Set to 2 (two)** 
-|   17.10 Call history | [Privacy/LetAppsAccessCallHistory](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesscallhistory) | Specifies whether Windows apps can access account information.**Set to 2 (two)** 
+|   17.10 Call history | [Privacy/LetAppsAccessCallHistory](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesscallhistory) | Specifies whether Windows apps can access account information. **Set to 2 (two)** 
 |   17.11 Email | [Privacy/LetAppsAccessEmail](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessemail) | Specifies whether Windows apps can access email. **Set to 2 (two)** 
 |   17.12 Messaging | [Privacy/LetAppsAccessMessaging](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessmessaging) | Specifies whether Windows apps can read or send messages (text or MMS). **Set to 2 (two)** 
 |   17.13 Phone calls | [Privacy/LetAppsAccessPhone](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessphone) | Specifies whether Windows apps can make phone calls. **Set to 2 (two)** 

From 19d1241a1d6717ab90f685d1ebe549d7719bad9c Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Mon, 20 May 2019 17:37:57 -0700
Subject: [PATCH 111/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md

---
 ...stem-components-to-microsoft-services-using-MDM.md | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
index 9e17cd20d0..f754e4e9a5 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
@@ -105,14 +105,13 @@ For Windows 10, the following MDM policies are available in the [Policy CSP](htt
 | | [Defender/SubmitSamplesConsent](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-defender#defender-submitsamplesconsent) | Stop sending file samples back to Microsoft. **Set to 2 (two)** 
 |   23.1 Windows Defender Smartscreen | [Browser/AllowSmartScreen](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-browser#browser-allowsmartscreen) | Disable Windows Defender Smartscreen. **Set to 0 (zero)** 
 |   23.2 Windows Defender Smartscreen EnableAppInstallControl | [SmartScreen/EnableAppInstallControl](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-smartscreen#smartscreen-enableappinstallcontrol) | Controls whether users are allowed to install apps from places other than the Microsoft Store. **Set to 0 (zero)** 
-| 24. Windows Media Player | N/A | N/A 
-| 25. Windows Spotlight | [Experience/AllowWindowsSpotlight](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-experience#experience-allowwindowsspotlight) | Disable Windows Spotlight. **Set to 0 (zero)** 
-| 26. Microsoft Store | [ApplicationManagement/DisableStoreOriginatedApps](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-applicationmanagement#applicationmanagement-disablestoreoriginatedapps)| Boolean value that disables the launch of all apps from Microsoft Store that came pre-installed or were downloaded.  **Set to 1 (one)** 
+| 24. Windows Spotlight | [Experience/AllowWindowsSpotlight](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-experience#experience-allowwindowsspotlight) | Disable Windows Spotlight. **Set to 0 (zero)** 
+| 25. Microsoft Store | [ApplicationManagement/DisableStoreOriginatedApps](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-applicationmanagement#applicationmanagement-disablestoreoriginatedapps)| Boolean value that disables the launch of all apps from Microsoft Store that came pre-installed or were downloaded.  **Set to 1 (one)** 
 | | [ApplicationManagement/AllowAppStoreAutoUpdate](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-applicationmanagement#applicationmanagement-allowappstoreautoupdate)| Specifies whether automatic update of apps from Microsoft Store are allowed. **Set to 0 (zero)** 
-| 26.1 Apps for websites | [ApplicationDefaults/EnableAppUriHandlers](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-applicationdefaults#applicationdefaults-enableappurihandlers) | This policy setting determines whether Windows supports web-to-app linking with app URI handlers. **Set to 0 (zero)** 
-| 27. Windows Update Delivery Optimization | | The following Delivery Optimization MDM policies are available in the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx). 
+| 25.1 Apps for websites | [ApplicationDefaults/EnableAppUriHandlers](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-applicationdefaults#applicationdefaults-enableappurihandlers) | This policy setting determines whether Windows supports web-to-app linking with app URI handlers. **Set to 0 (zero)** 
+| 26. Windows Update Delivery Optimization | | The following Delivery Optimization MDM policies are available in the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx). 
 | | [DeliveryOptimization/DODownloadMode](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-deliveryoptimization#deliveryoptimization-dodownloadmode)| Lets you choose where Delivery Optimization gets or sends updates and apps. **Set to 100 (one hundred)** 
-| 28. Windows Update | [Update/AllowAutoUpdate](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-update#update-allowautoupdate) | Control automatic updates. **Set to 5 (five)** 
+| 27. Windows Update | [Update/AllowAutoUpdate](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-update#update-allowautoupdate) | Control automatic updates. **Set to 5 (five)** 
 
 
 ### <a href="" id="bkmk-mdm-whitelist"></a> Allowed traffic (aka "Whitelisted") for Microsoft InTune / MDM configurations

From f56e50a3f786b2c1547b7c754b441dc78e4560ff Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Mon, 20 May 2019 19:06:33 -0700
Subject: [PATCH 112/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md

---
 ...erating-system-components-to-microsoft-services-using-MDM.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
index f754e4e9a5..6170aa0169 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
@@ -78,7 +78,7 @@ For Windows 10, the following MDM policies are available in the [Policy CSP](htt
 |   17.4 Microphone | [Privacy/LetAppsAccessMicrophone](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessmicrophone) | Specifies whether Windows apps can access the microphone. **Set to 2 (two)**  
 |   17.5 Notifications | [Notifications/DisallowCloudNotification](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-notifications#notifications-disallowcloudnotification) | Turn off notifications network usage.  **DO NOT TURN OFF WNS Notifications if you want manage your device(s) using Microsoft InTune**
 | | [Privacy/LetAppsAccessNotifications](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessnotifications) | Specifies whether Windows apps can access notifications. **Set to 2 (two)**  
-| | [Settings/Notifications & actions/AllowOnlineTips]( https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-settings#settings-allowonlinetips) | Enables or disables the retrieval of online tips and help for the Settings app. **Set to Disabled**
+| | [Settings/AllowOnlineTips]( https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-settings#settings-allowonlinetips) | Enables or disables the retrieval of online tips and help for the Settings app. **Set to Disabled**
 |   17.6 Speech, Inking, & Typing | [Speech/AllowSpeechModelUpdate](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-speech#speech-allowspeechmodelupdate) | Specifies whether the device will receive updates to the speech recognition and speech synthesis models. **Set to 0 (zero)** 
 | | [TextInput/AllowLinguisticDataCollection](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-textinput#textinput-allowlinguisticdatacollection)| This policy setting controls the ability to send inking and typing data to Microsoft  **Set to 0 (zero)** 
 |   17.7 Account info | [Privacy/LetAppsAccessAccountInfo](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessaccountinfo) | Specifies whether Windows apps can access account information. **Set to 2 (two)** 

From 8ed44423b0d1c33d15b709ac9d10c46f24df42a3 Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Mon, 20 May 2019 19:38:15 -0700
Subject: [PATCH 113/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services.md

---
 ...rating-system-components-to-microsoft-services.md | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
index f7dbf02210..b31f45fa4d 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
@@ -457,7 +457,9 @@ You can also use Registry keys to set these policies.
 | Turn off background synchronization for feeds and Web Slices | HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Internet Explorer\\Feeds<br/>REG_DWORD: BackgroundSyncStatus <br/> **Set Value to 0**|
 | Allow Online Tips | HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer<br/>REG_DWORD: AllowOnlineTips <br/> **Set Value to 0  (zero)**|
 
-To turn off the home page, **Enable** the Group Policy: **User Configuration** > **Administrative Templates** > **Windows Components** > **Internet Explorer** > **Disable changing home page settings**, and set it to **about:blank**.
+To turn off the home page:
+
+- **Enable** the Group Policy: **User Configuration** > **Administrative Templates** > **Windows Components** > **Internet Explorer** > **Disable changing home page settings**, and set it to **about:blank**
 
   -or -
 
@@ -468,14 +470,18 @@ To turn off the home page, **Enable** the Group Policy: **User Configuration** >
 - Create a new REG_DWORD registry setting named **HomePage** in **HKEY_Current_User\\SOFTWARE\\Policies\\Microsoft\\Internet Explorer\\Control Panel** with a **1 (one)**
 
 
-To configure the First Run Wizard, **Enable** the Group Policy: **User Configuration** > **Administrative Templates** > **Windows Components** > **Internet Explorer** > **Prevent running First Run wizard**, and set it to **Go directly to home page**.
+To configure the First Run Wizard:
+
+- **Enable** the Group Policy: **User Configuration** > **Administrative Templates** > **Windows Components** > **Internet Explorer** > **Prevent running First Run wizard**, and set it to **Go directly to home page**
 
   -or -
 
 - Create a new REG_DWORD registry setting named **DisableFirstRunCustomize** in **HKEY_Current_User\\SOFTWARE\\Policies\\Microsoft\\Internet Explorer\\Main** with a **1 (one)**
 
 
-To configure the behavior for a new tab, **Enable** the Group Policy: **User Configuration** > **Administrative Templates** > **Windows Components** > **Internet Explorer** > **Specify default behavior for a new tab**, and set it to **about:blank**.
+To configure the behavior for a new tab:
+
+- **Enable** the Group Policy: **User Configuration** > **Administrative Templates** > **Windows Components** > **Internet Explorer** > **Specify default behavior for a new tab**, and set it to **about:blank**
 
   -or -
 

From b9061d8a582bf45643e87b10dce34bfa9e0a82da Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Mon, 20 May 2019 19:40:37 -0700
Subject: [PATCH 114/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services.md

---
 ...s-operating-system-components-to-microsoft-services.md | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
index b31f45fa4d..f939752bec 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
@@ -461,7 +461,7 @@ To turn off the home page:
 
 - **Enable** the Group Policy: **User Configuration** > **Administrative Templates** > **Windows Components** > **Internet Explorer** > **Disable changing home page settings**, and set it to **about:blank**
 
-  -or -
+  -or-
 
 - Create a new REG_SZ registry setting named **Start Page** in **HKEY_Current_User\\SOFTWARE\\Policies\\Microsoft\\Internet Explorer\\Main** with a **about:blank**
 
@@ -474,7 +474,7 @@ To configure the First Run Wizard:
 
 - **Enable** the Group Policy: **User Configuration** > **Administrative Templates** > **Windows Components** > **Internet Explorer** > **Prevent running First Run wizard**, and set it to **Go directly to home page**
 
-  -or -
+  -or-
 
 - Create a new REG_DWORD registry setting named **DisableFirstRunCustomize** in **HKEY_Current_User\\SOFTWARE\\Policies\\Microsoft\\Internet Explorer\\Main** with a **1 (one)**
 
@@ -483,7 +483,7 @@ To configure the behavior for a new tab:
 
 - **Enable** the Group Policy: **User Configuration** > **Administrative Templates** > **Windows Components** > **Internet Explorer** > **Specify default behavior for a new tab**, and set it to **about:blank**
 
-  -or -
+  -or-
 
 - Create a new REG_DWORD registry setting named **NewTabPageShow** in **HKEY_Current_User\\SOFTWARE\\Policies\\Microsoft\\Internet Explorer\\TabbedBrowsing** with a **0 (zero)**
 
@@ -496,7 +496,7 @@ You can turn this off by:
 
 -  **Enable** the Group Policy: **User Configuration** > **Administrative Templates** > **Windows Components** > **Internet Explorer** > **Security Features** > **Add-on Management** > **Turn off Automatic download of the ActiveX VersionList**
 
-  -or -
+  -or-
 
 -  Changing the REG_DWORD registry setting **HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\VersionManager\\DownloadVersionList** to **0 (zero)**.
 

From 77130a267200c42db7186e15a07f478f9c64c23a Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Tue, 21 May 2019 00:01:44 -0700
Subject: [PATCH 115/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services.md

---
 ...windows-operating-system-components-to-microsoft-services.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
index f939752bec..0c1bdaf9dc 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
@@ -1061,7 +1061,7 @@ To turn off voice dictation, speaking to Cortana and other apps, or sending voic
 - Create a REG_DWORD registry setting named **HasAccepted** in **HKEY_CURRENT_USER\\Software\\Microsoft\\Speech_OneCore\\Settings\\OnlineSpeechPrivacy** with a **value of 0 (zero)**
 
 
-If you're running at Windows 10, version 1703 up to Windows 10, version 1803, you can turn off updates to the speech recognition and speech synthesis models:
+If you're running at Windows 10, version 1703 up to and including Windows 10, version 1803, you can turn off updates to the speech recognition and speech synthesis models:
 
  - **Disable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Speech** > **Allow automatic update of Speech Data** 
 

From c48b73a3b05c319fe0bcd846182001a728d2ed6f Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Tue, 21 May 2019 00:32:24 -0700
Subject: [PATCH 116/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services.md

---
 ...ndows-operating-system-components-to-microsoft-services.md | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
index 0c1bdaf9dc..0e8aabd32d 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
@@ -1019,9 +1019,7 @@ To turn off **Choose apps that can use your microphone**:
 
 To turn off notifications network usage:
 
-- Apply the Group Policy: **Computer Configuration** > **Administrative Templates** > **Start Menu and Taskbar** > **Notifications** > **Turn off Notifications network usage**
-
-  - Set to **Enabled**.
+- **Enable** the Group Policy: **Computer Configuration** > **Administrative Templates** > **Start Menu and Taskbar** > **Notifications** > **Turn off Notifications network usage**
 
   -or-
 

From 34af4ece5bfa2703ca1ce198cb0ea672295c41b9 Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Tue, 21 May 2019 00:47:28 -0700
Subject: [PATCH 117/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services.md

---
 ...ndows-operating-system-components-to-microsoft-services.md | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
index 0e8aabd32d..5ea6dcf94c 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
@@ -1660,7 +1660,9 @@ You can turn off **Enhanced Notifications** as follows:
 
 To disable Windows Defender Smartscreen:
 
-- In Group Policy, configure - **Computer Configuration > Administrative Templates > Windows Components > Windows Defender SmartScreen > Explorer > Configure Windows Defender SmartScreen** to be **Disabled**
+In Group Policy, configure: 
+
+- **Computer Configuration > Administrative Templates > Windows Components > Windows Defender SmartScreen > Explorer > Configure Windows Defender SmartScreen** to be **Disabled**
 
    -and-
 

From 858a990def2f94de1747fd1a0a3159cd7af1ad35 Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Tue, 21 May 2019 01:20:30 -0700
Subject: [PATCH 118/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services.md

---
 ...windows-operating-system-components-to-microsoft-services.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
index 5ea6dcf94c..9b3f4b2747 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
@@ -1885,7 +1885,7 @@ You can turn off Windows Update by setting the following registry entries:
 - Set the Group Policy **User Configuration** &gt; **Administrative Templates** &gt; **Windows Components** &gt; **Windows Update** &gt; **Remove access to use all Windows Update features** to **Enabled** and then set **Computer Configurations** to **0 (zero)**.  
 
 
-You can turn off automatic updates by doing one of the following. This is not recommended.
+You can turn off automatic updates by doing the following. This is not recommended.
 
 - Add a REG_DWORD value named **AutoDownload** to **HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\WindowsStore\\WindowsUpdate** and set the value to 5.
 

From 0e87eee9e715738c9df88923daa683e63684369e Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Tue, 21 May 2019 02:33:37 -0700
Subject: [PATCH 119/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md

---
 ...rating-system-components-to-microsoft-services-using-MDM.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
index 6170aa0169..cd2016076a 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
@@ -79,7 +79,7 @@ For Windows 10, the following MDM policies are available in the [Policy CSP](htt
 |   17.5 Notifications | [Notifications/DisallowCloudNotification](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-notifications#notifications-disallowcloudnotification) | Turn off notifications network usage.  **DO NOT TURN OFF WNS Notifications if you want manage your device(s) using Microsoft InTune**
 | | [Privacy/LetAppsAccessNotifications](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessnotifications) | Specifies whether Windows apps can access notifications. **Set to 2 (two)**  
 | | [Settings/AllowOnlineTips]( https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-settings#settings-allowonlinetips) | Enables or disables the retrieval of online tips and help for the Settings app. **Set to Disabled**
-|   17.6 Speech, Inking, & Typing | [Speech/AllowSpeechModelUpdate](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-speech#speech-allowspeechmodelupdate) | Specifies whether the device will receive updates to the speech recognition and speech synthesis models. **Set to 0 (zero)** 
+|   17.6 Speech, Inking, & Typing | [Privacy/AllowInputPersonalization](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-allowinputpersonalization) | This policy specifies whether users on the device have the option to enable online speech recognition. **Set to 0 (zero)** 
 | | [TextInput/AllowLinguisticDataCollection](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-textinput#textinput-allowlinguisticdatacollection)| This policy setting controls the ability to send inking and typing data to Microsoft  **Set to 0 (zero)** 
 |   17.7 Account info | [Privacy/LetAppsAccessAccountInfo](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessaccountinfo) | Specifies whether Windows apps can access account information. **Set to 2 (two)** 
 |   17.8 Contacts | [Privacy/LetAppsAccessContacts](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesscontacts) | Specifies whether Windows apps can access contacts. **Set to 2 (two)** 
@@ -92,6 +92,7 @@ For Windows 10, the following MDM policies are available in the [Policy CSP](htt
 |   17.15 Other devices | [Privacy/LetAppsSyncWithDevices](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappssyncwithdevices) | Specifies whether Windows apps can sync with devices. **Set to 2 (two)** 
 | | [Privacy/LetAppsAccessTrustedDevices](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesstrusteddevices) | Specifies whether Windows apps can access trusted devices. **Set to 2 (two)** 
 |   17.16 Feedback & diagnostics | [System/AllowTelemetry](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-system#system-allowtelemetry) | Allow the device to send diagnostic and usage telemetry data, such as Watson. **Set to 0 (zero)** 
+| | [Experience/DoNotShowFeedbackNotifications](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-experience#experience-donotshowfeedbacknotifications)| Prevents devices from showing feedback questions from Microsoft.  **Set to 1 (one)** 
 |   17.17 Background apps | [Privacy/LetAppsRunInBackground](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsruninbackground) | Specifies whether Windows apps can run in the background. **Set to 2 (two)** 
 |   17.18 Motion | [Privacy/LetAppsAccessMotion](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccessmotion) | Specifies whether Windows apps can access motion data. **Set to 2 (two)** 
 |   17.19 Tasks | [Privacy/LetAppsAccessTasks](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-privacy#privacy-letappsaccesstasks) | Turn off the ability to choose which apps have access to tasks. **Set to 2 (two)** 

From d31a135f198fbbfb2db4447c69e6a85df11e753e Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Tue, 21 May 2019 02:34:44 -0700
Subject: [PATCH 120/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md

---
 ...erating-system-components-to-microsoft-services-using-MDM.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
index cd2016076a..53034ea742 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services-using-MDM.md
@@ -115,7 +115,7 @@ For Windows 10, the following MDM policies are available in the [Policy CSP](htt
 | 27. Windows Update | [Update/AllowAutoUpdate](https://docs.microsoft.com/en-us/windows/client-management/mdm/policy-csp-update#update-allowautoupdate) | Control automatic updates. **Set to 5 (five)** 
 
 
-### <a href="" id="bkmk-mdm-whitelist"></a> Allowed traffic (aka "Whitelisted") for Microsoft InTune / MDM configurations
+### <a href="" id="bkmk-mdm-whitelist"></a> Allowed traffic ("Whitelisted traffic") for Microsoft InTune / MDM configurations
 
 |**Allowed traffic endpoints** | 
 | --- | 

From 74ad9ceabd7c288dfbd01161e0866c035b35f0f3 Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Tue, 21 May 2019 09:22:12 -0700
Subject: [PATCH 121/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services.md

---
 ...windows-operating-system-components-to-microsoft-services.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
index 9b3f4b2747..6d68ff8d29 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
@@ -1046,7 +1046,7 @@ To turn off **Let apps access my notifications**:
 
 In the **Speech** area, you can configure the functionality as such: 
 
-To turn off voice dictation, speaking to Cortana and other apps, or sending voice input to Microsoft Speech services:
+To turn off using your voice for dictation and to talk to Cortana and other apps and sending your voice input to Microsoft Speech services:
 
 - Toggle the Settings -> Privacy -> Speech -> **Online speech recognition** switch to **Off** 
 

From a1b8af84adb8e8842473f6349e4c6aca95348a6d Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Tue, 21 May 2019 10:57:13 -0700
Subject: [PATCH 122/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services.md

---
 ...windows-operating-system-components-to-microsoft-services.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
index 6d68ff8d29..8f196beb9f 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
@@ -1046,7 +1046,7 @@ To turn off **Let apps access my notifications**:
 
 In the **Speech** area, you can configure the functionality as such: 
 
-To turn off using your voice for dictation and to talk to Cortana and other apps and sending your voice input to Microsoft Speech services:
+To turn off dictation of your voice, speaking to Cortana and other apps, and to prevent sending your voice input to Microsoft Speech services:
 
 - Toggle the Settings -> Privacy -> Speech -> **Online speech recognition** switch to **Off** 
 

From 21d3d87eb7394258553d10838634c08cd8f7fa47 Mon Sep 17 00:00:00 2001
From: Greg Lindsay <greglin@microsoft.com>
Date: Tue, 21 May 2019 13:38:12 -0700
Subject: [PATCH 123/157] insert missing link

---
 windows/whats-new/whats-new-windows-10-version-1903.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/whats-new/whats-new-windows-10-version-1903.md b/windows/whats-new/whats-new-windows-10-version-1903.md
index 071529cc49..1373c5d800 100644
--- a/windows/whats-new/whats-new-windows-10-version-1903.md
+++ b/windows/whats-new/whats-new-windows-10-version-1903.md
@@ -110,7 +110,7 @@ The draft release of the [security configuration baseline settings](https://blog
 
     - WDAG allows dynamic navigation: Application Guard now allows users to navigate back to their default host browser from the WDAG Microsoft Edge. Previously, users browsing in WDAG Edge would see an error page when they try to go to a trusted site within the container browser. With this new feature, users will automatically be redirected to their host default browser when they enter or click on a trusted site in WDAG Edge. This feature is also available in Windows 10, version 1803 or later with the latest updates.
 
-- [Windows Defender Application Control (WDAC)](): In Windows 10, version 1903 WDAC has a number of new features that light up key scenarios and provide feature parity with AppLocker.
+- [Windows Defender Application Control (WDAC)](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control): In Windows 10, version 1903 WDAC has a number of new features that light up key scenarios and provide feature parity with AppLocker.
     - [Multiple Policies](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies): WDAC now supports multiple simultaneous code integrity policies for one device in order to enable the following scenarios: 1) enforce and audit side-by-side, 2) simpler targeting for policies with different scope/intent, 3) expanding a policy using a new ‘supplemental’ policy.
     - [Path-Based Rules](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-control/create-path-based-rules.md): The path condition identifies an app by its location in the file system of the computer or on the network instead of a signer or hash identifier. Additionally, WDAC has an option that allows admins to enforce at runtime that only code from paths that are not user-writeable is executed. When code tries to execute at runtime, the directory is scanned and files will be checked for write permissions for non-known admins. If a file is found to be user writeable, the executable is blocked from running unless it is authorized by something other than a path rule like a signer or hash rule.<br>
     This brings WDAC to functionality parity with AppLocker in terms of support for file path rules. WDAC improves upon the security of policies based on file path rules with the availability of the user-writability permission checks at runtime time, which is a capability that is not available with AppLocker.

From 75e8a5601199c3b404fa5313d1c15dc0f6c42561 Mon Sep 17 00:00:00 2001
From: DocsPreview <49669258+DocsPreview@users.noreply.github.com>
Date: Tue, 21 May 2019 13:54:12 -0700
Subject: [PATCH 124/157] Fixed one typo mistake in current status (#254)

---
 windows/release-information/status-windows-10-1903.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/release-information/status-windows-10-1903.yml b/windows/release-information/status-windows-10-1903.yml
index 5b70d0d6e7..a98c7d3ed7 100644
--- a/windows/release-information/status-windows-10-1903.yml
+++ b/windows/release-information/status-windows-10-1903.yml
@@ -22,7 +22,7 @@ sections:
       
  <table border = '0' class='box-info'><tr>
 <td bgcolor='#d3f1fb' class='alert is-primary'><b>Current status</b>:<br>
-      <div>Windows 10, version 1903 is available by manually by selecting “Check for updates” via Windows Update. (Note: We are slowly throttling up this availability while we carefully monitor data and feedback). The recommended servicing status is Semi-Annual Channel.</div>
+      <div>Windows 10, version 1903 is available by manually selecting “Check for updates” via Windows Update. (<b>Note</b> We are slowly throttling up this availability while we carefully monitor data and feedback.) The recommended servicing status is Semi-Annual Channel.</div>
 </td></tr></table>
 
       " 

From 81d29602dd4b2f6861676f18a7238ea112f48267 Mon Sep 17 00:00:00 2001
From: ManikaDhiman <v-madhi@microsoft.com>
Date: Tue, 21 May 2019 15:12:14 -0700
Subject: [PATCH 125/157] Removed warning, updated what's new and policy DDF

---
 .../mdm/enrollmentstatustracking-csp.md       |    4 +-
 ...ew-in-windows-mdm-enrollment-management.md |   39 +-
 .../mdm/policy-csp-authentication.md          |    5 +-
 .../mdm/policy-csp-deliveryoptimization.md    |    5 +-
 .../mdm/policy-csp-experience.md              |    6 +-
 .../mdm/policy-csp-internetexplorer.md        |    4 +-
 .../client-management/mdm/policy-csp-power.md |    4 +-
 .../mdm/policy-csp-search.md                  |    4 +-
 .../mdm/policy-csp-system.md                  |    5 +-
 .../mdm/policy-csp-update.md                  |    5 +-
 .../mdm/policy-csp-windowslogon.md            |    4 +-
 .../client-management/mdm/policy-ddf-file.md  | 3522 ++++++++++++++++-
 12 files changed, 3375 insertions(+), 232 deletions(-)

diff --git a/windows/client-management/mdm/enrollmentstatustracking-csp.md b/windows/client-management/mdm/enrollmentstatustracking-csp.md
index 39a6f767c6..2f213bb910 100644
--- a/windows/client-management/mdm/enrollmentstatustracking-csp.md
+++ b/windows/client-management/mdm/enrollmentstatustracking-csp.md
@@ -6,13 +6,11 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: ManikaDhiman
-ms.date: 04/25/2019
+ms.date: 05/21/2019
 ---
 
 # EnrollmentStatusTracking CSP
 
-> [!WARNING]
-> Some information relates to prereleased products, which may be substantially modified before it's commercially released. Microsoft makes no warranties, expressed or implied, concerning the information provided here.
 
 During Autopilot deployment, you can configure the Enrollment Status Page (ESP) to block the device use until the required apps are installed. You can select the apps that must be installed before using the device. The EnrollmentStatusTracking configuration service provider (CSP) is used by Intune's agents, such as SideCar to configure ESP for blocking the device use until the required Win32 apps are installed. It tracks the installation status of the required policy providers and the apps they install and sends it to ESP, which displays the installation progress message to the user. For more information on ESP, see [Windows Autopilot Enrollment Status page](https://docs.microsoft.com/en-us/windows/deployment/windows-autopilot/enrollment-status).
 
diff --git a/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md b/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md
index 71fa422e10..ab44a155b2 100644
--- a/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md
+++ b/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md
@@ -124,7 +124,7 @@ For details about Microsoft mobile device management protocols for Windows 10 s
 </ul>
 </td></tr>
 <tr>
-<td style="vertical-align:top">[EnrollmentStatusTracking  CSP](enrollmentstatustracking-csp.md)</td>
+<td style="vertical-align:top">[EnrollmentStatusTracking CSP](enrollmentstatustracking-csp.md)</td>
 <td style="vertical-align:top"><p>Added new CSP in Windows 10, version 1903.</p>
 </td></tr>
 </tbody>
@@ -1838,10 +1838,10 @@ The DM agent for [push-button reset](https://msdn.microsoft.com/windows/hardware
 ## Frequently Asked Questions
 
 
-###**Can there be more than 1 MDM server to enroll and manage devices in Windows 10?**
+### **Can there be more than 1 MDM server to enroll and manage devices in Windows 10?**
 No. Only one MDM is allowed.
 
-###**How do I set the maximum number of Azure Active Directory joined devices per user?**
+### **How do I set the maximum number of Azure Active Directory joined devices per user?**
 1.  Login to the portal as tenant admin: https://manage.windowsazure.com.
 2.  Click Active Directory on the left pane.
 3.  Choose your tenant.
@@ -1851,7 +1851,7 @@ No. Only one MDM is allowed.
     ![aad maximum joined devices](images/faq-max-devices.png)
  
 
-###**What is dmwappushsvc?**
+### **What is dmwappushsvc?**
 
 Entry | Description
 --------------- | --------------------
@@ -1860,6 +1860,35 @@ What data is handled by dmwappushsvc? | It is a component handling the internal
 How do I turn if off? | The service can be stopped from the "Services" console on the device (Start > Run > services.msc). However, since this is a component part of the OS and  required for the proper functioning of the device, we strongly recommend not to do this. |
 
 ## Change history in MDM documentation
+### May 2019
+
+|New or updated topic | Description|
+|--- | ---|
+|[EnrollmentStatusTracking CSP](enrollmentstatustracking-csp.md)|Added new CSP in Windows 10, version 1903.|
+|[Policy CSP - DeliveryOptimization](policy-csp-deliveryoptimization.md)|Added the following new policies: DODelayCacheServerFallbackBackground, DODelayCacheServerFallbackForeground<br><br>Updated description of the following policies: DOMinRAMAllowedToPeer, DOMinFileSizeToCache, DOMinDiskSizeAllowedToPeer|
+|[Policy CSP - Experience](policy-csp-experience.md)|Added the following new policy: ShowLockOnUserTile|
+|[Policy CSP - InternetExplorer](policy-csp-internetexplorer.md)|Added the following new policies: AllowEnhancedSuggestionsInAddressBar, DisableActiveXVersionListAutoDownload, DisableCompatView, DisableFeedsBackgroundSync, DisableGeolocation, DisableWebAddressAutoComplete, NewTabDefaultPage|
+|[Policy CSP - Power](policy-csp-power.md)|Added the following new policies: EnergySaverBatteryThresholdOnBattery, EnergySaverBatteryThresholdPluggedIn, SelectLidCloseActionOnBattery, SelectLidCloseActionPluggedIn, SelectPowerButtonActionOnBattery, SelectPowerButtonActionPluggedIn, SelectSleepButtonActionOnBattery, SelectSleepButtonActionPluggedIn, TurnOffHybridSleepOnBattery, TurnOffHybridSleepPluggedIn, UnattendedSleepTimeoutOnBattery, UnattendedSleepTimeoutPluggedIn|
+|[Policy CSP - Search](policy-csp-search.md)|Added the following new policy: AllowFindMyFiles|
+|[Policy CSP - System](policy-csp-system.md)|Added the following new policies: AllowCommercialDataPipeline, TurnOffFileHistory|
+|[Policy CSP - Update](policy-csp-update.md)|Added the following new policies: AutomaticMaintenanceWakeUp, ConfigureDeadlineForFeatureUpdates, ConfigureDeadlineForQualityUpdates, ConfigureDeadlineGracePeriod, ConfigureDeadlineNoAutoReboot|
+|[Policy CSP - WindowsLogon](policy-csp-windowslogon.md)|Added the following new policies: AllowAutomaticRestartSignOn, ConfigAutomaticRestartSignOn, EnableFirstLogonAnimation|
+|[DeviceStatus CSP](devicestatus-csp.md)|Updated description of the following nodes: DeviceStatus/Antivirus/SignatureStatus, DeviceStatus/Antispyware/SignatureStatus|
+
+### April 2019
+
+|New or updated topic | Description|
+|--- | ---|
+|[Win32 and Desktop Bridge app policy configuration](win32-and-centennial-app-policy-configuration.md)|Added the following warning at the end of the Overview section: Some operating system components have built in functionality to check devices for domain membership. MDM enforces the configured policy values only if the devices are domain joined, otherwise it does not. However, you can still import ADMX files and set ADMX-backed policies regardless of whether the device is domain joined or non-domain joined.|
+|[Policy CSP - UserRights](policy-csp-userrights.md)|Added a note stating if you use Intune custom profiles to assign UserRights policies, you must use the CDATA tag (<![CDATA[...]]>) to wrap the data fields.|
+
+### March 2019
+
+|New or updated topic | Description|
+|--- | ---|
+|[Policy CSP - Storage](policy-csp-storage.md)|Updated ADMX Info of the following policies: AllowStorageSenseGlobal, AllowStorageSenseTemporaryFilesCleanup, ConfigStorageSenseCloudContentDehydrationThreshold, ConfigStorageSenseDownloadsCleanupThreshold, ConfigStorageSenseGlobalCadence, ConfigStorageSenseRecycleBinCleanupThreshold|
+|[Policy CSP - Storage](policy-csp-storage.md)|Updated description of ConfigStorageSenseDownloadsCleanupThreshold|
+
 
 ### February 2019
 
@@ -1915,7 +1944,7 @@ How do I turn if off? | The service can be stopped from the "Services" console o
 <td style="vertical-align:top"><p>Added new settings in Windows 10, version 1809.</p>
 </td></tr>
 <tr>
-<td style="vertical-align:top">[TenantLockdown CSP](\tenantlockdown--csp.md)</td>
+<td style="vertical-align:top">[TenantLockdown CSP](\tenantlockdown-csp.md)</td>
 <td style="vertical-align:top"><p>Added new CSP in Windows 10, version 1809.</p>
 </td></tr>
 <tr>
diff --git a/windows/client-management/mdm/policy-csp-authentication.md b/windows/client-management/mdm/policy-csp-authentication.md
index 58790db16d..19e7ffb900 100644
--- a/windows/client-management/mdm/policy-csp-authentication.md
+++ b/windows/client-management/mdm/policy-csp-authentication.md
@@ -6,14 +6,11 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: MariciaAlforque
-ms.date: 05/01/2019
+ms.date: 05/21/2019
 ---
 
 # Policy CSP - Authentication
 
-> [!WARNING]
-> Some information relates to prereleased products, which may be substantially modified before it's commercially released. Microsoft makes no warranties, expressed or implied, concerning the information provided here.
-
 
 <hr/>
 
diff --git a/windows/client-management/mdm/policy-csp-deliveryoptimization.md b/windows/client-management/mdm/policy-csp-deliveryoptimization.md
index a6226c81d3..bc9b57fc40 100644
--- a/windows/client-management/mdm/policy-csp-deliveryoptimization.md
+++ b/windows/client-management/mdm/policy-csp-deliveryoptimization.md
@@ -6,14 +6,11 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: MariciaAlforque
-ms.date: 05/15/2019
+ms.date: 05/21/2019
 ---
 
 # Policy CSP - DeliveryOptimization
 
-> [!WARNING]
-> Some information relates to prereleased products, which may be substantially modified before it's commercially released. Microsoft makes no warranties, expressed or implied, concerning the information provided here.
-
 
 <hr/>
 
diff --git a/windows/client-management/mdm/policy-csp-experience.md b/windows/client-management/mdm/policy-csp-experience.md
index 4db9f3f778..066e52e609 100644
--- a/windows/client-management/mdm/policy-csp-experience.md
+++ b/windows/client-management/mdm/policy-csp-experience.md
@@ -6,15 +6,11 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: MariciaAlforque
-ms.date: 05/14/2019
+ms.date: 05/21/2019
 ---
 
 # Policy CSP - Experience
 
-> [!WARNING]
-> Some information relates to prereleased products, which may be substantially modified before it's commercially released. Microsoft makes no warranties, expressed or implied, concerning the information provided here.
-
-
 <hr/>
 
 <!--Policies-->
diff --git a/windows/client-management/mdm/policy-csp-internetexplorer.md b/windows/client-management/mdm/policy-csp-internetexplorer.md
index 1638a2dde8..c9be35eac1 100644
--- a/windows/client-management/mdm/policy-csp-internetexplorer.md
+++ b/windows/client-management/mdm/policy-csp-internetexplorer.md
@@ -6,13 +6,11 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: MariciaAlforque
-ms.date: 05/06/2019
+ms.date: 05/21/2019
 ---
 
 # Policy CSP - InternetExplorer
 
-> [!WARNING]
-> Some information relates to prereleased products, which may be substantially modified before it's commercially released. Microsoft makes no warranties, expressed or implied, concerning the information provided here.
 
 <hr/>
 
diff --git a/windows/client-management/mdm/policy-csp-power.md b/windows/client-management/mdm/policy-csp-power.md
index 3b9db5c095..e1aab20c25 100644
--- a/windows/client-management/mdm/policy-csp-power.md
+++ b/windows/client-management/mdm/policy-csp-power.md
@@ -6,13 +6,11 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: MariciaAlforque
-ms.date: 05/03/2019
+ms.date: 05/21/2019
 ---
 
 # Policy CSP - Power
 
-> [!WARNING]
-> Some information relates to prereleased products, which may be substantially modified before it's commercially released. Microsoft makes no warranties, expressed or implied, concerning the information provided here.
 
 <hr/>
 
diff --git a/windows/client-management/mdm/policy-csp-search.md b/windows/client-management/mdm/policy-csp-search.md
index 71f49109e0..03e8096529 100644
--- a/windows/client-management/mdm/policy-csp-search.md
+++ b/windows/client-management/mdm/policy-csp-search.md
@@ -6,13 +6,11 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: MariciaAlforque
-ms.date: 05/14/2019
+ms.date: 05/21/2019
 ---
 
 # Policy CSP - Search
 
-> [!WARNING]
-> Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
 
 <hr/>
 
diff --git a/windows/client-management/mdm/policy-csp-system.md b/windows/client-management/mdm/policy-csp-system.md
index 92fd30f9bb..63e951ca84 100644
--- a/windows/client-management/mdm/policy-csp-system.md
+++ b/windows/client-management/mdm/policy-csp-system.md
@@ -6,14 +6,11 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: MariciaAlforque
-ms.date: 05/09/2019
+ms.date: 05/21/2019
 ---
 
 # Policy CSP - System
 
-> [!WARNING]
-> Some information relates to prereleased products, which may be substantially modified before it's commercially released. Microsoft makes no warranties, expressed or implied, concerning the information provided here.
-
 
 <hr/>
 
diff --git a/windows/client-management/mdm/policy-csp-update.md b/windows/client-management/mdm/policy-csp-update.md
index 9c370fa02c..78dfe6c171 100644
--- a/windows/client-management/mdm/policy-csp-update.md
+++ b/windows/client-management/mdm/policy-csp-update.md
@@ -6,14 +6,11 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: MariciaAlforque
-ms.date: 05/08/2019
+ms.date: 05/21/2019
 ---
 
 # Policy CSP - Update
 
-> [!WARNING]
-> Some information relates to prereleased products, which may be substantially modified before it's commercially released. Microsoft makes no warranties, expressed or implied, concerning the information provided here.
-
 
 <hr/>
 
diff --git a/windows/client-management/mdm/policy-csp-windowslogon.md b/windows/client-management/mdm/policy-csp-windowslogon.md
index 14369d49d1..986631e067 100644
--- a/windows/client-management/mdm/policy-csp-windowslogon.md
+++ b/windows/client-management/mdm/policy-csp-windowslogon.md
@@ -6,13 +6,11 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: MariciaAlforque
-ms.date: 05/07/2019
+ms.date: 05/21/2019
 ---
 
 # Policy CSP - WindowsLogon
 
-> [!WARNING]
-> Some information relates to prereleased products, which may be substantially modified before it's commercially released. Microsoft makes no warranties, expressed or implied, concerning the information provided here.
 
 <hr/>
 
diff --git a/windows/client-management/mdm/policy-ddf-file.md b/windows/client-management/mdm/policy-ddf-file.md
index e9e1339f46..86088f08cb 100644
--- a/windows/client-management/mdm/policy-ddf-file.md
+++ b/windows/client-management/mdm/policy-ddf-file.md
@@ -7,7 +7,7 @@ ms.topic: article
 ms.prod: w10
 ms.technology: windows
 author: MariciaAlforque
-ms.date: 08/29/2018
+ms.date: 05/21/2019
 ---
 
 # Policy DDF file
@@ -19,6 +19,7 @@ This topic shows the OMA DM device description framework (DDF) for the **Policy*
 
 You can download the DDF files from the links below:
 
+- [Download the Policy DDF file for Windows 10, version 1803](http://download.microsoft.com/download/7/3/5/735B8537-82F4-4CD1-B059-93984F9FAAC5/PolicyDDF_all_1809.xml)
 - [Download the Policy DDF file for Windows 10, version 1803](https://download.microsoft.com/download/4/9/6/496534EE-8F0C-4F12-B084-A8502DA22430/PolicyDDF_all.xml)
 - [Download the Policy DDF file for Windows 10, version 1803 release C](http://download.microsoft.com/download/4/9/6/496534EE-8F0C-4F12-B084-A8502DA22430/PolicyDDF_all_1809C_release.xml)
 - [Download the Policy DDF file for Windows 10, version 1709](https://download.microsoft.com/download/8/C/4/8C43C116-62CB-470B-9B69-76A3E2BC32A8/PolicyDDF_all.xml)
@@ -27,7 +28,7 @@ You can download the DDF files from the links below:
 - [Download the Policy DDF file for Windows 10, version 1607 release 8C](https://download.microsoft.com/download/6/1/C/61C022FD-6F5D-4F73-9047-17F630899DC4/PolicyDDF_all_version1607_8C.xml)
 - [CSP DDF files download](configuration-service-provider-reference.md#csp-ddf-files-download)
 
-The XML below is the DDF for Windows 10, version 1809.
+The XML below is the DDF for Windows 10, version 1903.
 
 ``` syntax
 <?xml version="1.0" encoding="UTF-8"?>
@@ -53,7 +54,7 @@ The XML below is the DDF for Windows 10, version 1809.
         <Permanent />
       </Scope>
       <DFType>
-        <MIME>com.microsoft/8.0/MDM/Policy</MIME>
+        <MIME>com.microsoft/9.0/MDM/Policy</MIME>
       </DFType>
     </DFProperties>
     <Node>
@@ -1420,12 +1421,12 @@ Related policy:
 
 If enabled, you must include URLs to the pages, separating multiple pages using angle brackets in the following format:
 
-      <support.contoso.com><support.microsoft.com>
+      &lt;support.contoso.com&gt;&lt;support.microsoft.com&gt;
 
 If disabled or not configured, the webpages specified in App settings loads as the default Start pages.
 
 Version 1703 or later:
-If you do not want to send traffic to Microsoft, enable this policy and use the <about:blank> value, which honors domain- and non-domain-joined devices, when it is the only configured URL.
+If you do not want to send traffic to Microsoft, enable this policy and use the &lt;about&#58;blank&gt; value, which honors domain- and non-domain-joined devices, when it is the only configured URL.
 
 Version 1809:
 If enabled, and you select either Start page, New Tab page, or previous page in the Configure Open Microsoft Edge With policy, Microsoft Edge ignores the Configure Start Pages policy. If not configured or you set the Configure Open Microsoft Edge With policy to a specific page or pages, Microsoft Edge uses the Configure Start Pages policy.
@@ -1653,11 +1654,11 @@ If disabled or not configured, extensions defined as part of this policy get ign
 Default setting:  Disabled or not configured
 Related policies: Allow Developer Tools
 Related Documents:
-- Find a package family name (PFN) for per-app VPN (https://docs.microsoft.com/sccm/protect/deploy-use/find-a-pfn-for-per-app-vpn)
-- How to manage apps you purchased from the Microsoft Store for Business with Microsoft Intune (https://docs.microsoft.com/intune/windows-store-for-business)
-- How to assign apps to groups with Microsoft Intune (https://docs.microsoft.com/intune/apps-deploy)
-- Manage apps from the Microsoft Store for Business with System Center Configuration Manager  (https://docs.microsoft.com/sccm/apps/deploy-use/manage-apps-from-the-windows-store-for-business)
-- How to add Windows line-of-business (LOB) apps to Microsoft Intune (https://docs.microsoft.com/intune/lob-apps-windows)</Description>
+- Find a package family name (PFN) for per-app VPN (https://docs.microsoft.com/en-us/sccm/protect/deploy-use/find-a-pfn-for-per-app-vpn)
+- How to manage apps you purchased from the Microsoft Store for Business with Microsoft Intune (https://docs.microsoft.com/en-us/intune/windows-store-for-business)
+- How to assign apps to groups with Microsoft Intune (https://docs.microsoft.com/en-us/intune/apps-deploy)
+- Manage apps from the Microsoft Store for Business with System Center Configuration Manager  (https://docs.microsoft.com/en-us/sccm/apps/deploy-use/manage-apps-from-the-windows-store-for-business)
+- How to add Windows line-of-business (LOB) apps to Microsoft Intune (https://docs.microsoft.com/en-us/intune/lob-apps-windows)</Description>
             <DFFormat>
               <chr/>
             </DFFormat>
@@ -2733,6 +2734,30 @@ Related policy:
             </DFType>
           </DFProperties>
         </Node>
+        <Node>
+          <NodeName>AllowEnhancedSuggestionsInAddressBar</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Add />
+              <Delete />
+              <Get />
+              <Replace />
+            </AccessType>
+            <Description></Description>
+            <DFFormat>
+              <chr/>
+            </DFFormat>
+            <Occurrence>
+              <ZeroOrOne />
+            </Occurrence>
+            <Scope>
+              <Dynamic />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+          </DFProperties>
+        </Node>
         <Node>
           <NodeName>AllowEnterpriseModeFromToolsMenu</NodeName>
           <DFProperties>
@@ -3237,6 +3262,30 @@ Related policy:
             </DFType>
           </DFProperties>
         </Node>
+        <Node>
+          <NodeName>DisableActiveXVersionListAutoDownload</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Add />
+              <Delete />
+              <Get />
+              <Replace />
+            </AccessType>
+            <Description></Description>
+            <DFFormat>
+              <chr/>
+            </DFFormat>
+            <Occurrence>
+              <ZeroOrOne />
+            </Occurrence>
+            <Scope>
+              <Dynamic />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+          </DFProperties>
+        </Node>
         <Node>
           <NodeName>DisableAdobeFlash</NodeName>
           <DFProperties>
@@ -3309,6 +3358,30 @@ Related policy:
             </DFType>
           </DFProperties>
         </Node>
+        <Node>
+          <NodeName>DisableCompatView</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Add />
+              <Delete />
+              <Get />
+              <Replace />
+            </AccessType>
+            <Description></Description>
+            <DFFormat>
+              <chr/>
+            </DFFormat>
+            <Occurrence>
+              <ZeroOrOne />
+            </Occurrence>
+            <Scope>
+              <Dynamic />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+          </DFProperties>
+        </Node>
         <Node>
           <NodeName>DisableConfiguringHistory</NodeName>
           <DFProperties>
@@ -3453,6 +3526,30 @@ Related policy:
             </DFType>
           </DFProperties>
         </Node>
+        <Node>
+          <NodeName>DisableFeedsBackgroundSync</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Add />
+              <Delete />
+              <Get />
+              <Replace />
+            </AccessType>
+            <Description></Description>
+            <DFFormat>
+              <chr/>
+            </DFFormat>
+            <Occurrence>
+              <ZeroOrOne />
+            </Occurrence>
+            <Scope>
+              <Dynamic />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+          </DFProperties>
+        </Node>
         <Node>
           <NodeName>DisableFirstRunWizard</NodeName>
           <DFProperties>
@@ -3501,6 +3598,30 @@ Related policy:
             </DFType>
           </DFProperties>
         </Node>
+        <Node>
+          <NodeName>DisableGeolocation</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Add />
+              <Delete />
+              <Get />
+              <Replace />
+            </AccessType>
+            <Description></Description>
+            <DFFormat>
+              <chr/>
+            </DFFormat>
+            <Occurrence>
+              <ZeroOrOne />
+            </Occurrence>
+            <Scope>
+              <Dynamic />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+          </DFProperties>
+        </Node>
         <Node>
           <NodeName>DisableHomePageChange</NodeName>
           <DFProperties>
@@ -3693,6 +3814,30 @@ Related policy:
             </DFType>
           </DFProperties>
         </Node>
+        <Node>
+          <NodeName>DisableWebAddressAutoComplete</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Add />
+              <Delete />
+              <Get />
+              <Replace />
+            </AccessType>
+            <Description></Description>
+            <DFFormat>
+              <chr/>
+            </DFFormat>
+            <Occurrence>
+              <ZeroOrOne />
+            </Occurrence>
+            <Scope>
+              <Dynamic />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+          </DFProperties>
+        </Node>
         <Node>
           <NodeName>DoNotAllowActiveXControlsInProtectedMode</NodeName>
           <DFProperties>
@@ -6765,6 +6910,30 @@ Related policy:
             </DFType>
           </DFProperties>
         </Node>
+        <Node>
+          <NodeName>NewTabDefaultPage</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Add />
+              <Delete />
+              <Get />
+              <Replace />
+            </AccessType>
+            <Description></Description>
+            <DFFormat>
+              <chr/>
+            </DFFormat>
+            <Occurrence>
+              <ZeroOrOne />
+            </Occurrence>
+            <Scope>
+              <Dynamic />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+          </DFProperties>
+        </Node>
         <Node>
           <NodeName>NotificationBarInternetExplorerProcesses</NodeName>
           <DFProperties>
@@ -10235,7 +10404,7 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
             <AccessType>
               <Get />
             </AccessType>
-            <DefaultValue></DefaultValue>
+            <DefaultValue>0</DefaultValue>
             <Description>The favorites bar shows your user&apos;s links to sites they have added to it. With this policy, you can specify whether to set the favorites bar to always be visible or hidden on any page.
 
 If enabled, favorites bar is always visible on any page, and the favorites bar toggle in Settings sets to On, but disabled preventing your users from making changes. An error message also shows at the top of the Settings pane indicating that your organization manages some settings. The show bar/hide bar option is hidden from the context menu.
@@ -10603,12 +10772,12 @@ Related policy:
 
 If enabled, you must include URLs to the pages, separating multiple pages using angle brackets in the following format:
 
-      <support.contoso.com><support.microsoft.com>
+      &lt;support.contoso.com&gt;&lt;support.microsoft.com&gt;
 
 If disabled or not configured, the webpages specified in App settings loads as the default Start pages.
 
 Version 1703 or later:
-If you do not want to send traffic to Microsoft, enable this policy and use the <about:blank> value, which honors domain- and non-domain-joined devices, when it is the only configured URL.
+If you do not want to send traffic to Microsoft, enable this policy and use the &lt;about&#58;blank&gt; value, which honors domain- and non-domain-joined devices, when it is the only configured URL.
 
 Version 1809:
 If enabled, and you select either Start page, New Tab page, or previous page in the Configure Open Microsoft Edge With policy, Microsoft Edge ignores the Configure Start Pages policy. If not configured or you set the Configure Open Microsoft Edge With policy to a specific page or pages, Microsoft Edge uses the Configure Start Pages policy.
@@ -10862,11 +11031,11 @@ If disabled or not configured, extensions defined as part of this policy get ign
 Default setting:  Disabled or not configured
 Related policies: Allow Developer Tools
 Related Documents:
-- Find a package family name (PFN) for per-app VPN (https://docs.microsoft.com/sccm/protect/deploy-use/find-a-pfn-for-per-app-vpn)
-- How to manage apps you purchased from the Microsoft Store for Business with Microsoft Intune (https://docs.microsoft.com/intune/windows-store-for-business)
-- How to assign apps to groups with Microsoft Intune (https://docs.microsoft.com/intune/apps-deploy)
-- Manage apps from the Microsoft Store for Business with System Center Configuration Manager  (https://docs.microsoft.com/sccm/apps/deploy-use/manage-apps-from-the-windows-store-for-business)
-- How to add Windows line-of-business (LOB) apps to Microsoft Intune (https://docs.microsoft.com/intune/lob-apps-windows)</Description>
+- Find a package family name (PFN) for per-app VPN (https://docs.microsoft.com/en-us/sccm/protect/deploy-use/find-a-pfn-for-per-app-vpn)
+- How to manage apps you purchased from the Microsoft Store for Business with Microsoft Intune (https://docs.microsoft.com/en-us/intune/windows-store-for-business)
+- How to assign apps to groups with Microsoft Intune (https://docs.microsoft.com/en-us/intune/apps-deploy)
+- Manage apps from the Microsoft Store for Business with System Center Configuration Manager  (https://docs.microsoft.com/en-us/sccm/apps/deploy-use/manage-apps-from-the-windows-store-for-business)
+- How to add Windows line-of-business (LOB) apps to Microsoft Intune (https://docs.microsoft.com/en-us/intune/lob-apps-windows)</Description>
             <DFFormat>
               <chr/>
             </DFFormat>
@@ -12022,6 +12191,33 @@ Related policy:
             <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
           </DFProperties>
         </Node>
+        <Node>
+          <NodeName>AllowEnhancedSuggestionsInAddressBar</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Get />
+            </AccessType>
+            <DefaultValue></DefaultValue>
+            <Description></Description>
+            <DFFormat>
+              <chr/>
+            </DFFormat>
+            <Occurrence>
+              <One />
+            </Occurrence>
+            <Scope>
+              <Permanent />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+            <MSFT:NotSupportedOnPlatform>phone</MSFT:NotSupportedOnPlatform>
+            <MSFT:ADMXBacked>inetres.admx</MSFT:ADMXBacked>
+            <MSFT:ADMXCategory>inetres~AT~WindowsComponents~InternetExplorer</MSFT:ADMXCategory>
+            <MSFT:ADMXPolicyName>AllowServicePoweredQSA</MSFT:ADMXPolicyName>
+            <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
+          </DFProperties>
+        </Node>
         <Node>
           <NodeName>AllowEnterpriseModeFromToolsMenu</NodeName>
           <DFProperties>
@@ -12589,6 +12785,33 @@ Related policy:
             <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
           </DFProperties>
         </Node>
+        <Node>
+          <NodeName>DisableActiveXVersionListAutoDownload</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Get />
+            </AccessType>
+            <DefaultValue></DefaultValue>
+            <Description></Description>
+            <DFFormat>
+              <chr/>
+            </DFFormat>
+            <Occurrence>
+              <One />
+            </Occurrence>
+            <Scope>
+              <Permanent />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+            <MSFT:NotSupportedOnPlatform>phone</MSFT:NotSupportedOnPlatform>
+            <MSFT:ADMXBacked>inetres.admx</MSFT:ADMXBacked>
+            <MSFT:ADMXCategory>inetres~AT~WindowsComponents~InternetExplorer~SecurityFeatures~IESF_AddOnManagement</MSFT:ADMXCategory>
+            <MSFT:ADMXPolicyName>VersionListAutomaticDownloadDisable</MSFT:ADMXPolicyName>
+            <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
+          </DFProperties>
+        </Node>
         <Node>
           <NodeName>DisableAdobeFlash</NodeName>
           <DFProperties>
@@ -12670,6 +12893,33 @@ Related policy:
             <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
           </DFProperties>
         </Node>
+        <Node>
+          <NodeName>DisableCompatView</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Get />
+            </AccessType>
+            <DefaultValue></DefaultValue>
+            <Description></Description>
+            <DFFormat>
+              <chr/>
+            </DFFormat>
+            <Occurrence>
+              <One />
+            </Occurrence>
+            <Scope>
+              <Permanent />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+            <MSFT:NotSupportedOnPlatform>phone</MSFT:NotSupportedOnPlatform>
+            <MSFT:ADMXBacked>inetres.admx</MSFT:ADMXBacked>
+            <MSFT:ADMXCategory>inetres~AT~WindowsComponents~InternetExplorer~CategoryCompatView</MSFT:ADMXCategory>
+            <MSFT:ADMXPolicyName>CompatView_DisableList</MSFT:ADMXPolicyName>
+            <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
+          </DFProperties>
+        </Node>
         <Node>
           <NodeName>DisableConfiguringHistory</NodeName>
           <DFProperties>
@@ -12832,6 +13082,33 @@ Related policy:
             <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
           </DFProperties>
         </Node>
+        <Node>
+          <NodeName>DisableFeedsBackgroundSync</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Get />
+            </AccessType>
+            <DefaultValue></DefaultValue>
+            <Description></Description>
+            <DFFormat>
+              <chr/>
+            </DFFormat>
+            <Occurrence>
+              <One />
+            </Occurrence>
+            <Scope>
+              <Permanent />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+            <MSFT:NotSupportedOnPlatform>phone</MSFT:NotSupportedOnPlatform>
+            <MSFT:ADMXBacked>inetres.admx</MSFT:ADMXBacked>
+            <MSFT:ADMXCategory>inetres~AT~WindowsComponents~RSS_Feeds</MSFT:ADMXCategory>
+            <MSFT:ADMXPolicyName>Disable_Background_Syncing</MSFT:ADMXPolicyName>
+            <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
+          </DFProperties>
+        </Node>
         <Node>
           <NodeName>DisableFirstRunWizard</NodeName>
           <DFProperties>
@@ -12886,6 +13163,33 @@ Related policy:
             <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
           </DFProperties>
         </Node>
+        <Node>
+          <NodeName>DisableGeolocation</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Get />
+            </AccessType>
+            <DefaultValue></DefaultValue>
+            <Description></Description>
+            <DFFormat>
+              <chr/>
+            </DFFormat>
+            <Occurrence>
+              <One />
+            </Occurrence>
+            <Scope>
+              <Permanent />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+            <MSFT:NotSupportedOnPlatform>phone</MSFT:NotSupportedOnPlatform>
+            <MSFT:ADMXBacked>inetres.admx</MSFT:ADMXBacked>
+            <MSFT:ADMXCategory>inetres~AT~WindowsComponents~InternetExplorer</MSFT:ADMXCategory>
+            <MSFT:ADMXPolicyName>GeolocationDisable</MSFT:ADMXPolicyName>
+            <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
+          </DFProperties>
+        </Node>
         <Node>
           <NodeName>DisableHomePageChange</NodeName>
           <DFProperties>
@@ -13102,6 +13406,33 @@ Related policy:
             <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
           </DFProperties>
         </Node>
+        <Node>
+          <NodeName>DisableWebAddressAutoComplete</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Get />
+            </AccessType>
+            <DefaultValue></DefaultValue>
+            <Description></Description>
+            <DFFormat>
+              <chr/>
+            </DFFormat>
+            <Occurrence>
+              <One />
+            </Occurrence>
+            <Scope>
+              <Permanent />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+            <MSFT:NotSupportedOnPlatform>phone</MSFT:NotSupportedOnPlatform>
+            <MSFT:ADMXBacked>inetres.admx</MSFT:ADMXBacked>
+            <MSFT:ADMXCategory>inetres~AT~WindowsComponents~InternetExplorer</MSFT:ADMXCategory>
+            <MSFT:ADMXPolicyName>RestrictWebAddressSuggest</MSFT:ADMXPolicyName>
+            <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
+          </DFProperties>
+        </Node>
         <Node>
           <NodeName>DoNotAllowActiveXControlsInProtectedMode</NodeName>
           <DFProperties>
@@ -16558,6 +16889,33 @@ Related policy:
             <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
           </DFProperties>
         </Node>
+        <Node>
+          <NodeName>NewTabDefaultPage</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Get />
+            </AccessType>
+            <DefaultValue></DefaultValue>
+            <Description></Description>
+            <DFFormat>
+              <chr/>
+            </DFFormat>
+            <Occurrence>
+              <One />
+            </Occurrence>
+            <Scope>
+              <Permanent />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+            <MSFT:NotSupportedOnPlatform>phone</MSFT:NotSupportedOnPlatform>
+            <MSFT:ADMXBacked>inetres.admx</MSFT:ADMXBacked>
+            <MSFT:ADMXCategory>inetres~AT~WindowsComponents~InternetExplorer</MSFT:ADMXCategory>
+            <MSFT:ADMXPolicyName>NewTabAction</MSFT:ADMXPolicyName>
+            <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
+          </DFProperties>
+        </Node>
         <Node>
           <NodeName>NotificationBarInternetExplorerProcesses</NodeName>
           <DFProperties>
@@ -19148,7 +19506,7 @@ Related policy:
         <Permanent />
       </Scope>
       <DFType>
-        <MIME>com.microsoft/8.0/MDM/Policy</MIME>
+        <MIME>com.microsoft/9.0/MDM/Policy</MIME>
       </DFType>
     </DFProperties>
     <Node>
@@ -20830,6 +21188,30 @@ Related policy:
             </DFType>
           </DFProperties>
         </Node>
+        <Node>
+          <NodeName>ConfigureWebcamAccessDomainNames</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Add />
+              <Delete />
+              <Get />
+              <Replace />
+            </AccessType>
+            <Description>Specifies a list of domains that are allowed to access the webcam in CXH-based authentication scenarios.</Description>
+            <DFFormat>
+              <chr/>
+            </DFFormat>
+            <Occurrence>
+              <ZeroOrOne />
+            </Occurrence>
+            <Scope>
+              <Dynamic />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+          </DFProperties>
+        </Node>
         <Node>
           <NodeName>EnableFastFirstSignIn</NodeName>
           <DFProperties>
@@ -22414,12 +22796,12 @@ Related policy:
 
 If enabled, you must include URLs to the pages, separating multiple pages using angle brackets in the following format:
 
-      <support.contoso.com><support.microsoft.com>
+      &lt;support.contoso.com&gt;&lt;support.microsoft.com&gt;
 
 If disabled or not configured, the webpages specified in App settings loads as the default Start pages.
 
 Version 1703 or later:
-If you do not want to send traffic to Microsoft, enable this policy and use the <about:blank> value, which honors domain- and non-domain-joined devices, when it is the only configured URL.
+If you do not want to send traffic to Microsoft, enable this policy and use the &lt;about&#58;blank&gt; value, which honors domain- and non-domain-joined devices, when it is the only configured URL.
 
 Version 1809:
 If enabled, and you select either Start page, New Tab page, or previous page in the Configure Open Microsoft Edge With policy, Microsoft Edge ignores the Configure Start Pages policy. If not configured or you set the Configure Open Microsoft Edge With policy to a specific page or pages, Microsoft Edge uses the Configure Start Pages policy.
@@ -22647,11 +23029,11 @@ If disabled or not configured, extensions defined as part of this policy get ign
 Default setting:  Disabled or not configured
 Related policies: Allow Developer Tools
 Related Documents:
-- Find a package family name (PFN) for per-app VPN (https://docs.microsoft.com/sccm/protect/deploy-use/find-a-pfn-for-per-app-vpn)
-- How to manage apps you purchased from the Microsoft Store for Business with Microsoft Intune (https://docs.microsoft.com/intune/windows-store-for-business)
-- How to assign apps to groups with Microsoft Intune (https://docs.microsoft.com/intune/apps-deploy)
-- Manage apps from the Microsoft Store for Business with System Center Configuration Manager  (https://docs.microsoft.com/sccm/apps/deploy-use/manage-apps-from-the-windows-store-for-business)
-- How to add Windows line-of-business (LOB) apps to Microsoft Intune (https://docs.microsoft.com/intune/lob-apps-windows)</Description>
+- Find a package family name (PFN) for per-app VPN (https://docs.microsoft.com/en-us/sccm/protect/deploy-use/find-a-pfn-for-per-app-vpn)
+- How to manage apps you purchased from the Microsoft Store for Business with Microsoft Intune (https://docs.microsoft.com/en-us/intune/windows-store-for-business)
+- How to assign apps to groups with Microsoft Intune (https://docs.microsoft.com/en-us/intune/apps-deploy)
+- Manage apps from the Microsoft Store for Business with System Center Configuration Manager  (https://docs.microsoft.com/en-us/sccm/apps/deploy-use/manage-apps-from-the-windows-store-for-business)
+- How to add Windows line-of-business (LOB) apps to Microsoft Intune (https://docs.microsoft.com/en-us/intune/lob-apps-windows)</Description>
             <DFFormat>
               <chr/>
             </DFFormat>
@@ -23525,6 +23907,7 @@ Related policy:
         <DFProperties>
           <AccessType>
             <Add />
+            <Delete />
             <Get />
           </AccessType>
           <DFFormat>
@@ -24870,6 +25253,30 @@ Related policy:
             </DFType>
           </DFProperties>
         </Node>
+        <Node>
+          <NodeName>SecurityIntelligenceLocation</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Add />
+              <Delete />
+              <Get />
+              <Replace />
+            </AccessType>
+            <Description></Description>
+            <DFFormat>
+              <chr/>
+            </DFFormat>
+            <Occurrence>
+              <ZeroOrOne />
+            </Occurrence>
+            <Scope>
+              <Dynamic />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+          </DFProperties>
+        </Node>
         <Node>
           <NodeName>SignatureUpdateFallbackOrder</NodeName>
           <DFProperties>
@@ -25108,6 +25515,54 @@ Related policy:
             </DFType>
           </DFProperties>
         </Node>
+        <Node>
+          <NodeName>DODelayCacheServerFallbackBackground</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Add />
+              <Delete />
+              <Get />
+              <Replace />
+            </AccessType>
+            <Description></Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <ZeroOrOne />
+            </Occurrence>
+            <Scope>
+              <Dynamic />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+          </DFProperties>
+        </Node>
+        <Node>
+          <NodeName>DODelayCacheServerFallbackForeground</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Add />
+              <Delete />
+              <Get />
+              <Replace />
+            </AccessType>
+            <Description></Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <ZeroOrOne />
+            </Occurrence>
+            <Scope>
+              <Dynamic />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+          </DFProperties>
+        </Node>
         <Node>
           <NodeName>DODelayForegroundDownloadFromHttp</NodeName>
           <DFProperties>
@@ -25731,6 +26186,100 @@ Related policy:
           </DFProperties>
         </Node>
       </Node>
+      <Node>
+        <NodeName>DeviceHealthMonitoring</NodeName>
+        <DFProperties>
+          <AccessType>
+            <Add />
+            <Delete />
+            <Get />
+          </AccessType>
+          <DFFormat>
+            <node />
+          </DFFormat>
+          <Occurrence>
+            <ZeroOrOne />
+          </Occurrence>
+          <Scope>
+            <Dynamic />
+          </Scope>
+          <DFType>
+            <DDFName></DDFName>
+          </DFType>
+        </DFProperties>
+        <Node>
+          <NodeName>AllowDeviceHealthMonitoring</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Add />
+              <Delete />
+              <Get />
+              <Replace />
+            </AccessType>
+            <Description>Enable/disable 4Nines device health monitoring on devices.</Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <ZeroOrOne />
+            </Occurrence>
+            <Scope>
+              <Dynamic />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+          </DFProperties>
+        </Node>
+        <Node>
+          <NodeName>ConfigDeviceHealthMonitoringScope</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Add />
+              <Delete />
+              <Get />
+              <Replace />
+            </AccessType>
+            <Description>If the device is not opted-in to the DeviceHealthMonitoring service via the AllowDeviceHealthMonitoring then this policy has no meaning. For devices which are opted in, the value of this policy modifies which types of events are monitored.</Description>
+            <DFFormat>
+              <chr/>
+            </DFFormat>
+            <Occurrence>
+              <ZeroOrOne />
+            </Occurrence>
+            <Scope>
+              <Dynamic />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+          </DFProperties>
+        </Node>
+        <Node>
+          <NodeName>ConfigDeviceHealthMonitoringUploadDestination</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Add />
+              <Delete />
+              <Get />
+              <Replace />
+            </AccessType>
+            <Description>If the device is not opted-in to the DeviceHealthMonitoring service via the AllowDeviceHealthMonitoring then this policy has no meaning. For devices which are opted in, the value of this policy modifies which destinations are in-scope for monitored events to be uploaded.</Description>
+            <DFFormat>
+              <chr/>
+            </DFFormat>
+            <Occurrence>
+              <ZeroOrOne />
+            </Occurrence>
+            <Scope>
+              <Dynamic />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+          </DFProperties>
+        </Node>
+      </Node>
       <Node>
         <NodeName>DeviceInstallation</NodeName>
         <DFProperties>
@@ -27260,6 +27809,35 @@ Configure the minimum password age to be more than 0 if you want Enforce passwor
             </DFType>
           </DFProperties>
         </Node>
+        <Node>
+          <NodeName>ShowLockOnUserTile</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Add />
+              <Delete />
+              <Get />
+              <Replace />
+            </AccessType>
+            <Description>Shows or hides lock from the user tile menu.
+If you enable this policy setting, the lock option will be shown in the User Tile menu.
+
+If you disable this policy setting, the lock option will never be shown in the User Tile menu.
+
+If you do not configure this policy setting, users will be able to choose whether they want lock to show through the Power Options Control Panel.</Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <ZeroOrOne />
+            </Occurrence>
+            <Scope>
+              <Dynamic />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+          </DFProperties>
+        </Node>
       </Node>
       <Node>
         <NodeName>ExploitGuard</NodeName>
@@ -27634,6 +28212,30 @@ Configure the minimum password age to be more than 0 if you want Enforce passwor
             </DFType>
           </DFProperties>
         </Node>
+        <Node>
+          <NodeName>AllowEnhancedSuggestionsInAddressBar</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Add />
+              <Delete />
+              <Get />
+              <Replace />
+            </AccessType>
+            <Description></Description>
+            <DFFormat>
+              <chr/>
+            </DFFormat>
+            <Occurrence>
+              <ZeroOrOne />
+            </Occurrence>
+            <Scope>
+              <Dynamic />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+          </DFProperties>
+        </Node>
         <Node>
           <NodeName>AllowEnterpriseModeFromToolsMenu</NodeName>
           <DFProperties>
@@ -28162,6 +28764,30 @@ Configure the minimum password age to be more than 0 if you want Enforce passwor
             </DFType>
           </DFProperties>
         </Node>
+        <Node>
+          <NodeName>DisableActiveXVersionListAutoDownload</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Add />
+              <Delete />
+              <Get />
+              <Replace />
+            </AccessType>
+            <Description></Description>
+            <DFFormat>
+              <chr/>
+            </DFFormat>
+            <Occurrence>
+              <ZeroOrOne />
+            </Occurrence>
+            <Scope>
+              <Dynamic />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+          </DFProperties>
+        </Node>
         <Node>
           <NodeName>DisableAdobeFlash</NodeName>
           <DFProperties>
@@ -28234,6 +28860,30 @@ Configure the minimum password age to be more than 0 if you want Enforce passwor
             </DFType>
           </DFProperties>
         </Node>
+        <Node>
+          <NodeName>DisableCompatView</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Add />
+              <Delete />
+              <Get />
+              <Replace />
+            </AccessType>
+            <Description></Description>
+            <DFFormat>
+              <chr/>
+            </DFFormat>
+            <Occurrence>
+              <ZeroOrOne />
+            </Occurrence>
+            <Scope>
+              <Dynamic />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+          </DFProperties>
+        </Node>
         <Node>
           <NodeName>DisableConfiguringHistory</NodeName>
           <DFProperties>
@@ -28378,6 +29028,30 @@ Configure the minimum password age to be more than 0 if you want Enforce passwor
             </DFType>
           </DFProperties>
         </Node>
+        <Node>
+          <NodeName>DisableFeedsBackgroundSync</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Add />
+              <Delete />
+              <Get />
+              <Replace />
+            </AccessType>
+            <Description></Description>
+            <DFFormat>
+              <chr/>
+            </DFFormat>
+            <Occurrence>
+              <ZeroOrOne />
+            </Occurrence>
+            <Scope>
+              <Dynamic />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+          </DFProperties>
+        </Node>
         <Node>
           <NodeName>DisableFirstRunWizard</NodeName>
           <DFProperties>
@@ -28426,6 +29100,30 @@ Configure the minimum password age to be more than 0 if you want Enforce passwor
             </DFType>
           </DFProperties>
         </Node>
+        <Node>
+          <NodeName>DisableGeolocation</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Add />
+              <Delete />
+              <Get />
+              <Replace />
+            </AccessType>
+            <Description></Description>
+            <DFFormat>
+              <chr/>
+            </DFFormat>
+            <Occurrence>
+              <ZeroOrOne />
+            </Occurrence>
+            <Scope>
+              <Dynamic />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+          </DFProperties>
+        </Node>
         <Node>
           <NodeName>DisableIgnoringCertificateErrors</NodeName>
           <DFProperties>
@@ -28618,6 +29316,30 @@ Configure the minimum password age to be more than 0 if you want Enforce passwor
             </DFType>
           </DFProperties>
         </Node>
+        <Node>
+          <NodeName>DisableWebAddressAutoComplete</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Add />
+              <Delete />
+              <Get />
+              <Replace />
+            </AccessType>
+            <Description></Description>
+            <DFFormat>
+              <chr/>
+            </DFFormat>
+            <Occurrence>
+              <ZeroOrOne />
+            </Occurrence>
+            <Scope>
+              <Dynamic />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+          </DFProperties>
+        </Node>
         <Node>
           <NodeName>DoNotAllowActiveXControlsInProtectedMode</NodeName>
           <DFProperties>
@@ -31738,6 +32460,30 @@ Configure the minimum password age to be more than 0 if you want Enforce passwor
             </DFType>
           </DFProperties>
         </Node>
+        <Node>
+          <NodeName>NewTabDefaultPage</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Add />
+              <Delete />
+              <Get />
+              <Replace />
+            </AccessType>
+            <Description></Description>
+            <DFFormat>
+              <chr/>
+            </DFFormat>
+            <Occurrence>
+              <ZeroOrOne />
+            </Occurrence>
+            <Scope>
+              <Dynamic />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+          </DFProperties>
+        </Node>
         <Node>
           <NodeName>NotificationBarInternetExplorerProcesses</NodeName>
           <DFProperties>
@@ -34140,7 +34886,8 @@ Default: This policy is not defined and CD-ROM access is not restricted to the l
             <Description>Interactive Logon:Display user information when the session is locked
 User display name, domain and user names (1)
 User display name only (2)
-Do not display user information (3)</Description>
+Do not display user information (3)
+Domain and user names only (4)</Description>
             <DFFormat>
               <int/>
             </DFFormat>
@@ -35488,52 +36235,6 @@ The options are:
           </DFProperties>
         </Node>
       </Node>
-      <Node>
-        <NodeName>Location</NodeName>
-        <DFProperties>
-          <AccessType>
-            <Add />
-            <Delete />
-            <Get />
-          </AccessType>
-          <DFFormat>
-            <node />
-          </DFFormat>
-          <Occurrence>
-            <ZeroOrOne />
-          </Occurrence>
-          <Scope>
-            <Dynamic />
-          </Scope>
-          <DFType>
-            <DDFName></DDFName>
-          </DFType>
-        </DFProperties>
-        <Node>
-          <NodeName>EnableLocation</NodeName>
-          <DFProperties>
-            <AccessType>
-              <Add />
-              <Delete />
-              <Get />
-              <Replace />
-            </AccessType>
-            <Description></Description>
-            <DFFormat>
-              <int/>
-            </DFFormat>
-            <Occurrence>
-              <ZeroOrOne />
-            </Occurrence>
-            <Scope>
-              <Dynamic />
-            </Scope>
-            <DFType>
-              <MIME>text/plain</MIME>
-            </DFType>
-          </DFProperties>
-        </Node>
-      </Node>
       <Node>
         <NodeName>LockDown</NodeName>
         <DFProperties>
@@ -36405,6 +37106,62 @@ The options are:
             </DFType>
           </DFProperties>
         </Node>
+        <Node>
+          <NodeName>EnergySaverBatteryThresholdOnBattery</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Add />
+              <Delete />
+              <Get />
+              <Replace />
+            </AccessType>
+            <Description>This policy setting allows you to specify battery charge level at which Energy Saver is turned on.
+
+If you enable this policy setting, you must provide a percent value, indicating the battery charge level. Energy Saver will be automatically turned on at (and below) the specified level.
+
+If you disable or do not configure this policy setting, users control this setting.</Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <ZeroOrOne />
+            </Occurrence>
+            <Scope>
+              <Dynamic />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+          </DFProperties>
+        </Node>
+        <Node>
+          <NodeName>EnergySaverBatteryThresholdPluggedIn</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Add />
+              <Delete />
+              <Get />
+              <Replace />
+            </AccessType>
+            <Description>This policy setting allows you to specify battery charge level at which Energy Saver is turned on.
+
+If you enable this policy setting, you must provide a percent value, indicating the battery charge level. Energy Saver will be automatically turned on at (and below) the specified level.
+
+If you disable or do not configure this policy setting, users control this setting.</Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <ZeroOrOne />
+            </Occurrence>
+            <Scope>
+              <Dynamic />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+          </DFProperties>
+        </Node>
         <Node>
           <NodeName>HibernateTimeoutOnBattery</NodeName>
           <DFProperties>
@@ -36501,6 +37258,210 @@ The options are:
             </DFType>
           </DFProperties>
         </Node>
+        <Node>
+          <NodeName>SelectLidCloseActionOnBattery</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Add />
+              <Delete />
+              <Get />
+              <Replace />
+            </AccessType>
+            <Description>This policy setting specifies the action that Windows takes when a user closes the lid on a mobile PC.
+
+Possible actions include:
+0 - Take no action
+1 - Sleep
+2 - Hibernate
+3 - Shut down
+
+If you enable this policy setting, you must select the desired action.
+
+If you disable this policy setting or do not configure it, users can see and change this setting.</Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <ZeroOrOne />
+            </Occurrence>
+            <Scope>
+              <Dynamic />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+          </DFProperties>
+        </Node>
+        <Node>
+          <NodeName>SelectLidCloseActionPluggedIn</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Add />
+              <Delete />
+              <Get />
+              <Replace />
+            </AccessType>
+            <Description>This policy setting specifies the action that Windows takes when a user closes the lid on a mobile PC.
+
+Possible actions include:
+0 - Take no action
+1 - Sleep
+2 - Hibernate
+3 - Shut down
+
+If you enable this policy setting, you must select the desired action.
+
+If you disable this policy setting or do not configure it, users can see and change this setting.</Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <ZeroOrOne />
+            </Occurrence>
+            <Scope>
+              <Dynamic />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+          </DFProperties>
+        </Node>
+        <Node>
+          <NodeName>SelectPowerButtonActionOnBattery</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Add />
+              <Delete />
+              <Get />
+              <Replace />
+            </AccessType>
+            <Description>This policy setting specifies the action that Windows takes when a user presses the power button. 
+
+Possible actions include:
+0 - Take no action
+1 - Sleep
+2 - Hibernate
+3 - Shut down
+
+If you enable this policy setting, you must select the desired action.
+
+If you disable this policy setting or do not configure it, users can see and change this setting.</Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <ZeroOrOne />
+            </Occurrence>
+            <Scope>
+              <Dynamic />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+          </DFProperties>
+        </Node>
+        <Node>
+          <NodeName>SelectPowerButtonActionPluggedIn</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Add />
+              <Delete />
+              <Get />
+              <Replace />
+            </AccessType>
+            <Description>This policy setting specifies the action that Windows takes when a user presses the power button. 
+
+Possible actions include:
+0 - Take no action
+1 - Sleep
+2 - Hibernate
+3 - Shut down
+
+If you enable this policy setting, you must select the desired action.
+
+If you disable this policy setting or do not configure it, users can see and change this setting.</Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <ZeroOrOne />
+            </Occurrence>
+            <Scope>
+              <Dynamic />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+          </DFProperties>
+        </Node>
+        <Node>
+          <NodeName>SelectSleepButtonActionOnBattery</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Add />
+              <Delete />
+              <Get />
+              <Replace />
+            </AccessType>
+            <Description>This policy setting specifies the action that Windows takes when a user presses the sleep button.
+
+Possible actions include:
+0 - Take no action
+1 - Sleep
+2 - Hibernate
+3 - Shut down
+
+If you enable this policy setting, you must select the desired action.
+
+If you disable this policy setting or do not configure it, users can see and change this setting.</Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <ZeroOrOne />
+            </Occurrence>
+            <Scope>
+              <Dynamic />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+          </DFProperties>
+        </Node>
+        <Node>
+          <NodeName>SelectSleepButtonActionPluggedIn</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Add />
+              <Delete />
+              <Get />
+              <Replace />
+            </AccessType>
+            <Description>This policy setting specifies the action that Windows takes when a user presses the sleep button.
+
+Possible actions include:
+0 - Take no action
+1 - Sleep
+2 - Hibernate
+3 - Shut down
+
+If you enable this policy setting, you must select the desired action.
+
+If you disable this policy setting or do not configure it, users can see and change this setting.</Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <ZeroOrOne />
+            </Occurrence>
+            <Scope>
+              <Dynamic />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+          </DFProperties>
+        </Node>
         <Node>
           <NodeName>StandbyTimeoutOnBattery</NodeName>
           <DFProperties>
@@ -36549,6 +37510,122 @@ The options are:
             </DFType>
           </DFProperties>
         </Node>
+        <Node>
+          <NodeName>TurnOffHybridSleepOnBattery</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Add />
+              <Delete />
+              <Get />
+              <Replace />
+            </AccessType>
+            <Description>This policy setting allows you to turn off hybrid sleep.
+
+If you set this to 0, a hiberfile is not generated when the system transitions to sleep (Stand By).
+
+If you do not configure this policy setting, users control this setting.</Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <ZeroOrOne />
+            </Occurrence>
+            <Scope>
+              <Dynamic />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+          </DFProperties>
+        </Node>
+        <Node>
+          <NodeName>TurnOffHybridSleepPluggedIn</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Add />
+              <Delete />
+              <Get />
+              <Replace />
+            </AccessType>
+            <Description>This policy setting allows you to turn off hybrid sleep.
+
+If you set this to 0, a hiberfile is not generated when the system transitions to sleep (Stand By).
+
+If you do not configure this policy setting, users control this setting.</Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <ZeroOrOne />
+            </Occurrence>
+            <Scope>
+              <Dynamic />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+          </DFProperties>
+        </Node>
+        <Node>
+          <NodeName>UnattendedSleepTimeoutOnBattery</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Add />
+              <Delete />
+              <Get />
+              <Replace />
+            </AccessType>
+            <Description>This policy setting allows you to specify the period of inactivity before Windows transitions to sleep automatically when a user is not present at the computer.
+
+If you enable this policy setting, you must provide a value, in seconds, indicating how much idle time should elapse before Windows automatically transitions to sleep when left unattended.  If you specify 0 seconds, Windows does not automatically transition to sleep.
+
+If you disable or do not configure this policy setting, users control this setting.
+
+If the user has configured a slide show to run on the lock screen when the machine is locked, this can prevent the sleep transition from occuring.  The &quot;Prevent enabling lock screen slide show&quot; policy setting can be used to disable the slide show feature.</Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <ZeroOrOne />
+            </Occurrence>
+            <Scope>
+              <Dynamic />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+          </DFProperties>
+        </Node>
+        <Node>
+          <NodeName>UnattendedSleepTimeoutPluggedIn</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Add />
+              <Delete />
+              <Get />
+              <Replace />
+            </AccessType>
+            <Description>This policy setting allows you to specify the period of inactivity before Windows transitions to sleep automatically when a user is not present at the computer.
+
+If you enable this policy setting, you must provide a value, in seconds, indicating how much idle time should elapse before Windows automatically transitions to sleep when left unattended.  If you specify 0 seconds, Windows does not automatically transition to sleep.
+
+If you disable or do not configure this policy setting, users control this setting.
+
+If the user has configured a slide show to run on the lock screen when the machine is locked, this can prevent the sleep transition from occuring.  The &quot;Prevent enabling lock screen slide show&quot; policy setting can be used to disable the slide show feature.</Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <ZeroOrOne />
+            </Occurrence>
+            <Scope>
+              <Dynamic />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+          </DFProperties>
+        </Node>
       </Node>
       <Node>
         <NodeName>Printers</NodeName>
@@ -38321,6 +39398,54 @@ The options are:
             </DFType>
           </DFProperties>
         </Node>
+        <Node>
+          <NodeName>LetAppsActivateWithVoice</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Add />
+              <Delete />
+              <Get />
+              <Replace />
+            </AccessType>
+            <Description>This policy setting specifies whether Windows apps can be activated by voice.</Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <ZeroOrOne />
+            </Occurrence>
+            <Scope>
+              <Dynamic />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+          </DFProperties>
+        </Node>
+        <Node>
+          <NodeName>LetAppsActivateWithVoiceAboveLock</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Add />
+              <Delete />
+              <Get />
+              <Replace />
+            </AccessType>
+            <Description>This policy setting specifies whether Windows apps can be activated by voice while the system is locked.</Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <ZeroOrOne />
+            </Occurrence>
+            <Scope>
+              <Dynamic />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+          </DFProperties>
+        </Node>
         <Node>
           <NodeName>LetAppsGetDiagnosticInfo</NodeName>
           <DFProperties>
@@ -39700,6 +40825,30 @@ Caution: If a Restricted Groups policy is applied, any current member not on the
             </DFType>
           </DFProperties>
         </Node>
+        <Node>
+          <NodeName>AllowFindMyFiles</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Add />
+              <Delete />
+              <Get />
+              <Replace />
+            </AccessType>
+            <Description>This feature allows you to disable find my files completely on the machine</Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <ZeroOrOne />
+            </Occurrence>
+            <Scope>
+              <Dynamic />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+          </DFProperties>
+        </Node>
         <Node>
           <NodeName>AllowIndexingEncryptedStoresOrItems</NodeName>
           <DFProperties>
@@ -40275,6 +41424,52 @@ Caution: If a Restricted Groups policy is applied, any current member not on the
           </DFProperties>
         </Node>
       </Node>
+      <Node>
+        <NodeName>ServiceControlManager</NodeName>
+        <DFProperties>
+          <AccessType>
+            <Add />
+            <Delete />
+            <Get />
+          </AccessType>
+          <DFFormat>
+            <node />
+          </DFFormat>
+          <Occurrence>
+            <ZeroOrOne />
+          </Occurrence>
+          <Scope>
+            <Dynamic />
+          </Scope>
+          <DFType>
+            <DDFName></DDFName>
+          </DFType>
+        </DFProperties>
+        <Node>
+          <NodeName>SvchostProcessMitigation</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Add />
+              <Delete />
+              <Get />
+              <Replace />
+            </AccessType>
+            <Description></Description>
+            <DFFormat>
+              <chr/>
+            </DFFormat>
+            <Occurrence>
+              <ZeroOrOne />
+            </Occurrence>
+            <Scope>
+              <Dynamic />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+          </DFProperties>
+        </Node>
+      </Node>
       <Node>
         <NodeName>Settings</NodeName>
         <DFProperties>
@@ -41512,6 +42707,150 @@ Caution: If a Restricted Groups policy is applied, any current member not on the
             </DFType>
           </DFProperties>
         </Node>
+        <Node>
+          <NodeName>AllowStorageSenseGlobal</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Add />
+              <Delete />
+              <Get />
+              <Replace />
+            </AccessType>
+            <Description></Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <ZeroOrOne />
+            </Occurrence>
+            <Scope>
+              <Dynamic />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+          </DFProperties>
+        </Node>
+        <Node>
+          <NodeName>AllowStorageSenseTemporaryFilesCleanup</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Add />
+              <Delete />
+              <Get />
+              <Replace />
+            </AccessType>
+            <Description></Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <ZeroOrOne />
+            </Occurrence>
+            <Scope>
+              <Dynamic />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+          </DFProperties>
+        </Node>
+        <Node>
+          <NodeName>ConfigStorageSenseCloudContentDehydrationThreshold</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Add />
+              <Delete />
+              <Get />
+              <Replace />
+            </AccessType>
+            <Description></Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <ZeroOrOne />
+            </Occurrence>
+            <Scope>
+              <Dynamic />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+          </DFProperties>
+        </Node>
+        <Node>
+          <NodeName>ConfigStorageSenseDownloadsCleanupThreshold</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Add />
+              <Delete />
+              <Get />
+              <Replace />
+            </AccessType>
+            <Description></Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <ZeroOrOne />
+            </Occurrence>
+            <Scope>
+              <Dynamic />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+          </DFProperties>
+        </Node>
+        <Node>
+          <NodeName>ConfigStorageSenseGlobalCadence</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Add />
+              <Delete />
+              <Get />
+              <Replace />
+            </AccessType>
+            <Description></Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <ZeroOrOne />
+            </Occurrence>
+            <Scope>
+              <Dynamic />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+          </DFProperties>
+        </Node>
+        <Node>
+          <NodeName>ConfigStorageSenseRecycleBinCleanupThreshold</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Add />
+              <Delete />
+              <Get />
+              <Replace />
+            </AccessType>
+            <Description></Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <ZeroOrOne />
+            </Occurrence>
+            <Scope>
+              <Dynamic />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+          </DFProperties>
+        </Node>
         <Node>
           <NodeName>EnhancedStorageDevices</NodeName>
           <DFProperties>
@@ -41606,6 +42945,30 @@ Caution: If a Restricted Groups policy is applied, any current member not on the
             </DFType>
           </DFProperties>
         </Node>
+        <Node>
+          <NodeName>AllowCommercialDataPipeline</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Add />
+              <Delete />
+              <Get />
+              <Replace />
+            </AccessType>
+            <Description></Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <ZeroOrOne />
+            </Occurrence>
+            <Scope>
+              <Dynamic />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+          </DFProperties>
+        </Node>
         <Node>
           <NodeName>AllowDeviceNameInDiagnosticData</NodeName>
           <DFProperties>
@@ -41942,6 +43305,30 @@ Caution: If a Restricted Groups policy is applied, any current member not on the
             </DFType>
           </DFProperties>
         </Node>
+        <Node>
+          <NodeName>DisableDirectXDatabaseUpdate</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Add />
+              <Delete />
+              <Get />
+              <Replace />
+            </AccessType>
+            <Description>This group policy allows control over whether the DirectX Database Updater task will be run on the system.</Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <ZeroOrOne />
+            </Occurrence>
+            <Scope>
+              <Dynamic />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+          </DFProperties>
+        </Node>
         <Node>
           <NodeName>DisableEnterpriseAuthProxy</NodeName>
           <DFProperties>
@@ -42086,6 +43473,34 @@ Caution: If a Restricted Groups policy is applied, any current member not on the
             </DFType>
           </DFProperties>
         </Node>
+        <Node>
+          <NodeName>TurnOffFileHistory</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Add />
+              <Delete />
+              <Get />
+              <Replace />
+            </AccessType>
+            <Description>This policy setting allows you to turn off File History.
+
+If you enable this policy setting, File History cannot be activated to create regular, automatic backups.
+
+If you disable or do not configure this policy setting, File History can be activated to create regular, automatic backups.</Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <ZeroOrOne />
+            </Occurrence>
+            <Scope>
+              <Dynamic />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+          </DFProperties>
+        </Node>
       </Node>
       <Node>
         <NodeName>SystemServices</NodeName>
@@ -42964,6 +44379,85 @@ Caution: If a Restricted Groups policy is applied, any current member not on the
             </DFType>
           </DFProperties>
         </Node>
+        <Node>
+          <NodeName>ConfigureTimeZone</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Add />
+              <Delete />
+              <Get />
+              <Replace />
+            </AccessType>
+            <Description>Specifies the time zone to be applied to the device.  This is the standard Windows name for the target time zone.</Description>
+            <DFFormat>
+              <chr/>
+            </DFFormat>
+            <Occurrence>
+              <ZeroOrOne />
+            </Occurrence>
+            <Scope>
+              <Dynamic />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+          </DFProperties>
+        </Node>
+      </Node>
+      <Node>
+        <NodeName>Troubleshooting</NodeName>
+        <DFProperties>
+          <AccessType>
+            <Add />
+            <Delete />
+            <Get />
+          </AccessType>
+          <DFFormat>
+            <node />
+          </DFFormat>
+          <Occurrence>
+            <ZeroOrOne />
+          </Occurrence>
+          <Scope>
+            <Dynamic />
+          </Scope>
+          <DFType>
+            <DDFName></DDFName>
+          </DFType>
+        </DFProperties>
+        <Node>
+          <NodeName>AllowRecommendations</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Add />
+              <Delete />
+              <Get />
+              <Replace />
+            </AccessType>
+            <Description>This policy setting applies recommended troubleshooting for known problems on the device and lets administrators configure how it&apos;s applied to their domains/IT environments.
+Not configuring this policy setting will allow the user to configure if and how recommended troubleshooting is applied.
+
+Enabling this policy allows you to configure how recommended troubleshooting is applied on the user&apos;s device. You can select from one of the following values:
+0 = Turn this feature off.
+1 = Turn this feature off but still apply critical troubleshooting.
+2 = Notify users when recommended troubleshooting is available, then allow the user to run or ignore it.
+3 = Run recommended troubleshooting automatically and notify the user after it&apos;s been successfully run.
+4 = Run recommended troubleshooting automatically without notifying the user.
+5 = Allow the user to choose their own recommended troubleshooting settings.</Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <ZeroOrOne />
+            </Occurrence>
+            <Scope>
+              <Dynamic />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+          </DFProperties>
+        </Node>
       </Node>
       <Node>
         <NodeName>Update</NodeName>
@@ -43178,6 +44672,36 @@ Caution: If a Restricted Groups policy is applied, any current member not on the
             </DFType>
           </DFProperties>
         </Node>
+        <Node>
+          <NodeName>AutomaticMaintenanceWakeUp</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Add />
+              <Delete />
+              <Get />
+              <Replace />
+            </AccessType>
+            <Description>This policy setting allows you to configure Automatic Maintenance wake up policy.
+
+The maintenance wakeup policy specifies if Automatic Maintenance should make a wake request to the OS for the daily scheduled maintenance. Note, that if the OS power wake policy is explicitly disabled, then this setting has no effect.
+
+If you enable this policy setting, Automatic Maintenance will attempt to set OS wake policy and make a wake request for the daily scheduled time, if required.
+
+If you disable or do not configure this policy setting, the wake setting as specified in Security and Maintenance/Automatic Maintenance Control Panel will apply.</Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <ZeroOrOne />
+            </Occurrence>
+            <Scope>
+              <Dynamic />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+          </DFProperties>
+        </Node>
         <Node>
           <NodeName>AutoRestartDeadlinePeriodInDays</NodeName>
           <DFProperties>
@@ -43298,6 +44822,102 @@ Caution: If a Restricted Groups policy is applied, any current member not on the
             </DFType>
           </DFProperties>
         </Node>
+        <Node>
+          <NodeName>ConfigureDeadlineForFeatureUpdates</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Add />
+              <Delete />
+              <Get />
+              <Replace />
+            </AccessType>
+            <Description></Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <ZeroOrOne />
+            </Occurrence>
+            <Scope>
+              <Dynamic />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+          </DFProperties>
+        </Node>
+        <Node>
+          <NodeName>ConfigureDeadlineForQualityUpdates</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Add />
+              <Delete />
+              <Get />
+              <Replace />
+            </AccessType>
+            <Description></Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <ZeroOrOne />
+            </Occurrence>
+            <Scope>
+              <Dynamic />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+          </DFProperties>
+        </Node>
+        <Node>
+          <NodeName>ConfigureDeadlineGracePeriod</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Add />
+              <Delete />
+              <Get />
+              <Replace />
+            </AccessType>
+            <Description></Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <ZeroOrOne />
+            </Occurrence>
+            <Scope>
+              <Dynamic />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+          </DFProperties>
+        </Node>
+        <Node>
+          <NodeName>ConfigureDeadlineNoAutoReboot</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Add />
+              <Delete />
+              <Get />
+              <Replace />
+            </AccessType>
+            <Description></Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <ZeroOrOne />
+            </Occurrence>
+            <Scope>
+              <Dynamic />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+          </DFProperties>
+        </Node>
         <Node>
           <NodeName>ConfigureFeatureUpdateUninstallPeriod</NodeName>
           <DFProperties>
@@ -45882,6 +47502,54 @@ Because of these factors, users do not usually need this user right. Warning: If
             <DDFName></DDFName>
           </DFType>
         </DFProperties>
+        <Node>
+          <NodeName>AllowAutomaticRestartSignOn</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Add />
+              <Delete />
+              <Get />
+              <Replace />
+            </AccessType>
+            <Description></Description>
+            <DFFormat>
+              <chr/>
+            </DFFormat>
+            <Occurrence>
+              <ZeroOrOne />
+            </Occurrence>
+            <Scope>
+              <Dynamic />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+          </DFProperties>
+        </Node>
+        <Node>
+          <NodeName>ConfigAutomaticRestartSignOn</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Add />
+              <Delete />
+              <Get />
+              <Replace />
+            </AccessType>
+            <Description></Description>
+            <DFFormat>
+              <chr/>
+            </DFFormat>
+            <Occurrence>
+              <ZeroOrOne />
+            </Occurrence>
+            <Scope>
+              <Dynamic />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+          </DFProperties>
+        </Node>
         <Node>
           <NodeName>DisableLockScreenAppNotifications</NodeName>
           <DFProperties>
@@ -45930,6 +47598,38 @@ Because of these factors, users do not usually need this user right. Warning: If
             </DFType>
           </DFProperties>
         </Node>
+        <Node>
+          <NodeName>EnableFirstLogonAnimation</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Add />
+              <Delete />
+              <Get />
+              <Replace />
+            </AccessType>
+            <Description>This policy setting allows you to control whether users see the first sign-in animation when signing in to the computer for the first time.  This applies to both the first user of the computer who completes the initial setup and users who are added to the computer later.  It also controls if Microsoft account users will be offered the opt-in prompt for services during their first sign-in.
+
+If you enable this policy setting, Microsoft account users will see the opt-in prompt for services, and users with other accounts will see the sign-in animation.
+
+If you disable this policy setting, users will not see the animation and Microsoft account users will not see the opt-in prompt for services.
+
+If you do not configure this policy setting, the user who completes the initial Windows setup will see the animation during their first sign-in. If the first user had already completed the initial setup and this policy setting is not configured, users new to this computer will not see the animation.
+
+Note: The first sign-in animation will not be shown on Server, so this policy will have no effect.</Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <ZeroOrOne />
+            </Occurrence>
+            <Scope>
+              <Dynamic />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+          </DFProperties>
+        </Node>
         <Node>
           <NodeName>EnumerateLocalUsersOnDomainJoinedComputers</NodeName>
           <DFProperties>
@@ -45978,30 +47678,6 @@ Because of these factors, users do not usually need this user right. Warning: If
             </DFType>
           </DFProperties>
         </Node>
-        <Node>
-          <NodeName>SignInLastInteractiveUserAutomaticallyAfterASystemInitiatedRestart</NodeName>
-          <DFProperties>
-            <AccessType>
-              <Add />
-              <Delete />
-              <Get />
-              <Replace />
-            </AccessType>
-            <Description></Description>
-            <DFFormat>
-              <chr/>
-            </DFFormat>
-            <Occurrence>
-              <ZeroOrOne />
-            </Occurrence>
-            <Scope>
-              <Dynamic />
-            </Scope>
-            <DFType>
-              <MIME>text/plain</MIME>
-            </DFType>
-          </DFProperties>
-        </Node>
       </Node>
       <Node>
         <NodeName>WindowsPowerShell</NodeName>
@@ -47993,6 +49669,30 @@ Because of these factors, users do not usually need this user right. Warning: If
             <MSFT:ConflictResolution>LowestValueMostSecure</MSFT:ConflictResolution>
           </DFProperties>
         </Node>
+        <Node>
+          <NodeName>ConfigureWebcamAccessDomainNames</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Get />
+            </AccessType>
+            <DefaultValue></DefaultValue>
+            <Description>Specifies a list of domains that are allowed to access the webcam in CXH-based authentication scenarios.</Description>
+            <DFFormat>
+              <chr/>
+            </DFFormat>
+            <Occurrence>
+              <One />
+            </Occurrence>
+            <Scope>
+              <Permanent />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+            <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
+            <MSFT:SubStringSeparatorChar>;</MSFT:SubStringSeparatorChar>
+          </DFProperties>
+        </Node>
         <Node>
           <NodeName>EnableFastFirstSignIn</NodeName>
           <DFProperties>
@@ -49356,7 +51056,7 @@ Due to Protected Settings (aka.ms/browserpolicy), this policy will only apply on
             <AccessType>
               <Get />
             </AccessType>
-            <DefaultValue></DefaultValue>
+            <DefaultValue>0</DefaultValue>
             <Description>The favorites bar shows your user&apos;s links to sites they have added to it. With this policy, you can specify whether to set the favorites bar to always be visible or hidden on any page.
 
 If enabled, favorites bar is always visible on any page, and the favorites bar toggle in Settings sets to On, but disabled preventing your users from making changes. An error message also shows at the top of the Settings pane indicating that your organization manages some settings. The show bar/hide bar option is hidden from the context menu.
@@ -49724,12 +51424,12 @@ Related policy:
 
 If enabled, you must include URLs to the pages, separating multiple pages using angle brackets in the following format:
 
-      <support.contoso.com><support.microsoft.com>
+      &lt;support.contoso.com&gt;&lt;support.microsoft.com&gt;
 
 If disabled or not configured, the webpages specified in App settings loads as the default Start pages.
 
 Version 1703 or later:
-If you do not want to send traffic to Microsoft, enable this policy and use the <about:blank> value, which honors domain- and non-domain-joined devices, when it is the only configured URL.
+If you do not want to send traffic to Microsoft, enable this policy and use the &lt;about&#58;blank&gt; value, which honors domain- and non-domain-joined devices, when it is the only configured URL.
 
 Version 1809:
 If enabled, and you select either Start page, New Tab page, or previous page in the Configure Open Microsoft Edge With policy, Microsoft Edge ignores the Configure Start Pages policy. If not configured or you set the Configure Open Microsoft Edge With policy to a specific page or pages, Microsoft Edge uses the Configure Start Pages policy.
@@ -49983,11 +51683,11 @@ If disabled or not configured, extensions defined as part of this policy get ign
 Default setting:  Disabled or not configured
 Related policies: Allow Developer Tools
 Related Documents:
-- Find a package family name (PFN) for per-app VPN (https://docs.microsoft.com/sccm/protect/deploy-use/find-a-pfn-for-per-app-vpn)
-- How to manage apps you purchased from the Microsoft Store for Business with Microsoft Intune (https://docs.microsoft.com/intune/windows-store-for-business)
-- How to assign apps to groups with Microsoft Intune (https://docs.microsoft.com/intune/apps-deploy)
-- Manage apps from the Microsoft Store for Business with System Center Configuration Manager  (https://docs.microsoft.com/sccm/apps/deploy-use/manage-apps-from-the-windows-store-for-business)
-- How to add Windows line-of-business (LOB) apps to Microsoft Intune (https://docs.microsoft.com/intune/lob-apps-windows)</Description>
+- Find a package family name (PFN) for per-app VPN (https://docs.microsoft.com/en-us/sccm/protect/deploy-use/find-a-pfn-for-per-app-vpn)
+- How to manage apps you purchased from the Microsoft Store for Business with Microsoft Intune (https://docs.microsoft.com/en-us/intune/windows-store-for-business)
+- How to assign apps to groups with Microsoft Intune (https://docs.microsoft.com/en-us/intune/apps-deploy)
+- Manage apps from the Microsoft Store for Business with System Center Configuration Manager  (https://docs.microsoft.com/en-us/sccm/apps/deploy-use/manage-apps-from-the-windows-store-for-business)
+- How to add Windows line-of-business (LOB) apps to Microsoft Intune (https://docs.microsoft.com/en-us/intune/lob-apps-windows)</Description>
             <DFFormat>
               <chr/>
             </DFFormat>
@@ -52448,6 +54148,34 @@ Related policy:
             <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
           </DFProperties>
         </Node>
+        <Node>
+          <NodeName>SecurityIntelligenceLocation</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Get />
+            </AccessType>
+            <DefaultValue></DefaultValue>
+            <Description></Description>
+            <DFFormat>
+              <chr/>
+            </DFFormat>
+            <Occurrence>
+              <One />
+            </Occurrence>
+            <Scope>
+              <Permanent />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+            <MSFT:NotSupportedOnPlatform>phone</MSFT:NotSupportedOnPlatform>
+            <MSFT:ADMXMapped>WindowsDefender.admx</MSFT:ADMXMapped>
+            <MSFT:ADMXMappedElement>SignatureUpdate_SharedSignaturesLocation</MSFT:ADMXMappedElement>
+            <MSFT:ADMXCategory>WindowsDefender~AT~WindowsComponents~AntiSpywareDefender~SignatureUpdate</MSFT:ADMXCategory>
+            <MSFT:ADMXPolicyName>SignatureUpdate_SharedSignaturesLocation</MSFT:ADMXPolicyName>
+            <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
+          </DFProperties>
+        </Node>
         <Node>
           <NodeName>SignatureUpdateFallbackOrder</NodeName>
           <DFProperties>
@@ -52721,6 +54449,62 @@ Related policy:
             <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
           </DFProperties>
         </Node>
+        <Node>
+          <NodeName>DODelayCacheServerFallbackBackground</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Get />
+            </AccessType>
+            <DefaultValue>0</DefaultValue>
+            <Description></Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <One />
+            </Occurrence>
+            <Scope>
+              <Permanent />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+            <MSFT:SupportedValues low="0" high="2592000"></MSFT:SupportedValues>
+            <MSFT:ADMXMapped>DeliveryOptimization.admx</MSFT:ADMXMapped>
+            <MSFT:ADMXMappedElement>DelayCacheServerFallbackBackground</MSFT:ADMXMappedElement>
+            <MSFT:ADMXCategory>DeliveryOptimization~AT~WindowsComponents~DeliveryOptimizationCat</MSFT:ADMXCategory>
+            <MSFT:ADMXPolicyName>DelayCacheServerFallbackBackground</MSFT:ADMXPolicyName>
+            <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
+          </DFProperties>
+        </Node>
+        <Node>
+          <NodeName>DODelayCacheServerFallbackForeground</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Get />
+            </AccessType>
+            <DefaultValue>0</DefaultValue>
+            <Description></Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <One />
+            </Occurrence>
+            <Scope>
+              <Permanent />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+            <MSFT:SupportedValues low="0" high="2592000"></MSFT:SupportedValues>
+            <MSFT:ADMXMapped>DeliveryOptimization.admx</MSFT:ADMXMapped>
+            <MSFT:ADMXMappedElement>DelayCacheServerFallbackForeground</MSFT:ADMXMappedElement>
+            <MSFT:ADMXCategory>DeliveryOptimization~AT~WindowsComponents~DeliveryOptimizationCat</MSFT:ADMXCategory>
+            <MSFT:ADMXPolicyName>DelayCacheServerFallbackForeground</MSFT:ADMXPolicyName>
+            <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
+          </DFProperties>
+        </Node>
         <Node>
           <NodeName>DODelayForegroundDownloadFromHttp</NodeName>
           <DFProperties>
@@ -52824,7 +54608,7 @@ Related policy:
             <DFType>
               <MIME>text/plain</MIME>
             </DFType>
-            <MSFT:SupportedValues low="0" high="4"></MSFT:SupportedValues>
+            <MSFT:SupportedValues low="0" high="5"></MSFT:SupportedValues>
             <MSFT:ADMXMapped>DeliveryOptimization.admx</MSFT:ADMXMapped>
             <MSFT:ADMXMappedElement>GroupIdSource</MSFT:ADMXMappedElement>
             <MSFT:ADMXCategory>DeliveryOptimization~AT~WindowsComponents~DeliveryOptimizationCat</MSFT:ADMXCategory>
@@ -53272,9 +55056,6 @@ Related policy:
             <DFType>
               <MIME>text/plain</MIME>
             </DFType>
-            <MSFT:ADMXBacked>DeliveryOptimization.admx</MSFT:ADMXBacked>
-            <MSFT:ADMXCategory>DeliveryOptimization~AT~WindowsComponents~DeliveryOptimizationCat</MSFT:ADMXCategory>
-            <MSFT:ADMXPolicyName>SetHoursToLimitBackgroundDownloadBandwidth</MSFT:ADMXPolicyName>
             <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
             <MSFT:XMLSchema><![CDATA[<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema">
                 <xs:simpleType name="hours">
@@ -53307,7 +55088,7 @@ Related policy:
                             <xs:element
                                 name="PercentageMaxDownloadBandwidthOut"
                                 type="percent"
-                        />
+                            />
                         </xs:sequence>
                     </xs:complexType>
                 </xs:element>
@@ -53334,9 +55115,6 @@ Related policy:
             <DFType>
               <MIME>text/plain</MIME>
             </DFType>
-            <MSFT:ADMXBacked>DeliveryOptimization.admx</MSFT:ADMXBacked>
-            <MSFT:ADMXCategory>DeliveryOptimization~AT~WindowsComponents~DeliveryOptimizationCat</MSFT:ADMXCategory>
-            <MSFT:ADMXPolicyName>SetHoursToLimitForegroundDownloadBandwidth</MSFT:ADMXPolicyName>
             <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
             <MSFT:XMLSchema><![CDATA[<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema">
                 <xs:simpleType name="hours">
@@ -53369,7 +55147,7 @@ Related policy:
                             <xs:element
                                 name="PercentageMaxDownloadBandwidthOut"
                                 type="percent"
-                        />
+                            />
                         </xs:sequence>
                     </xs:complexType>
                 </xs:element>
@@ -53512,6 +55290,96 @@ Related policy:
           </DFProperties>
         </Node>
       </Node>
+      <Node>
+        <NodeName>DeviceHealthMonitoring</NodeName>
+        <DFProperties>
+          <AccessType>
+            <Get />
+          </AccessType>
+          <DFFormat>
+            <node />
+          </DFFormat>
+          <Occurrence>
+            <One />
+          </Occurrence>
+          <Scope>
+            <Permanent />
+          </Scope>
+          <DFType>
+            <DDFName></DDFName>
+          </DFType>
+        </DFProperties>
+        <Node>
+          <NodeName>AllowDeviceHealthMonitoring</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Get />
+            </AccessType>
+            <DefaultValue>0</DefaultValue>
+            <Description>Enable/disable 4Nines device health monitoring on devices.</Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <One />
+            </Occurrence>
+            <Scope>
+              <Permanent />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+            <MSFT:SupportedValues low="0" high="1"></MSFT:SupportedValues>
+            <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
+          </DFProperties>
+        </Node>
+        <Node>
+          <NodeName>ConfigDeviceHealthMonitoringScope</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Get />
+            </AccessType>
+            <DefaultValue></DefaultValue>
+            <Description>If the device is not opted-in to the DeviceHealthMonitoring service via the AllowDeviceHealthMonitoring then this policy has no meaning. For devices which are opted in, the value of this policy modifies which types of events are monitored.</Description>
+            <DFFormat>
+              <chr/>
+            </DFFormat>
+            <Occurrence>
+              <One />
+            </Occurrence>
+            <Scope>
+              <Permanent />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+            <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
+          </DFProperties>
+        </Node>
+        <Node>
+          <NodeName>ConfigDeviceHealthMonitoringUploadDestination</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Get />
+            </AccessType>
+            <DefaultValue></DefaultValue>
+            <Description>If the device is not opted-in to the DeviceHealthMonitoring service via the AllowDeviceHealthMonitoring then this policy has no meaning. For devices which are opted in, the value of this policy modifies which destinations are in-scope for monitored events to be uploaded.</Description>
+            <DFFormat>
+              <chr/>
+            </DFFormat>
+            <Occurrence>
+              <One />
+            </Occurrence>
+            <Scope>
+              <Permanent />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+            <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
+          </DFProperties>
+        </Node>
+      </Node>
       <Node>
         <NodeName>DeviceInstallation</NodeName>
         <DFProperties>
@@ -55136,6 +57004,38 @@ Configure the minimum password age to be more than 0 if you want Enforce passwor
             <MSFT:ConflictResolution>HighestValueMostSecure</MSFT:ConflictResolution>
           </DFProperties>
         </Node>
+        <Node>
+          <NodeName>ShowLockOnUserTile</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Get />
+            </AccessType>
+            <DefaultValue>1</DefaultValue>
+            <Description>Shows or hides lock from the user tile menu.
+If you enable this policy setting, the lock option will be shown in the User Tile menu.
+
+If you disable this policy setting, the lock option will never be shown in the User Tile menu.
+
+If you do not configure this policy setting, users will be able to choose whether they want lock to show through the Power Options Control Panel.</Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <One />
+            </Occurrence>
+            <Scope>
+              <Permanent />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+            <MSFT:SupportedValues low="0" high="1"></MSFT:SupportedValues>
+            <MSFT:ADMXMapped>WindowsExplorer.admx</MSFT:ADMXMapped>
+            <MSFT:ADMXCategory>WindowsExplorer~AT~WindowsExplorer</MSFT:ADMXCategory>
+            <MSFT:ADMXPolicyName>ShowLockOption</MSFT:ADMXPolicyName>
+            <MSFT:ConflictResolution>HighestValueMostSecure</MSFT:ConflictResolution>
+          </DFProperties>
+        </Node>
       </Node>
       <Node>
         <NodeName>ExploitGuard</NodeName>
@@ -55531,6 +57431,33 @@ Configure the minimum password age to be more than 0 if you want Enforce passwor
             <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
           </DFProperties>
         </Node>
+        <Node>
+          <NodeName>AllowEnhancedSuggestionsInAddressBar</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Get />
+            </AccessType>
+            <DefaultValue></DefaultValue>
+            <Description></Description>
+            <DFFormat>
+              <chr/>
+            </DFFormat>
+            <Occurrence>
+              <One />
+            </Occurrence>
+            <Scope>
+              <Permanent />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+            <MSFT:NotSupportedOnPlatform>phone</MSFT:NotSupportedOnPlatform>
+            <MSFT:ADMXBacked>inetres.admx</MSFT:ADMXBacked>
+            <MSFT:ADMXCategory>inetres~AT~WindowsComponents~InternetExplorer</MSFT:ADMXCategory>
+            <MSFT:ADMXPolicyName>AllowServicePoweredQSA</MSFT:ADMXPolicyName>
+            <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
+          </DFProperties>
+        </Node>
         <Node>
           <NodeName>AllowEnterpriseModeFromToolsMenu</NodeName>
           <DFProperties>
@@ -56125,6 +58052,33 @@ Configure the minimum password age to be more than 0 if you want Enforce passwor
             <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
           </DFProperties>
         </Node>
+        <Node>
+          <NodeName>DisableActiveXVersionListAutoDownload</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Get />
+            </AccessType>
+            <DefaultValue></DefaultValue>
+            <Description></Description>
+            <DFFormat>
+              <chr/>
+            </DFFormat>
+            <Occurrence>
+              <One />
+            </Occurrence>
+            <Scope>
+              <Permanent />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+            <MSFT:NotSupportedOnPlatform>phone</MSFT:NotSupportedOnPlatform>
+            <MSFT:ADMXBacked>inetres.admx</MSFT:ADMXBacked>
+            <MSFT:ADMXCategory>inetres~AT~WindowsComponents~InternetExplorer~SecurityFeatures~IESF_AddOnManagement</MSFT:ADMXCategory>
+            <MSFT:ADMXPolicyName>VersionListAutomaticDownloadDisable</MSFT:ADMXPolicyName>
+            <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
+          </DFProperties>
+        </Node>
         <Node>
           <NodeName>DisableAdobeFlash</NodeName>
           <DFProperties>
@@ -56206,6 +58160,33 @@ Configure the minimum password age to be more than 0 if you want Enforce passwor
             <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
           </DFProperties>
         </Node>
+        <Node>
+          <NodeName>DisableCompatView</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Get />
+            </AccessType>
+            <DefaultValue></DefaultValue>
+            <Description></Description>
+            <DFFormat>
+              <chr/>
+            </DFFormat>
+            <Occurrence>
+              <One />
+            </Occurrence>
+            <Scope>
+              <Permanent />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+            <MSFT:NotSupportedOnPlatform>phone</MSFT:NotSupportedOnPlatform>
+            <MSFT:ADMXBacked>inetres.admx</MSFT:ADMXBacked>
+            <MSFT:ADMXCategory>inetres~AT~WindowsComponents~InternetExplorer~CategoryCompatView</MSFT:ADMXCategory>
+            <MSFT:ADMXPolicyName>CompatView_DisableList</MSFT:ADMXPolicyName>
+            <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
+          </DFProperties>
+        </Node>
         <Node>
           <NodeName>DisableConfiguringHistory</NodeName>
           <DFProperties>
@@ -56368,6 +58349,33 @@ Configure the minimum password age to be more than 0 if you want Enforce passwor
             <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
           </DFProperties>
         </Node>
+        <Node>
+          <NodeName>DisableFeedsBackgroundSync</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Get />
+            </AccessType>
+            <DefaultValue></DefaultValue>
+            <Description></Description>
+            <DFFormat>
+              <chr/>
+            </DFFormat>
+            <Occurrence>
+              <One />
+            </Occurrence>
+            <Scope>
+              <Permanent />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+            <MSFT:NotSupportedOnPlatform>phone</MSFT:NotSupportedOnPlatform>
+            <MSFT:ADMXBacked>inetres.admx</MSFT:ADMXBacked>
+            <MSFT:ADMXCategory>inetres~AT~WindowsComponents~RSS_Feeds</MSFT:ADMXCategory>
+            <MSFT:ADMXPolicyName>Disable_Background_Syncing</MSFT:ADMXPolicyName>
+            <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
+          </DFProperties>
+        </Node>
         <Node>
           <NodeName>DisableFirstRunWizard</NodeName>
           <DFProperties>
@@ -56422,6 +58430,33 @@ Configure the minimum password age to be more than 0 if you want Enforce passwor
             <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
           </DFProperties>
         </Node>
+        <Node>
+          <NodeName>DisableGeolocation</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Get />
+            </AccessType>
+            <DefaultValue></DefaultValue>
+            <Description></Description>
+            <DFFormat>
+              <chr/>
+            </DFFormat>
+            <Occurrence>
+              <One />
+            </Occurrence>
+            <Scope>
+              <Permanent />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+            <MSFT:NotSupportedOnPlatform>phone</MSFT:NotSupportedOnPlatform>
+            <MSFT:ADMXBacked>inetres.admx</MSFT:ADMXBacked>
+            <MSFT:ADMXCategory>inetres~AT~WindowsComponents~InternetExplorer</MSFT:ADMXCategory>
+            <MSFT:ADMXPolicyName>GeolocationDisable</MSFT:ADMXPolicyName>
+            <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
+          </DFProperties>
+        </Node>
         <Node>
           <NodeName>DisableIgnoringCertificateErrors</NodeName>
           <DFProperties>
@@ -56638,6 +58673,33 @@ Configure the minimum password age to be more than 0 if you want Enforce passwor
             <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
           </DFProperties>
         </Node>
+        <Node>
+          <NodeName>DisableWebAddressAutoComplete</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Get />
+            </AccessType>
+            <DefaultValue></DefaultValue>
+            <Description></Description>
+            <DFFormat>
+              <chr/>
+            </DFFormat>
+            <Occurrence>
+              <One />
+            </Occurrence>
+            <Scope>
+              <Permanent />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+            <MSFT:NotSupportedOnPlatform>phone</MSFT:NotSupportedOnPlatform>
+            <MSFT:ADMXBacked>inetres.admx</MSFT:ADMXBacked>
+            <MSFT:ADMXCategory>inetres~AT~WindowsComponents~InternetExplorer</MSFT:ADMXCategory>
+            <MSFT:ADMXPolicyName>RestrictWebAddressSuggest</MSFT:ADMXPolicyName>
+            <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
+          </DFProperties>
+        </Node>
         <Node>
           <NodeName>DoNotAllowActiveXControlsInProtectedMode</NodeName>
           <DFProperties>
@@ -60148,6 +62210,33 @@ Configure the minimum password age to be more than 0 if you want Enforce passwor
             <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
           </DFProperties>
         </Node>
+        <Node>
+          <NodeName>NewTabDefaultPage</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Get />
+            </AccessType>
+            <DefaultValue></DefaultValue>
+            <Description></Description>
+            <DFFormat>
+              <chr/>
+            </DFFormat>
+            <Occurrence>
+              <One />
+            </Occurrence>
+            <Scope>
+              <Permanent />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+            <MSFT:NotSupportedOnPlatform>phone</MSFT:NotSupportedOnPlatform>
+            <MSFT:ADMXBacked>inetres.admx</MSFT:ADMXBacked>
+            <MSFT:ADMXCategory>inetres~AT~WindowsComponents~InternetExplorer</MSFT:ADMXCategory>
+            <MSFT:ADMXPolicyName>NewTabAction</MSFT:ADMXPolicyName>
+            <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
+          </DFProperties>
+        </Node>
         <Node>
           <NodeName>NotificationBarInternetExplorerProcesses</NodeName>
           <DFProperties>
@@ -62109,6 +64198,7 @@ Configure the minimum password age to be more than 0 if you want Enforce passwor
             </DFType>
             <MSFT:NotSupportedOnPlatform>phone</MSFT:NotSupportedOnPlatform>
             <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
+            <MSFT:SubStringSeparatorChar>0xF000</MSFT:SubStringSeparatorChar>
           </DFProperties>
         </Node>
       </Node>
@@ -62792,7 +64882,8 @@ Default: This policy is not defined and CD-ROM access is not restricted to the l
             <Description>Interactive Logon:Display user information when the session is locked
 User display name, domain and user names (1)
 User display name only (2)
-Do not display user information (3)</Description>
+Do not display user information (3)
+Domain and user names only (4)</Description>
             <DFFormat>
               <int/>
             </DFFormat>
@@ -62805,7 +64896,7 @@ Do not display user information (3)</Description>
             <DFType>
               <MIME>text/plain</MIME>
             </DFType>
-            <MSFT:SupportedValues low="1" high="3"></MSFT:SupportedValues>
+            <MSFT:SupportedValues low="1" high="4"></MSFT:SupportedValues>
             <MSFT:NotSupportedOnPlatform>phone</MSFT:NotSupportedOnPlatform>
             <MSFT:GPRegistryMappedCategory>Windows Settings~Security Settings~Local Policies~Security Options</MSFT:GPRegistryMappedCategory>
             <MSFT:GPRegistryMappedName>Interactive logon: Display user information when the session is locked</MSFT:GPRegistryMappedName>
@@ -64255,53 +66346,6 @@ The options are:
           </DFProperties>
         </Node>
       </Node>
-      <Node>
-        <NodeName>Location</NodeName>
-        <DFProperties>
-          <AccessType>
-            <Get />
-          </AccessType>
-          <DFFormat>
-            <node />
-          </DFFormat>
-          <Occurrence>
-            <One />
-          </Occurrence>
-          <Scope>
-            <Permanent />
-          </Scope>
-          <DFType>
-            <DDFName></DDFName>
-          </DFType>
-        </DFProperties>
-        <Node>
-          <NodeName>EnableLocation</NodeName>
-          <DFProperties>
-            <AccessType>
-              <Get />
-            </AccessType>
-            <DefaultValue>0</DefaultValue>
-            <Description></Description>
-            <DFFormat>
-              <int/>
-            </DFFormat>
-            <Occurrence>
-              <One />
-            </Occurrence>
-            <Scope>
-              <Permanent />
-            </Scope>
-            <DFType>
-              <MIME>text/plain</MIME>
-            </DFType>
-            <MSFT:SupportedValues low="0" high="1"></MSFT:SupportedValues>
-            <MSFT:ADMXMapped>LocationProviderAdm.admx</MSFT:ADMXMapped>
-            <MSFT:ADMXCategory>LocationProviderAdm~AT~LocationAndSensors~WindowsLocationProvider</MSFT:ADMXCategory>
-            <MSFT:ADMXPolicyName>DisableWindowsLocationProvider_1</MSFT:ADMXPolicyName>
-            <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
-          </DFProperties>
-        </Node>
-      </Node>
       <Node>
         <NodeName>LockDown</NodeName>
         <DFProperties>
@@ -65234,6 +67278,70 @@ The options are:
             <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
           </DFProperties>
         </Node>
+        <Node>
+          <NodeName>EnergySaverBatteryThresholdOnBattery</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Get />
+            </AccessType>
+            <DefaultValue>0</DefaultValue>
+            <Description>This policy setting allows you to specify battery charge level at which Energy Saver is turned on.
+
+If you enable this policy setting, you must provide a percent value, indicating the battery charge level. Energy Saver will be automatically turned on at (and below) the specified level.
+
+If you disable or do not configure this policy setting, users control this setting.</Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <One />
+            </Occurrence>
+            <Scope>
+              <Permanent />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+            <MSFT:SupportedValues low="0" high="100"></MSFT:SupportedValues>
+            <MSFT:ADMXMapped>Power.admx</MSFT:ADMXMapped>
+            <MSFT:ADMXMappedElement>EnterEsBattThreshold</MSFT:ADMXMappedElement>
+            <MSFT:ADMXCategory>Power~AT~System~PowerManagementCat~EnergySaverSettingsCat</MSFT:ADMXCategory>
+            <MSFT:ADMXPolicyName>EsBattThresholdDC</MSFT:ADMXPolicyName>
+            <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
+          </DFProperties>
+        </Node>
+        <Node>
+          <NodeName>EnergySaverBatteryThresholdPluggedIn</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Get />
+            </AccessType>
+            <DefaultValue>0</DefaultValue>
+            <Description>This policy setting allows you to specify battery charge level at which Energy Saver is turned on.
+
+If you enable this policy setting, you must provide a percent value, indicating the battery charge level. Energy Saver will be automatically turned on at (and below) the specified level.
+
+If you disable or do not configure this policy setting, users control this setting.</Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <One />
+            </Occurrence>
+            <Scope>
+              <Permanent />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+            <MSFT:SupportedValues low="0" high="100"></MSFT:SupportedValues>
+            <MSFT:ADMXMapped>Power.admx</MSFT:ADMXMapped>
+            <MSFT:ADMXMappedElement>EnterEsBattThreshold</MSFT:ADMXMappedElement>
+            <MSFT:ADMXCategory>Power~AT~System~PowerManagementCat~EnergySaverSettingsCat</MSFT:ADMXCategory>
+            <MSFT:ADMXPolicyName>EsBattThresholdAC</MSFT:ADMXPolicyName>
+            <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
+          </DFProperties>
+        </Node>
         <Node>
           <NodeName>HibernateTimeoutOnBattery</NodeName>
           <DFProperties>
@@ -65342,6 +67450,234 @@ The options are:
             <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
           </DFProperties>
         </Node>
+        <Node>
+          <NodeName>SelectLidCloseActionOnBattery</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Get />
+            </AccessType>
+            <DefaultValue>1</DefaultValue>
+            <Description>This policy setting specifies the action that Windows takes when a user closes the lid on a mobile PC.
+
+Possible actions include:
+0 - Take no action
+1 - Sleep
+2 - Hibernate
+3 - Shut down
+
+If you enable this policy setting, you must select the desired action.
+
+If you disable this policy setting or do not configure it, users can see and change this setting.</Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <One />
+            </Occurrence>
+            <Scope>
+              <Permanent />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+            <MSFT:SupportedValues low="0" high="3"></MSFT:SupportedValues>
+            <MSFT:ADMXMapped>Power.admx</MSFT:ADMXMapped>
+            <MSFT:ADMXMappedElement>SelectDCSystemLidAction</MSFT:ADMXMappedElement>
+            <MSFT:ADMXCategory>Power~AT~System~PowerManagementCat~PowerButtonActionSettingsCat</MSFT:ADMXCategory>
+            <MSFT:ADMXPolicyName>DCSystemLidAction_2</MSFT:ADMXPolicyName>
+            <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
+          </DFProperties>
+        </Node>
+        <Node>
+          <NodeName>SelectLidCloseActionPluggedIn</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Get />
+            </AccessType>
+            <DefaultValue>1</DefaultValue>
+            <Description>This policy setting specifies the action that Windows takes when a user closes the lid on a mobile PC.
+
+Possible actions include:
+0 - Take no action
+1 - Sleep
+2 - Hibernate
+3 - Shut down
+
+If you enable this policy setting, you must select the desired action.
+
+If you disable this policy setting or do not configure it, users can see and change this setting.</Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <One />
+            </Occurrence>
+            <Scope>
+              <Permanent />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+            <MSFT:SupportedValues low="0" high="3"></MSFT:SupportedValues>
+            <MSFT:ADMXMapped>Power.admx</MSFT:ADMXMapped>
+            <MSFT:ADMXMappedElement>SelectACSystemLidAction</MSFT:ADMXMappedElement>
+            <MSFT:ADMXCategory>Power~AT~System~PowerManagementCat~PowerButtonActionSettingsCat</MSFT:ADMXCategory>
+            <MSFT:ADMXPolicyName>ACSystemLidAction_2</MSFT:ADMXPolicyName>
+            <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
+          </DFProperties>
+        </Node>
+        <Node>
+          <NodeName>SelectPowerButtonActionOnBattery</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Get />
+            </AccessType>
+            <DefaultValue>1</DefaultValue>
+            <Description>This policy setting specifies the action that Windows takes when a user presses the power button. 
+
+Possible actions include:
+0 - Take no action
+1 - Sleep
+2 - Hibernate
+3 - Shut down
+
+If you enable this policy setting, you must select the desired action.
+
+If you disable this policy setting or do not configure it, users can see and change this setting.</Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <One />
+            </Occurrence>
+            <Scope>
+              <Permanent />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+            <MSFT:SupportedValues low="0" high="3"></MSFT:SupportedValues>
+            <MSFT:ADMXMapped>Power.admx</MSFT:ADMXMapped>
+            <MSFT:ADMXMappedElement>SelectDCPowerButtonAction</MSFT:ADMXMappedElement>
+            <MSFT:ADMXCategory>Power~AT~System~PowerManagementCat~PowerButtonActionSettingsCat</MSFT:ADMXCategory>
+            <MSFT:ADMXPolicyName>DCPowerButtonAction_2</MSFT:ADMXPolicyName>
+            <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
+          </DFProperties>
+        </Node>
+        <Node>
+          <NodeName>SelectPowerButtonActionPluggedIn</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Get />
+            </AccessType>
+            <DefaultValue>1</DefaultValue>
+            <Description>This policy setting specifies the action that Windows takes when a user presses the power button. 
+
+Possible actions include:
+0 - Take no action
+1 - Sleep
+2 - Hibernate
+3 - Shut down
+
+If you enable this policy setting, you must select the desired action.
+
+If you disable this policy setting or do not configure it, users can see and change this setting.</Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <One />
+            </Occurrence>
+            <Scope>
+              <Permanent />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+            <MSFT:SupportedValues low="0" high="3"></MSFT:SupportedValues>
+            <MSFT:ADMXMapped>Power.admx</MSFT:ADMXMapped>
+            <MSFT:ADMXMappedElement>SelectACPowerButtonAction</MSFT:ADMXMappedElement>
+            <MSFT:ADMXCategory>Power~AT~System~PowerManagementCat~PowerButtonActionSettingsCat</MSFT:ADMXCategory>
+            <MSFT:ADMXPolicyName>ACPowerButtonAction_2</MSFT:ADMXPolicyName>
+            <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
+          </DFProperties>
+        </Node>
+        <Node>
+          <NodeName>SelectSleepButtonActionOnBattery</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Get />
+            </AccessType>
+            <DefaultValue>1</DefaultValue>
+            <Description>This policy setting specifies the action that Windows takes when a user presses the sleep button.
+
+Possible actions include:
+0 - Take no action
+1 - Sleep
+2 - Hibernate
+3 - Shut down
+
+If you enable this policy setting, you must select the desired action.
+
+If you disable this policy setting or do not configure it, users can see and change this setting.</Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <One />
+            </Occurrence>
+            <Scope>
+              <Permanent />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+            <MSFT:SupportedValues low="0" high="3"></MSFT:SupportedValues>
+            <MSFT:ADMXMapped>Power.admx</MSFT:ADMXMapped>
+            <MSFT:ADMXMappedElement>SelectDCSleepButtonAction</MSFT:ADMXMappedElement>
+            <MSFT:ADMXCategory>Power~AT~System~PowerManagementCat~PowerButtonActionSettingsCat</MSFT:ADMXCategory>
+            <MSFT:ADMXPolicyName>DCSleepButtonAction_2</MSFT:ADMXPolicyName>
+            <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
+          </DFProperties>
+        </Node>
+        <Node>
+          <NodeName>SelectSleepButtonActionPluggedIn</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Get />
+            </AccessType>
+            <DefaultValue>1</DefaultValue>
+            <Description>This policy setting specifies the action that Windows takes when a user presses the sleep button.
+
+Possible actions include:
+0 - Take no action
+1 - Sleep
+2 - Hibernate
+3 - Shut down
+
+If you enable this policy setting, you must select the desired action.
+
+If you disable this policy setting or do not configure it, users can see and change this setting.</Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <One />
+            </Occurrence>
+            <Scope>
+              <Permanent />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+            <MSFT:SupportedValues low="0" high="3"></MSFT:SupportedValues>
+            <MSFT:ADMXMapped>Power.admx</MSFT:ADMXMapped>
+            <MSFT:ADMXMappedElement>SelectACSleepButtonAction</MSFT:ADMXMappedElement>
+            <MSFT:ADMXCategory>Power~AT~System~PowerManagementCat~PowerButtonActionSettingsCat</MSFT:ADMXCategory>
+            <MSFT:ADMXPolicyName>ACSleepButtonAction_2</MSFT:ADMXPolicyName>
+            <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
+          </DFProperties>
+        </Node>
         <Node>
           <NodeName>StandbyTimeoutOnBattery</NodeName>
           <DFProperties>
@@ -65396,6 +67732,136 @@ The options are:
             <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
           </DFProperties>
         </Node>
+        <Node>
+          <NodeName>TurnOffHybridSleepOnBattery</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Get />
+            </AccessType>
+            <DefaultValue>0</DefaultValue>
+            <Description>This policy setting allows you to turn off hybrid sleep.
+
+If you set this to 0, a hiberfile is not generated when the system transitions to sleep (Stand By).
+
+If you do not configure this policy setting, users control this setting.</Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <One />
+            </Occurrence>
+            <Scope>
+              <Permanent />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+            <MSFT:SupportedValues low="0" high="1"></MSFT:SupportedValues>
+            <MSFT:ADMXMapped>Power.admx</MSFT:ADMXMapped>
+            <MSFT:ADMXCategory>Power~AT~System~PowerManagementCat~PowerSleepSettingsCat</MSFT:ADMXCategory>
+            <MSFT:ADMXPolicyName>DCStandbyWithHiberfileEnable_2</MSFT:ADMXPolicyName>
+            <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
+          </DFProperties>
+        </Node>
+        <Node>
+          <NodeName>TurnOffHybridSleepPluggedIn</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Get />
+            </AccessType>
+            <DefaultValue>0</DefaultValue>
+            <Description>This policy setting allows you to turn off hybrid sleep.
+
+If you set this to 0, a hiberfile is not generated when the system transitions to sleep (Stand By).
+
+If you do not configure this policy setting, users control this setting.</Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <One />
+            </Occurrence>
+            <Scope>
+              <Permanent />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+            <MSFT:SupportedValues low="0" high="1"></MSFT:SupportedValues>
+            <MSFT:ADMXMapped>Power.admx</MSFT:ADMXMapped>
+            <MSFT:ADMXCategory>Power~AT~System~PowerManagementCat~PowerSleepSettingsCat</MSFT:ADMXCategory>
+            <MSFT:ADMXPolicyName>ACStandbyWithHiberfileEnable_2</MSFT:ADMXPolicyName>
+            <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
+          </DFProperties>
+        </Node>
+        <Node>
+          <NodeName>UnattendedSleepTimeoutOnBattery</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Get />
+            </AccessType>
+            <DefaultValue>0</DefaultValue>
+            <Description>This policy setting allows you to specify the period of inactivity before Windows transitions to sleep automatically when a user is not present at the computer.
+
+If you enable this policy setting, you must provide a value, in seconds, indicating how much idle time should elapse before Windows automatically transitions to sleep when left unattended.  If you specify 0 seconds, Windows does not automatically transition to sleep.
+
+If you disable or do not configure this policy setting, users control this setting.
+
+If the user has configured a slide show to run on the lock screen when the machine is locked, this can prevent the sleep transition from occuring.  The &quot;Prevent enabling lock screen slide show&quot; policy setting can be used to disable the slide show feature.</Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <One />
+            </Occurrence>
+            <Scope>
+              <Permanent />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+            <MSFT:SupportedValues low="0" high="4294967295"></MSFT:SupportedValues>
+            <MSFT:ADMXMapped>Power.admx</MSFT:ADMXMapped>
+            <MSFT:ADMXMappedElement>EnterUnattendedSleepTimeOut</MSFT:ADMXMappedElement>
+            <MSFT:ADMXCategory>Power~AT~System~PowerManagementCat~PowerSleepSettingsCat</MSFT:ADMXCategory>
+            <MSFT:ADMXPolicyName>UnattendedSleepTimeOutDC</MSFT:ADMXPolicyName>
+            <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
+          </DFProperties>
+        </Node>
+        <Node>
+          <NodeName>UnattendedSleepTimeoutPluggedIn</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Get />
+            </AccessType>
+            <DefaultValue>0</DefaultValue>
+            <Description>This policy setting allows you to specify the period of inactivity before Windows transitions to sleep automatically when a user is not present at the computer.
+
+If you enable this policy setting, you must provide a value, in seconds, indicating how much idle time should elapse before Windows automatically transitions to sleep when left unattended.  If you specify 0 seconds, Windows does not automatically transition to sleep.
+
+If you disable or do not configure this policy setting, users control this setting.
+
+If the user has configured a slide show to run on the lock screen when the machine is locked, this can prevent the sleep transition from occuring.  The &quot;Prevent enabling lock screen slide show&quot; policy setting can be used to disable the slide show feature.</Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <One />
+            </Occurrence>
+            <Scope>
+              <Permanent />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+            <MSFT:SupportedValues low="0" high="4294967295"></MSFT:SupportedValues>
+            <MSFT:ADMXMapped>Power.admx</MSFT:ADMXMapped>
+            <MSFT:ADMXMappedElement>EnterUnattendedSleepTimeOut</MSFT:ADMXMappedElement>
+            <MSFT:ADMXCategory>Power~AT~System~PowerManagementCat~PowerSleepSettingsCat</MSFT:ADMXCategory>
+            <MSFT:ADMXPolicyName>UnattendedSleepTimeOutAC</MSFT:ADMXPolicyName>
+            <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
+          </DFProperties>
+        </Node>
       </Node>
       <Node>
         <NodeName>Printers</NodeName>
@@ -67427,6 +69893,62 @@ The options are:
             <MSFT:SubStringSeparatorChar>;</MSFT:SubStringSeparatorChar>
           </DFProperties>
         </Node>
+        <Node>
+          <NodeName>LetAppsActivateWithVoice</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Get />
+            </AccessType>
+            <DefaultValue>0</DefaultValue>
+            <Description>This policy setting specifies whether Windows apps can be activated by voice.</Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <One />
+            </Occurrence>
+            <Scope>
+              <Permanent />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+            <MSFT:SupportedValues low="0" high="2"></MSFT:SupportedValues>
+            <MSFT:ADMXMapped>AppPrivacy.admx</MSFT:ADMXMapped>
+            <MSFT:ADMXMappedElement>LetAppsActivateWithVoice_Enum</MSFT:ADMXMappedElement>
+            <MSFT:ADMXCategory>AppPrivacy~AT~WindowsComponents~AppPrivacy</MSFT:ADMXCategory>
+            <MSFT:ADMXPolicyName>LetAppsActivateWithVoice</MSFT:ADMXPolicyName>
+            <MSFT:ConflictResolution>HighestValueMostSecure</MSFT:ConflictResolution>
+          </DFProperties>
+        </Node>
+        <Node>
+          <NodeName>LetAppsActivateWithVoiceAboveLock</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Get />
+            </AccessType>
+            <DefaultValue>0</DefaultValue>
+            <Description>This policy setting specifies whether Windows apps can be activated by voice while the system is locked.</Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <One />
+            </Occurrence>
+            <Scope>
+              <Permanent />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+            <MSFT:SupportedValues low="0" high="2"></MSFT:SupportedValues>
+            <MSFT:ADMXMapped>AppPrivacy.admx</MSFT:ADMXMapped>
+            <MSFT:ADMXMappedElement>LetAppsActivateWithVoiceAboveLock_Enum</MSFT:ADMXMappedElement>
+            <MSFT:ADMXCategory>AppPrivacy~AT~WindowsComponents~AppPrivacy</MSFT:ADMXCategory>
+            <MSFT:ADMXPolicyName>LetAppsActivateWithVoiceAboveLock</MSFT:ADMXPolicyName>
+            <MSFT:ConflictResolution>HighestValueMostSecure</MSFT:ConflictResolution>
+          </DFProperties>
+        </Node>
         <Node>
           <NodeName>LetAppsGetDiagnosticInfo</NodeName>
           <DFProperties>
@@ -68989,6 +71511,34 @@ Caution: If a Restricted Groups policy is applied, any current member not on the
             <MSFT:ConflictResolution>LowestValueMostSecure</MSFT:ConflictResolution>
           </DFProperties>
         </Node>
+        <Node>
+          <NodeName>AllowFindMyFiles</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Get />
+            </AccessType>
+            <DefaultValue>1</DefaultValue>
+            <Description>This feature allows you to disable find my files completely on the machine</Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <One />
+            </Occurrence>
+            <Scope>
+              <Permanent />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+            <MSFT:SupportedValues low="0" high="1"></MSFT:SupportedValues>
+            <MSFT:NotSupportedOnPlatform>phone</MSFT:NotSupportedOnPlatform>
+            <MSFT:ADMXMapped>Search.admx</MSFT:ADMXMapped>
+            <MSFT:ADMXCategory>Search~AT~WindowsComponents~Search</MSFT:ADMXCategory>
+            <MSFT:ADMXPolicyName>AllowFindMyFiles</MSFT:ADMXPolicyName>
+            <MSFT:ConflictResolution>LowestValueMostSecure</MSFT:ConflictResolution>
+          </DFProperties>
+        </Node>
         <Node>
           <NodeName>AllowIndexingEncryptedStoresOrItems</NodeName>
           <DFProperties>
@@ -69598,6 +72148,53 @@ Caution: If a Restricted Groups policy is applied, any current member not on the
           </DFProperties>
         </Node>
       </Node>
+      <Node>
+        <NodeName>ServiceControlManager</NodeName>
+        <DFProperties>
+          <AccessType>
+            <Get />
+          </AccessType>
+          <DFFormat>
+            <node />
+          </DFFormat>
+          <Occurrence>
+            <One />
+          </Occurrence>
+          <Scope>
+            <Permanent />
+          </Scope>
+          <DFType>
+            <DDFName></DDFName>
+          </DFType>
+        </DFProperties>
+        <Node>
+          <NodeName>SvchostProcessMitigation</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Get />
+            </AccessType>
+            <DefaultValue></DefaultValue>
+            <Description></Description>
+            <DFFormat>
+              <chr/>
+            </DFFormat>
+            <Occurrence>
+              <One />
+            </Occurrence>
+            <Scope>
+              <Permanent />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+            <MSFT:NotSupportedOnPlatform>phone</MSFT:NotSupportedOnPlatform>
+            <MSFT:ADMXBacked>ServiceControlManager.admx</MSFT:ADMXBacked>
+            <MSFT:ADMXCategory>ServiceControlManager~AT~System~ServiceControlManagerCat~ServiceControlManagerSecurityCat</MSFT:ADMXCategory>
+            <MSFT:ADMXPolicyName>SvchostProcessMitigationEnable</MSFT:ADMXPolicyName>
+            <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
+          </DFProperties>
+        </Node>
+      </Node>
       <Node>
         <NodeName>Settings</NodeName>
         <DFProperties>
@@ -70893,6 +73490,174 @@ Caution: If a Restricted Groups policy is applied, any current member not on the
             <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
           </DFProperties>
         </Node>
+        <Node>
+          <NodeName>AllowStorageSenseGlobal</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Get />
+            </AccessType>
+            <DefaultValue>0</DefaultValue>
+            <Description></Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <One />
+            </Occurrence>
+            <Scope>
+              <Permanent />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+            <MSFT:SupportedValues low="0" high="1"></MSFT:SupportedValues>
+            <MSFT:NotSupportedOnPlatform>phone</MSFT:NotSupportedOnPlatform>
+            <MSFT:ADMXMapped>StorageSense.admx</MSFT:ADMXMapped>
+            <MSFT:ADMXCategory>StorageSense~AT~System~StorageSense</MSFT:ADMXCategory>
+            <MSFT:ADMXPolicyName>SS_AllowStorageSenseGlobal</MSFT:ADMXPolicyName>
+            <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
+          </DFProperties>
+        </Node>
+        <Node>
+          <NodeName>AllowStorageSenseTemporaryFilesCleanup</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Get />
+            </AccessType>
+            <DefaultValue>1</DefaultValue>
+            <Description></Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <One />
+            </Occurrence>
+            <Scope>
+              <Permanent />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+            <MSFT:SupportedValues low="0" high="1"></MSFT:SupportedValues>
+            <MSFT:NotSupportedOnPlatform>phone</MSFT:NotSupportedOnPlatform>
+            <MSFT:ADMXMapped>StorageSense.admx</MSFT:ADMXMapped>
+            <MSFT:ADMXCategory>StorageSense~AT~System~StorageSense</MSFT:ADMXCategory>
+            <MSFT:ADMXPolicyName>SS_AllowStorageSenseTemporaryFilesCleanup</MSFT:ADMXPolicyName>
+            <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
+          </DFProperties>
+        </Node>
+        <Node>
+          <NodeName>ConfigStorageSenseCloudContentDehydrationThreshold</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Get />
+            </AccessType>
+            <DefaultValue>0</DefaultValue>
+            <Description></Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <One />
+            </Occurrence>
+            <Scope>
+              <Permanent />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+            <MSFT:SupportedValues low="0" high="365"></MSFT:SupportedValues>
+            <MSFT:NotSupportedOnPlatform>phone</MSFT:NotSupportedOnPlatform>
+            <MSFT:ADMXMapped>StorageSense.admx</MSFT:ADMXMapped>
+            <MSFT:ADMXCategory>StorageSense~AT~System~StorageSense</MSFT:ADMXCategory>
+            <MSFT:ADMXPolicyName>SS_ConfigStorageSenseCloudContentDehydrationThreshold</MSFT:ADMXPolicyName>
+            <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
+          </DFProperties>
+        </Node>
+        <Node>
+          <NodeName>ConfigStorageSenseDownloadsCleanupThreshold</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Get />
+            </AccessType>
+            <DefaultValue>0</DefaultValue>
+            <Description></Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <One />
+            </Occurrence>
+            <Scope>
+              <Permanent />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+            <MSFT:SupportedValues low="0" high="365"></MSFT:SupportedValues>
+            <MSFT:NotSupportedOnPlatform>phone</MSFT:NotSupportedOnPlatform>
+            <MSFT:ADMXMapped>StorageSense.admx</MSFT:ADMXMapped>
+            <MSFT:ADMXCategory>StorageSense~AT~System~StorageSense</MSFT:ADMXCategory>
+            <MSFT:ADMXPolicyName>SS_ConfigStorageSenseDownloadsCleanupThreshold</MSFT:ADMXPolicyName>
+            <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
+          </DFProperties>
+        </Node>
+        <Node>
+          <NodeName>ConfigStorageSenseGlobalCadence</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Get />
+            </AccessType>
+            <DefaultValue>0</DefaultValue>
+            <Description></Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <One />
+            </Occurrence>
+            <Scope>
+              <Permanent />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+            <MSFT:SupportedValues AllowedValues="0,1,7,30"></MSFT:SupportedValues>
+            <MSFT:NotSupportedOnPlatform>phone</MSFT:NotSupportedOnPlatform>
+            <MSFT:ADMXMapped>StorageSense.admx</MSFT:ADMXMapped>
+            <MSFT:ADMXCategory>StorageSense~AT~System~StorageSense</MSFT:ADMXCategory>
+            <MSFT:ADMXPolicyName>SS_ConfigStorageSenseGlobalCadence</MSFT:ADMXPolicyName>
+            <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
+          </DFProperties>
+        </Node>
+        <Node>
+          <NodeName>ConfigStorageSenseRecycleBinCleanupThreshold</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Get />
+            </AccessType>
+            <DefaultValue>30</DefaultValue>
+            <Description></Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <One />
+            </Occurrence>
+            <Scope>
+              <Permanent />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+            <MSFT:SupportedValues low="0" high="365"></MSFT:SupportedValues>
+            <MSFT:NotSupportedOnPlatform>phone</MSFT:NotSupportedOnPlatform>
+            <MSFT:ADMXMapped>StorageSense.admx</MSFT:ADMXMapped>
+            <MSFT:ADMXCategory>StorageSense~AT~System~StorageSense</MSFT:ADMXCategory>
+            <MSFT:ADMXPolicyName>SS_ConfigStorageSenseRecycleBinCleanupThreshold</MSFT:ADMXPolicyName>
+            <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
+          </DFProperties>
+        </Node>
         <Node>
           <NodeName>EnhancedStorageDevices</NodeName>
           <DFProperties>
@@ -70995,6 +73760,34 @@ Caution: If a Restricted Groups policy is applied, any current member not on the
             <MSFT:ConflictResolution>LowestValueMostSecure</MSFT:ConflictResolution>
           </DFProperties>
         </Node>
+        <Node>
+          <NodeName>AllowCommercialDataPipeline</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Get />
+            </AccessType>
+            <DefaultValue>0</DefaultValue>
+            <Description></Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <One />
+            </Occurrence>
+            <Scope>
+              <Permanent />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+            <MSFT:SupportedValues low="0" high="1"></MSFT:SupportedValues>
+            <MSFT:ADMXMapped>DataCollection.admx</MSFT:ADMXMapped>
+            <MSFT:ADMXMappedElement>AllowCommercialDataPipeline</MSFT:ADMXMappedElement>
+            <MSFT:ADMXCategory>DataCollection~AT~WindowsComponents~DataCollectionAndPreviewBuilds</MSFT:ADMXCategory>
+            <MSFT:ADMXPolicyName>AllowCommercialDataPipeline</MSFT:ADMXPolicyName>
+            <MSFT:ConflictResolution>HighestValueMostSecure</MSFT:ConflictResolution>
+          </DFProperties>
+        </Node>
         <Node>
           <NodeName>AllowDeviceNameInDiagnosticData</NodeName>
           <DFProperties>
@@ -71367,6 +74160,33 @@ Caution: If a Restricted Groups policy is applied, any current member not on the
             <MSFT:ConflictResolution>HighestValueMostSecure</MSFT:ConflictResolution>
           </DFProperties>
         </Node>
+        <Node>
+          <NodeName>DisableDirectXDatabaseUpdate</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Get />
+            </AccessType>
+            <DefaultValue>0</DefaultValue>
+            <Description>This group policy allows control over whether the DirectX Database Updater task will be run on the system.</Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <One />
+            </Occurrence>
+            <Scope>
+              <Permanent />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+            <MSFT:SupportedValues low="0" high="1"></MSFT:SupportedValues>
+            <MSFT:ADMXMapped>GroupPolicy.admx</MSFT:ADMXMapped>
+            <MSFT:ADMXCategory>GroupPolicy~AT~Network~DirectXDatabase</MSFT:ADMXCategory>
+            <MSFT:ADMXPolicyName>DisableDirectXDatabaseUpdate</MSFT:ADMXPolicyName>
+            <MSFT:ConflictResolution>HighestValueMostSecure</MSFT:ConflictResolution>
+          </DFProperties>
+        </Node>
         <Node>
           <NodeName>DisableEnterpriseAuthProxy</NodeName>
           <DFProperties>
@@ -71528,6 +74348,37 @@ Caution: If a Restricted Groups policy is applied, any current member not on the
             <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
           </DFProperties>
         </Node>
+        <Node>
+          <NodeName>TurnOffFileHistory</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Get />
+            </AccessType>
+            <DefaultValue>0</DefaultValue>
+            <Description>This policy setting allows you to turn off File History.
+
+If you enable this policy setting, File History cannot be activated to create regular, automatic backups.
+
+If you disable or do not configure this policy setting, File History can be activated to create regular, automatic backups.</Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <One />
+            </Occurrence>
+            <Scope>
+              <Permanent />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+            <MSFT:SupportedValues low="0" high="1"></MSFT:SupportedValues>
+            <MSFT:ADMXMapped>FileHistory.admx</MSFT:ADMXMapped>
+            <MSFT:ADMXCategory>FileHistory~AT~WindowsComponents~FileHistory</MSFT:ADMXCategory>
+            <MSFT:ADMXPolicyName>DisableFileHistory</MSFT:ADMXPolicyName>
+            <MSFT:ConflictResolution>LowestValueMostSecure</MSFT:ConflictResolution>
+          </DFProperties>
+        </Node>
       </Node>
       <Node>
         <NodeName>SystemServices</NodeName>
@@ -72432,6 +75283,87 @@ Caution: If a Restricted Groups policy is applied, any current member not on the
             <MSFT:ConflictResolution>LowestValueMostSecure</MSFT:ConflictResolution>
           </DFProperties>
         </Node>
+        <Node>
+          <NodeName>ConfigureTimeZone</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Get />
+            </AccessType>
+            <DefaultValue></DefaultValue>
+            <Description>Specifies the time zone to be applied to the device.  This is the standard Windows name for the target time zone.</Description>
+            <DFFormat>
+              <chr/>
+            </DFFormat>
+            <Occurrence>
+              <One />
+            </Occurrence>
+            <Scope>
+              <Permanent />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+            <MSFT:NotSupportedOnPlatform>phone</MSFT:NotSupportedOnPlatform>
+            <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
+          </DFProperties>
+        </Node>
+      </Node>
+      <Node>
+        <NodeName>Troubleshooting</NodeName>
+        <DFProperties>
+          <AccessType>
+            <Get />
+          </AccessType>
+          <DFFormat>
+            <node />
+          </DFFormat>
+          <Occurrence>
+            <One />
+          </Occurrence>
+          <Scope>
+            <Permanent />
+          </Scope>
+          <DFType>
+            <DDFName></DDFName>
+          </DFType>
+        </DFProperties>
+        <Node>
+          <NodeName>AllowRecommendations</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Get />
+            </AccessType>
+            <DefaultValue>1</DefaultValue>
+            <Description>This policy setting applies recommended troubleshooting for known problems on the device and lets administrators configure how it&apos;s applied to their domains/IT environments.
+Not configuring this policy setting will allow the user to configure if and how recommended troubleshooting is applied.
+
+Enabling this policy allows you to configure how recommended troubleshooting is applied on the user&apos;s device. You can select from one of the following values:
+0 = Turn this feature off.
+1 = Turn this feature off but still apply critical troubleshooting.
+2 = Notify users when recommended troubleshooting is available, then allow the user to run or ignore it.
+3 = Run recommended troubleshooting automatically and notify the user after it&apos;s been successfully run.
+4 = Run recommended troubleshooting automatically without notifying the user.
+5 = Allow the user to choose their own recommended troubleshooting settings.</Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <One />
+            </Occurrence>
+            <Scope>
+              <Permanent />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+            <MSFT:SupportedValues low="0" high="5"></MSFT:SupportedValues>
+            <MSFT:NotSupportedOnPlatform>phone</MSFT:NotSupportedOnPlatform>
+            <MSFT:ADMXMapped>MSDT.admx</MSFT:ADMXMapped>
+            <MSFT:ADMXCategory>MSDT~AT~System~Troubleshooting~WdiScenarioCategory</MSFT:ADMXCategory>
+            <MSFT:ADMXPolicyName>TroubleshootingAllowRecommendations</MSFT:ADMXPolicyName>
+            <MSFT:ConflictResolution>LowestValueMostSecure</MSFT:ConflictResolution>
+          </DFProperties>
+        </Node>
       </Node>
       <Node>
         <NodeName>Update</NodeName>
@@ -72671,6 +75603,39 @@ Caution: If a Restricted Groups policy is applied, any current member not on the
             <MSFT:ConflictResolution>LowestValueMostSecure</MSFT:ConflictResolution>
           </DFProperties>
         </Node>
+        <Node>
+          <NodeName>AutomaticMaintenanceWakeUp</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Get />
+            </AccessType>
+            <DefaultValue>1</DefaultValue>
+            <Description>This policy setting allows you to configure Automatic Maintenance wake up policy.
+
+The maintenance wakeup policy specifies if Automatic Maintenance should make a wake request to the OS for the daily scheduled maintenance. Note, that if the OS power wake policy is explicitly disabled, then this setting has no effect.
+
+If you enable this policy setting, Automatic Maintenance will attempt to set OS wake policy and make a wake request for the daily scheduled time, if required.
+
+If you disable or do not configure this policy setting, the wake setting as specified in Security and Maintenance/Automatic Maintenance Control Panel will apply.</Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <One />
+            </Occurrence>
+            <Scope>
+              <Permanent />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+            <MSFT:SupportedValues low="0" high="1"></MSFT:SupportedValues>
+            <MSFT:ADMXMapped>msched.admx</MSFT:ADMXMapped>
+            <MSFT:ADMXCategory>msched~AT~WindowsComponents~MaintenanceScheduler</MSFT:ADMXCategory>
+            <MSFT:ADMXPolicyName>WakeUpPolicy</MSFT:ADMXPolicyName>
+            <MSFT:ConflictResolution>HighestValueMostSecure</MSFT:ConflictResolution>
+          </DFProperties>
+        </Node>
         <Node>
           <NodeName>AutoRestartDeadlinePeriodInDays</NodeName>
           <DFProperties>
@@ -72803,7 +75768,7 @@ Caution: If a Restricted Groups policy is applied, any current member not on the
             <DFType>
               <MIME>text/plain</MIME>
             </DFType>
-            <MSFT:SupportedValues AllowedValues="2,4,8,16,32"></MSFT:SupportedValues>
+            <MSFT:SupportedValues AllowedValues="2,4,8,16"></MSFT:SupportedValues>
             <MSFT:ADMXMapped>WindowsUpdate.admx</MSFT:ADMXMapped>
             <MSFT:ADMXMappedElement>BranchReadinessLevelId</MSFT:ADMXMappedElement>
             <MSFT:ADMXCategory>WindowsUpdate~AT~WindowsComponents~WindowsUpdateCat~DeferUpdateCat</MSFT:ADMXCategory>
@@ -72811,6 +75776,118 @@ Caution: If a Restricted Groups policy is applied, any current member not on the
             <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
           </DFProperties>
         </Node>
+        <Node>
+          <NodeName>ConfigureDeadlineForFeatureUpdates</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Get />
+            </AccessType>
+            <DefaultValue>7</DefaultValue>
+            <Description></Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <One />
+            </Occurrence>
+            <Scope>
+              <Permanent />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+            <MSFT:SupportedValues low="2" high="30"></MSFT:SupportedValues>
+            <MSFT:ADMXMapped>WindowsUpdate.admx</MSFT:ADMXMapped>
+            <MSFT:ADMXMappedElement>ConfigureDeadlineForFeatureUpdates</MSFT:ADMXMappedElement>
+            <MSFT:ADMXCategory>WindowsUpdate~AT~WindowsComponents~WindowsUpdateCat</MSFT:ADMXCategory>
+            <MSFT:ADMXPolicyName>ConfigureDeadlineForFeatureUpdates</MSFT:ADMXPolicyName>
+            <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
+          </DFProperties>
+        </Node>
+        <Node>
+          <NodeName>ConfigureDeadlineForQualityUpdates</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Get />
+            </AccessType>
+            <DefaultValue>7</DefaultValue>
+            <Description></Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <One />
+            </Occurrence>
+            <Scope>
+              <Permanent />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+            <MSFT:SupportedValues low="2" high="30"></MSFT:SupportedValues>
+            <MSFT:ADMXMapped>WindowsUpdate.admx</MSFT:ADMXMapped>
+            <MSFT:ADMXMappedElement>ConfigureDeadlineForQualityUpdates</MSFT:ADMXMappedElement>
+            <MSFT:ADMXCategory>WindowsUpdate~AT~WindowsComponents~WindowsUpdateCat</MSFT:ADMXCategory>
+            <MSFT:ADMXPolicyName>ConfigureDeadlineForQualityUpdates</MSFT:ADMXPolicyName>
+            <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
+          </DFProperties>
+        </Node>
+        <Node>
+          <NodeName>ConfigureDeadlineGracePeriod</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Get />
+            </AccessType>
+            <DefaultValue>2</DefaultValue>
+            <Description></Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <One />
+            </Occurrence>
+            <Scope>
+              <Permanent />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+            <MSFT:SupportedValues low="0" high="7"></MSFT:SupportedValues>
+            <MSFT:ADMXMapped>WindowsUpdate.admx</MSFT:ADMXMapped>
+            <MSFT:ADMXMappedElement>ConfigureDeadlineGracePeriod</MSFT:ADMXMappedElement>
+            <MSFT:ADMXCategory>WindowsUpdate~AT~WindowsComponents~WindowsUpdateCat</MSFT:ADMXCategory>
+            <MSFT:ADMXPolicyName>ConfigureDeadlineGracePeriod</MSFT:ADMXPolicyName>
+            <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
+          </DFProperties>
+        </Node>
+        <Node>
+          <NodeName>ConfigureDeadlineNoAutoReboot</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Get />
+            </AccessType>
+            <DefaultValue>0</DefaultValue>
+            <Description></Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <One />
+            </Occurrence>
+            <Scope>
+              <Permanent />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+            <MSFT:SupportedValues low="0" high="1"></MSFT:SupportedValues>
+            <MSFT:ADMXMapped>WindowsUpdate.admx</MSFT:ADMXMapped>
+            <MSFT:ADMXMappedElement>ConfigureDeadlineNoAutoReboot</MSFT:ADMXMappedElement>
+            <MSFT:ADMXCategory>WindowsUpdate~AT~WindowsComponents~WindowsUpdateCat</MSFT:ADMXCategory>
+            <MSFT:ADMXPolicyName>ConfigureDeadlineNoAutoReboot</MSFT:ADMXPolicyName>
+            <MSFT:ConflictResolution>HighestValueMostSecure</MSFT:ConflictResolution>
+          </DFProperties>
+        </Node>
         <Node>
           <NodeName>ConfigureFeatureUpdateUninstallPeriod</NodeName>
           <DFProperties>
@@ -75715,6 +78792,60 @@ Because of these factors, users do not usually need this user right. Warning: If
             <DDFName></DDFName>
           </DFType>
         </DFProperties>
+        <Node>
+          <NodeName>AllowAutomaticRestartSignOn</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Get />
+            </AccessType>
+            <DefaultValue></DefaultValue>
+            <Description></Description>
+            <DFFormat>
+              <chr/>
+            </DFFormat>
+            <Occurrence>
+              <One />
+            </Occurrence>
+            <Scope>
+              <Permanent />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+            <MSFT:NotSupportedOnPlatform>phone</MSFT:NotSupportedOnPlatform>
+            <MSFT:ADMXBacked>WinLogon.admx</MSFT:ADMXBacked>
+            <MSFT:ADMXCategory>WinLogon~AT~WindowsComponents~Logon</MSFT:ADMXCategory>
+            <MSFT:ADMXPolicyName>AutomaticRestartSignOn</MSFT:ADMXPolicyName>
+            <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
+          </DFProperties>
+        </Node>
+        <Node>
+          <NodeName>ConfigAutomaticRestartSignOn</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Get />
+            </AccessType>
+            <DefaultValue></DefaultValue>
+            <Description></Description>
+            <DFFormat>
+              <chr/>
+            </DFFormat>
+            <Occurrence>
+              <One />
+            </Occurrence>
+            <Scope>
+              <Permanent />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+            <MSFT:NotSupportedOnPlatform>phone</MSFT:NotSupportedOnPlatform>
+            <MSFT:ADMXBacked>WinLogon.admx</MSFT:ADMXBacked>
+            <MSFT:ADMXCategory>WinLogon~AT~WindowsComponents~Logon</MSFT:ADMXCategory>
+            <MSFT:ADMXPolicyName>ConfigAutomaticRestartSignOn</MSFT:ADMXPolicyName>
+            <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
+          </DFProperties>
+        </Node>
         <Node>
           <NodeName>DisableLockScreenAppNotifications</NodeName>
           <DFProperties>
@@ -75769,6 +78900,41 @@ Because of these factors, users do not usually need this user right. Warning: If
             <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
           </DFProperties>
         </Node>
+        <Node>
+          <NodeName>EnableFirstLogonAnimation</NodeName>
+          <DFProperties>
+            <AccessType>
+              <Get />
+            </AccessType>
+            <DefaultValue>1</DefaultValue>
+            <Description>This policy setting allows you to control whether users see the first sign-in animation when signing in to the computer for the first time.  This applies to both the first user of the computer who completes the initial setup and users who are added to the computer later.  It also controls if Microsoft account users will be offered the opt-in prompt for services during their first sign-in.
+
+If you enable this policy setting, Microsoft account users will see the opt-in prompt for services, and users with other accounts will see the sign-in animation.
+
+If you disable this policy setting, users will not see the animation and Microsoft account users will not see the opt-in prompt for services.
+
+If you do not configure this policy setting, the user who completes the initial Windows setup will see the animation during their first sign-in. If the first user had already completed the initial setup and this policy setting is not configured, users new to this computer will not see the animation.
+
+Note: The first sign-in animation will not be shown on Server, so this policy will have no effect.</Description>
+            <DFFormat>
+              <int/>
+            </DFFormat>
+            <Occurrence>
+              <One />
+            </Occurrence>
+            <Scope>
+              <Permanent />
+            </Scope>
+            <DFType>
+              <MIME>text/plain</MIME>
+            </DFType>
+            <MSFT:SupportedValues low="0" high="1"></MSFT:SupportedValues>
+            <MSFT:ADMXMapped>Logon.admx</MSFT:ADMXMapped>
+            <MSFT:ADMXCategory>Logon~AT~System~Logon</MSFT:ADMXCategory>
+            <MSFT:ADMXPolicyName>EnableFirstLogonAnimation</MSFT:ADMXPolicyName>
+            <MSFT:ConflictResolution>HighestValueMostSecure</MSFT:ConflictResolution>
+          </DFProperties>
+        </Node>
         <Node>
           <NodeName>EnumerateLocalUsersOnDomainJoinedComputers</NodeName>
           <DFProperties>
@@ -75823,33 +78989,6 @@ Because of these factors, users do not usually need this user right. Warning: If
             <MSFT:ConflictResolution>HighestValueMostSecure</MSFT:ConflictResolution>
           </DFProperties>
         </Node>
-        <Node>
-          <NodeName>SignInLastInteractiveUserAutomaticallyAfterASystemInitiatedRestart</NodeName>
-          <DFProperties>
-            <AccessType>
-              <Get />
-            </AccessType>
-            <DefaultValue></DefaultValue>
-            <Description></Description>
-            <DFFormat>
-              <chr/>
-            </DFFormat>
-            <Occurrence>
-              <One />
-            </Occurrence>
-            <Scope>
-              <Permanent />
-            </Scope>
-            <DFType>
-              <MIME>text/plain</MIME>
-            </DFType>
-            <MSFT:NotSupportedOnPlatform>phone</MSFT:NotSupportedOnPlatform>
-            <MSFT:ADMXBacked>WinLogon.admx</MSFT:ADMXBacked>
-            <MSFT:ADMXCategory>WinLogon~AT~WindowsComponents~Logon</MSFT:ADMXCategory>
-            <MSFT:ADMXPolicyName>AutomaticRestartSignOn</MSFT:ADMXPolicyName>
-            <MSFT:ConflictResolution>LastWrite</MSFT:ConflictResolution>
-          </DFProperties>
-        </Node>
       </Node>
       <Node>
         <NodeName>WindowsPowerShell</NodeName>
@@ -76131,4 +79270,5 @@ Because of these factors, users do not usually need this user right. Warning: If
     </Node>
   </Node>
 </MgmtTree>
+
 ```
\ No newline at end of file

From 24d1a3580a3d885a34fba43c933b06856268f402 Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Tue, 21 May 2019 15:14:16 -0700
Subject: [PATCH 126/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services.md

---
 ...system-components-to-microsoft-services.md | 26 +++++++------------
 1 file changed, 10 insertions(+), 16 deletions(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
index 20fbde70de..d0ed5f7a11 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
@@ -727,7 +727,7 @@ To remove the XBOX app:
 
   -and-
 
-    Remove the app for the current user. From an elevated command prompt, run the following Windows PowerShell command: **Get-AppxPackage Microsoft.XboxApp | Remove-AppxPackage**
+- Remove the app for the current user. From an elevated command prompt, run the following Windows PowerShell command: **Get-AppxPackage Microsoft.XboxApp | Remove-AppxPackage**
 
 To remove the Sway app:
 
@@ -739,7 +739,7 @@ To remove the Sway app:
 
   -and-
 
-    Remove the app for the current user. From an elevated command prompt, run the following Windows PowerShell command: **Get-AppxPackage Microsoft.Office.Sway | Remove-AppxPackage**
+- Remove the app for the current user. From an elevated command prompt, run the following Windows PowerShell command: **Get-AppxPackage Microsoft.Office.Sway | Remove-AppxPackage**
 
 To remove the OneNote app:
 
@@ -747,7 +747,7 @@ To remove the OneNote app:
 
   -and-
 
-    Remove the app for the current user. From an elevated command prompt, run the following Windows PowerShell command: **Get-AppxPackage Microsoft.Office.OneNote | Remove-AppxPackage**
+- Remove the app for the current user. From an elevated command prompt, run the following Windows PowerShell command: **Get-AppxPackage Microsoft.Office.OneNote | Remove-AppxPackage**
 
 To remove the Get Office app:
 
@@ -759,7 +759,7 @@ To remove the Get Office app:
 
   -and-
 
-    Remove the app for the current user. From an elevated command prompt, run the following Windows PowerShell command: **Get-AppxPackage Microsoft.MicrosoftOfficeHub | Remove-AppxPackage**
+- Remove the app for the current user. From an elevated command prompt, run the following Windows PowerShell command: **Get-AppxPackage Microsoft.MicrosoftOfficeHub | Remove-AppxPackage**
 
 To remove the Get Skype app:
 
@@ -771,7 +771,7 @@ To remove the Get Skype app:
 
   -and-
 
-    Remove the app for the current user. From an elevated command prompt, run the following Windows PowerShell command: **Get-AppxPackage Microsoft.SkypeApp | Remove-AppxPackage**
+- Remove the app for the current user. From an elevated command prompt, run the following Windows PowerShell command: **Get-AppxPackage Microsoft.SkypeApp | Remove-AppxPackage**
 
 To remove the Sticky notes app:
 
@@ -779,7 +779,7 @@ To remove the Sticky notes app:
 
   -and-
 
-    Remove the app for the current user. From an elevated command prompt, run the following Windows PowerShell command: **Get-AppxPackage Microsoft.MicrosoftStickyNotes | Remove-AppxPackage**
+- Remove the app for the current user. From an elevated command prompt, run the following Windows PowerShell command: **Get-AppxPackage Microsoft.MicrosoftStickyNotes | Remove-AppxPackage**
 
 ### <a href="" id="bkmk-settingssection"></a>18. Settings &gt; Privacy
 
@@ -955,9 +955,7 @@ To turn off **Location**:
   
   -or-
   
-- **Enable** the Group Policy: **Computer Configuration** &gt; **Administrative Templates** &gt; **Windows Components** &gt; **App Privacy** &gt; **Let Windows apps access location**
-
-  - Set the **Select a setting** box to **Force Deny**.
+- **Enable** the Group Policy: **Computer Configuration** &gt; **Administrative Templates** &gt; **Windows Components** &gt; **App Privacy** &gt; **Let Windows apps access location** and set the **Select a setting** box to **Force Deny**.
 
   -or-
 
@@ -1211,9 +1209,7 @@ To turn off **Let apps make phone calls**:
 
   -or-
 
-- Apply the Group Policy: **Computer Configuration** &gt; **Administrative Templates** &gt; **Windows Components** &gt; **App Privacy** &gt; **Let Windows apps make phone calls**
-
-  - Set the **Select a setting** box to **Force Deny**.
+- Apply the Group Policy: **Computer Configuration** &gt; **Administrative Templates** &gt; **Windows Components** &gt; **App Privacy** &gt; **Let Windows apps make phone calls** and set the **Select a setting** box to **Force Deny**.
 
   -or-
 
@@ -1234,9 +1230,7 @@ To turn off **Let apps control radios**:
 
   -or-
 
-- Apply the Group Policy: **Computer Configuration** &gt; **Administrative Templates** &gt; **Windows Components** &gt; **App Privacy** &gt; **Let Windows apps control radios**
-
-  - Set the **Select a setting** box to **Force Deny**.
+- Apply the Group Policy: **Computer Configuration** &gt; **Administrative Templates** &gt; **Windows Components** &gt; **App Privacy** &gt; **Let Windows apps control radios** and set the **Select a setting** box to **Force Deny**.
 
   -or-
 
@@ -1500,7 +1494,7 @@ To turn this Off in the UI:
 
 ### <a href="" id="bkmk-spp"></a>19. Software Protection Platform
 
-  Enterprise customers can manage their Windows activation status with volume licensing using an on-premises Key Management Server. You can opt out of sending KMS client activation data to Microsoft automatically by doing one of the following:
+Enterprise customers can manage their Windows activation status with volume licensing using an on-premises Key Management Server. You can opt out of sending KMS client activation data to Microsoft automatically by doing one of the following:
 
   **For Windows 10:**
 

From 1c7758972ba1b8cb9e670bd9f10da35dfd4d3bad Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Tue, 21 May 2019 15:17:26 -0700
Subject: [PATCH 127/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services.md

---
 ...perating-system-components-to-microsoft-services.md | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
index d0ed5f7a11..ef5baca3de 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
@@ -675,7 +675,7 @@ To remove the News app:
 
   -and-
 
-    Remove the app for the current user. From an elevated command prompt, run the following Windows PowerShell command: **Get-AppxPackage Microsoft.BingNews | Remove-AppxPackage**
+- Remove the app for the current user. From an elevated command prompt, run the following Windows PowerShell command: **Get-AppxPackage Microsoft.BingNews | Remove-AppxPackage**
 
 To remove the Weather app:
 
@@ -683,7 +683,7 @@ To remove the Weather app:
 
   -and-
 
-    Remove the app for the current user. From an elevated command prompt, run the following Windows PowerShell command: **Get-AppxPackage Microsoft.BingWeather | Remove-AppxPackage**
+- Remove the app for the current user. From an elevated command prompt, run the following Windows PowerShell command: **Get-AppxPackage Microsoft.BingWeather | Remove-AppxPackage**
 
 To remove the Money app:
 
@@ -695,7 +695,7 @@ To remove the Money app:
 
   -and-
 
-    Remove the app for the current user. From an elevated command prompt, run the following Windows PowerShell command: **Get-AppxPackage Microsoft.BingFinance | Remove-AppxPackage**
+- Remove the app for the current user. From an elevated command prompt, run the following Windows PowerShell command: **Get-AppxPackage Microsoft.BingFinance | Remove-AppxPackage**
 
 To remove the Sports app:
 
@@ -707,7 +707,7 @@ To remove the Sports app:
 
   -and-
 
-    Remove the app for the current user. From an elevated command prompt, run the following Windows PowerShell command: **Get-AppxPackage Microsoft.BingSports | Remove-AppxPackage**
+- Remove the app for the current user. From an elevated command prompt, run the following Windows PowerShell command: **Get-AppxPackage Microsoft.BingSports | Remove-AppxPackage**
 
 To remove the Twitter app:
 
@@ -719,7 +719,7 @@ To remove the Twitter app:
 
   -and-
 
-    Remove the app for the current user. From an elevated command prompt, run the following Windows PowerShell command: **Get-AppxPackage \*.Twitter | Remove-AppxPackage**
+- Remove the app for the current user. From an elevated command prompt, run the following Windows PowerShell command: **Get-AppxPackage \*.Twitter | Remove-AppxPackage**
 
 To remove the XBOX app:
 

From 0d285ef718c0834835df1f93a9f1f3a332341fe2 Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Tue, 21 May 2019 15:24:22 -0700
Subject: [PATCH 128/157] Update manage-windows-1903-endpoints.md

---
 windows/privacy/manage-windows-1903-endpoints.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/windows/privacy/manage-windows-1903-endpoints.md b/windows/privacy/manage-windows-1903-endpoints.md
index 1279552d91..eb0dfe93cd 100644
--- a/windows/privacy/manage-windows-1903-endpoints.md
+++ b/windows/privacy/manage-windows-1903-endpoints.md
@@ -98,7 +98,8 @@ The following methodology was used to derive these network endpoints:
 |Microsoft forward link redirection service (FWLink)|The following endpoint is used by the Microsoft forward link redirection service (FWLink) to redirect permanent web links to their actual, sometimes transitory, URL. FWlinks are similar to URL shorteners, just longer. If you disable this endpoint, Windows Defender won't be able to update its malware definitions; links from Windows and other Microsoft products to the Web won't work; and PowerShell updateable Help won't update. To disable the traffic, instead disable the traffic that's getting forwarded.|HTTPS|go.microsoft.com|
 |Microsoft Store|The following endpoint is used for the Windows Push Notification Services (WNS). WNS enables third-party developers to send toast, tile, badge, and raw updates from their own cloud service. This provides a mechanism to deliver new updates to your users in a power-efficient and dependable way. If you turn off traffic for this endpoint, push notifications will no longer work, including MDM device management, mail synchronization, settings synchronization.|HTTPS|*.wns.windows.com|
 ||The following endpoint is used to revoke licenses for malicious apps in the Microsoft Store. To turn off traffic for this endpoint, either uninstall the app or disable the Microsoft Store. If you disable the Microsoft Store, other Microsoft Store apps cannot be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious apps and users will still be able to open them.|HTTP|storecatalogrevocation.storequality.microsoft.com|
-||The following endpoint is used to download image files that are called when applications run (Microsoft Store or Inbox MSN Apps). If you turn off traffic for these endpoints, the image files won't be downloaded, and apps cannot be installed or updated from the Microsoft Store. Additionally, the Microsoft Store won't be able to revoke malicious apps and users will still be able to open them.|HTTPS|img-prod-cms-rt-microsoft-com*|HTTPS|store-images.microsoft.com|
+||The following endpoint is used to download image files that are called when applications run (Microsoft Store or Inbox MSN Apps). If you turn off traffic for these endpoints, the image files won't be downloaded, and apps cannot be installed or updated from the Microsoft Store. Additionally, the Microsoft Store won't be able to revoke malicious apps and users will still be able to open them.|HTTPS|img-prod-cms-rt-microsoft-com*|
+|||HTTPS|store-images.microsoft.com|
 ||The following endpoints are used to communicate with Microsoft Store. If you turn off traffic for these endpoints, apps cannot be installed or updated from the Microsoft Store. Additionally, the Microsoft Store won't be able to revoke malicious apps and users will still be able to open them.|TLS v1.2|*.md.mp.microsoft.com*|
 |||HTTPS|*displaycatalog.mp.microsoft.com|
 |||HTTP \ HTTPS|pti.store.microsoft.com|

From c4b240236f25b339b3cc02658c977df5139d2895 Mon Sep 17 00:00:00 2001
From: ManikaDhiman <v-madhi@microsoft.com>
Date: Tue, 21 May 2019 15:32:10 -0700
Subject: [PATCH 129/157] Updated links

---
 .../mdm/new-in-windows-mdm-enrollment-management.md           | 4 ++++
 windows/client-management/mdm/policy-ddf-file.md              | 2 +-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md b/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md
index ab44a155b2..2bcf6c8cab 100644
--- a/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md
+++ b/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md
@@ -54,6 +54,9 @@ For details about Microsoft mobile device management protocols for Windows 10 s
   - [What is dmwappushsvc?](#what-is-dmwappushsvc)
 
 - **Change history in MDM documentation**
+    - [May 2019](#may-2019)
+    - [April 2019](#april-2019)
+    - [March 2019](#march-2019)
     - [February 2019](#february-2019)
     - [January 2019](#january-2019)
     - [December 2018](#december-2018)
@@ -1860,6 +1863,7 @@ What data is handled by dmwappushsvc? | It is a component handling the internal
 How do I turn if off? | The service can be stopped from the "Services" console on the device (Start > Run > services.msc). However, since this is a component part of the OS and  required for the proper functioning of the device, we strongly recommend not to do this. |
 
 ## Change history in MDM documentation
+
 ### May 2019
 
 |New or updated topic | Description|
diff --git a/windows/client-management/mdm/policy-ddf-file.md b/windows/client-management/mdm/policy-ddf-file.md
index 86088f08cb..7fe51e91b2 100644
--- a/windows/client-management/mdm/policy-ddf-file.md
+++ b/windows/client-management/mdm/policy-ddf-file.md
@@ -19,7 +19,7 @@ This topic shows the OMA DM device description framework (DDF) for the **Policy*
 
 You can download the DDF files from the links below:
 
-- [Download the Policy DDF file for Windows 10, version 1803](http://download.microsoft.com/download/7/3/5/735B8537-82F4-4CD1-B059-93984F9FAAC5/PolicyDDF_all_1809.xml)
+- [Download the Policy DDF file for Windows 10, version 1809](http://download.microsoft.com/download/7/3/5/735B8537-82F4-4CD1-B059-93984F9FAAC5/PolicyDDF_all_1809.xml)
 - [Download the Policy DDF file for Windows 10, version 1803](https://download.microsoft.com/download/4/9/6/496534EE-8F0C-4F12-B084-A8502DA22430/PolicyDDF_all.xml)
 - [Download the Policy DDF file for Windows 10, version 1803 release C](http://download.microsoft.com/download/4/9/6/496534EE-8F0C-4F12-B084-A8502DA22430/PolicyDDF_all_1809C_release.xml)
 - [Download the Policy DDF file for Windows 10, version 1709](https://download.microsoft.com/download/8/C/4/8C43C116-62CB-470B-9B69-76A3E2BC32A8/PolicyDDF_all.xml)

From 3d5e16c80282d14445e83a15dc9e4cba0c8e86da Mon Sep 17 00:00:00 2001
From: Justin Hall <justinha@microsoft.com>
Date: Tue, 21 May 2019 15:44:18 -0700
Subject: [PATCH 130/157] edits

---
 ...istration-in-windows-defender-application-control-policy.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/windows-defender-application-control/allow-com-object-registration-in-windows-defender-application-control-policy.md b/windows/security/threat-protection/windows-defender-application-control/allow-com-object-registration-in-windows-defender-application-control-policy.md
index 68a3ab2dcd..c33eca6f6f 100644
--- a/windows/security/threat-protection/windows-defender-application-control/allow-com-object-registration-in-windows-defender-application-control-policy.md
+++ b/windows/security/threat-protection/windows-defender-application-control/allow-com-object-registration-in-windows-defender-application-control-policy.md
@@ -7,7 +7,7 @@ ms.sitesec: library
 ms.pagetype: security
 ms.localizationpriority: medium
 author: mdsakibMSFT
-ms.date: 05/17/2019
+ms.date: 05/21/2019
 ---
 
 # Allow COM object registration in a Windows Defender Application Control policy
@@ -64,6 +64,7 @@ Example 2: Blocks a specific COM object from being registered via Internet Explo
     <Boolean>false</Boolean>
   </Value>
 </Setting>
+```
 
 Example 3: Allows a specific COM object to register in PowerShell
 

From 02fccdfe189c97e11c59aaa66c3f2c42f6403db0 Mon Sep 17 00:00:00 2001
From: ManikaDhiman <v-madhi@microsoft.com>
Date: Tue, 21 May 2019 15:52:12 -0700
Subject: [PATCH 131/157] Minor updates

---
 .../mdm/new-in-windows-mdm-enrollment-management.md             | 2 +-
 .../mdm/policy-configuration-service-provider.md                | 2 --
 windows/client-management/mdm/policy-ddf-file.md                | 2 --
 3 files changed, 1 insertion(+), 5 deletions(-)

diff --git a/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md b/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md
index 2bcf6c8cab..c2d80ef496 100644
--- a/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md
+++ b/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md
@@ -95,7 +95,7 @@ For details about Microsoft mobile device management protocols for Windows 10 s
 <li>[DeliveryOptimization/DODelayCacheServerFallbackBackground](policy-csp-deliveryoptimization.md#deliveryoptimization-dodelaycacheserverfallbackbackground)</li>
 <li>[DeliveryOptimization/DODelayCacheServerFallbackForeground](policy-csp-deliveryoptimization.md#deliveryoptimization-dodelaycacheserverfallbackforeground)</li>
 <li>[Experience/ShowLockOnUserTile](policy-csp-experience.md#experience-showlockonusertile)</li>
-<li>[InternetExplorer/AllowEnhancedSuggestionsInAddressBar]((policy-csp-internetexplorer.md#internetexplorer-allowenhancedsuggestionsinaddressbar)</li>
+<li>[InternetExplorer/AllowEnhancedSuggestionsInAddressBar](policy-csp-internetexplorer.md#internetexplorer-allowenhancedsuggestionsinaddressbar)</li>
 <li>[InternetExplorer/DisableActiveXVersionListAutoDownload](policy-csp-internetexplorer.md#internetexplorer-disableactivexversionlistautodownload)</li>
 <li>[InternetExplorer/DisableCompatView](policy-csp-internetexplorer.md#internetexplorer-disablecompatview)</li>
 <li>[InternetExplorer/DisableFeedsBackgroundSync](policy-csp-internetexplorer.md#internetexplorer-disablefeedsbackgroundsync)</li>
diff --git a/windows/client-management/mdm/policy-configuration-service-provider.md b/windows/client-management/mdm/policy-configuration-service-provider.md
index d909560292..586c0e380e 100644
--- a/windows/client-management/mdm/policy-configuration-service-provider.md
+++ b/windows/client-management/mdm/policy-configuration-service-provider.md
@@ -12,8 +12,6 @@ ms.date: 05/01/2019
 
 # Policy CSP
 
-> [!WARNING]
-> Some information relates to prereleased products, which may be substantially modified before it's commercially released. Microsoft makes no warranties, expressed or implied, concerning the information provided here.
 
 The Policy configuration service provider enables the enterprise to configure policies on Windows 10. Use this configuration service provider to configure any company policies.
 
diff --git a/windows/client-management/mdm/policy-ddf-file.md b/windows/client-management/mdm/policy-ddf-file.md
index 7fe51e91b2..7508d7364c 100644
--- a/windows/client-management/mdm/policy-ddf-file.md
+++ b/windows/client-management/mdm/policy-ddf-file.md
@@ -12,8 +12,6 @@ ms.date: 05/21/2019
 
 # Policy DDF file
 
-> [!WARNING]
-> Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
 
 This topic shows the OMA DM device description framework (DDF) for the **Policy** configuration service provider. DDF files are used only with OMA DM provisioning XML.
 

From f8cf4bb572c4729830de4412bbab205763ed854c Mon Sep 17 00:00:00 2001
From: DocsPreview <49669258+DocsPreview@users.noreply.github.com>
Date: Tue, 21 May 2019 17:36:58 -0700
Subject: [PATCH 132/157] Latest updates for 1903 product version (#260)

---
 .../status-windows-10-1903.yml                | 40 +++++++++----------
 1 file changed, 20 insertions(+), 20 deletions(-)

diff --git a/windows/release-information/status-windows-10-1903.yml b/windows/release-information/status-windows-10-1903.yml
index a98c7d3ed7..6f5714b4dd 100644
--- a/windows/release-information/status-windows-10-1903.yml
+++ b/windows/release-information/status-windows-10-1903.yml
@@ -65,18 +65,18 @@ sections:
   - type: markdown
     text: "<div>This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.</div><br>
       <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Last updated</td></tr>
-      <tr><td><div id='439msg'></div><b>Display brightness may not respond to adjustments</b><br>Microsoft and Intel have identified a driver compatibility issue on devices configured with certain Intel drivers.<br><br><a href = '#439msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Investigating<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>07:56 AM PT</td></tr>
-      <tr><td><div id='426msg'></div><b>Duplicate folders and documents showing in user profile directory</b><br>If known folders (e.g. Desktop, Documents, or Pictures folders) are redirected, an empty folder with that same name may be created.<br><br><a href = '#426msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Investigating<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>07:35 AM PT</td></tr>
+      <tr><td><div id='448msg'></div><b>Display brightness may not respond to adjustments</b><br>Microsoft and Intel have identified a driver compatibility issue on devices configured with certain Intel display drivers.<br><br><a href = '#448msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Investigating<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>04:47 PM PT</td></tr>
       <tr><td><div id='433msg'></div><b>Audio not working with Dolby Atmos headphones and home theater </b><br>Users may experience audio loss with Dolby Atmos headphones or Dolby Atmos home theater.<br><br><a href = '#433msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Investigating<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>07:17 AM PT</td></tr>
-      <tr><td><div id='440msg'></div><b>Intel Audio displays an intcdaud.sys notification</b><br>Microsoft and Intel have identified an issue with a range of Intel Display Audio device drivers that may result in battery drain.  <br><br><a href = '#440msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>08:34 AM PT</td></tr>
-      <tr><td><div id='425msg'></div><b>Error attempting to update with external USB device or memory card attached </b><br>PCs with an external USB device or SD memory card attached may get error: \"This PC can't be upgraded to Windows 10.\"<br><br><a href = '#425msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>07:38 AM PT</td></tr>
+      <tr><td><div id='426msg'></div><b>Duplicate folders and documents showing in user profile directory</b><br>If known folders (e.g. Desktop, Documents, or Pictures folders) are redirected, an empty folder with that same name may be created.<br><br><a href = '#426msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Investigating<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>07:16 AM PT</td></tr>
+      <tr><td><div id='442msg'></div><b>Error attempting to update with external USB device or memory card attached </b><br>PCs with an external USB device or SD memory card attached may get error: \"This PC can't be upgraded to Windows 10.\"<br><br><a href = '#442msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>04:49 PM PT</td></tr>
+      <tr><td><div id='450msg'></div><b>Unable to discover or connect to Bluetooth devices</b><br>Microsoft has identified compatibility issues with some versions of Realtek and Qualcomm Bluetooth radio drivers.<br><br><a href = '#450msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>04:48 PM PT</td></tr>
+      <tr><td><div id='449msg'></div><b>Night light settings do not apply in some cases</b><br>Microsoft has identified some scenarios where night light settings may stop working.<br><br><a href = '#449msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>04:48 PM PT</td></tr>
+      <tr><td><div id='447msg'></div><b>Intel Audio displays an intcdaud.sys notification</b><br>Microsoft and Intel have identified an issue with a range of Intel Display Audio device drivers that may result in battery drain.  <br><br><a href = '#447msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>04:47 PM PT</td></tr>
+      <tr><td><div id='446msg'></div><b>Cannot launch Camera app </b><br>Microsoft and Intel have identified an issue affecting Intel RealSense SR300 or Intel RealSense S200 camera apps.<br><br><a href = '#446msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>04:47 PM PT</td></tr>
+      <tr><td><div id='445msg'></div><b>Intermittent loss of Wi-Fi connectivity</b><br>Some older devices may experience loss of Wi-Fi connectivity due to an outdated Qualcomm driver. <br><br><a href = '#445msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>04:46 PM PT</td></tr>
+      <tr><td><div id='443msg'></div><b>AMD RAID driver incompatibility  </b><br>Installation process may stop when trying to install Windows 10, version 1903 update on computers that run certain versions of AMD RAID drivers.<br><br><a href = '#443msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>04:45 PM PT</td></tr>
+      <tr><td><div id='444msg'></div><b>D3D applications and games may fail to enter full-screen mode on rotated displays</b><br>Some Direct3D (D3D) applications and games may fail to enter full-screen mode on rotated displays.<br><br><a href = '#444msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>04:45 PM PT</td></tr>
       <tr><td><div id='427msg'></div><b>Older versions of BattlEye anti-cheat software incompatible</b><br>Microsoft and BattlEye have identified a compatibility issue with some games that use older versions of BattlEye anti-cheat software.<br><br><a href = '#427msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>07:34 AM PT</td></tr>
-      <tr><td><div id='428msg'></div><b>Unable to discover or connect to Bluetooth devices</b><br>Microsoft has identified compatibility issues with some versions of Realtek and Qualcomm Bluetooth radio drivers.<br><br><a href = '#428msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>07:29 AM PT</td></tr>
-      <tr><td><div id='429msg'></div><b>Night light settings do not apply in some cases</b><br>Microsoft has identified some scenarios where night light settings may stop working.<br><br><a href = '#429msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>07:28 AM PT</td></tr>
-      <tr><td><div id='432msg'></div><b>Cannot launch Camera app </b><br>Microsoft and Intel have identified an issue affecting Intel RealSense SR300 or Intel RealSense S200 camera apps.<br><br><a href = '#432msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>07:20 AM PT</td></tr>
-      <tr><td><div id='434msg'></div><b>Intermittent Wi-Fi connectivity loss</b><br>Some older devices may experience losing Wi-Fi connectivity due to an outdated Qualcomm driver. <br><br><a href = '#434msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>07:13 AM PT</td></tr>
-      <tr><td><div id='435msg'></div><b>AMD RAID driver incompatibility  </b><br>Installation process may stop when trying to instal Windows 10, version 1903 update on computers that run certain versions of AMD RAID drivers.<br><br><a href = '#435msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>07:12 AM PT</td></tr>
-      <tr><td><div id='436msg'></div><b>D3D applications and games may fail to enter full-screen mode on rotated displays</b><br>Some Direct 3D (D3D) applications and games may fail to enter full-screen mode on rotated displays.<br><br><a href = '#436msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>07:05 AM PT</td></tr>
       </table>
       "
 
@@ -92,17 +92,17 @@ sections:
   - type: markdown
     text: "
       <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='439msgdesc'></div><b>Display brightness may not respond to adjustments</b><div>Microsoft and Intel have identified a driver compatibility issue on devices configured with certain Intel drivers. After updating to Window 10, version 1903, brightness settings may sometime appear as if changes applied took effect, yet the actual display brightness doesn't change.</div><div><br></div><div>To safeguard your update experience, we have applied a compatibility hold on devices with certain Intel drivers from being offered Windows 10, version 1903, until&nbsp;this issue is resolved.</div><div>&nbsp;</div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Workaround: </strong>Restart your device to apply changes to brightness.</div><div><br></div><div><strong>Next steps: </strong>We are working on a resolution that will be made available in upcoming release.</div><div><strong>Note</strong> We recommend that you do not attempt to manually update using the <strong>Update now</strong> button or the Media Creation Tool until this issue has been resolved.</div><div>&nbsp;</div><br><a href ='#439msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Investigating<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>07:56 AM PT<br><br>Opened:<br>May 21, 2019 <br>07:56 AM PT</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='426msgdesc'></div><b>Duplicate folders and documents showing in user profile directory</b><div>If you have redirected known folders (e.g. Desktop, Documents, or Pictures folders) you may see an empty folder with the same name in your %userprofile% directories after updating to Windows 10, version 1903. This may occur if known folders were redirected when you chose to back up your content to OneDrive using the OneDrive wizard, or if you chose to back up your content during the Windows Out-of-Box-Experience (OOBE). This may also occur if you redirected your known folders manually through the Properties dialog box in File Explorer. ​This issue does not cause any user files to be deleted and a solution is in progress.</div><div><br></div><div>To safeguard your update experience, we have applied a quality hold on devices with redirected known folders from being offered Windows 10, version 1903, until&nbsp;this issue is resolved.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Next steps: </strong>Microsoft is working on a resolution and estimates a solution will be available in late May.</div><div><strong>Note </strong>We recommend that you do not attempt to manually update to Windows 10, version 1903 using the <strong>Update now</strong> button or the Media Creation Tool until this issue has been resolved.</div><br><a href ='#426msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Investigating<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>07:35 AM PT<br><br>Opened:<br>May 21, 2019 <br>07:35 AM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='448msgdesc'></div><b>Display brightness may not respond to adjustments</b><div>Microsoft and Intel have identified a driver compatibility issue on devices configured with certain Intel display drivers. After updating to Window 10, version 1903, brightness settings may sometime appear as if changes applied took effect, yet the actual display brightness doesn't change.</div><div><br></div><div>To safeguard your update experience, we have applied a compatibility hold on devices with certain Intel drivers from being offered Windows 10, version 1903, until&nbsp;this issue is resolved.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Workaround: </strong>Restart your device to apply changes to brightness.</div><div><br></div><div><strong>Note</strong> We recommend that you do not attempt to manually update using the <strong>Update now</strong> button or the Media Creation Tool until this issue has been resolved.</div><div><br></div><div><strong>Next steps: </strong>We are working on a resolution that will be made available in upcoming release.</div><br><a href ='#448msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Investigating<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>04:47 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:56 AM PT</td></tr>
       <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='433msgdesc'></div><b>Audio not working with Dolby Atmos headphones and home theater </b><div>After updating to Windows 10, version 1903, you may experience loss of audio with Dolby Atmos for home theater (free extension) or Dolby Atmos for headphones (paid extension) acquired through the Microsoft Store due to a licensing configuration error.</div><div>&nbsp;</div><div>This occurs due to an issue with a Microsoft Store licensing component, where license holders are not able to connect to the Dolby Access app and enable Dolby Atmos extensions.</div><div>&nbsp;</div><div>To safeguard your update experience, we have applied protective hold on devices from being offered Windows 10, version 1903 until&nbsp;this issue is resolved. This configuration error will not result in loss of access for the acquired license once the problem is resolved.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Next steps: </strong>We are working on a resolution for Microsoft Store and estimate a solution will be available in mid-June.</div><div><strong>Note</strong> We recommend you do not attempt to manually update using the <strong>Update now</strong> button or the Media Creation Tool until this issue has been resolved.&nbsp;</div><br><a href ='#433msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Investigating<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>07:17 AM PT<br><br>Opened:<br>May 21, 2019 <br>07:16 AM PT</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='440msgdesc'></div><b>Intel Audio displays an intcdaud.sys notification</b><div>Microsoft and Intel have identified an issue with a range of Intel Display Audio device drivers that may result in higher than normal battery drain.&nbsp;If you see an <strong>intcdaud.sys</strong> notification or “What needs your attention” notification when trying to update to the latest Windows feature update, you have an Intel Audio Display device driver (intcdaud.sys, versions 10.25.0.3 through 10.25.0.8) installed on your machine.</div><div>&nbsp;&nbsp;</div><div>To safeguard your update experience, we have applied a compatibility hold on devices with drivers from being offered Windows 10, version 1903 until&nbsp;updated device drivers have been installed.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903; Windows 10, version 1809</li></ul><div></div><div><strong>Workaround:</strong></div><div>On the “What needs your attention\" notification, click the <strong>Back </strong>button to remain on your current version of Windows 10. (Do not click <strong>Confirm</strong> as this will proceed with the update and you may experience compatibility issues.)&nbsp;Affected devices will automatically revert to the previous working configuration.</div><div><br></div><div>For more information, see <a href=\"https://www.intel.com/content/www/us/en/support/articles/000030792/graphics-drivers.html\" target=\"_blank\">Intel's customer support guidance</a> and the Microsoft knowledge base article <a href=\"https://support.microsoft.com/help/4465877\" target=\"_blank\">KB4465877</a>.</div><div><br></div><div><strong>Next steps: </strong>You can opt to wait for newer drivers to be installed automatically through Windows Update or check with the computer manufacturer for the latest device driver software availability and installation procedures.</div><div><strong>Note</strong> We recommend you do not attempt to update your devices until newer device drivers are installed.</div><br><a href ='#440msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>08:34 AM PT<br><br>Opened:<br>May 21, 2019 <br>07:22 AM PT</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='425msgdesc'></div><b>Error attempting to update with external USB device or memory card attached </b><div>If you have an external USB device or SD memory card attached when installing Windows 10, version 1903, you may get an error message stating \"This PC can't be upgraded to Windows 10.\" This is caused by inappropriate drive reassignment during installation.</div><div><br></div><div>Sample scenario: An update to Windows 10, 1903 is attempted on a computer that has a thumb drive inserted into its USB port. Before the update, the thumb drive is mounted in the system as drive G based on the existing drive configuration. After the feature update is installed; however, the device is&nbsp;reassigned a different drive letter (e.g., drive H).</div><div><br></div><div><strong>Note</strong> The drive reassignment is not limited to removable drives. Internal hard drives may also be affected.</div><div><br></div><div>To safeguard your update experience, we have applied a hold on devices with an external USB device or SD memory card attached from being offered Windows 10, version 1903 until&nbsp;this issue is resolved.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Workaround: </strong>To work around this issue, remove&nbsp;all external media, such as USB devices and SD cards, from your computer and restart installation of the Windows 10, version 1903 feature update. The update should then proceed normally.</div><div><br></div><div><strong>Next steps: </strong>Microsoft is working on a resolution and estimate a solution will be available in late May.</div><div><strong>Note </strong>If you need to keep your external device, SD memory card, or other devices attached to your computer while updating, we recommend that you do not attempt to manually update to Windows 10, version 1903 using the <strong>Update now </strong>button or the Media Creation Tool until this issue has been resolved.</div><br><a href ='#425msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>07:38 AM PT<br><br>Opened:<br>May 21, 2019 <br>07:38 AM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='426msgdesc'></div><b>Duplicate folders and documents showing in user profile directory</b><div>If you have redirected known folders (e.g. Desktop, Documents, or Pictures folders) you may see an empty folder with the same name in your %userprofile% directories after updating to Windows 10, version 1903. This may occur if known folders were redirected when you chose to back up your content to OneDrive using the OneDrive wizard, or if you chose to back up your content during the Windows Out-of-Box-Experience (OOBE). This may also occur if you redirected your known folders manually through the Properties dialog box in File Explorer. ​This issue does not cause any user files to be deleted and a solution is in progress.</div><div><br></div><div>To safeguard your update experience, we have applied a quality hold on devices with redirected known folders from being offered Windows 10, version 1903, until&nbsp;this issue is resolved.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Next steps: </strong>Microsoft is working on a resolution and estimates a solution will be available in late May.</div><div><strong>Note </strong>We recommend that you do not attempt to manually update to Windows 10, version 1903 using the <strong>Update now</strong> button or the Media Creation Tool until this issue has been resolved.</div><br><a href ='#426msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Investigating<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>07:16 AM PT<br><br>Opened:<br>May 21, 2019 <br>07:16 AM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='442msgdesc'></div><b>Error attempting to update with external USB device or memory card attached </b><div>If you have an external USB device or SD memory card attached when installing Windows 10, version 1903, you may get an error message stating \"This PC can't be upgraded to Windows 10.\" This is caused by inappropriate drive reassignment during installation.</div><div><br></div><div>Sample scenario: An update to Windows 10, version 1903 is attempted on a computer that has a thumb drive inserted into its USB port. Before the update, the thumb drive is mounted in the system as drive G based on the existing drive configuration. After the feature update is installed; however, the device is&nbsp;reassigned a different drive letter (e.g., drive H).</div><div><br></div><div><strong>Note</strong> The drive reassignment is not limited to removable drives. Internal hard drives may also be affected.</div><div><br></div><div>To safeguard your update experience, we have applied a hold on devices with an external USB device or SD memory card attached from being offered Windows 10, version 1903 until&nbsp;this issue is resolved.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Workaround: </strong>To work around this issue, remove&nbsp;all external media, such as USB devices and SD cards, from your computer and restart installation of the Windows 10, version 1903 feature update. The update should then proceed normally.</div><div><strong>Note </strong>If you need to keep your external device, SD memory card, or other devices attached to your computer while updating, we recommend that you do not attempt to manually update to Windows 10, version 1903 using the <strong>Update now </strong>button or the Media Creation Tool until this issue has been resolved.</div><div><br></div><div><strong>Next steps: </strong>Microsoft is working on a resolution and estimate a solution will be available in late May.</div><br><a href ='#442msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>04:49 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:38 AM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='450msgdesc'></div><b>Unable to discover or connect to Bluetooth devices</b><div>Microsoft has identified compatibility issues with some driver versions for Bluetooth radios made by Realtek and Qualcomm. To safeguard your update experience, we have applied a compatibility hold on devices with affected driver versions for Realtek or Qualcomm Bluetooth radios from being offered Windows 10, version 1903 or Windows Server, version 1903 until the driver has been updated.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li><li>Server: Windows Server, version 1903</li></ul><div></div><div><strong>Workaround: </strong>Check with your device manufacturer (OEM) to see if an updated driver is available and install it.</div><div><br></div><ul><li>For Qualcomm drivers, you will need to install a driver version greater than 10.0.1.11.</li><li>For Realtek drivers, you will need to install a driver version greater than 1.5.1011.0.</li></ul><div></div><div><strong>Note</strong> Until an updated driver has been installed, we recommend you do not attempt to manually update using the<strong> Update now </strong>button or the Media Creation Tool.&nbsp;</div><div><br></div><div><strong>Next steps:&nbsp;</strong>Microsoft is working with Realtek and Qualcomm to release new drivers for all affected system via Windows Update.<strong>&nbsp;</strong>&nbsp;</div><div><br></div><br><a href ='#450msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>04:48 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:29 AM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='449msgdesc'></div><b>Night light settings do not apply in some cases</b><div>Microsoft has identified some scenarios where night light settings may stop working, for example:</div><ul><li>Connecting to (or disconnecting from) an external monitor, dock, or projector</li><li>Rotating the screen</li><li>Updating display drivers or making other display mode changes</li></ul><div></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Workaround: </strong>If you find that your night light settings have stopped working, try turning the night light on and off, or restart your computer.<strong>&nbsp;&nbsp;</strong></div><div><br></div><div><strong>Note </strong>We recommend that you do not attempt to manually update using the <strong>Update now</strong> button or the Media Creation Tool until this issue has been resolved.</div><div><br></div><div><strong>Next steps: </strong>We are working on a resolution and will provide an update in an upcoming release.</div><div><br></div><br><a href ='#449msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>04:48 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:28 AM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='447msgdesc'></div><b>Intel Audio displays an intcdaud.sys notification</b><div>Microsoft and Intel have identified an issue with a range of Intel Display Audio device drivers that may result in higher than normal battery drain.&nbsp;If you see an <strong>intcdaud.sys</strong> notification or “What needs your attention” notification when trying to update to Windows 10, version 1903, you have an affected Intel Audio Display device driver installed on your machine (intcdaud.sys, versions 10.25.0.3 through 10.25.0.8).</div><div>&nbsp;&nbsp;</div><div>To safeguard your update experience, we have applied a compatibility hold on devices with drivers from being offered Windows 10, version 1903 until&nbsp;updated device drivers have been installed.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903; Windows 10, version 1809</li></ul><div></div><div><strong>Workaround:</strong></div><div>On the “What needs your attention\" notification, click the <strong>Back </strong>button to remain on your current version of Windows 10. (Do not click <strong>Confirm</strong> as this will proceed with the update and you may experience compatibility issues.)&nbsp;Affected devices will automatically revert to the previous working configuration.</div><div><br></div><div>For more information, see <a href=\"https://www.intel.com/content/www/us/en/support/articles/000030792/graphics-drivers.html\" target=\"_blank\" style=\"\">Intel's customer support guidance</a> and the Microsoft knowledge base article <a href=\"https://support.microsoft.com/help/4465877\" target=\"_blank\" style=\"\">KB4465877</a>.</div><div><br></div><div><strong>Note</strong> We recommend you do not attempt to update your devices until newer device drivers are installed.</div><div><br></div><div><strong>Next steps: </strong>You can opt to wait for newer drivers to be installed automatically through Windows Update or check with the computer manufacturer for the latest device driver software availability and installation procedures.</div><br><a href ='#447msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>04:47 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:22 AM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='446msgdesc'></div><b>Cannot launch Camera app </b><div>Microsoft and Intel have identified an issue affecting Intel RealSense SR300 and Intel RealSense S200 cameras when using the Camera app. After updating to the Windows 10 May 2019 Update and launching the Camera app, you may get an error message stating:</div><p class=\"ql-indent-1\">\"Close other apps, error code: 0XA00F4243.”</div><div><br></div><div>To safeguard your update experience, we have applied a protective hold on machines with Intel RealSense SR300 or Intel RealSense S200 cameras installed from being offered Windows 10, version 1903, until&nbsp;this issue is resolved.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Workaround: </strong>To temporarily resolve this issue, perform one of the following:</div><div><br></div><ul><li>Unplug your camera and plug it back in.</li></ul><p class=\"ql-indent-1\">or</div><ul><li>Disable and re-enable the driver in Device Manager. In the Search box, type \"Device Manager\" and press <strong>Enter</strong>. In the Device Manager dialog box, expand <strong>Cameras</strong>, then right-click on any <strong>RealSense</strong> driver listed and select <strong>Disable device</strong>. Right click on the driver again and select <strong>Enable device</strong>.</li></ul><p class=\"ql-indent-1\">or</div><ul><li>Restart the <strong>RealSense </strong>service. In the Search box, type \"Task Manager\" and hit <strong>Enter</strong>. In the Task Manager dialog box, click on the <strong>Services </strong>tab, right-click on <strong>RealSense</strong>, and select <strong>Restart</strong>.&nbsp;</li></ul><div></div><div><strong>Note </strong>This workaround will only resolve the issue until your next system restart.</div><div><br></div><div><strong>Note </strong>We recommend that you do not attempt to manually update using the <strong>Update now</strong> button or the Media Creation Tool until this issue has been resolved.</div><div><br></div><div><strong>Next steps: </strong>We are working on a resolution and will provide an update in an upcoming release.</div><br><a href ='#446msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>04:47 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:20 AM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='445msgdesc'></div><b>Intermittent loss of Wi-Fi connectivity</b><div>Some older computers may experience loss of Wi-Fi connectivity due to an outdated Qualcomm driver. An updated Wi-Fi driver should be available from your device manufacturer (OEM).</div><div><br></div><div>To safeguard your upgrade experience, we have applied a hold on devices with this Qualcomm driver from being offered Windows 10, version 1903, until&nbsp;the updated driver is installed.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Workaround: </strong>Download<strong> </strong>and install an updated Wi-Fi driver from your device manufacturer (OEM).</div><div>&nbsp;</div><div><strong>Note</strong> We recommend that you do not attempt to manually update using the <strong>Update now</strong> button or the Media Creation Tool until a new driver has been installed and the Windows 10, version 1903 feature update has been automatically offered to you.</div><br><a href ='#445msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>04:46 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:13 AM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='443msgdesc'></div><b>AMD RAID driver incompatibility  </b><div>Microsoft and AMD have identified an incompatibility with AMD RAID driver versions lower than 9.2.0.105. When you attempt to install&nbsp;the Windows 10, version 1903 update on a Windows 10-based computer with an affected driver version, the installation process stops and you get a message like the following:</div><p class=\"ql-indent-1\">AMD Ryzen™ or AMD Ryzen™ Threadripper™ configured in SATA or NVMe RAID mode.</div><p class=\"ql-indent-1\">“A driver is installed that causes stability problems on Windows. This driver will be disabled. Check with your software/driver provider for an updated version that runs on this version of Windows.”</div><div><strong>&nbsp;</strong></div><div>To safeguard your update experience, we have applied a compatibility hold on devices with these AMD drivers from being offered Windows 10, version 1903, until&nbsp;this issue is resolved.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Workaround: </strong>To resolve this issue, download the latest AMD RAID drivers directly from AMD at&nbsp;<a href=\"https://www.amd.com/en/support/chipsets/amd-socket-tr4/x399\" target=\"_blank\">https://www.amd.com/en/support/chipsets/amd-socket-tr4/x399</a>. The drivers must be version&nbsp;9.2.0.105 or later. Install the drivers on the affected computer, and then restart the installation process for the Windows 10, version 1903 feature update.</div><div>&nbsp;</div><div><strong>Note</strong> We recommend that you do not attempt to manually update using the <strong>Update now</strong> button or the Media Creation Tool until a new driver has been installed and the Windows 10, version 1903 feature update has been automatically offered to you.</div><div>&nbsp;</div><br><a href ='#443msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>04:45 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:12 AM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='444msgdesc'></div><b>D3D applications and games may fail to enter full-screen mode on rotated displays</b><div>Some Direct3D&nbsp;(D3D) applications and games (e.g., 3DMark) may fail to enter full-screen mode on displays where the display orientation has been changed from the default (e.g., a landscape display in portrait mode).</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li><li>Server: Windows Server, version 1903</li></ul><div></div><div><strong>Workaround: </strong>To work around this issue, do one of the following:</div><ul><li>Run applications in windowed mode or, if available, on a secondary non-rotated display.&nbsp;</li><li>Change compatibility settings for the applications to “Disable Full Screen Optimizations.”</li></ul><div></div><div><strong>Next steps: </strong>Microsoft is working on a resolution and estimates a solution will be available in late May.</div><br><a href ='#444msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>04:45 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:05 AM PT</td></tr>
       <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='427msgdesc'></div><b>Older versions of BattlEye anti-cheat software incompatible</b><div>Microsoft and BattlEye have identified a compatibility issue with some games that use older versions of BattlEye anti-cheat software. When launching a game that uses an older, impacted version of BattlEye anti-cheat software on a device running Windows 10, version 1903, the device may experience a system crash.</div><div><br></div><div>To safeguard your gaming experience, we have applied a compatibility hold on devices with the impacted versions of BattlEye software used by games installed on your PC. This will prevent Windows 10, version 1903 from being offered until the incompatible version of BattlEye software is no longer installed on the device.&nbsp;</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Mitigated: </strong>BattlEye has provided an updated patch to known impacted games. For a list of recent games that use BattlEye, go to&nbsp;<a href=\"https://www.battleye.com/\" target=\"_blank\">https://www.battleye.com/</a>.</div><div><br></div><div><strong>Workaround: </strong>Before updating your machine, we recommend you do one or more of the following:</div><div><br></div><ul><li>Verify that your game is up to date with the latest available version of BattlEye software. Some game platforms allow you to validate your game files, which can confirm that your installation is fully up to date.</li><li>Restart your system and open the game again.</li><li>Uninstall BattlEye using <a href=\"https://www.battleye.com/downloads/UninstallBE.exe\" target=\"_blank\">https://www.battleye.com/downloads/UninstallBE.exe</a>, and then reopen your game.</li><li>Uninstall and reinstall your game.</li></ul><div></div><div>For more troubleshooting options, see <a href=\"https://www.battleye.com/support/faq/\" target=\"_blank\">https://www.battleye.com/support/faq/</a>.</div><div><br></div><div><strong>Next steps: </strong>We are working with BattlEye and gaming partners to ensure games are automatically updated with the latest BattlEye software. We have confirmed the latest version of impacted games do not exhibit this issue. To minimize the chance of hitting this upgrade compatibility hold, please make sure you are running the latest version of your games before attempting to update the operating system.&nbsp;&nbsp;</div><div><strong>Note </strong>We recommend that you do not attempt to manually update using the <strong>Update now </strong>button or the Media Creation Tool until you have installed an updated version of BattlEye software that resolves this issue.</div><br><a href ='#427msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>07:34 AM PT<br><br>Opened:<br>May 21, 2019 <br>07:34 AM PT</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='428msgdesc'></div><b>Unable to discover or connect to Bluetooth devices</b><div>Microsoft has identified compatibility issues with some versions of Realtek and Qualcomm Bluetooth radio drivers. To safeguard your update experience, we have applied a compatibility hold on certain devices with Realtek or Qualcomm Bluetooth radio drivers from being offered Windows 10, version 1903 or Windows Server, version 1903 until the driver has been updated.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li><li>Server: Windows Server, version 1903</li></ul><div></div><div><strong>Workaround: </strong>Check with your device manufacturer (OEM) to see if an updated driver is available and install it.</div><div><br></div><ul><li>For Qualcomm drivers, you will need to install a driver version greater than 10.0.1.11.</li><li>For Realtek drivers, you will need to install a driver version greater than 1.5.1011.0.</li></ul><div></div><div><strong>Next steps:&nbsp;</strong>Microsoft is working with Realtek and Qualcomm to release new drivers for all affected system via Windows Update.<strong>&nbsp;</strong>&nbsp;</div><div><strong>Note</strong> Until an updated driver has been installed, we recommend you do not attempt to manually update using the<strong> Update now </strong>button or the Media Creation Tool.&nbsp;</div><br><a href ='#428msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>07:29 AM PT<br><br>Opened:<br>May 21, 2019 <br>07:29 AM PT</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='429msgdesc'></div><b>Night light settings do not apply in some cases</b><div>Microsoft has identified some scenarios where night light settings may stop working.&nbsp;The night light feature may stop working in the following scenarios:</div><div><br></div><ul><li>Connecting to (or disconnecting from) an external monitor, dock, or projector</li><li>Rotating the screen</li><li>Updating display drivers or making other display mode changes</li></ul><div></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Workaround: </strong>If you find that your night light settings have stopped working, try turning the night light on and off, or restart your computer.<strong>&nbsp;&nbsp;</strong></div><div><br></div><div><strong>Next steps: </strong>We are working on a resolution and will provide an update in an upcoming release.</div><div><strong>Note </strong>We recommend that you do not attempt to manually update using the <strong>Update now</strong> button or the Media Creation Tool until this issue has been resolved.</div><br><a href ='#429msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>07:28 AM PT<br><br>Opened:<br>May 21, 2019 <br>07:28 AM PT</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='432msgdesc'></div><b>Cannot launch Camera app </b><div>Microsoft and Intel have identified an issue affecting Intel RealSense SR300 and Intel RealSense S200 cameras when using the Camera app. After updating to the Windows 10 May 2019 Update and launching the Camera app, you may get an error message stating:</div><div><br></div><div>\"Close other apps, error code: 0XA00F4243.”</div><div><br></div><div>To safeguard your update experience, we have applied a protective hold on machines with Intel RealSense SR300 or Intel RealSense S200 cameras installed from being offered Windows 10, version 1903, until&nbsp;this issue is resolved.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Workaround: </strong>To temporarily resolve this issue, perform one of the following:</div><div><br></div><ul><li>Unplug your camera and plug it back in.</li></ul><p class=\"ql-indent-1\">or</div><ul><li>Disable and re-enable the driver in Device Manager. In the Search box, type \"Device Manager\" and press <strong>Enter</strong>. In the Device Manager dialog box, expand <strong>Cameras</strong>, then right-click on any <strong>RealSense</strong> driver listed and select <strong>Disable device</strong>. Right click on the driver again and select <strong>Enable device</strong>.</li></ul><p class=\"ql-indent-1\">or</div><ul><li>Restart the <strong>RealSense </strong>service. In the Search box, type \"Task Manager\" and hit <strong>Enter</strong>. In the Task Manager dialog box, click on the <strong>Services </strong>tab, right-click on <strong>RealSense</strong>, and select <strong>Restart</strong>.&nbsp;</li></ul><div></div><div><strong>Note </strong>This workaround will only resolve the issue until your next system restart.</div><div>&nbsp;</div><div><strong>Next steps: </strong>We are working on a resolution and will provide an update in an upcoming release.</div><div><strong>Note </strong>We recommend that you do not attempt to manually update using the <strong>Update now</strong> button or the Media Creation Tool until this issue has been resolved.</div><br><a href ='#432msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>07:20 AM PT<br><br>Opened:<br>May 21, 2019 <br>07:20 AM PT</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='434msgdesc'></div><b>Intermittent Wi-Fi connectivity loss</b><div>Some older computers may experience losing Wi-Fi connectivity due to an outdated Qualcomm driver. An updated Wi-Fi driver should be available by your device manufacturer.</div><div><br></div><div>To safeguard your upgrade experience, we have applied a hold on devices with this Qualcomm driver from being offered Windows 10, version 1903, until&nbsp;the updated driver is installed.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Workaround: </strong>Download<strong> </strong>and install an updated Wi-Fi driver from your computer manufacturer (OEM).</div><div>&nbsp;</div><div><strong>Note</strong> We recommend that you do not attempt to manually update using the <strong>Update now</strong> button or the Media Creation Tool until a new driver has been installed and the Windows 10, version 1903 feature update has been automatically offered to you.</div><br><a href ='#434msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>07:13 AM PT<br><br>Opened:<br>May 21, 2019 <br>07:13 AM PT</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='435msgdesc'></div><b>AMD RAID driver incompatibility  </b><div>Microsoft and Intel have identified an incompatibility with AMD RAID driver versions lower than 9.2.0.105. When you install&nbsp;the Windows 10, version 1903 update on a Windows 10-based computer, the installation process stops and you get a message like the following:</div><div>&nbsp;</div><div>AMD Ryzen™ or AMD Ryzen™ Threadripper™ configured in SATA or NVMe RAID mode.</div><div>“A driver is installed that causes stability problems on Windows. This driver will be disabled. Check with your software/driver provider for an updated version that runs on this version of Windows.”</div><div><strong>&nbsp;</strong></div><div>On computers that have AMD Ryzen™ or AMD Ryzen™ Threadripper™ processors, AMD RAID drivers less than version 9.2.0.105 are not compatible with the this update. If a computer has these drivers installed and configured in RAID mode, it cannot install the Windows 10, version 1903 update.</div><div><br></div><div>Computers with an AMD RAID driver, version 9.2.0.105 or higher, installed will not encounter this issue.</div><div><br></div><div>For more information about this issue, please see the <a href=\"https://www.amd.com/en/support/kb/faq/pa-260\" target=\"_blank\">AMD support article</a>.</div><div><br></div><div>To safeguard your update experience, we have applied a quality hold on devices with these AMD drivers from being offered Windows 10, version 1903, until&nbsp;this issue is resolved.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Workaround: </strong>To resolve this issue, download the latest AMD RAID drivers directly from AMD at&nbsp;<a href=\"https://www.amd.com/en/support/chipsets/amd-socket-tr4/x399\" target=\"_blank\">https://www.amd.com/en/support/chipsets/amd-socket-tr4/x399</a>. The drivers must be version&nbsp;9.2.0.105 or later. Install the drivers on the affected computer, and then restart the installation process for the Windows 10, version 1903 feature update.</div><div>&nbsp;</div><div><strong>Note</strong> We recommend that you do not attempt to manually update using the <strong>Update now</strong> button or the Media Creation Tool until a new driver has been installed and the Windows 10, version 1903 feature update has been automatically offered to you.</div><div>&nbsp;</div><br><a href ='#435msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>07:12 AM PT<br><br>Opened:<br>May 21, 2019 <br>07:12 AM PT</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='436msgdesc'></div><b>D3D applications and games may fail to enter full-screen mode on rotated displays</b><div>Some Direct 3D&nbsp;(D3D) applications and games (e.g., 3DMark) may fail to enter full-screen mode on displays where the display orientation has been changed from the default (e.g., a landscape display in portrait mode).</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li><li>Server: Windows Server, version 1903</li></ul><div></div><div><strong>Workaround: </strong>To work around this issue, do one of the following:</div><ul><li>Run applications in windowed mode or, if available, on a secondary non-rotated display.&nbsp;</li><li>Change compatibility settings for the applications to “Disable Full Screen Optimizations.”</li></ul><div></div><div><strong>Next steps: </strong>Microsoft is working on a resolution and estimates a solution will be available in late May.</div><br><a href ='#436msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>07:05 AM PT<br><br>Opened:<br>May 21, 2019 <br>07:05 AM PT</td></tr>
       </table>
       "

From 261aad36dc810aa17001352c006f2707b569eb91 Mon Sep 17 00:00:00 2001
From: ManikaDhiman <v-madhi@microsoft.com>
Date: Tue, 21 May 2019 17:46:08 -0700
Subject: [PATCH 133/157] minor update

---
 ...ew-in-windows-mdm-enrollment-management.md | 23 +++++++++----------
 1 file changed, 11 insertions(+), 12 deletions(-)

diff --git a/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md b/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md
index c2d80ef496..568389f6f7 100644
--- a/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md
+++ b/windows/client-management/mdm/new-in-windows-mdm-enrollment-management.md
@@ -1869,29 +1869,28 @@ How do I turn if off? | The service can be stopped from the "Services" console o
 |New or updated topic | Description|
 |--- | ---|
 |[EnrollmentStatusTracking CSP](enrollmentstatustracking-csp.md)|Added new CSP in Windows 10, version 1903.|
-|[Policy CSP - DeliveryOptimization](policy-csp-deliveryoptimization.md)|Added the following new policies: DODelayCacheServerFallbackBackground, DODelayCacheServerFallbackForeground<br><br>Updated description of the following policies: DOMinRAMAllowedToPeer, DOMinFileSizeToCache, DOMinDiskSizeAllowedToPeer|
-|[Policy CSP - Experience](policy-csp-experience.md)|Added the following new policy: ShowLockOnUserTile|
-|[Policy CSP - InternetExplorer](policy-csp-internetexplorer.md)|Added the following new policies: AllowEnhancedSuggestionsInAddressBar, DisableActiveXVersionListAutoDownload, DisableCompatView, DisableFeedsBackgroundSync, DisableGeolocation, DisableWebAddressAutoComplete, NewTabDefaultPage|
-|[Policy CSP - Power](policy-csp-power.md)|Added the following new policies: EnergySaverBatteryThresholdOnBattery, EnergySaverBatteryThresholdPluggedIn, SelectLidCloseActionOnBattery, SelectLidCloseActionPluggedIn, SelectPowerButtonActionOnBattery, SelectPowerButtonActionPluggedIn, SelectSleepButtonActionOnBattery, SelectSleepButtonActionPluggedIn, TurnOffHybridSleepOnBattery, TurnOffHybridSleepPluggedIn, UnattendedSleepTimeoutOnBattery, UnattendedSleepTimeoutPluggedIn|
-|[Policy CSP - Search](policy-csp-search.md)|Added the following new policy: AllowFindMyFiles|
-|[Policy CSP - System](policy-csp-system.md)|Added the following new policies: AllowCommercialDataPipeline, TurnOffFileHistory|
-|[Policy CSP - Update](policy-csp-update.md)|Added the following new policies: AutomaticMaintenanceWakeUp, ConfigureDeadlineForFeatureUpdates, ConfigureDeadlineForQualityUpdates, ConfigureDeadlineGracePeriod, ConfigureDeadlineNoAutoReboot|
-|[Policy CSP - WindowsLogon](policy-csp-windowslogon.md)|Added the following new policies: AllowAutomaticRestartSignOn, ConfigAutomaticRestartSignOn, EnableFirstLogonAnimation|
-|[DeviceStatus CSP](devicestatus-csp.md)|Updated description of the following nodes: DeviceStatus/Antivirus/SignatureStatus, DeviceStatus/Antispyware/SignatureStatus|
+|[Policy CSP - DeliveryOptimization](policy-csp-deliveryoptimization.md)|Added the following new policies:<br> DODelayCacheServerFallbackBackground, DODelayCacheServerFallbackForeground.<br><br>Updated description of the following policies:<br>DOMinRAMAllowedToPeer, DOMinFileSizeToCache, DOMinDiskSizeAllowedToPeer.|
+|[Policy CSP - Experience](policy-csp-experience.md)|Added the following new policy:<br>ShowLockOnUserTile.|
+|[Policy CSP - InternetExplorer](policy-csp-internetexplorer.md)|Added the following new policies:<br>AllowEnhancedSuggestionsInAddressBar, DisableActiveXVersionListAutoDownload, DisableCompatView, DisableFeedsBackgroundSync, DisableGeolocation, DisableWebAddressAutoComplete, NewTabDefaultPage.|
+|[Policy CSP - Power](policy-csp-power.md)|Added the following new policies:<br>EnergySaverBatteryThresholdOnBattery, EnergySaverBatteryThresholdPluggedIn, SelectLidCloseActionOnBattery, SelectLidCloseActionPluggedIn, SelectPowerButtonActionOnBattery, SelectPowerButtonActionPluggedIn, SelectSleepButtonActionOnBattery, SelectSleepButtonActionPluggedIn, TurnOffHybridSleepOnBattery, TurnOffHybridSleepPluggedIn, UnattendedSleepTimeoutOnBattery, UnattendedSleepTimeoutPluggedIn.|
+|[Policy CSP - Search](policy-csp-search.md)|Added the following new policy:<br>AllowFindMyFiles.|
+|[Policy CSP - System](policy-csp-system.md)|Added the following new policies:<br>AllowCommercialDataPipeline, TurnOffFileHistory.|
+|[Policy CSP - Update](policy-csp-update.md)|Added the following new policies:<br>AutomaticMaintenanceWakeUp, ConfigureDeadlineForFeatureUpdates, ConfigureDeadlineForQualityUpdates, ConfigureDeadlineGracePeriod, ConfigureDeadlineNoAutoReboot.|
+|[Policy CSP - WindowsLogon](policy-csp-windowslogon.md)|Added the following new policies:<br>AllowAutomaticRestartSignOn, ConfigAutomaticRestartSignOn, EnableFirstLogonAnimation.|
+|[DeviceStatus CSP](devicestatus-csp.md)|Updated description of the following nodes:<br>DeviceStatus/Antivirus/SignatureStatus, DeviceStatus/Antispyware/SignatureStatus.|
 
 ### April 2019
 
 |New or updated topic | Description|
 |--- | ---|
-|[Win32 and Desktop Bridge app policy configuration](win32-and-centennial-app-policy-configuration.md)|Added the following warning at the end of the Overview section: Some operating system components have built in functionality to check devices for domain membership. MDM enforces the configured policy values only if the devices are domain joined, otherwise it does not. However, you can still import ADMX files and set ADMX-backed policies regardless of whether the device is domain joined or non-domain joined.|
+|[Win32 and Desktop Bridge app policy configuration](win32-and-centennial-app-policy-configuration.md)|Added the following warning at the end of the Overview section:<br>Some operating system components have built in functionality to check devices for domain membership. MDM enforces the configured policy values only if the devices are domain joined, otherwise it does not. However, you can still import ADMX files and set ADMX-backed policies regardless of whether the device is domain joined or non-domain joined.|
 |[Policy CSP - UserRights](policy-csp-userrights.md)|Added a note stating if you use Intune custom profiles to assign UserRights policies, you must use the CDATA tag (<![CDATA[...]]>) to wrap the data fields.|
 
 ### March 2019
 
 |New or updated topic | Description|
 |--- | ---|
-|[Policy CSP - Storage](policy-csp-storage.md)|Updated ADMX Info of the following policies: AllowStorageSenseGlobal, AllowStorageSenseTemporaryFilesCleanup, ConfigStorageSenseCloudContentDehydrationThreshold, ConfigStorageSenseDownloadsCleanupThreshold, ConfigStorageSenseGlobalCadence, ConfigStorageSenseRecycleBinCleanupThreshold|
-|[Policy CSP - Storage](policy-csp-storage.md)|Updated description of ConfigStorageSenseDownloadsCleanupThreshold|
+|[Policy CSP - Storage](policy-csp-storage.md)|Updated ADMX Info of the following policies:<br>AllowStorageSenseGlobal, AllowStorageSenseTemporaryFilesCleanup, ConfigStorageSenseCloudContentDehydrationThreshold, ConfigStorageSenseDownloadsCleanupThreshold, ConfigStorageSenseGlobalCadence, ConfigStorageSenseRecycleBinCleanupThreshold. <br><br>Updated description of ConfigStorageSenseDownloadsCleanupThreshold.|
 
 
 ### February 2019

From 95ec160a886a4dde75f4cb9a222faedc3e20fc01 Mon Sep 17 00:00:00 2001
From: DocsPreview <49669258+DocsPreview@users.noreply.github.com>
Date: Tue, 21 May 2019 18:01:33 -0700
Subject: [PATCH 134/157] Latest updates for 1903 product version (#260) (#261)

---
 .../status-windows-10-1903.yml                | 40 +++++++++----------
 1 file changed, 20 insertions(+), 20 deletions(-)

diff --git a/windows/release-information/status-windows-10-1903.yml b/windows/release-information/status-windows-10-1903.yml
index a98c7d3ed7..6f5714b4dd 100644
--- a/windows/release-information/status-windows-10-1903.yml
+++ b/windows/release-information/status-windows-10-1903.yml
@@ -65,18 +65,18 @@ sections:
   - type: markdown
     text: "<div>This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.</div><br>
       <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Last updated</td></tr>
-      <tr><td><div id='439msg'></div><b>Display brightness may not respond to adjustments</b><br>Microsoft and Intel have identified a driver compatibility issue on devices configured with certain Intel drivers.<br><br><a href = '#439msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Investigating<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>07:56 AM PT</td></tr>
-      <tr><td><div id='426msg'></div><b>Duplicate folders and documents showing in user profile directory</b><br>If known folders (e.g. Desktop, Documents, or Pictures folders) are redirected, an empty folder with that same name may be created.<br><br><a href = '#426msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Investigating<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>07:35 AM PT</td></tr>
+      <tr><td><div id='448msg'></div><b>Display brightness may not respond to adjustments</b><br>Microsoft and Intel have identified a driver compatibility issue on devices configured with certain Intel display drivers.<br><br><a href = '#448msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Investigating<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>04:47 PM PT</td></tr>
       <tr><td><div id='433msg'></div><b>Audio not working with Dolby Atmos headphones and home theater </b><br>Users may experience audio loss with Dolby Atmos headphones or Dolby Atmos home theater.<br><br><a href = '#433msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Investigating<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>07:17 AM PT</td></tr>
-      <tr><td><div id='440msg'></div><b>Intel Audio displays an intcdaud.sys notification</b><br>Microsoft and Intel have identified an issue with a range of Intel Display Audio device drivers that may result in battery drain.  <br><br><a href = '#440msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>08:34 AM PT</td></tr>
-      <tr><td><div id='425msg'></div><b>Error attempting to update with external USB device or memory card attached </b><br>PCs with an external USB device or SD memory card attached may get error: \"This PC can't be upgraded to Windows 10.\"<br><br><a href = '#425msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>07:38 AM PT</td></tr>
+      <tr><td><div id='426msg'></div><b>Duplicate folders and documents showing in user profile directory</b><br>If known folders (e.g. Desktop, Documents, or Pictures folders) are redirected, an empty folder with that same name may be created.<br><br><a href = '#426msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Investigating<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>07:16 AM PT</td></tr>
+      <tr><td><div id='442msg'></div><b>Error attempting to update with external USB device or memory card attached </b><br>PCs with an external USB device or SD memory card attached may get error: \"This PC can't be upgraded to Windows 10.\"<br><br><a href = '#442msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>04:49 PM PT</td></tr>
+      <tr><td><div id='450msg'></div><b>Unable to discover or connect to Bluetooth devices</b><br>Microsoft has identified compatibility issues with some versions of Realtek and Qualcomm Bluetooth radio drivers.<br><br><a href = '#450msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>04:48 PM PT</td></tr>
+      <tr><td><div id='449msg'></div><b>Night light settings do not apply in some cases</b><br>Microsoft has identified some scenarios where night light settings may stop working.<br><br><a href = '#449msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>04:48 PM PT</td></tr>
+      <tr><td><div id='447msg'></div><b>Intel Audio displays an intcdaud.sys notification</b><br>Microsoft and Intel have identified an issue with a range of Intel Display Audio device drivers that may result in battery drain.  <br><br><a href = '#447msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>04:47 PM PT</td></tr>
+      <tr><td><div id='446msg'></div><b>Cannot launch Camera app </b><br>Microsoft and Intel have identified an issue affecting Intel RealSense SR300 or Intel RealSense S200 camera apps.<br><br><a href = '#446msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>04:47 PM PT</td></tr>
+      <tr><td><div id='445msg'></div><b>Intermittent loss of Wi-Fi connectivity</b><br>Some older devices may experience loss of Wi-Fi connectivity due to an outdated Qualcomm driver. <br><br><a href = '#445msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>04:46 PM PT</td></tr>
+      <tr><td><div id='443msg'></div><b>AMD RAID driver incompatibility  </b><br>Installation process may stop when trying to install Windows 10, version 1903 update on computers that run certain versions of AMD RAID drivers.<br><br><a href = '#443msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>04:45 PM PT</td></tr>
+      <tr><td><div id='444msg'></div><b>D3D applications and games may fail to enter full-screen mode on rotated displays</b><br>Some Direct3D (D3D) applications and games may fail to enter full-screen mode on rotated displays.<br><br><a href = '#444msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>04:45 PM PT</td></tr>
       <tr><td><div id='427msg'></div><b>Older versions of BattlEye anti-cheat software incompatible</b><br>Microsoft and BattlEye have identified a compatibility issue with some games that use older versions of BattlEye anti-cheat software.<br><br><a href = '#427msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>07:34 AM PT</td></tr>
-      <tr><td><div id='428msg'></div><b>Unable to discover or connect to Bluetooth devices</b><br>Microsoft has identified compatibility issues with some versions of Realtek and Qualcomm Bluetooth radio drivers.<br><br><a href = '#428msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>07:29 AM PT</td></tr>
-      <tr><td><div id='429msg'></div><b>Night light settings do not apply in some cases</b><br>Microsoft has identified some scenarios where night light settings may stop working.<br><br><a href = '#429msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>07:28 AM PT</td></tr>
-      <tr><td><div id='432msg'></div><b>Cannot launch Camera app </b><br>Microsoft and Intel have identified an issue affecting Intel RealSense SR300 or Intel RealSense S200 camera apps.<br><br><a href = '#432msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>07:20 AM PT</td></tr>
-      <tr><td><div id='434msg'></div><b>Intermittent Wi-Fi connectivity loss</b><br>Some older devices may experience losing Wi-Fi connectivity due to an outdated Qualcomm driver. <br><br><a href = '#434msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>07:13 AM PT</td></tr>
-      <tr><td><div id='435msg'></div><b>AMD RAID driver incompatibility  </b><br>Installation process may stop when trying to instal Windows 10, version 1903 update on computers that run certain versions of AMD RAID drivers.<br><br><a href = '#435msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>07:12 AM PT</td></tr>
-      <tr><td><div id='436msg'></div><b>D3D applications and games may fail to enter full-screen mode on rotated displays</b><br>Some Direct 3D (D3D) applications and games may fail to enter full-screen mode on rotated displays.<br><br><a href = '#436msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>07:05 AM PT</td></tr>
       </table>
       "
 
@@ -92,17 +92,17 @@ sections:
   - type: markdown
     text: "
       <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='439msgdesc'></div><b>Display brightness may not respond to adjustments</b><div>Microsoft and Intel have identified a driver compatibility issue on devices configured with certain Intel drivers. After updating to Window 10, version 1903, brightness settings may sometime appear as if changes applied took effect, yet the actual display brightness doesn't change.</div><div><br></div><div>To safeguard your update experience, we have applied a compatibility hold on devices with certain Intel drivers from being offered Windows 10, version 1903, until&nbsp;this issue is resolved.</div><div>&nbsp;</div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Workaround: </strong>Restart your device to apply changes to brightness.</div><div><br></div><div><strong>Next steps: </strong>We are working on a resolution that will be made available in upcoming release.</div><div><strong>Note</strong> We recommend that you do not attempt to manually update using the <strong>Update now</strong> button or the Media Creation Tool until this issue has been resolved.</div><div>&nbsp;</div><br><a href ='#439msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Investigating<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>07:56 AM PT<br><br>Opened:<br>May 21, 2019 <br>07:56 AM PT</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='426msgdesc'></div><b>Duplicate folders and documents showing in user profile directory</b><div>If you have redirected known folders (e.g. Desktop, Documents, or Pictures folders) you may see an empty folder with the same name in your %userprofile% directories after updating to Windows 10, version 1903. This may occur if known folders were redirected when you chose to back up your content to OneDrive using the OneDrive wizard, or if you chose to back up your content during the Windows Out-of-Box-Experience (OOBE). This may also occur if you redirected your known folders manually through the Properties dialog box in File Explorer. ​This issue does not cause any user files to be deleted and a solution is in progress.</div><div><br></div><div>To safeguard your update experience, we have applied a quality hold on devices with redirected known folders from being offered Windows 10, version 1903, until&nbsp;this issue is resolved.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Next steps: </strong>Microsoft is working on a resolution and estimates a solution will be available in late May.</div><div><strong>Note </strong>We recommend that you do not attempt to manually update to Windows 10, version 1903 using the <strong>Update now</strong> button or the Media Creation Tool until this issue has been resolved.</div><br><a href ='#426msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Investigating<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>07:35 AM PT<br><br>Opened:<br>May 21, 2019 <br>07:35 AM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='448msgdesc'></div><b>Display brightness may not respond to adjustments</b><div>Microsoft and Intel have identified a driver compatibility issue on devices configured with certain Intel display drivers. After updating to Window 10, version 1903, brightness settings may sometime appear as if changes applied took effect, yet the actual display brightness doesn't change.</div><div><br></div><div>To safeguard your update experience, we have applied a compatibility hold on devices with certain Intel drivers from being offered Windows 10, version 1903, until&nbsp;this issue is resolved.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Workaround: </strong>Restart your device to apply changes to brightness.</div><div><br></div><div><strong>Note</strong> We recommend that you do not attempt to manually update using the <strong>Update now</strong> button or the Media Creation Tool until this issue has been resolved.</div><div><br></div><div><strong>Next steps: </strong>We are working on a resolution that will be made available in upcoming release.</div><br><a href ='#448msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Investigating<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>04:47 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:56 AM PT</td></tr>
       <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='433msgdesc'></div><b>Audio not working with Dolby Atmos headphones and home theater </b><div>After updating to Windows 10, version 1903, you may experience loss of audio with Dolby Atmos for home theater (free extension) or Dolby Atmos for headphones (paid extension) acquired through the Microsoft Store due to a licensing configuration error.</div><div>&nbsp;</div><div>This occurs due to an issue with a Microsoft Store licensing component, where license holders are not able to connect to the Dolby Access app and enable Dolby Atmos extensions.</div><div>&nbsp;</div><div>To safeguard your update experience, we have applied protective hold on devices from being offered Windows 10, version 1903 until&nbsp;this issue is resolved. This configuration error will not result in loss of access for the acquired license once the problem is resolved.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Next steps: </strong>We are working on a resolution for Microsoft Store and estimate a solution will be available in mid-June.</div><div><strong>Note</strong> We recommend you do not attempt to manually update using the <strong>Update now</strong> button or the Media Creation Tool until this issue has been resolved.&nbsp;</div><br><a href ='#433msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Investigating<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>07:17 AM PT<br><br>Opened:<br>May 21, 2019 <br>07:16 AM PT</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='440msgdesc'></div><b>Intel Audio displays an intcdaud.sys notification</b><div>Microsoft and Intel have identified an issue with a range of Intel Display Audio device drivers that may result in higher than normal battery drain.&nbsp;If you see an <strong>intcdaud.sys</strong> notification or “What needs your attention” notification when trying to update to the latest Windows feature update, you have an Intel Audio Display device driver (intcdaud.sys, versions 10.25.0.3 through 10.25.0.8) installed on your machine.</div><div>&nbsp;&nbsp;</div><div>To safeguard your update experience, we have applied a compatibility hold on devices with drivers from being offered Windows 10, version 1903 until&nbsp;updated device drivers have been installed.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903; Windows 10, version 1809</li></ul><div></div><div><strong>Workaround:</strong></div><div>On the “What needs your attention\" notification, click the <strong>Back </strong>button to remain on your current version of Windows 10. (Do not click <strong>Confirm</strong> as this will proceed with the update and you may experience compatibility issues.)&nbsp;Affected devices will automatically revert to the previous working configuration.</div><div><br></div><div>For more information, see <a href=\"https://www.intel.com/content/www/us/en/support/articles/000030792/graphics-drivers.html\" target=\"_blank\">Intel's customer support guidance</a> and the Microsoft knowledge base article <a href=\"https://support.microsoft.com/help/4465877\" target=\"_blank\">KB4465877</a>.</div><div><br></div><div><strong>Next steps: </strong>You can opt to wait for newer drivers to be installed automatically through Windows Update or check with the computer manufacturer for the latest device driver software availability and installation procedures.</div><div><strong>Note</strong> We recommend you do not attempt to update your devices until newer device drivers are installed.</div><br><a href ='#440msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>08:34 AM PT<br><br>Opened:<br>May 21, 2019 <br>07:22 AM PT</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='425msgdesc'></div><b>Error attempting to update with external USB device or memory card attached </b><div>If you have an external USB device or SD memory card attached when installing Windows 10, version 1903, you may get an error message stating \"This PC can't be upgraded to Windows 10.\" This is caused by inappropriate drive reassignment during installation.</div><div><br></div><div>Sample scenario: An update to Windows 10, 1903 is attempted on a computer that has a thumb drive inserted into its USB port. Before the update, the thumb drive is mounted in the system as drive G based on the existing drive configuration. After the feature update is installed; however, the device is&nbsp;reassigned a different drive letter (e.g., drive H).</div><div><br></div><div><strong>Note</strong> The drive reassignment is not limited to removable drives. Internal hard drives may also be affected.</div><div><br></div><div>To safeguard your update experience, we have applied a hold on devices with an external USB device or SD memory card attached from being offered Windows 10, version 1903 until&nbsp;this issue is resolved.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Workaround: </strong>To work around this issue, remove&nbsp;all external media, such as USB devices and SD cards, from your computer and restart installation of the Windows 10, version 1903 feature update. The update should then proceed normally.</div><div><br></div><div><strong>Next steps: </strong>Microsoft is working on a resolution and estimate a solution will be available in late May.</div><div><strong>Note </strong>If you need to keep your external device, SD memory card, or other devices attached to your computer while updating, we recommend that you do not attempt to manually update to Windows 10, version 1903 using the <strong>Update now </strong>button or the Media Creation Tool until this issue has been resolved.</div><br><a href ='#425msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>07:38 AM PT<br><br>Opened:<br>May 21, 2019 <br>07:38 AM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='426msgdesc'></div><b>Duplicate folders and documents showing in user profile directory</b><div>If you have redirected known folders (e.g. Desktop, Documents, or Pictures folders) you may see an empty folder with the same name in your %userprofile% directories after updating to Windows 10, version 1903. This may occur if known folders were redirected when you chose to back up your content to OneDrive using the OneDrive wizard, or if you chose to back up your content during the Windows Out-of-Box-Experience (OOBE). This may also occur if you redirected your known folders manually through the Properties dialog box in File Explorer. ​This issue does not cause any user files to be deleted and a solution is in progress.</div><div><br></div><div>To safeguard your update experience, we have applied a quality hold on devices with redirected known folders from being offered Windows 10, version 1903, until&nbsp;this issue is resolved.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Next steps: </strong>Microsoft is working on a resolution and estimates a solution will be available in late May.</div><div><strong>Note </strong>We recommend that you do not attempt to manually update to Windows 10, version 1903 using the <strong>Update now</strong> button or the Media Creation Tool until this issue has been resolved.</div><br><a href ='#426msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Investigating<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>07:16 AM PT<br><br>Opened:<br>May 21, 2019 <br>07:16 AM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='442msgdesc'></div><b>Error attempting to update with external USB device or memory card attached </b><div>If you have an external USB device or SD memory card attached when installing Windows 10, version 1903, you may get an error message stating \"This PC can't be upgraded to Windows 10.\" This is caused by inappropriate drive reassignment during installation.</div><div><br></div><div>Sample scenario: An update to Windows 10, version 1903 is attempted on a computer that has a thumb drive inserted into its USB port. Before the update, the thumb drive is mounted in the system as drive G based on the existing drive configuration. After the feature update is installed; however, the device is&nbsp;reassigned a different drive letter (e.g., drive H).</div><div><br></div><div><strong>Note</strong> The drive reassignment is not limited to removable drives. Internal hard drives may also be affected.</div><div><br></div><div>To safeguard your update experience, we have applied a hold on devices with an external USB device or SD memory card attached from being offered Windows 10, version 1903 until&nbsp;this issue is resolved.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Workaround: </strong>To work around this issue, remove&nbsp;all external media, such as USB devices and SD cards, from your computer and restart installation of the Windows 10, version 1903 feature update. The update should then proceed normally.</div><div><strong>Note </strong>If you need to keep your external device, SD memory card, or other devices attached to your computer while updating, we recommend that you do not attempt to manually update to Windows 10, version 1903 using the <strong>Update now </strong>button or the Media Creation Tool until this issue has been resolved.</div><div><br></div><div><strong>Next steps: </strong>Microsoft is working on a resolution and estimate a solution will be available in late May.</div><br><a href ='#442msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>04:49 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:38 AM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='450msgdesc'></div><b>Unable to discover or connect to Bluetooth devices</b><div>Microsoft has identified compatibility issues with some driver versions for Bluetooth radios made by Realtek and Qualcomm. To safeguard your update experience, we have applied a compatibility hold on devices with affected driver versions for Realtek or Qualcomm Bluetooth radios from being offered Windows 10, version 1903 or Windows Server, version 1903 until the driver has been updated.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li><li>Server: Windows Server, version 1903</li></ul><div></div><div><strong>Workaround: </strong>Check with your device manufacturer (OEM) to see if an updated driver is available and install it.</div><div><br></div><ul><li>For Qualcomm drivers, you will need to install a driver version greater than 10.0.1.11.</li><li>For Realtek drivers, you will need to install a driver version greater than 1.5.1011.0.</li></ul><div></div><div><strong>Note</strong> Until an updated driver has been installed, we recommend you do not attempt to manually update using the<strong> Update now </strong>button or the Media Creation Tool.&nbsp;</div><div><br></div><div><strong>Next steps:&nbsp;</strong>Microsoft is working with Realtek and Qualcomm to release new drivers for all affected system via Windows Update.<strong>&nbsp;</strong>&nbsp;</div><div><br></div><br><a href ='#450msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>04:48 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:29 AM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='449msgdesc'></div><b>Night light settings do not apply in some cases</b><div>Microsoft has identified some scenarios where night light settings may stop working, for example:</div><ul><li>Connecting to (or disconnecting from) an external monitor, dock, or projector</li><li>Rotating the screen</li><li>Updating display drivers or making other display mode changes</li></ul><div></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Workaround: </strong>If you find that your night light settings have stopped working, try turning the night light on and off, or restart your computer.<strong>&nbsp;&nbsp;</strong></div><div><br></div><div><strong>Note </strong>We recommend that you do not attempt to manually update using the <strong>Update now</strong> button or the Media Creation Tool until this issue has been resolved.</div><div><br></div><div><strong>Next steps: </strong>We are working on a resolution and will provide an update in an upcoming release.</div><div><br></div><br><a href ='#449msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>04:48 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:28 AM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='447msgdesc'></div><b>Intel Audio displays an intcdaud.sys notification</b><div>Microsoft and Intel have identified an issue with a range of Intel Display Audio device drivers that may result in higher than normal battery drain.&nbsp;If you see an <strong>intcdaud.sys</strong> notification or “What needs your attention” notification when trying to update to Windows 10, version 1903, you have an affected Intel Audio Display device driver installed on your machine (intcdaud.sys, versions 10.25.0.3 through 10.25.0.8).</div><div>&nbsp;&nbsp;</div><div>To safeguard your update experience, we have applied a compatibility hold on devices with drivers from being offered Windows 10, version 1903 until&nbsp;updated device drivers have been installed.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903; Windows 10, version 1809</li></ul><div></div><div><strong>Workaround:</strong></div><div>On the “What needs your attention\" notification, click the <strong>Back </strong>button to remain on your current version of Windows 10. (Do not click <strong>Confirm</strong> as this will proceed with the update and you may experience compatibility issues.)&nbsp;Affected devices will automatically revert to the previous working configuration.</div><div><br></div><div>For more information, see <a href=\"https://www.intel.com/content/www/us/en/support/articles/000030792/graphics-drivers.html\" target=\"_blank\" style=\"\">Intel's customer support guidance</a> and the Microsoft knowledge base article <a href=\"https://support.microsoft.com/help/4465877\" target=\"_blank\" style=\"\">KB4465877</a>.</div><div><br></div><div><strong>Note</strong> We recommend you do not attempt to update your devices until newer device drivers are installed.</div><div><br></div><div><strong>Next steps: </strong>You can opt to wait for newer drivers to be installed automatically through Windows Update or check with the computer manufacturer for the latest device driver software availability and installation procedures.</div><br><a href ='#447msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>04:47 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:22 AM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='446msgdesc'></div><b>Cannot launch Camera app </b><div>Microsoft and Intel have identified an issue affecting Intel RealSense SR300 and Intel RealSense S200 cameras when using the Camera app. After updating to the Windows 10 May 2019 Update and launching the Camera app, you may get an error message stating:</div><p class=\"ql-indent-1\">\"Close other apps, error code: 0XA00F4243.”</div><div><br></div><div>To safeguard your update experience, we have applied a protective hold on machines with Intel RealSense SR300 or Intel RealSense S200 cameras installed from being offered Windows 10, version 1903, until&nbsp;this issue is resolved.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Workaround: </strong>To temporarily resolve this issue, perform one of the following:</div><div><br></div><ul><li>Unplug your camera and plug it back in.</li></ul><p class=\"ql-indent-1\">or</div><ul><li>Disable and re-enable the driver in Device Manager. In the Search box, type \"Device Manager\" and press <strong>Enter</strong>. In the Device Manager dialog box, expand <strong>Cameras</strong>, then right-click on any <strong>RealSense</strong> driver listed and select <strong>Disable device</strong>. Right click on the driver again and select <strong>Enable device</strong>.</li></ul><p class=\"ql-indent-1\">or</div><ul><li>Restart the <strong>RealSense </strong>service. In the Search box, type \"Task Manager\" and hit <strong>Enter</strong>. In the Task Manager dialog box, click on the <strong>Services </strong>tab, right-click on <strong>RealSense</strong>, and select <strong>Restart</strong>.&nbsp;</li></ul><div></div><div><strong>Note </strong>This workaround will only resolve the issue until your next system restart.</div><div><br></div><div><strong>Note </strong>We recommend that you do not attempt to manually update using the <strong>Update now</strong> button or the Media Creation Tool until this issue has been resolved.</div><div><br></div><div><strong>Next steps: </strong>We are working on a resolution and will provide an update in an upcoming release.</div><br><a href ='#446msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>04:47 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:20 AM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='445msgdesc'></div><b>Intermittent loss of Wi-Fi connectivity</b><div>Some older computers may experience loss of Wi-Fi connectivity due to an outdated Qualcomm driver. An updated Wi-Fi driver should be available from your device manufacturer (OEM).</div><div><br></div><div>To safeguard your upgrade experience, we have applied a hold on devices with this Qualcomm driver from being offered Windows 10, version 1903, until&nbsp;the updated driver is installed.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Workaround: </strong>Download<strong> </strong>and install an updated Wi-Fi driver from your device manufacturer (OEM).</div><div>&nbsp;</div><div><strong>Note</strong> We recommend that you do not attempt to manually update using the <strong>Update now</strong> button or the Media Creation Tool until a new driver has been installed and the Windows 10, version 1903 feature update has been automatically offered to you.</div><br><a href ='#445msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>04:46 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:13 AM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='443msgdesc'></div><b>AMD RAID driver incompatibility  </b><div>Microsoft and AMD have identified an incompatibility with AMD RAID driver versions lower than 9.2.0.105. When you attempt to install&nbsp;the Windows 10, version 1903 update on a Windows 10-based computer with an affected driver version, the installation process stops and you get a message like the following:</div><p class=\"ql-indent-1\">AMD Ryzen™ or AMD Ryzen™ Threadripper™ configured in SATA or NVMe RAID mode.</div><p class=\"ql-indent-1\">“A driver is installed that causes stability problems on Windows. This driver will be disabled. Check with your software/driver provider for an updated version that runs on this version of Windows.”</div><div><strong>&nbsp;</strong></div><div>To safeguard your update experience, we have applied a compatibility hold on devices with these AMD drivers from being offered Windows 10, version 1903, until&nbsp;this issue is resolved.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Workaround: </strong>To resolve this issue, download the latest AMD RAID drivers directly from AMD at&nbsp;<a href=\"https://www.amd.com/en/support/chipsets/amd-socket-tr4/x399\" target=\"_blank\">https://www.amd.com/en/support/chipsets/amd-socket-tr4/x399</a>. The drivers must be version&nbsp;9.2.0.105 or later. Install the drivers on the affected computer, and then restart the installation process for the Windows 10, version 1903 feature update.</div><div>&nbsp;</div><div><strong>Note</strong> We recommend that you do not attempt to manually update using the <strong>Update now</strong> button or the Media Creation Tool until a new driver has been installed and the Windows 10, version 1903 feature update has been automatically offered to you.</div><div>&nbsp;</div><br><a href ='#443msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>04:45 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:12 AM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='444msgdesc'></div><b>D3D applications and games may fail to enter full-screen mode on rotated displays</b><div>Some Direct3D&nbsp;(D3D) applications and games (e.g., 3DMark) may fail to enter full-screen mode on displays where the display orientation has been changed from the default (e.g., a landscape display in portrait mode).</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li><li>Server: Windows Server, version 1903</li></ul><div></div><div><strong>Workaround: </strong>To work around this issue, do one of the following:</div><ul><li>Run applications in windowed mode or, if available, on a secondary non-rotated display.&nbsp;</li><li>Change compatibility settings for the applications to “Disable Full Screen Optimizations.”</li></ul><div></div><div><strong>Next steps: </strong>Microsoft is working on a resolution and estimates a solution will be available in late May.</div><br><a href ='#444msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>04:45 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:05 AM PT</td></tr>
       <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='427msgdesc'></div><b>Older versions of BattlEye anti-cheat software incompatible</b><div>Microsoft and BattlEye have identified a compatibility issue with some games that use older versions of BattlEye anti-cheat software. When launching a game that uses an older, impacted version of BattlEye anti-cheat software on a device running Windows 10, version 1903, the device may experience a system crash.</div><div><br></div><div>To safeguard your gaming experience, we have applied a compatibility hold on devices with the impacted versions of BattlEye software used by games installed on your PC. This will prevent Windows 10, version 1903 from being offered until the incompatible version of BattlEye software is no longer installed on the device.&nbsp;</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Mitigated: </strong>BattlEye has provided an updated patch to known impacted games. For a list of recent games that use BattlEye, go to&nbsp;<a href=\"https://www.battleye.com/\" target=\"_blank\">https://www.battleye.com/</a>.</div><div><br></div><div><strong>Workaround: </strong>Before updating your machine, we recommend you do one or more of the following:</div><div><br></div><ul><li>Verify that your game is up to date with the latest available version of BattlEye software. Some game platforms allow you to validate your game files, which can confirm that your installation is fully up to date.</li><li>Restart your system and open the game again.</li><li>Uninstall BattlEye using <a href=\"https://www.battleye.com/downloads/UninstallBE.exe\" target=\"_blank\">https://www.battleye.com/downloads/UninstallBE.exe</a>, and then reopen your game.</li><li>Uninstall and reinstall your game.</li></ul><div></div><div>For more troubleshooting options, see <a href=\"https://www.battleye.com/support/faq/\" target=\"_blank\">https://www.battleye.com/support/faq/</a>.</div><div><br></div><div><strong>Next steps: </strong>We are working with BattlEye and gaming partners to ensure games are automatically updated with the latest BattlEye software. We have confirmed the latest version of impacted games do not exhibit this issue. To minimize the chance of hitting this upgrade compatibility hold, please make sure you are running the latest version of your games before attempting to update the operating system.&nbsp;&nbsp;</div><div><strong>Note </strong>We recommend that you do not attempt to manually update using the <strong>Update now </strong>button or the Media Creation Tool until you have installed an updated version of BattlEye software that resolves this issue.</div><br><a href ='#427msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>07:34 AM PT<br><br>Opened:<br>May 21, 2019 <br>07:34 AM PT</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='428msgdesc'></div><b>Unable to discover or connect to Bluetooth devices</b><div>Microsoft has identified compatibility issues with some versions of Realtek and Qualcomm Bluetooth radio drivers. To safeguard your update experience, we have applied a compatibility hold on certain devices with Realtek or Qualcomm Bluetooth radio drivers from being offered Windows 10, version 1903 or Windows Server, version 1903 until the driver has been updated.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li><li>Server: Windows Server, version 1903</li></ul><div></div><div><strong>Workaround: </strong>Check with your device manufacturer (OEM) to see if an updated driver is available and install it.</div><div><br></div><ul><li>For Qualcomm drivers, you will need to install a driver version greater than 10.0.1.11.</li><li>For Realtek drivers, you will need to install a driver version greater than 1.5.1011.0.</li></ul><div></div><div><strong>Next steps:&nbsp;</strong>Microsoft is working with Realtek and Qualcomm to release new drivers for all affected system via Windows Update.<strong>&nbsp;</strong>&nbsp;</div><div><strong>Note</strong> Until an updated driver has been installed, we recommend you do not attempt to manually update using the<strong> Update now </strong>button or the Media Creation Tool.&nbsp;</div><br><a href ='#428msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>07:29 AM PT<br><br>Opened:<br>May 21, 2019 <br>07:29 AM PT</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='429msgdesc'></div><b>Night light settings do not apply in some cases</b><div>Microsoft has identified some scenarios where night light settings may stop working.&nbsp;The night light feature may stop working in the following scenarios:</div><div><br></div><ul><li>Connecting to (or disconnecting from) an external monitor, dock, or projector</li><li>Rotating the screen</li><li>Updating display drivers or making other display mode changes</li></ul><div></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Workaround: </strong>If you find that your night light settings have stopped working, try turning the night light on and off, or restart your computer.<strong>&nbsp;&nbsp;</strong></div><div><br></div><div><strong>Next steps: </strong>We are working on a resolution and will provide an update in an upcoming release.</div><div><strong>Note </strong>We recommend that you do not attempt to manually update using the <strong>Update now</strong> button or the Media Creation Tool until this issue has been resolved.</div><br><a href ='#429msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>07:28 AM PT<br><br>Opened:<br>May 21, 2019 <br>07:28 AM PT</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='432msgdesc'></div><b>Cannot launch Camera app </b><div>Microsoft and Intel have identified an issue affecting Intel RealSense SR300 and Intel RealSense S200 cameras when using the Camera app. After updating to the Windows 10 May 2019 Update and launching the Camera app, you may get an error message stating:</div><div><br></div><div>\"Close other apps, error code: 0XA00F4243.”</div><div><br></div><div>To safeguard your update experience, we have applied a protective hold on machines with Intel RealSense SR300 or Intel RealSense S200 cameras installed from being offered Windows 10, version 1903, until&nbsp;this issue is resolved.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Workaround: </strong>To temporarily resolve this issue, perform one of the following:</div><div><br></div><ul><li>Unplug your camera and plug it back in.</li></ul><p class=\"ql-indent-1\">or</div><ul><li>Disable and re-enable the driver in Device Manager. In the Search box, type \"Device Manager\" and press <strong>Enter</strong>. In the Device Manager dialog box, expand <strong>Cameras</strong>, then right-click on any <strong>RealSense</strong> driver listed and select <strong>Disable device</strong>. Right click on the driver again and select <strong>Enable device</strong>.</li></ul><p class=\"ql-indent-1\">or</div><ul><li>Restart the <strong>RealSense </strong>service. In the Search box, type \"Task Manager\" and hit <strong>Enter</strong>. In the Task Manager dialog box, click on the <strong>Services </strong>tab, right-click on <strong>RealSense</strong>, and select <strong>Restart</strong>.&nbsp;</li></ul><div></div><div><strong>Note </strong>This workaround will only resolve the issue until your next system restart.</div><div>&nbsp;</div><div><strong>Next steps: </strong>We are working on a resolution and will provide an update in an upcoming release.</div><div><strong>Note </strong>We recommend that you do not attempt to manually update using the <strong>Update now</strong> button or the Media Creation Tool until this issue has been resolved.</div><br><a href ='#432msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>07:20 AM PT<br><br>Opened:<br>May 21, 2019 <br>07:20 AM PT</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='434msgdesc'></div><b>Intermittent Wi-Fi connectivity loss</b><div>Some older computers may experience losing Wi-Fi connectivity due to an outdated Qualcomm driver. An updated Wi-Fi driver should be available by your device manufacturer.</div><div><br></div><div>To safeguard your upgrade experience, we have applied a hold on devices with this Qualcomm driver from being offered Windows 10, version 1903, until&nbsp;the updated driver is installed.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Workaround: </strong>Download<strong> </strong>and install an updated Wi-Fi driver from your computer manufacturer (OEM).</div><div>&nbsp;</div><div><strong>Note</strong> We recommend that you do not attempt to manually update using the <strong>Update now</strong> button or the Media Creation Tool until a new driver has been installed and the Windows 10, version 1903 feature update has been automatically offered to you.</div><br><a href ='#434msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>07:13 AM PT<br><br>Opened:<br>May 21, 2019 <br>07:13 AM PT</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='435msgdesc'></div><b>AMD RAID driver incompatibility  </b><div>Microsoft and Intel have identified an incompatibility with AMD RAID driver versions lower than 9.2.0.105. When you install&nbsp;the Windows 10, version 1903 update on a Windows 10-based computer, the installation process stops and you get a message like the following:</div><div>&nbsp;</div><div>AMD Ryzen™ or AMD Ryzen™ Threadripper™ configured in SATA or NVMe RAID mode.</div><div>“A driver is installed that causes stability problems on Windows. This driver will be disabled. Check with your software/driver provider for an updated version that runs on this version of Windows.”</div><div><strong>&nbsp;</strong></div><div>On computers that have AMD Ryzen™ or AMD Ryzen™ Threadripper™ processors, AMD RAID drivers less than version 9.2.0.105 are not compatible with the this update. If a computer has these drivers installed and configured in RAID mode, it cannot install the Windows 10, version 1903 update.</div><div><br></div><div>Computers with an AMD RAID driver, version 9.2.0.105 or higher, installed will not encounter this issue.</div><div><br></div><div>For more information about this issue, please see the <a href=\"https://www.amd.com/en/support/kb/faq/pa-260\" target=\"_blank\">AMD support article</a>.</div><div><br></div><div>To safeguard your update experience, we have applied a quality hold on devices with these AMD drivers from being offered Windows 10, version 1903, until&nbsp;this issue is resolved.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Workaround: </strong>To resolve this issue, download the latest AMD RAID drivers directly from AMD at&nbsp;<a href=\"https://www.amd.com/en/support/chipsets/amd-socket-tr4/x399\" target=\"_blank\">https://www.amd.com/en/support/chipsets/amd-socket-tr4/x399</a>. The drivers must be version&nbsp;9.2.0.105 or later. Install the drivers on the affected computer, and then restart the installation process for the Windows 10, version 1903 feature update.</div><div>&nbsp;</div><div><strong>Note</strong> We recommend that you do not attempt to manually update using the <strong>Update now</strong> button or the Media Creation Tool until a new driver has been installed and the Windows 10, version 1903 feature update has been automatically offered to you.</div><div>&nbsp;</div><br><a href ='#435msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>07:12 AM PT<br><br>Opened:<br>May 21, 2019 <br>07:12 AM PT</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='436msgdesc'></div><b>D3D applications and games may fail to enter full-screen mode on rotated displays</b><div>Some Direct 3D&nbsp;(D3D) applications and games (e.g., 3DMark) may fail to enter full-screen mode on displays where the display orientation has been changed from the default (e.g., a landscape display in portrait mode).</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li><li>Server: Windows Server, version 1903</li></ul><div></div><div><strong>Workaround: </strong>To work around this issue, do one of the following:</div><ul><li>Run applications in windowed mode or, if available, on a secondary non-rotated display.&nbsp;</li><li>Change compatibility settings for the applications to “Disable Full Screen Optimizations.”</li></ul><div></div><div><strong>Next steps: </strong>Microsoft is working on a resolution and estimates a solution will be available in late May.</div><br><a href ='#436msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>07:05 AM PT<br><br>Opened:<br>May 21, 2019 <br>07:05 AM PT</td></tr>
       </table>
       "

From f55edfe3a201e7a3cbf4a6e708d41b49ab5c45f1 Mon Sep 17 00:00:00 2001
From: Greg Lindsay <greglin@microsoft.com>
Date: Wed, 22 May 2019 00:49:35 -0700
Subject: [PATCH 135/157] fix 2 link issues

---
 windows/whats-new/whats-new-windows-10-version-1903.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/whats-new/whats-new-windows-10-version-1903.md b/windows/whats-new/whats-new-windows-10-version-1903.md
index 1373c5d800..c77493d952 100644
--- a/windows/whats-new/whats-new-windows-10-version-1903.md
+++ b/windows/whats-new/whats-new-windows-10-version-1903.md
@@ -112,9 +112,9 @@ The draft release of the [security configuration baseline settings](https://blog
 
 - [Windows Defender Application Control (WDAC)](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control): In Windows 10, version 1903 WDAC has a number of new features that light up key scenarios and provide feature parity with AppLocker.
     - [Multiple Policies](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies): WDAC now supports multiple simultaneous code integrity policies for one device in order to enable the following scenarios: 1) enforce and audit side-by-side, 2) simpler targeting for policies with different scope/intent, 3) expanding a policy using a new ‘supplemental’ policy.
-    - [Path-Based Rules](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-control/create-path-based-rules.md): The path condition identifies an app by its location in the file system of the computer or on the network instead of a signer or hash identifier. Additionally, WDAC has an option that allows admins to enforce at runtime that only code from paths that are not user-writeable is executed. When code tries to execute at runtime, the directory is scanned and files will be checked for write permissions for non-known admins. If a file is found to be user writeable, the executable is blocked from running unless it is authorized by something other than a path rule like a signer or hash rule.<br>
+    - [Path-Based Rules](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-control/create-path-based-rules): The path condition identifies an app by its location in the file system of the computer or on the network instead of a signer or hash identifier. Additionally, WDAC has an option that allows admins to enforce at runtime that only code from paths that are not user-writeable is executed. When code tries to execute at runtime, the directory is scanned and files will be checked for write permissions for non-known admins. If a file is found to be user writeable, the executable is blocked from running unless it is authorized by something other than a path rule like a signer or hash rule.<br>
     This brings WDAC to functionality parity with AppLocker in terms of support for file path rules. WDAC improves upon the security of policies based on file path rules with the availability of the user-writability permission checks at runtime time, which is a capability that is not available with AppLocker.
-    - [Allow COM Object Registration](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-control/allow-com-object-registration-in-windows-defender-application-control-policy.md): Previously, WDAC enforced a built-in allow list for COM object registration. While this mechanism works for most common application usage scenarios, customers have provided feedback that there are cases where additional COM objects need to be allowed. The 1903 update to Windows 10 introduces the ability to specify allowed COM objects via their GUID in the WDAC policy.
+    - [Allow COM Object Registration](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-control/allow-com-object-registration-in-windows-defender-application-control-policy): Previously, WDAC enforced a built-in allow list for COM object registration. While this mechanism works for most common application usage scenarios, customers have provided feedback that there are cases where additional COM objects need to be allowed. The 1903 update to Windows 10 introduces the ability to specify allowed COM objects via their GUID in the WDAC policy.
 
 ### Identity Protection
 

From c33f2fb2ceb2ce5efcc3cb61151b81abb883bc58 Mon Sep 17 00:00:00 2001
From: Greg Lindsay <greglin@microsoft.com>
Date: Wed, 22 May 2019 00:53:34 -0700
Subject: [PATCH 136/157] edit wifi text remove redundant statement

---
 windows/deployment/planning/windows-10-1903-removed-features.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deployment/planning/windows-10-1903-removed-features.md b/windows/deployment/planning/windows-10-1903-removed-features.md
index 690c3dd7dc..92ba071002 100644
--- a/windows/deployment/planning/windows-10-1903-removed-features.md
+++ b/windows/deployment/planning/windows-10-1903-removed-features.md
@@ -35,7 +35,7 @@ If you have feedback about the proposed replacement of any of these features, yo
 |Feature	|Details|
 |-----------|---------------------|
 | Taskbar settings roaming| Roaming of taskbar settings is no longer being developed and we plan to disable this capability in a future release|
-|Wi-Fi WEP and TKIP|Wi-Fi networks that are secured with passwords using older WEP and TKIP protocols are not as secure as those secured with new protocols such as WPA, WPA2, and soon WPA3. In this release a warning message will appear when connecting to Wi-Fi networks secured with WEP or TKIP, which are not as secure as those using WPA2 or WPA3. In a future release, any connection to a Wi-Fi network using these old ciphers will be disallowed. Wi-Fi routers should be updated to use AES ciphers, available with WPA2 or WPA3. |
+|Wi-Fi WEP and TKIP|In this release a warning message will appear when connecting to Wi-Fi networks secured with WEP or TKIP, which are not as secure as those using WPA2 or WPA3. In a future release, any connection to a Wi-Fi network using these old ciphers will be disallowed. Wi-Fi routers should be updated to use AES ciphers, available with WPA2 or WPA3. |
 |Windows To Go|Windows To Go is no longer being developed. <br><br>The feature does not support feature updates and therefore does not enable you to stay current. It also requires a specific type of USB that is no longer supported by many OEMs.|
 |Print 3D app|Going forward, 3D Builder is the recommended 3D printing app. To 3D print objects on new Windows devices, customers must first install 3D Builder from the Store.|
 

From e97c9edbf32600f76f53add372f89c69bc29f6d9 Mon Sep 17 00:00:00 2001
From: martyav <v-maave@microsoft.com>
Date: Wed, 22 May 2019 13:19:42 -0400
Subject: [PATCH 137/157] updated note to account for new behavior in v
 1.287.60 re: prevent-changes-to-security-settings-with-tamper-protection.md

---
 ...t-changes-to-security-settings-with-tamper-protection.md | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/windows-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md b/windows/security/threat-protection/windows-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md
index 16fceaea85..e36d5f806e 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md
@@ -49,4 +49,8 @@ Tamper protection is On by default. If you set tamper protection to **Off**, you
 3. Set **Tamper Protection** to **On** or **Off**.
 
 >[!NOTE]
->If your computer is running Windows 10 Enterprise E5, you can't change the tamper protection settings from within Windows Security App.
\ No newline at end of file
+>Tamper Protection blocks attempts to modify Windows Defender Antivirus settings through the registry.
+>
+>To help ensure that Tamper Protection doesn’t interfere with third-party security products or enterprise installation scripts that modify these settings, go to **Windows Security** and update **Security intelligence** to version 1.287.60.0 or later. 
+>
+>Once you’ve made this update, Tamper Protection will continue to protect your registry settings, and will also log attempts to modify them without returning errors.
\ No newline at end of file

From 9ccf11255cc5542ce4b897183c98c2a2a8798503 Mon Sep 17 00:00:00 2001
From: Greg Lindsay <greglin@microsoft.com>
Date: Wed, 22 May 2019 10:28:31 -0700
Subject: [PATCH 138/157] remove ESP requirement

---
 .../windows-autopilot/windows-autopilot-reset-remote.md         | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/deployment/windows-autopilot/windows-autopilot-reset-remote.md b/windows/deployment/windows-autopilot/windows-autopilot-reset-remote.md
index 7e67c7eca1..a0415fac11 100644
--- a/windows/deployment/windows-autopilot/windows-autopilot-reset-remote.md
+++ b/windows/deployment/windows-autopilot/windows-autopilot-reset-remote.md
@@ -21,7 +21,7 @@ ms.topic: article
 
 When performing a remote Windows Autopilot Reset, an MDM service such an Microsoft Intune can be used to initiate the reset process, avoiding the need for IT staff or other administrators to visit each machine to initiate the process.
 
-To enable a device for a remote Windows Autopilot Reset, the device must be MDM managed, joined to Azure AD, and configured to use the [enrollment status page](enrollment-status.md). This feature is not supported on devices that were enrolled using [Autopilot self deploying mode](self-deploying.md).
+To enable a device for a remote Windows Autopilot Reset, the device must be MDM managed and joined to Azure AD. This feature is not supported on devices that were enrolled using [Autopilot self deploying mode](self-deploying.md).
 
 ## Triggering a remote Windows Autopilot Reset
 

From 17f254f78d6ab341c3ca5f12bfdff505fcfa5783 Mon Sep 17 00:00:00 2001
From: martyav <v-maave@microsoft.com>
Date: Wed, 22 May 2019 13:32:22 -0400
Subject: [PATCH 139/157] corrected feature name to use title caps

---
 ...es-to-security-settings-with-tamper-protection.md | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/windows/security/threat-protection/windows-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md b/windows/security/threat-protection/windows-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md
index e36d5f806e..1d22390bfc 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md
@@ -19,7 +19,7 @@ ms.author: v-anbic
 
 - Windows 10
 
-Tamper protection helps prevent malicious apps from changing important security settings. These settings include:
+Tamper Protection helps prevent malicious apps from changing important security settings. These settings include:
 
 - Real-time protection
 - Cloud-delivered protection
@@ -27,7 +27,7 @@ Tamper protection helps prevent malicious apps from changing important security
 - Behavior monitoring
 - Removing security intelligence updates
 
-With tamper protection set to **On**, you can still change these settings in the Windows Security app. The following apps and methods can't change these settings:
+With Tamper Protection set to **On**, you can still change these settings in the Windows Security app. The following apps and methods can't change these settings:
 
 - Mobile device management (MDM) apps like Intune
 - Enterprise configuration management apps like System Center Configuration Manager (SCCM)
@@ -36,11 +36,11 @@ With tamper protection set to **On**, you can still change these settings in the
 - Group Policy
 - Other Windows Management Instrumentation (WMI) apps
 
-The tamper protection setting doesn't affect how third party antivirus apps register with the Windows Security app.
+The Tamper Protection setting doesn't affect how third party antivirus apps register with the Windows Security app.
 
-On computers running Windows 10 Enterprise E5, users can't change the tamper protection setting.
+On computers running Windows 10 Enterprise E5, users can't change the Tamper Protection setting.
 
-Tamper protection is On by default. If you set tamper protection to **Off**, you will see a yellow warning in the Windows Security app under **Virus & threat protection**.
+Tamper Protection is set to **On** by default. If you set Tamper Protection to **Off**, you will see a yellow warning in the Windows Security app under **Virus & Threat Protection**.
 
 ## Configure tamper protection
 
@@ -51,6 +51,6 @@ Tamper protection is On by default. If you set tamper protection to **Off**, you
 >[!NOTE]
 >Tamper Protection blocks attempts to modify Windows Defender Antivirus settings through the registry.
 >
->To help ensure that Tamper Protection doesn’t interfere with third-party security products or enterprise installation scripts that modify these settings, go to **Windows Security** and update **Security intelligence** to version 1.287.60.0 or later. 
+>To help ensure that Tamper Protection doesn’t interfere with third-party security products or enterprise installation scripts that modify these settings, go to **Windows Security** and update **Security intelligence** to version 1.287.60.0 or later.
 >
 >Once you’ve made this update, Tamper Protection will continue to protect your registry settings, and will also log attempts to modify them without returning errors.
\ No newline at end of file

From ecb6379f4bcae0e3c426f44ae4d809b54ef1d32d Mon Sep 17 00:00:00 2001
From: martyav <v-maave@microsoft.com>
Date: Wed, 22 May 2019 14:26:45 -0400
Subject: [PATCH 140/157] updated mdatp-for-mac

changed any remaining instances of windows atp to microsoft

updated what's new w\ health monitoring feature note

updated installation section by breaking bullets into subsections - first/third party tools

refined wording about SIP
---
 .../microsoft-defender-atp-mac.md             | 34 +++++++++++--------
 1 file changed, 19 insertions(+), 15 deletions(-)

diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac.md
index 264d420897..b14ccc332d 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac.md
@@ -17,22 +17,23 @@ ms.collection: M365-security-compliance
 ms.topic: conceptual
 ---
 
-# Microsoft Defender ATP for Mac
+# Microsoft Defender Advanced Threat Protection for Mac
 
 >[!IMPORTANT]
->This topic relates to the pre-release version of Microsoft Defender ATP for Mac. Microsoft Defender ATP for Mac is not yet widely available, and this topic only applies to enterprise customers who have been accepted into the preview program. Microsoft makes no warranties, express or implied, with respect to the information provided here.
+>This topic relates to the pre-release version of Microsoft Defender Advanced Threat Protection (ATP) for Mac. Microsoft Defender ATP for Mac is not yet widely available, and this topic only applies to enterprise customers who have been accepted into the preview program. Microsoft makes no warranties, express or implied, with respect to the information provided here.
 
-This topic describes how to install and use Microsoft Defender ATP for Mac.
+This topic describes how to install and use Microsoft Defender Advanced Threat Protection ATP for Mac.
 
 ## What’s new in the public preview
 
-We've been working hard through the private preview period, and we've heard your concerns. We've reduced the delay for when new Mac devices appear in the ATP console after they've been deployed. We've improved threat handling, and enhanced the user experience. We've also made numerous bug fixes. Other updates to Microsoft Defender ATP for Mac include:
+Since opening the limited preview, we've been working non-stop to enhance the product, by listening to customer feedback. We've reduced the time it takes for devices to appear in Microsoft Defender Security Center, immediately following deployment. We've improved threat handling, enhanced the user experience, and fixed bugs. Other updates to Microsoft Defender ATP for Mac include:
 
-- Full accessibility
+- Enhanced accessibility
 - Improved performance
-- Localization for 37 languages
+- improved client product health monitoring
+- Localization into 37 languages
 - Improved anti-tampering protections
-- Feedback and samples can now be submitted via the GUI.
+- Feedback and samples can now be submitted via the interface.
 - Product health can be queried with JAMF or the command line.
 - Admins can set their cloud preference for any location, not just for those in the US.
 
@@ -41,12 +42,16 @@ We've been working hard through the private preview period, and we've heard your
 There are various methods and deployment tools that you can use to install and configure Microsoft Defender ATP for Mac.
 In general you'll need to take the following steps:
 
-- Ensure you have a Windows Defender ATP subscription and have access to the Windows Defender ATP Portal
+- Ensure you have a Microsoft Defender ATP subscription and have access to the Microsoft Defender ATP Portal
 - Deploy Microsoft Defender ATP for Mac using one of the following deployment methods:
-  - [Microsoft Intune-based deployment](microsoft-defender-atp-mac-install-with-intune.md)
-  - [JAMF-based deployment](microsoft-defender-atp-mac-install-with-jamf.md)
-  - [Other MDM products](microsoft-defender-atp-mac-install-with-other-mdm.md)
-  - [Manual deployment](microsoft-defender-atp-mac-install-manually.md)
+  - Via the command line tool:
+    - [Manual deployment](microsoft-defender-atp-mac-install-manually.md)
+  - Via third party tools:
+    - [Microsoft Intune-based deployment](microsoft-defender-atp-mac-install-with-intune.md)
+    - [JAMF-based deployment](microsoft-defender-atp-mac-install-with-jamf.md)
+    - [Other MDM products](microsoft-defender-atp-mac-install-with-other-mdm.md)
+
+Whichever method you choose, you will first need to visit the onboarding page in the Microsoft Defender ATP portal.
 
 ### Prerequisites
 
@@ -69,7 +74,7 @@ After you've enabled the service, you may need to configure your network or fire
 The following table lists the services and their associated URLs that your network must be able to connect to. You should ensure there are no firewall or network filtering rules that would deny access to these URLs, or you may need to create an **allow** rule specifically for them:
 
 | Service        | Description                          | URL                                                                  |
-| -------------- |:------------------------------------:| --------------------------------------------------------------------:|
+| -------------- | ------------------------------------ | -------------------------------------------------------------------- |
 | ATP            | Advanced threat protection service   | `https://x.cp.wd.microsoft.com`, `https://cdn.x.cp.wd.microsoft.com` |
 
 To test that a connection is not blocked, open `https://x.cp.wd.microsoft.com/api/report` and `https://cdn.x.cp.wd.microsoft.com/ping` in a browser, or run the following command in Terminal:
@@ -80,8 +85,7 @@ To test that a connection is not blocked, open `https://x.cp.wd.microsoft.com/ap
     OK https://cdn.x.cp.wd.microsoft.com/ping
 ```
 
-We recommend to keep [System Integrity Protection](https://support.apple.com/en-us/HT204899) ([Wiki](https://en.wikipedia.org/wiki/System_Integrity_Protection)) enabled (default setting) on client machines.
-SIP is a built-in macOS security feature that prevents low-level tampering with the OS.
+We recommend that you keep [System Integrity Protection](https://support.apple.com/en-us/HT204899) (SIP) enabled on client machines. SIP is a built-in macOS security feature that prevents low-level tampering with the OS, and is enabled by default.
 
 ## Resources
 

From 4f8b76e18f79d0de2580fd1b4e318f89b1e2fcb2 Mon Sep 17 00:00:00 2001
From: DocsPreview <49669258+DocsPreview@users.noreply.github.com>
Date: Wed, 22 May 2019 12:22:27 -0700
Subject: [PATCH 141/157] Changes GA Date for some issues (#272)

---
 .../status-windows-10-1903.yml                | 48 +++++++++----------
 1 file changed, 24 insertions(+), 24 deletions(-)

diff --git a/windows/release-information/status-windows-10-1903.yml b/windows/release-information/status-windows-10-1903.yml
index 6f5714b4dd..0c22040811 100644
--- a/windows/release-information/status-windows-10-1903.yml
+++ b/windows/release-information/status-windows-10-1903.yml
@@ -65,18 +65,18 @@ sections:
   - type: markdown
     text: "<div>This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.</div><br>
       <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Last updated</td></tr>
-      <tr><td><div id='448msg'></div><b>Display brightness may not respond to adjustments</b><br>Microsoft and Intel have identified a driver compatibility issue on devices configured with certain Intel display drivers.<br><br><a href = '#448msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Investigating<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>04:47 PM PT</td></tr>
-      <tr><td><div id='433msg'></div><b>Audio not working with Dolby Atmos headphones and home theater </b><br>Users may experience audio loss with Dolby Atmos headphones or Dolby Atmos home theater.<br><br><a href = '#433msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Investigating<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>07:17 AM PT</td></tr>
-      <tr><td><div id='426msg'></div><b>Duplicate folders and documents showing in user profile directory</b><br>If known folders (e.g. Desktop, Documents, or Pictures folders) are redirected, an empty folder with that same name may be created.<br><br><a href = '#426msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Investigating<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>07:16 AM PT</td></tr>
-      <tr><td><div id='442msg'></div><b>Error attempting to update with external USB device or memory card attached </b><br>PCs with an external USB device or SD memory card attached may get error: \"This PC can't be upgraded to Windows 10.\"<br><br><a href = '#442msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>04:49 PM PT</td></tr>
-      <tr><td><div id='450msg'></div><b>Unable to discover or connect to Bluetooth devices</b><br>Microsoft has identified compatibility issues with some versions of Realtek and Qualcomm Bluetooth radio drivers.<br><br><a href = '#450msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>04:48 PM PT</td></tr>
-      <tr><td><div id='449msg'></div><b>Night light settings do not apply in some cases</b><br>Microsoft has identified some scenarios where night light settings may stop working.<br><br><a href = '#449msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>04:48 PM PT</td></tr>
-      <tr><td><div id='447msg'></div><b>Intel Audio displays an intcdaud.sys notification</b><br>Microsoft and Intel have identified an issue with a range of Intel Display Audio device drivers that may result in battery drain.  <br><br><a href = '#447msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>04:47 PM PT</td></tr>
-      <tr><td><div id='446msg'></div><b>Cannot launch Camera app </b><br>Microsoft and Intel have identified an issue affecting Intel RealSense SR300 or Intel RealSense S200 camera apps.<br><br><a href = '#446msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>04:47 PM PT</td></tr>
-      <tr><td><div id='445msg'></div><b>Intermittent loss of Wi-Fi connectivity</b><br>Some older devices may experience loss of Wi-Fi connectivity due to an outdated Qualcomm driver. <br><br><a href = '#445msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>04:46 PM PT</td></tr>
-      <tr><td><div id='443msg'></div><b>AMD RAID driver incompatibility  </b><br>Installation process may stop when trying to install Windows 10, version 1903 update on computers that run certain versions of AMD RAID drivers.<br><br><a href = '#443msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>04:45 PM PT</td></tr>
-      <tr><td><div id='444msg'></div><b>D3D applications and games may fail to enter full-screen mode on rotated displays</b><br>Some Direct3D (D3D) applications and games may fail to enter full-screen mode on rotated displays.<br><br><a href = '#444msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>04:45 PM PT</td></tr>
-      <tr><td><div id='427msg'></div><b>Older versions of BattlEye anti-cheat software incompatible</b><br>Microsoft and BattlEye have identified a compatibility issue with some games that use older versions of BattlEye anti-cheat software.<br><br><a href = '#427msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>07:34 AM PT</td></tr>
+      <tr><td><div id='448msg'></div><b>Display brightness may not respond to adjustments</b><br>Microsoft and Intel have identified a driver compatibility issue on devices configured with certain Intel display drivers.<br><br><a href = '#448msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Investigating<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>04:47 PM PT</td></tr>
+      <tr><td><div id='433msg'></div><b>Audio not working with Dolby Atmos headphones and home theater </b><br>Users may experience audio loss with Dolby Atmos headphones or Dolby Atmos home theater.<br><br><a href = '#433msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Investigating<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>07:17 AM PT</td></tr>
+      <tr><td><div id='426msg'></div><b>Duplicate folders and documents showing in user profile directory</b><br>If known folders (e.g. Desktop, Documents, or Pictures folders) are redirected, an empty folder with that same name may be created.<br><br><a href = '#426msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Investigating<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>07:16 AM PT</td></tr>
+      <tr><td><div id='442msg'></div><b>Error attempting to update with external USB device or memory card attached </b><br>PCs with an external USB device or SD memory card attached may get error: \"This PC can't be upgraded to Windows 10.\"<br><br><a href = '#442msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>04:49 PM PT</td></tr>
+      <tr><td><div id='450msg'></div><b>Unable to discover or connect to Bluetooth devices</b><br>Microsoft has identified compatibility issues with some versions of Realtek and Qualcomm Bluetooth radio drivers.<br><br><a href = '#450msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>04:48 PM PT</td></tr>
+      <tr><td><div id='449msg'></div><b>Night light settings do not apply in some cases</b><br>Microsoft has identified some scenarios where night light settings may stop working.<br><br><a href = '#449msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>04:48 PM PT</td></tr>
+      <tr><td><div id='447msg'></div><b>Intel Audio displays an intcdaud.sys notification</b><br>Microsoft and Intel have identified an issue with a range of Intel Display Audio device drivers that may result in battery drain.  <br><br><a href = '#447msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>04:47 PM PT</td></tr>
+      <tr><td><div id='446msg'></div><b>Cannot launch Camera app </b><br>Microsoft and Intel have identified an issue affecting Intel RealSense SR300 or Intel RealSense S200 camera apps.<br><br><a href = '#446msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>04:47 PM PT</td></tr>
+      <tr><td><div id='445msg'></div><b>Intermittent loss of Wi-Fi connectivity</b><br>Some older devices may experience loss of Wi-Fi connectivity due to an outdated Qualcomm driver. <br><br><a href = '#445msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>04:46 PM PT</td></tr>
+      <tr><td><div id='443msg'></div><b>AMD RAID driver incompatibility  </b><br>Installation process may stop when trying to install Windows 10, version 1903 update on computers that run certain versions of AMD RAID drivers.<br><br><a href = '#443msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>04:45 PM PT</td></tr>
+      <tr><td><div id='444msg'></div><b>D3D applications and games may fail to enter full-screen mode on rotated displays</b><br>Some Direct3D (D3D) applications and games may fail to enter full-screen mode on rotated displays.<br><br><a href = '#444msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>04:45 PM PT</td></tr>
+      <tr><td><div id='427msg'></div><b>Older versions of BattlEye anti-cheat software incompatible</b><br>Microsoft and BattlEye have identified a compatibility issue with some games that use older versions of BattlEye anti-cheat software.<br><br><a href = '#427msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>07:34 AM PT</td></tr>
       </table>
       "
 
@@ -92,17 +92,17 @@ sections:
   - type: markdown
     text: "
       <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='448msgdesc'></div><b>Display brightness may not respond to adjustments</b><div>Microsoft and Intel have identified a driver compatibility issue on devices configured with certain Intel display drivers. After updating to Window 10, version 1903, brightness settings may sometime appear as if changes applied took effect, yet the actual display brightness doesn't change.</div><div><br></div><div>To safeguard your update experience, we have applied a compatibility hold on devices with certain Intel drivers from being offered Windows 10, version 1903, until&nbsp;this issue is resolved.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Workaround: </strong>Restart your device to apply changes to brightness.</div><div><br></div><div><strong>Note</strong> We recommend that you do not attempt to manually update using the <strong>Update now</strong> button or the Media Creation Tool until this issue has been resolved.</div><div><br></div><div><strong>Next steps: </strong>We are working on a resolution that will be made available in upcoming release.</div><br><a href ='#448msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Investigating<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>04:47 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:56 AM PT</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='433msgdesc'></div><b>Audio not working with Dolby Atmos headphones and home theater </b><div>After updating to Windows 10, version 1903, you may experience loss of audio with Dolby Atmos for home theater (free extension) or Dolby Atmos for headphones (paid extension) acquired through the Microsoft Store due to a licensing configuration error.</div><div>&nbsp;</div><div>This occurs due to an issue with a Microsoft Store licensing component, where license holders are not able to connect to the Dolby Access app and enable Dolby Atmos extensions.</div><div>&nbsp;</div><div>To safeguard your update experience, we have applied protective hold on devices from being offered Windows 10, version 1903 until&nbsp;this issue is resolved. This configuration error will not result in loss of access for the acquired license once the problem is resolved.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Next steps: </strong>We are working on a resolution for Microsoft Store and estimate a solution will be available in mid-June.</div><div><strong>Note</strong> We recommend you do not attempt to manually update using the <strong>Update now</strong> button or the Media Creation Tool until this issue has been resolved.&nbsp;</div><br><a href ='#433msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Investigating<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>07:17 AM PT<br><br>Opened:<br>May 21, 2019 <br>07:16 AM PT</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='426msgdesc'></div><b>Duplicate folders and documents showing in user profile directory</b><div>If you have redirected known folders (e.g. Desktop, Documents, or Pictures folders) you may see an empty folder with the same name in your %userprofile% directories after updating to Windows 10, version 1903. This may occur if known folders were redirected when you chose to back up your content to OneDrive using the OneDrive wizard, or if you chose to back up your content during the Windows Out-of-Box-Experience (OOBE). This may also occur if you redirected your known folders manually through the Properties dialog box in File Explorer. ​This issue does not cause any user files to be deleted and a solution is in progress.</div><div><br></div><div>To safeguard your update experience, we have applied a quality hold on devices with redirected known folders from being offered Windows 10, version 1903, until&nbsp;this issue is resolved.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Next steps: </strong>Microsoft is working on a resolution and estimates a solution will be available in late May.</div><div><strong>Note </strong>We recommend that you do not attempt to manually update to Windows 10, version 1903 using the <strong>Update now</strong> button or the Media Creation Tool until this issue has been resolved.</div><br><a href ='#426msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Investigating<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>07:16 AM PT<br><br>Opened:<br>May 21, 2019 <br>07:16 AM PT</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='442msgdesc'></div><b>Error attempting to update with external USB device or memory card attached </b><div>If you have an external USB device or SD memory card attached when installing Windows 10, version 1903, you may get an error message stating \"This PC can't be upgraded to Windows 10.\" This is caused by inappropriate drive reassignment during installation.</div><div><br></div><div>Sample scenario: An update to Windows 10, version 1903 is attempted on a computer that has a thumb drive inserted into its USB port. Before the update, the thumb drive is mounted in the system as drive G based on the existing drive configuration. After the feature update is installed; however, the device is&nbsp;reassigned a different drive letter (e.g., drive H).</div><div><br></div><div><strong>Note</strong> The drive reassignment is not limited to removable drives. Internal hard drives may also be affected.</div><div><br></div><div>To safeguard your update experience, we have applied a hold on devices with an external USB device or SD memory card attached from being offered Windows 10, version 1903 until&nbsp;this issue is resolved.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Workaround: </strong>To work around this issue, remove&nbsp;all external media, such as USB devices and SD cards, from your computer and restart installation of the Windows 10, version 1903 feature update. The update should then proceed normally.</div><div><strong>Note </strong>If you need to keep your external device, SD memory card, or other devices attached to your computer while updating, we recommend that you do not attempt to manually update to Windows 10, version 1903 using the <strong>Update now </strong>button or the Media Creation Tool until this issue has been resolved.</div><div><br></div><div><strong>Next steps: </strong>Microsoft is working on a resolution and estimate a solution will be available in late May.</div><br><a href ='#442msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>04:49 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:38 AM PT</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='450msgdesc'></div><b>Unable to discover or connect to Bluetooth devices</b><div>Microsoft has identified compatibility issues with some driver versions for Bluetooth radios made by Realtek and Qualcomm. To safeguard your update experience, we have applied a compatibility hold on devices with affected driver versions for Realtek or Qualcomm Bluetooth radios from being offered Windows 10, version 1903 or Windows Server, version 1903 until the driver has been updated.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li><li>Server: Windows Server, version 1903</li></ul><div></div><div><strong>Workaround: </strong>Check with your device manufacturer (OEM) to see if an updated driver is available and install it.</div><div><br></div><ul><li>For Qualcomm drivers, you will need to install a driver version greater than 10.0.1.11.</li><li>For Realtek drivers, you will need to install a driver version greater than 1.5.1011.0.</li></ul><div></div><div><strong>Note</strong> Until an updated driver has been installed, we recommend you do not attempt to manually update using the<strong> Update now </strong>button or the Media Creation Tool.&nbsp;</div><div><br></div><div><strong>Next steps:&nbsp;</strong>Microsoft is working with Realtek and Qualcomm to release new drivers for all affected system via Windows Update.<strong>&nbsp;</strong>&nbsp;</div><div><br></div><br><a href ='#450msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>04:48 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:29 AM PT</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='449msgdesc'></div><b>Night light settings do not apply in some cases</b><div>Microsoft has identified some scenarios where night light settings may stop working, for example:</div><ul><li>Connecting to (or disconnecting from) an external monitor, dock, or projector</li><li>Rotating the screen</li><li>Updating display drivers or making other display mode changes</li></ul><div></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Workaround: </strong>If you find that your night light settings have stopped working, try turning the night light on and off, or restart your computer.<strong>&nbsp;&nbsp;</strong></div><div><br></div><div><strong>Note </strong>We recommend that you do not attempt to manually update using the <strong>Update now</strong> button or the Media Creation Tool until this issue has been resolved.</div><div><br></div><div><strong>Next steps: </strong>We are working on a resolution and will provide an update in an upcoming release.</div><div><br></div><br><a href ='#449msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>04:48 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:28 AM PT</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='447msgdesc'></div><b>Intel Audio displays an intcdaud.sys notification</b><div>Microsoft and Intel have identified an issue with a range of Intel Display Audio device drivers that may result in higher than normal battery drain.&nbsp;If you see an <strong>intcdaud.sys</strong> notification or “What needs your attention” notification when trying to update to Windows 10, version 1903, you have an affected Intel Audio Display device driver installed on your machine (intcdaud.sys, versions 10.25.0.3 through 10.25.0.8).</div><div>&nbsp;&nbsp;</div><div>To safeguard your update experience, we have applied a compatibility hold on devices with drivers from being offered Windows 10, version 1903 until&nbsp;updated device drivers have been installed.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903; Windows 10, version 1809</li></ul><div></div><div><strong>Workaround:</strong></div><div>On the “What needs your attention\" notification, click the <strong>Back </strong>button to remain on your current version of Windows 10. (Do not click <strong>Confirm</strong> as this will proceed with the update and you may experience compatibility issues.)&nbsp;Affected devices will automatically revert to the previous working configuration.</div><div><br></div><div>For more information, see <a href=\"https://www.intel.com/content/www/us/en/support/articles/000030792/graphics-drivers.html\" target=\"_blank\" style=\"\">Intel's customer support guidance</a> and the Microsoft knowledge base article <a href=\"https://support.microsoft.com/help/4465877\" target=\"_blank\" style=\"\">KB4465877</a>.</div><div><br></div><div><strong>Note</strong> We recommend you do not attempt to update your devices until newer device drivers are installed.</div><div><br></div><div><strong>Next steps: </strong>You can opt to wait for newer drivers to be installed automatically through Windows Update or check with the computer manufacturer for the latest device driver software availability and installation procedures.</div><br><a href ='#447msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>04:47 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:22 AM PT</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='446msgdesc'></div><b>Cannot launch Camera app </b><div>Microsoft and Intel have identified an issue affecting Intel RealSense SR300 and Intel RealSense S200 cameras when using the Camera app. After updating to the Windows 10 May 2019 Update and launching the Camera app, you may get an error message stating:</div><p class=\"ql-indent-1\">\"Close other apps, error code: 0XA00F4243.”</div><div><br></div><div>To safeguard your update experience, we have applied a protective hold on machines with Intel RealSense SR300 or Intel RealSense S200 cameras installed from being offered Windows 10, version 1903, until&nbsp;this issue is resolved.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Workaround: </strong>To temporarily resolve this issue, perform one of the following:</div><div><br></div><ul><li>Unplug your camera and plug it back in.</li></ul><p class=\"ql-indent-1\">or</div><ul><li>Disable and re-enable the driver in Device Manager. In the Search box, type \"Device Manager\" and press <strong>Enter</strong>. In the Device Manager dialog box, expand <strong>Cameras</strong>, then right-click on any <strong>RealSense</strong> driver listed and select <strong>Disable device</strong>. Right click on the driver again and select <strong>Enable device</strong>.</li></ul><p class=\"ql-indent-1\">or</div><ul><li>Restart the <strong>RealSense </strong>service. In the Search box, type \"Task Manager\" and hit <strong>Enter</strong>. In the Task Manager dialog box, click on the <strong>Services </strong>tab, right-click on <strong>RealSense</strong>, and select <strong>Restart</strong>.&nbsp;</li></ul><div></div><div><strong>Note </strong>This workaround will only resolve the issue until your next system restart.</div><div><br></div><div><strong>Note </strong>We recommend that you do not attempt to manually update using the <strong>Update now</strong> button or the Media Creation Tool until this issue has been resolved.</div><div><br></div><div><strong>Next steps: </strong>We are working on a resolution and will provide an update in an upcoming release.</div><br><a href ='#446msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>04:47 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:20 AM PT</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='445msgdesc'></div><b>Intermittent loss of Wi-Fi connectivity</b><div>Some older computers may experience loss of Wi-Fi connectivity due to an outdated Qualcomm driver. An updated Wi-Fi driver should be available from your device manufacturer (OEM).</div><div><br></div><div>To safeguard your upgrade experience, we have applied a hold on devices with this Qualcomm driver from being offered Windows 10, version 1903, until&nbsp;the updated driver is installed.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Workaround: </strong>Download<strong> </strong>and install an updated Wi-Fi driver from your device manufacturer (OEM).</div><div>&nbsp;</div><div><strong>Note</strong> We recommend that you do not attempt to manually update using the <strong>Update now</strong> button or the Media Creation Tool until a new driver has been installed and the Windows 10, version 1903 feature update has been automatically offered to you.</div><br><a href ='#445msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>04:46 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:13 AM PT</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='443msgdesc'></div><b>AMD RAID driver incompatibility  </b><div>Microsoft and AMD have identified an incompatibility with AMD RAID driver versions lower than 9.2.0.105. When you attempt to install&nbsp;the Windows 10, version 1903 update on a Windows 10-based computer with an affected driver version, the installation process stops and you get a message like the following:</div><p class=\"ql-indent-1\">AMD Ryzen™ or AMD Ryzen™ Threadripper™ configured in SATA or NVMe RAID mode.</div><p class=\"ql-indent-1\">“A driver is installed that causes stability problems on Windows. This driver will be disabled. Check with your software/driver provider for an updated version that runs on this version of Windows.”</div><div><strong>&nbsp;</strong></div><div>To safeguard your update experience, we have applied a compatibility hold on devices with these AMD drivers from being offered Windows 10, version 1903, until&nbsp;this issue is resolved.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Workaround: </strong>To resolve this issue, download the latest AMD RAID drivers directly from AMD at&nbsp;<a href=\"https://www.amd.com/en/support/chipsets/amd-socket-tr4/x399\" target=\"_blank\">https://www.amd.com/en/support/chipsets/amd-socket-tr4/x399</a>. The drivers must be version&nbsp;9.2.0.105 or later. Install the drivers on the affected computer, and then restart the installation process for the Windows 10, version 1903 feature update.</div><div>&nbsp;</div><div><strong>Note</strong> We recommend that you do not attempt to manually update using the <strong>Update now</strong> button or the Media Creation Tool until a new driver has been installed and the Windows 10, version 1903 feature update has been automatically offered to you.</div><div>&nbsp;</div><br><a href ='#443msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>04:45 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:12 AM PT</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='444msgdesc'></div><b>D3D applications and games may fail to enter full-screen mode on rotated displays</b><div>Some Direct3D&nbsp;(D3D) applications and games (e.g., 3DMark) may fail to enter full-screen mode on displays where the display orientation has been changed from the default (e.g., a landscape display in portrait mode).</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li><li>Server: Windows Server, version 1903</li></ul><div></div><div><strong>Workaround: </strong>To work around this issue, do one of the following:</div><ul><li>Run applications in windowed mode or, if available, on a secondary non-rotated display.&nbsp;</li><li>Change compatibility settings for the applications to “Disable Full Screen Optimizations.”</li></ul><div></div><div><strong>Next steps: </strong>Microsoft is working on a resolution and estimates a solution will be available in late May.</div><br><a href ='#444msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>04:45 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:05 AM PT</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='427msgdesc'></div><b>Older versions of BattlEye anti-cheat software incompatible</b><div>Microsoft and BattlEye have identified a compatibility issue with some games that use older versions of BattlEye anti-cheat software. When launching a game that uses an older, impacted version of BattlEye anti-cheat software on a device running Windows 10, version 1903, the device may experience a system crash.</div><div><br></div><div>To safeguard your gaming experience, we have applied a compatibility hold on devices with the impacted versions of BattlEye software used by games installed on your PC. This will prevent Windows 10, version 1903 from being offered until the incompatible version of BattlEye software is no longer installed on the device.&nbsp;</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Mitigated: </strong>BattlEye has provided an updated patch to known impacted games. For a list of recent games that use BattlEye, go to&nbsp;<a href=\"https://www.battleye.com/\" target=\"_blank\">https://www.battleye.com/</a>.</div><div><br></div><div><strong>Workaround: </strong>Before updating your machine, we recommend you do one or more of the following:</div><div><br></div><ul><li>Verify that your game is up to date with the latest available version of BattlEye software. Some game platforms allow you to validate your game files, which can confirm that your installation is fully up to date.</li><li>Restart your system and open the game again.</li><li>Uninstall BattlEye using <a href=\"https://www.battleye.com/downloads/UninstallBE.exe\" target=\"_blank\">https://www.battleye.com/downloads/UninstallBE.exe</a>, and then reopen your game.</li><li>Uninstall and reinstall your game.</li></ul><div></div><div>For more troubleshooting options, see <a href=\"https://www.battleye.com/support/faq/\" target=\"_blank\">https://www.battleye.com/support/faq/</a>.</div><div><br></div><div><strong>Next steps: </strong>We are working with BattlEye and gaming partners to ensure games are automatically updated with the latest BattlEye software. We have confirmed the latest version of impacted games do not exhibit this issue. To minimize the chance of hitting this upgrade compatibility hold, please make sure you are running the latest version of your games before attempting to update the operating system.&nbsp;&nbsp;</div><div><strong>Note </strong>We recommend that you do not attempt to manually update using the <strong>Update now </strong>button or the Media Creation Tool until you have installed an updated version of BattlEye software that resolves this issue.</div><br><a href ='#427msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>07:34 AM PT<br><br>Opened:<br>May 21, 2019 <br>07:34 AM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='448msgdesc'></div><b>Display brightness may not respond to adjustments</b><div>Microsoft and Intel have identified a driver compatibility issue on devices configured with certain Intel display drivers. After updating to Window 10, version 1903, brightness settings may sometime appear as if changes applied took effect, yet the actual display brightness doesn't change.</div><div><br></div><div>To safeguard your update experience, we have applied a compatibility hold on devices with certain Intel drivers from being offered Windows 10, version 1903, until&nbsp;this issue is resolved.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Workaround: </strong>Restart your device to apply changes to brightness.</div><div><br></div><div><strong>Note</strong> We recommend that you do not attempt to manually update using the <strong>Update now</strong> button or the Media Creation Tool until this issue has been resolved.</div><div><br></div><div><strong>Next steps: </strong>We are working on a resolution that will be made available in upcoming release.</div><br><a href ='#448msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Investigating<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>04:47 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:56 AM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='433msgdesc'></div><b>Audio not working with Dolby Atmos headphones and home theater </b><div>After updating to Windows 10, version 1903, you may experience loss of audio with Dolby Atmos for home theater (free extension) or Dolby Atmos for headphones (paid extension) acquired through the Microsoft Store due to a licensing configuration error.</div><div>&nbsp;</div><div>This occurs due to an issue with a Microsoft Store licensing component, where license holders are not able to connect to the Dolby Access app and enable Dolby Atmos extensions.</div><div>&nbsp;</div><div>To safeguard your update experience, we have applied protective hold on devices from being offered Windows 10, version 1903 until&nbsp;this issue is resolved. This configuration error will not result in loss of access for the acquired license once the problem is resolved.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Next steps: </strong>We are working on a resolution for Microsoft Store and estimate a solution will be available in mid-June.</div><div><strong>Note</strong> We recommend you do not attempt to manually update using the <strong>Update now</strong> button or the Media Creation Tool until this issue has been resolved.&nbsp;</div><br><a href ='#433msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Investigating<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>07:17 AM PT<br><br>Opened:<br>May 21, 2019 <br>07:16 AM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='426msgdesc'></div><b>Duplicate folders and documents showing in user profile directory</b><div>If you have redirected known folders (e.g. Desktop, Documents, or Pictures folders) you may see an empty folder with the same name in your %userprofile% directories after updating to Windows 10, version 1903. This may occur if known folders were redirected when you chose to back up your content to OneDrive using the OneDrive wizard, or if you chose to back up your content during the Windows Out-of-Box-Experience (OOBE). This may also occur if you redirected your known folders manually through the Properties dialog box in File Explorer. ​This issue does not cause any user files to be deleted and a solution is in progress.</div><div><br></div><div>To safeguard your update experience, we have applied a quality hold on devices with redirected known folders from being offered Windows 10, version 1903, until&nbsp;this issue is resolved.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Next steps: </strong>Microsoft is working on a resolution and estimates a solution will be available in late May.</div><div><strong>Note </strong>We recommend that you do not attempt to manually update to Windows 10, version 1903 using the <strong>Update now</strong> button or the Media Creation Tool until this issue has been resolved.</div><br><a href ='#426msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Investigating<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>07:16 AM PT<br><br>Opened:<br>May 21, 2019 <br>07:16 AM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='442msgdesc'></div><b>Error attempting to update with external USB device or memory card attached </b><div>If you have an external USB device or SD memory card attached when installing Windows 10, version 1903, you may get an error message stating \"This PC can't be upgraded to Windows 10.\" This is caused by inappropriate drive reassignment during installation.</div><div><br></div><div>Sample scenario: An update to Windows 10, version 1903 is attempted on a computer that has a thumb drive inserted into its USB port. Before the update, the thumb drive is mounted in the system as drive G based on the existing drive configuration. After the feature update is installed; however, the device is&nbsp;reassigned a different drive letter (e.g., drive H).</div><div><br></div><div><strong>Note</strong> The drive reassignment is not limited to removable drives. Internal hard drives may also be affected.</div><div><br></div><div>To safeguard your update experience, we have applied a hold on devices with an external USB device or SD memory card attached from being offered Windows 10, version 1903 until&nbsp;this issue is resolved.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Workaround: </strong>To work around this issue, remove&nbsp;all external media, such as USB devices and SD cards, from your computer and restart installation of the Windows 10, version 1903 feature update. The update should then proceed normally.</div><div><strong>Note </strong>If you need to keep your external device, SD memory card, or other devices attached to your computer while updating, we recommend that you do not attempt to manually update to Windows 10, version 1903 using the <strong>Update now </strong>button or the Media Creation Tool until this issue has been resolved.</div><div><br></div><div><strong>Next steps: </strong>Microsoft is working on a resolution and estimate a solution will be available in late May.</div><br><a href ='#442msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>04:49 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:38 AM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='450msgdesc'></div><b>Unable to discover or connect to Bluetooth devices</b><div>Microsoft has identified compatibility issues with some driver versions for Bluetooth radios made by Realtek and Qualcomm. To safeguard your update experience, we have applied a compatibility hold on devices with affected driver versions for Realtek or Qualcomm Bluetooth radios from being offered Windows 10, version 1903 or Windows Server, version 1903 until the driver has been updated.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li><li>Server: Windows Server, version 1903</li></ul><div></div><div><strong>Workaround: </strong>Check with your device manufacturer (OEM) to see if an updated driver is available and install it.</div><div><br></div><ul><li>For Qualcomm drivers, you will need to install a driver version greater than 10.0.1.11.</li><li>For Realtek drivers, you will need to install a driver version greater than 1.5.1011.0.</li></ul><div></div><div><strong>Note</strong> Until an updated driver has been installed, we recommend you do not attempt to manually update using the<strong> Update now </strong>button or the Media Creation Tool.&nbsp;</div><div><br></div><div><strong>Next steps:&nbsp;</strong>Microsoft is working with Realtek and Qualcomm to release new drivers for all affected system via Windows Update.<strong>&nbsp;</strong>&nbsp;</div><div><br></div><br><a href ='#450msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>04:48 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:29 AM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='449msgdesc'></div><b>Night light settings do not apply in some cases</b><div>Microsoft has identified some scenarios where night light settings may stop working, for example:</div><ul><li>Connecting to (or disconnecting from) an external monitor, dock, or projector</li><li>Rotating the screen</li><li>Updating display drivers or making other display mode changes</li></ul><div></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Workaround: </strong>If you find that your night light settings have stopped working, try turning the night light on and off, or restart your computer.<strong>&nbsp;&nbsp;</strong></div><div><br></div><div><strong>Note </strong>We recommend that you do not attempt to manually update using the <strong>Update now</strong> button or the Media Creation Tool until this issue has been resolved.</div><div><br></div><div><strong>Next steps: </strong>We are working on a resolution and will provide an update in an upcoming release.</div><div><br></div><br><a href ='#449msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>04:48 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:28 AM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='447msgdesc'></div><b>Intel Audio displays an intcdaud.sys notification</b><div>Microsoft and Intel have identified an issue with a range of Intel Display Audio device drivers that may result in higher than normal battery drain.&nbsp;If you see an <strong>intcdaud.sys</strong> notification or “What needs your attention” notification when trying to update to Windows 10, version 1903, you have an affected Intel Audio Display device driver installed on your machine (intcdaud.sys, versions 10.25.0.3 through 10.25.0.8).</div><div>&nbsp;&nbsp;</div><div>To safeguard your update experience, we have applied a compatibility hold on devices with drivers from being offered Windows 10, version 1903 until&nbsp;updated device drivers have been installed.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903; Windows 10, version 1809</li></ul><div></div><div><strong>Workaround:</strong></div><div>On the “What needs your attention\" notification, click the <strong>Back </strong>button to remain on your current version of Windows 10. (Do not click <strong>Confirm</strong> as this will proceed with the update and you may experience compatibility issues.)&nbsp;Affected devices will automatically revert to the previous working configuration.</div><div><br></div><div>For more information, see <a href=\"https://www.intel.com/content/www/us/en/support/articles/000030792/graphics-drivers.html\" target=\"_blank\" style=\"\">Intel's customer support guidance</a> and the Microsoft knowledge base article <a href=\"https://support.microsoft.com/help/4465877\" target=\"_blank\" style=\"\">KB4465877</a>.</div><div><br></div><div><strong>Note</strong> We recommend you do not attempt to update your devices until newer device drivers are installed.</div><div><br></div><div><strong>Next steps: </strong>You can opt to wait for newer drivers to be installed automatically through Windows Update or check with the computer manufacturer for the latest device driver software availability and installation procedures.</div><br><a href ='#447msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>04:47 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:22 AM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='446msgdesc'></div><b>Cannot launch Camera app </b><div>Microsoft and Intel have identified an issue affecting Intel RealSense SR300 and Intel RealSense S200 cameras when using the Camera app. After updating to the Windows 10 May 2019 Update and launching the Camera app, you may get an error message stating:</div><p class=\"ql-indent-1\">\"Close other apps, error code: 0XA00F4243.”</div><div><br></div><div>To safeguard your update experience, we have applied a protective hold on machines with Intel RealSense SR300 or Intel RealSense S200 cameras installed from being offered Windows 10, version 1903, until&nbsp;this issue is resolved.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Workaround: </strong>To temporarily resolve this issue, perform one of the following:</div><div><br></div><ul><li>Unplug your camera and plug it back in.</li></ul><p class=\"ql-indent-1\">or</div><ul><li>Disable and re-enable the driver in Device Manager. In the Search box, type \"Device Manager\" and press <strong>Enter</strong>. In the Device Manager dialog box, expand <strong>Cameras</strong>, then right-click on any <strong>RealSense</strong> driver listed and select <strong>Disable device</strong>. Right click on the driver again and select <strong>Enable device</strong>.</li></ul><p class=\"ql-indent-1\">or</div><ul><li>Restart the <strong>RealSense </strong>service. In the Search box, type \"Task Manager\" and hit <strong>Enter</strong>. In the Task Manager dialog box, click on the <strong>Services </strong>tab, right-click on <strong>RealSense</strong>, and select <strong>Restart</strong>.&nbsp;</li></ul><div></div><div><strong>Note </strong>This workaround will only resolve the issue until your next system restart.</div><div><br></div><div><strong>Note </strong>We recommend that you do not attempt to manually update using the <strong>Update now</strong> button or the Media Creation Tool until this issue has been resolved.</div><div><br></div><div><strong>Next steps: </strong>We are working on a resolution and will provide an update in an upcoming release.</div><br><a href ='#446msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>04:47 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:20 AM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='445msgdesc'></div><b>Intermittent loss of Wi-Fi connectivity</b><div>Some older computers may experience loss of Wi-Fi connectivity due to an outdated Qualcomm driver. An updated Wi-Fi driver should be available from your device manufacturer (OEM).</div><div><br></div><div>To safeguard your upgrade experience, we have applied a hold on devices with this Qualcomm driver from being offered Windows 10, version 1903, until&nbsp;the updated driver is installed.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Workaround: </strong>Download<strong> </strong>and install an updated Wi-Fi driver from your device manufacturer (OEM).</div><div>&nbsp;</div><div><strong>Note</strong> We recommend that you do not attempt to manually update using the <strong>Update now</strong> button or the Media Creation Tool until a new driver has been installed and the Windows 10, version 1903 feature update has been automatically offered to you.</div><br><a href ='#445msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>04:46 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:13 AM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='443msgdesc'></div><b>AMD RAID driver incompatibility  </b><div>Microsoft and AMD have identified an incompatibility with AMD RAID driver versions lower than 9.2.0.105. When you attempt to install&nbsp;the Windows 10, version 1903 update on a Windows 10-based computer with an affected driver version, the installation process stops and you get a message like the following:</div><p class=\"ql-indent-1\">AMD Ryzen™ or AMD Ryzen™ Threadripper™ configured in SATA or NVMe RAID mode.</div><p class=\"ql-indent-1\">“A driver is installed that causes stability problems on Windows. This driver will be disabled. Check with your software/driver provider for an updated version that runs on this version of Windows.”</div><div><strong>&nbsp;</strong></div><div>To safeguard your update experience, we have applied a compatibility hold on devices with these AMD drivers from being offered Windows 10, version 1903, until&nbsp;this issue is resolved.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Workaround: </strong>To resolve this issue, download the latest AMD RAID drivers directly from AMD at&nbsp;<a href=\"https://www.amd.com/en/support/chipsets/amd-socket-tr4/x399\" target=\"_blank\">https://www.amd.com/en/support/chipsets/amd-socket-tr4/x399</a>. The drivers must be version&nbsp;9.2.0.105 or later. Install the drivers on the affected computer, and then restart the installation process for the Windows 10, version 1903 feature update.</div><div>&nbsp;</div><div><strong>Note</strong> We recommend that you do not attempt to manually update using the <strong>Update now</strong> button or the Media Creation Tool until a new driver has been installed and the Windows 10, version 1903 feature update has been automatically offered to you.</div><div>&nbsp;</div><br><a href ='#443msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>04:45 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:12 AM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='444msgdesc'></div><b>D3D applications and games may fail to enter full-screen mode on rotated displays</b><div>Some Direct3D&nbsp;(D3D) applications and games (e.g., 3DMark) may fail to enter full-screen mode on displays where the display orientation has been changed from the default (e.g., a landscape display in portrait mode).</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li><li>Server: Windows Server, version 1903</li></ul><div></div><div><strong>Workaround: </strong>To work around this issue, do one of the following:</div><ul><li>Run applications in windowed mode or, if available, on a secondary non-rotated display.&nbsp;</li><li>Change compatibility settings for the applications to “Disable Full Screen Optimizations.”</li></ul><div></div><div><strong>Next steps: </strong>Microsoft is working on a resolution and estimates a solution will be available in late May.</div><br><a href ='#444msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>04:45 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:05 AM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='427msgdesc'></div><b>Older versions of BattlEye anti-cheat software incompatible</b><div>Microsoft and BattlEye have identified a compatibility issue with some games that use older versions of BattlEye anti-cheat software. When launching a game that uses an older, impacted version of BattlEye anti-cheat software on a device running Windows 10, version 1903, the device may experience a system crash.</div><div><br></div><div>To safeguard your gaming experience, we have applied a compatibility hold on devices with the impacted versions of BattlEye software used by games installed on your PC. This will prevent Windows 10, version 1903 from being offered until the incompatible version of BattlEye software is no longer installed on the device.&nbsp;</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Mitigated: </strong>BattlEye has provided an updated patch to known impacted games. For a list of recent games that use BattlEye, go to&nbsp;<a href=\"https://www.battleye.com/\" target=\"_blank\">https://www.battleye.com/</a>.</div><div><br></div><div><strong>Workaround: </strong>Before updating your machine, we recommend you do one or more of the following:</div><div><br></div><ul><li>Verify that your game is up to date with the latest available version of BattlEye software. Some game platforms allow you to validate your game files, which can confirm that your installation is fully up to date.</li><li>Restart your system and open the game again.</li><li>Uninstall BattlEye using <a href=\"https://www.battleye.com/downloads/UninstallBE.exe\" target=\"_blank\">https://www.battleye.com/downloads/UninstallBE.exe</a>, and then reopen your game.</li><li>Uninstall and reinstall your game.</li></ul><div></div><div>For more troubleshooting options, see <a href=\"https://www.battleye.com/support/faq/\" target=\"_blank\">https://www.battleye.com/support/faq/</a>.</div><div><br></div><div><strong>Next steps: </strong>We are working with BattlEye and gaming partners to ensure games are automatically updated with the latest BattlEye software. We have confirmed the latest version of impacted games do not exhibit this issue. To minimize the chance of hitting this upgrade compatibility hold, please make sure you are running the latest version of your games before attempting to update the operating system.&nbsp;&nbsp;</div><div><strong>Note </strong>We recommend that you do not attempt to manually update using the <strong>Update now </strong>button or the Media Creation Tool until you have installed an updated version of BattlEye software that resolves this issue.</div><br><a href ='#427msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>07:34 AM PT<br><br>Opened:<br>May 21, 2019 <br>07:34 AM PT</td></tr>
       </table>
       "

From fd690844c0e4b4d6a29b4778f5770ff35302df83 Mon Sep 17 00:00:00 2001
From: martyav <v-maave@microsoft.com>
Date: Wed, 22 May 2019 15:52:54 -0400
Subject: [PATCH 142/157] copy edits to mdatp pages

windows defender -> microsoft defender

some grammar corrections & clarifications

machine -> device
---
 ...osoft-defender-atp-mac-install-manually.md |  4 +-
 ...ft-defender-atp-mac-install-with-intune.md | 60 ++++++++--------
 ...soft-defender-atp-mac-install-with-jamf.md | 71 +++++++++----------
 .../microsoft-defender-atp-mac-resources.md   |  8 +--
 .../microsoft-defender-atp-mac.md             |  4 +-
 5 files changed, 72 insertions(+), 75 deletions(-)

diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-manually.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-manually.md
index 71c901e041..f297a4328b 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-manually.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-manually.md
@@ -21,7 +21,7 @@ ms.topic: conceptual
 
 **Applies to:**
 
-[Windows Defender Advanced Threat Protection (Windows Defender ATP) for Mac](microsoft-defender-atp-mac.md)
+[Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Mac](microsoft-defender-atp-mac.md)
 
 >[!IMPORTANT]
 >This topic relates to the pre-release version of Microsoft Defender ATP for Mac. Microsoft Defender ATP for Mac is not yet widely available, and this topic only applies to enterprise customers who have been accepted into the preview program. Microsoft makes no warranties, express or implied, with respect to the information provided here.
@@ -114,4 +114,4 @@ See [Logging installation issues](microsoft-defender-atp-mac-resources.md#loggin
 
 ## Uninstallation
 
-See [Uninstalling](microsoft-defender-atp-mac-resources.md#uninstalling) for details on how to remove Windows Defender ATP for Mac from client devices.
\ No newline at end of file
+See [Uninstalling](microsoft-defender-atp-mac-resources.md#uninstalling) for details on how to remove Microsoft Defender ATP for Mac from client devices.
\ No newline at end of file
diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md
index 15bfabbd53..e6aaf51861 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md
@@ -21,7 +21,7 @@ ms.topic: conceptual
 
 **Applies to:**
 
-[Windows Defender Advanced Threat Protection (Windows Defender ATP) for Mac](microsoft-defender-atp-mac.md)
+[Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Mac](microsoft-defender-atp-mac.md)
 
 >[!IMPORTANT]
 >This topic relates to the pre-release version of Microsoft Defender ATP for Mac. Microsoft Defender ATP for Mac is not yet widely available, and this topic only applies to enterprise customers who have been accepted into the preview program. Microsoft makes no warranties, express or implied, with respect to the information provided here.
@@ -32,13 +32,13 @@ Before you get started, please see [the main Microsoft Defender ATP for Mac page
 
 ## Download installation and onboarding packages
 
-Download the installation and onboarding packages from Windows Defender Security Center:
+Download the installation and onboarding packages from Microsoft Defender Security Center:
 
-1. In Windows Defender Security Center, go to **Settings > Machine Management > Onboarding**.
-2. In Section 1 of the page, set operating system to **Linux, macOS, iOS or Android** and Deployment method to **Mobile Device Management / Microsoft Intune**.
-3. In Section 2 of the page, select **Download installation package**. Save it as wdav.pkg to a local directory.
-4. In Section 2 of the page, select **Download onboarding package**. Save it as WindowsDefenderATPOnboardingPackage.zip to the same directory.
-5. Download IntuneAppUtil from [https://docs.microsoft.com/en-us/intune/lob-apps-macos](https://docs.microsoft.com/en-us/intune/lob-apps-macos).
+1. In Microsoft Defender Security Center, go to **Settings** > **Device Management** > **Onboarding**.
+2. In Section 1 of the page, set the operating system to **Linux, macOS, iOS or Android** and the deployment method to **Mobile Device Management / Microsoft Intune**.
+3. In Section 2 of the page, select **Download installation package**. Save it as _wdav.pkg_ to a local directory.
+4. In Section 2 of the page, select **Download onboarding package**. Save it as _WindowsDefenderATPOnboardingPackage.zip_ to the same directory.
+5. Download **IntuneAppUtil** from [https://docs.microsoft.com/en-us/intune/lob-apps-macos](https://docs.microsoft.com/en-us/intune/lob-apps-macos).
 
     ![Windows Defender Security Center screenshot](images/MDATP_2_IntuneAppUtil.png)
 
@@ -80,41 +80,41 @@ Download the installation and onboarding packages from Windows Defender Security
     to deploy refer to the product documentation.
     ```
 
-## Client Machine Setup
+## Client device setup
 
-You need no special provisioning for a Mac machine beyond a standard [Company Portal installation](https://docs.microsoft.com/en-us/intune-user-help/enroll-your-device-in-intune-macos-cp).
+You need no special provisioning for a Mac device beyond a standard [Company Portal installation](https://docs.microsoft.com/en-us/intune-user-help/enroll-your-device-in-intune-macos-cp).
 
 1. You'll be asked to confirm device management.
 
 ![Confirm device management screenshot](images/MDATP_3_ConfirmDeviceMgmt.png)
 
-Select Open System Preferences, locate Management Profile on the list and select the **Approve...** button. Your Management Profile would be displayed as **Verified**:
+Select **Open System Preferences**, locate **Management Profile** on the list and select **Approve...**. Your Management Profile would be displayed as **Verified**:
 
 ![Management profile screenshot](images/MDATP_4_ManagementProfile.png)
 
-2. Select the **Continue** button and complete the enrollment.
+2. Select **Continue** and complete the enrollment.
 
-You can enroll additional machines. Optionally, you can do it later, after system configuration and application package are provisioned.
+You can enroll additional devices. Optionally, you can enroll them later, after you have finished provisioning system configuration and application packages.
 
-3. In Intune, open the **Manage > Devices > All devices** blade. You'll see your machine:
+3. In Intune, open **Manage** > **Devices** > **All devices**. You'll see your device among those listed:
 
 ![Add Devices screenshot](images/MDATP_5_allDevices.png)
 
 ## Create System Configuration profiles
 
-1. In Intune open the **Manage > Device configuration** blade. Select **Manage > Profiles > Create Profile**.
-2. Choose a name for the profile. Change **Platform=macOS**, **Profile type=Custom**. Select **Configure**.
+1. In Intune, open **Manage** > **Device configuration**. Select **Manage** > **Profiles** > **Create Profile**.
+2. Choose a name for the profile. Change **Platform=macOS** to **Profile type=Custom**. Select **Configure**.
 3. Open the configuration profile and upload intune/kext.xml. This file was created during the Generate settings step above.
 4. Select **OK**.
 
     ![System configuration profiles screenshot](images/MDATP_6_SystemConfigurationProfiles.png)
 
-5. Select **Manage > Assignments**. In the **Include** tab, select **Assign to All Users & All devices**.
-6. Repeat these steps with the second profile.  
-7. Create Profile one more time, give it a name, upload the intune/WindowsDefenderATPOnboarding.xml file.
-8. Select **Manage > Assignments**.  In the Include tab, select **Assign to All Users & All devices**.
+5. Select **Manage** > **Assignments**. In the **Include** tab, select **Assign to All Users & All devices**.
+6. Repeat steps 1 through 5 for additional profiles.
+7. Create a new profile one more time, give it a name, and upload the intune/WindowsDefenderATPOnboarding.xml file.
+8. Select **Manage > Assignments**.  In the **Include** tab, select **Assign to All Users & All devices**.
 
-After Intune changes are propagated to the enrolled machines, you'll see it on the **Monitor > Device status** blade:
+Once the Intune changes are propagated to the enrolled devices, you'll see them listed under **Monitor** > **Device status**:
 
 ![System configuration profiles screenshot](images/MDATP_7_DeviceStatusBlade.png)
 
@@ -124,7 +124,7 @@ After Intune changes are propagated to the enrolled machines, you'll see it on t
 2. Select **App type=Other/Line-of-business app**.
 3. Select **file=wdav.pkg.intunemac**. Select **OK** to upload.
 4. Select **Configure** and add the required information.
-5. Use **macOS Sierra 10.12** as the minimum OS. Other settings can be any other value.
+5. Use **macOS Sierra 10.12** as the minimum OS. Other settings can be any arbitrary value.
 
     ![Device status blade screenshot](images/MDATP_8_IntuneAppInfo.png)
 
@@ -132,32 +132,30 @@ After Intune changes are propagated to the enrolled machines, you'll see it on t
 
     ![Device status blade screenshot](images/MDATP_9_IntunePkgInfo.png)
 
-7. It will take a while to upload the package. After it's done, select the name and then go to **Assignments** and **Add group**.
+7. It may take a few moments to upload the package. After it's done, select the package from the list and go to **Assignments** and **Add group**.
 
     ![Client apps screenshot](images/MDATP_10_ClientApps.png)
 
-8. Change **Assignment type=Required**.
+8. Change **Assignment type** to **Required**.
 9. Select **Included Groups**. Select **Make this app required for all devices=Yes**. Select **Select group to include** and add a group that contains the users you want to target. Select **OK** and **Save**.
 
     ![Intune assignments info screenshot](images/MDATP_11_Assignments.png)
 
-10. After some time the application will be published to all enrolled machines. You'll see it on the **Monitor > Device** install status blade:
+10. After some time the application will be published to all enrolled devices. You'll see it listed on **Monitor** > **Device**, under **Device install status**:
 
     ![Intune device status screenshot](images/MDATP_12_DeviceInstall.png)
 
-## Verify client machine state
+## Verify client device state
 
-1. After the configuration profiles are deployed to your machines, on your Mac device, open **System Preferences  > Profiles**.
+1. After the configuration profiles are deployed to your devices, open **System Preferences** > **Profiles** on your Mac device.
 
     ![System Preferences screenshot](images/MDATP_13_SystemPreferences.png)
     ![System Preferences Profiles screenshot](images/MDATP_14_SystemPreferencesProfiles.png)
 
-2. Verify the three profiles listed there:
+2. Verify that the following configuration profiles are present and installed. The **Management Profile** should be the Intune system profile. _Wdav-config_ and _wdav-kext_ are system configuration profiles that we added in Intune.:
     ![Profiles screenshot](images/MDATP_15_ManagementProfileConfig.png)
 
-3. The **Management Profile** should be the Intune system profile.
-4. wdav-config and wdav-kext are system configuration profiles that we added in Intune.
-5. You should also see the Microsoft Defender icon in the top-right corner:
+3. You should also see the Microsoft Defender icon in the top-right corner:
 
     ![Microsoft Defender icon in status bar screenshot](images/MDATP_Icon_Bar.png)
 
@@ -167,4 +165,4 @@ See [Logging installation issues](microsoft-defender-atp-mac-resources.md#loggin
 
 ## Uninstallation
 
-See [Uninstalling](microsoft-defender-atp-mac-resources.md#uninstalling) for details on how to remove Windows Defender ATP for Mac from client devices.
\ No newline at end of file
+See [Uninstalling](microsoft-defender-atp-mac-resources.md#uninstalling) for details on how to remove Microsoft Defender ATP for Mac from client devices.
\ No newline at end of file
diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md
index 4770ec60ec..2f1224ed6d 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md
@@ -21,7 +21,7 @@ ms.topic: conceptual
 
 **Applies to:**
 
-[Windows Defender Advanced Threat Protection (Windows Defender ATP) for Mac](microsoft-defender-atp-mac.md)
+[Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Mac](microsoft-defender-atp-mac.md)
 
 >[!IMPORTANT]
 >This topic relates to the pre-release version of Microsoft Defender ATP for Mac. Microsoft Defender ATP for Mac is not yet widely available, and this topic only applies to enterprise customers who have been accepted into the preview program. Microsoft makes no warranties, express or implied, with respect to the information provided here.
@@ -36,15 +36,14 @@ In addition, for JAMF deployment, you need to be familiar with JAMF administrati
 
 Download the installation and onboarding packages from Windows Defender Security Center:
 
-1. In Windows Defender Security Center, go to **Settings > Machine Management > Onboarding**.
-2. In Section 1 of the page, set operating system to **Linux, macOS, iOS or Android** and Deployment method to **Mobile Device Management / Microsoft Intune**.
-3. In Section 2 of the page, select **Download installation package**. Save it as wdav.pkg to a local directory.
-4. In Section 2 of the page, select **Download onboarding package**. Save it as WindowsDefenderATPOnboardingPackage.zip to the same directory.
+1. In Windows Defender Security Center, go to **Settings > device Management > Onboarding**.
+2. In Section 1 of the page, set the operating system to **Linux, macOS, iOS or Android** and deployment method to **Mobile Device Management / Microsoft Intune**.
+3. In Section 2 of the page, select **Download installation package**. Save it as _wdav.pkg_ to a local directory.
+4. In Section 2 of the page, select **Download onboarding package**. Save it as _WindowsDefenderATPOnboardingPackage.zip_ to the same directory.
 
     ![Windows Defender Security Center screenshot](images/MDATP_2_IntuneAppUtil.png)
 
-5. From a command prompt, verify that you have the two files.
-    Extract the contents of the .zip files:
+5. From the command prompt, verify that you have the two files. Extract the contents of the .zip files like so:
 
     ```bash
     mavel-macmini:Downloads test$ ls -l
@@ -62,19 +61,19 @@ Download the installation and onboarding packages from Windows Defender Security
 
 ## Create JAMF Policies
 
-You need to create a configuration profile and a policy to start deploying Microsoft Defender ATP for Mac to client machines.
+You need to create a configuration profile and a policy to start deploying Microsoft Defender ATP for Mac to client devices.
 
 ### Configuration Profile
 
-The configuration profile contains one custom settings payload that includes:
+The configuration profile contains a custom settings payload that includes:
 
 - Microsoft Defender ATP for Mac onboarding information
-- Approved Kernel Extensions payload to enable the Microsoft kernel driver to run
+- Approved Kernel Extensions payload, to enable running the Microsoft kernel driver
 
-1. Upload jamf/WindowsDefenderATPOnboarding.plist as the Property List File.
+To set the onboarding information, upload a property list file with the name, _jamf/WindowsDefenderATPOnboarding.plist_.
 
-    >[!NOTE]
-    > You must use exactly "com.microsoft.wdav.atp" as the Preference Domain.
+  >[!IMPORTANT]
+  > You must set the the Preference Domain as "com.microsoft.wdav.atp"
 
     ![Configuration profile screenshot](images/MDATP_16_PreferenceDomain.png)
 
@@ -89,15 +88,15 @@ To approve the kernel extension:
 
 #### Configuration Profile's Scope
 
-Configure the appropriate scope to specify the machines that will receive this configuration profile.
+Configure the appropriate scope to specify the devices that will receive the configuration profile.
 
-Open Computers -> Configuration Profiles, select **Scope > Targets**. Select the appropriate Target computers.
+Open **Computers** > **Configuration Profiles**, and select **Scope > Targets**. From there, select the devices you want to target.
 
 ![Configuration profile scope screenshot](images/MDATP_18_ConfigurationProfilesScope.png)
 
 Save the **Configuration Profile**.
 
-Use the **Logs** tab to monitor deployment status for each enrolled machine.
+Use the **Logs** tab to monitor deployment status for each enrolled device.
 
 ### Package
 
@@ -116,50 +115,50 @@ Your policy should contain a single package for Microsoft Defender.
 
 Configure the appropriate scope to specify the computers that will receive this policy.
 
-After you save the Configuration Profile, you can use the Logs tab to monitor the deployment status for each enrolled machine.
+After you save the Configuration Profile, you can use the Logs tab to monitor the deployment status for each enrolled device.
 
-## Client machine setup
+## Client device setup
 
-You need no special provisioning for a macOS computer beyond the standard JAMF Enrollment.
+You'll need no special provisioning for a macOS computer, beyond the standard JAMF Enrollment.
 
 > [!NOTE]
 > After a computer is enrolled, it will show up in the Computers inventory (All Computers).
 
-1. Open the machine details, from **General** tab, and make sure that **User Approved MDM** is set to **Yes**. If it's set to No, the user needs to open **System Preferences > Profiles** and select **Approve** on the MDM Profile.
+1. Open **Device Profiles**, from the **General** tab, and make sure that **User Approved MDM** is set to **Yes**. If it's currently set to No, the user needs to open **System Preferences > Profiles** and select **Approve** on the MDM Profile.
 
 ![MDM approve button screenshot](images/MDATP_21_MDMProfile1.png)
 ![MDM screenshot](images/MDATP_22_MDMProfileApproved.png)
 
-After some time, the machine's User Approved MDM status will change to Yes.
+After some time, the device's User Approved MDM status will change to **Yes**.
 
 ![MDM status screenshot](images/MDATP_23_MDMStatus.png)
 
-You can enroll additional machines now. Optionally, can do it after system configuration and application packages are provisioned.
+You can enroll additional devices at this point. Optionally, you can enroll them later, after you have finished provisioning system configuration and application packages.
 
 ## Deployment
 
-Enrolled client machines periodically poll the JAMF Server and install new configuration profiles and policies as soon as they are detected.
+Enrolled client devices periodically poll the JAMF Server, and install new configuration profiles and policies as soon as they are detected.
 
-### Status on server
+### Status on the server
 
-You can monitor the deployment status in the Logs tab:
+You can monitor deployment status in the **Logs** tab:
 
 - **Pending** means that the deployment is scheduled but has not yet happened
 - **Completed** means that the deployment succeeded and is no longer scheduled
 
 ![Status on server screenshot](images/MDATP_24_StatusOnServer.png)
 
-### Status on client machine
+### Status on client device
 
-After the Configuration Profile is deployed, you'll see the profile on the machine in the **System Preferences > Profiles >** Name of Configuration Profile.
+After the Configuration Profile is deployed, you'll see the profile on the device in  **System Preferences > Profiles >**, under the name of the configuration profile.
 
 ![Status on client screenshot](images/MDATP_25_StatusOnClient.png)
 
-After the policy is applied, you'll see the Microsoft Defender icon in the macOS status bar in the top-right corner.
+After the policy is applied, you'll see the Microsoft Defender ATP icon in the macOS status bar in the top-right corner.
 
 ![Microsoft Defender icon in status bar screenshot](images/MDATP_Icon_Bar.png)
 
-You can monitor policy installation on a machine by following the JAMF's log file:
+You can monitor policy installation on a device by following the JAMF log file:
 
 ```bash
     mavel-mojave:~ testuser$ tail -f /var/log/jamf.log
@@ -182,22 +181,22 @@ orgId                                   : "4751b7d4-ea75-4e8f-a1f5-6d640c65bc45"
 ...
 ```
 
-- **licensed**: This confirms that the machine has an ATP license.
+- **licensed**: This confirms that the device has an ATP license.
 
-- **orgid**: Your ATP org id, it will be the same for your organization.
+- **orgid**: Your Microsoft Defender ATP org id; it will be the same for your organization.
 
 ## Check onboarding status
 
-You can check that machines are correctly onboarded by creating a script. For example, the following script checks that enrolled machines are onboarded:
+You can check that devices have been correctly onboarded by creating a script. For example, the following script checks enrolled devices for onboarding status:
 
 ```bash
 mdatp --health healthy
 ```
 
 This script returns:
-- 0 if Microsoft Defender ATP is registered with the Windows Defender ATP service
-- 1 if the machine is not onboarded
-- 3 if the connection to the daemon cannot be established (daemon is not running)
+- 0 if Microsoft Defender ATP is registered with the Microsoft Defender ATP service
+- 1 if the device is not yet onboarded
+- 3 if the connection to the daemon cannot be established—for example, if daemon is not running
 
 ## Logging installation issues
 
@@ -205,4 +204,4 @@ See [Logging installation issues](microsoft-defender-atp-mac-resources.md#loggin
 
 ## Uninstallation
 
-See [Uninstalling](microsoft-defender-atp-mac-resources.md#uninstalling) for details on how to remove Windows Defender ATP for Mac from client devices.
\ No newline at end of file
+See [Uninstalling](microsoft-defender-atp-mac-resources.md#uninstalling) for details on how to remove Microsoft Defender ATP for Mac from client devices.
\ No newline at end of file
diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-resources.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-resources.md
index 7db036c1d0..694e2e86ce 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-resources.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-resources.md
@@ -21,7 +21,7 @@ ms.topic: conceptual
 
 **Applies to:**
 
-[Windows Defender Advanced Threat Protection (Windows Defender ATP) for Mac](microsoft-defender-atp-mac.md)
+[Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Mac](microsoft-defender-atp-mac.md)
 
 >[!IMPORTANT]
 >This topic relates to the pre-release version of Microsoft Defender ATP for Mac. Microsoft Defender ATP for Mac is not yet widely available, and this topic only applies to enterprise customers who have been accepted into the preview program. Microsoft makes no warranties, express or implied, with respect to the information provided here.
@@ -41,7 +41,7 @@ If you can reproduce a problem, please increase the logging level, run the syste
 
 2. Reproduce the problem
 
-3. Run `mdatp --diagnostic --create` to backup Defender ATP's logs. The command will print out location with generated zip file.
+3. Run `mdatp --diagnostic --create` to backup Microsoft Defender ATP's logs. The command will print out location with generated zip file.
 
    ```bash
    mavel-mojave:~ testuser$ mdatp --diagnostic --create
@@ -152,6 +152,6 @@ In the Microsoft Defender ATP portal, you'll see two categories of information:
 ## Known issues
 
 - Not fully optimized for performance or disk space yet.
-- Full Windows Defender ATP integration is not available yet.
-- Mac devices that switch networks may appear multiple times in the APT portal.
+- Full Microsoft Defender ATP integration is not available yet.
+- Mac devices that switch networks may appear multiple times in the Microsoft Defender ATP portal.
 - Centrally managed uninstall via Intune is still in development. As an alternative, manually uninstall Microsoft Defender ATP for Mac from each client device.
diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac.md
index b14ccc332d..c5f47ef87a 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac.md
@@ -22,7 +22,7 @@ ms.topic: conceptual
 >[!IMPORTANT]
 >This topic relates to the pre-release version of Microsoft Defender Advanced Threat Protection (ATP) for Mac. Microsoft Defender ATP for Mac is not yet widely available, and this topic only applies to enterprise customers who have been accepted into the preview program. Microsoft makes no warranties, express or implied, with respect to the information provided here.
 
-This topic describes how to install and use Microsoft Defender Advanced Threat Protection ATP for Mac.
+This topic describes how to install and use Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Mac.
 
 ## What’s new in the public preview
 
@@ -39,7 +39,7 @@ Since opening the limited preview, we've been working non-stop to enhance the pr
 
 ## Installing and configuring
 
-There are various methods and deployment tools that you can use to install and configure Microsoft Defender ATP for Mac.
+There are several methods and deployment tools that you can use to install and configure Microsoft Defender ATP for Mac.
 In general you'll need to take the following steps:
 
 - Ensure you have a Microsoft Defender ATP subscription and have access to the Microsoft Defender ATP Portal

From e137c5b67bf6bbaa2aa5ee8ae8ecaf09c422449d Mon Sep 17 00:00:00 2001
From: martyav <v-maave@microsoft.com>
Date: Wed, 22 May 2019 16:01:13 -0400
Subject: [PATCH 143/157] wording tweaks to mdatp pages

---
 .../microsoft-defender-atp-mac-install-with-intune.md       | 2 +-
 .../microsoft-defender-atp-mac-install-with-jamf.md         | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md
index e6aaf51861..695a6be30d 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md
@@ -94,7 +94,7 @@ Select **Open System Preferences**, locate **Management Profile** on the list an
 
 2. Select **Continue** and complete the enrollment.
 
-You can enroll additional devices. Optionally, you can enroll them later, after you have finished provisioning system configuration and application packages.
+You may now enroll additional devices. You can also enroll them later, after you have finished provisioning system configuration and application packages.
 
 3. In Intune, open **Manage** > **Devices** > **All devices**. You'll see your device among those listed:
 
diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md
index 2f1224ed6d..fd9c3d6b85 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md
@@ -129,11 +129,11 @@ You'll need no special provisioning for a macOS computer, beyond the standard JA
 ![MDM approve button screenshot](images/MDATP_21_MDMProfile1.png)
 ![MDM screenshot](images/MDATP_22_MDMProfileApproved.png)
 
-After some time, the device's User Approved MDM status will change to **Yes**.
+After a moment, the device's User Approved MDM status will change to **Yes**.
 
 ![MDM status screenshot](images/MDATP_23_MDMStatus.png)
 
-You can enroll additional devices at this point. Optionally, you can enroll them later, after you have finished provisioning system configuration and application packages.
+You may now enroll additional devices. You can also enroll them later, after you have finished provisioning system configuration and application packages.
 
 ## Deployment
 
@@ -196,7 +196,7 @@ mdatp --health healthy
 This script returns:
 - 0 if Microsoft Defender ATP is registered with the Microsoft Defender ATP service
 - 1 if the device is not yet onboarded
-- 3 if the connection to the daemon cannot be established—for example, if daemon is not running
+- 3 if the connection to the daemon cannot be established—for example, if the daemon is not running
 
 ## Logging installation issues
 

From cfed15eef6afdc0081951e43d88fce79384e51ee Mon Sep 17 00:00:00 2001
From: Joey Caparas <macapara@microsoft.com>
Date: Wed, 22 May 2019 13:45:06 -0700
Subject: [PATCH 144/157] optimize onboarding content

---
 .../minimum-requirements.md                   | 123 +++++++++++++++-
 .../onboard-configure.md                      | 137 ++----------------
 2 files changed, 132 insertions(+), 128 deletions(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/minimum-requirements.md b/windows/security/threat-protection/microsoft-defender-atp/minimum-requirements.md
index b9112f5c8c..f04b35c833 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/minimum-requirements.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/minimum-requirements.md
@@ -22,7 +22,7 @@ ms.topic: conceptual
 **Applies to:**
 - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
 
-There are some minimum requirements for onboarding machines to the service.
+There are some minimum requirements for onboarding machines to the service. Learn about the licensing, hardware and software requirements, and other configuration settings to onboard devices to the service.
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-minreqs-abovefoldlink)
 
@@ -45,6 +45,127 @@ For a detailed comparison table of Windows 10 commercial edition comparison, see
 For more information about licensing requirements for Microsoft Defender ATP platform on Windows Server, see [Protecting Windows Servers with Microsoft Defender ATP](https://techcommunity.microsoft.com/t5/Windows-Defender-ATP/Protecting-Windows-Server-with-Windows-Defender-ATP/ba-p/267114).
 
 
+## Hardware and software requirements
+### Supported Windows versions
+- Windows 7 SP1 Enterprise
+- Windows 7 SP1 Pro
+- Windows 8.1 Enterprise
+- Windows 8.1 Pro
+- Windows 10, version 1607 or later
+  - Windows 10 Enterprise
+  - Windows 10 Education
+  - Windows 10 Pro
+  - Windows 10 Pro Education
+- Windows server
+  - Windows Server 2012 R2
+  - Windows Server 2016
+  - Windows Server 2016, version 1803
+  - Windows Server 2019
+
+Machines on your network must be running one of these editions.
+
+The hardware requirements for Microsoft Defender ATP on machines is the same as those for the supported editions.
+
+> [!NOTE]
+> Machines that are running mobile versions of Windows are not supported.
+
+
+### Other supported operating systems
+-  macOSX
+-  Linux
+-  Android
+
+>[!NOTE]
+>You'll need to know the exact Linux distros, Android, and macOS versions that are compatible with Microsoft Defender ATP for the integration to work. 
+
+
+### Network and data storage and configuration requirements
+When you run the onboarding wizard for the first time, you must choose where your Microsoft Defender Advanced Threat Protection-related information is stored: in the European Union, the United Kingdom, or the United States datacenter.
+
+> [!NOTE]
+> -   You cannot change your data storage location after the first-time setup.
+> -   Review the [Microsoft Defender ATP data storage and privacy](data-storage-privacy.md) for more information on where and how Microsoft stores your data.
+
+<span id="telemetry-and-diagnostics-settings" />
+### Diagnostic data settings
+You must ensure that the diagnostic data service is enabled on all the machines in your organization.
+By default, this service is enabled, but it's good practice to check to ensure that you'll get sensor data from them.
+
+**Use the command line to check the Windows 10 diagnostic data service startup type**:
+
+1.  Open an elevated command-line prompt on the machine:
+
+  a.  Go to **Start** and type **cmd**.
+
+  b.  Right-click **Command prompt** and select **Run as administrator**.
+
+2.  Enter the following command, and press **Enter**:
+
+    ```text
+    sc qc diagtrack
+    ```
+
+If the service is enabled, then the result should look like the following screenshot:
+
+![Result of the sc query command for diagtrack](images/windefatp-sc-qc-diagtrack.png)
+
+If the **START_TYPE** is not set to **AUTO_START**, then you'll need to set the service to automatically start.
+
+
+
+**Use the command line to set the Windows 10 diagnostic data service to automatically start:**
+
+1.  Open an elevated command-line prompt on the endpoint:
+
+	  a. Go to **Start** and type **cmd**.
+
+    b. Right-click **Command prompt** and select **Run as administrator**.
+
+2.  Enter the following command, and press **Enter**:
+
+    ```text
+    sc config diagtrack start=auto
+    ```
+
+3.  A success message is displayed. Verify the change by entering the following command, and press **Enter**:
+
+    ```text
+    sc qc diagtrack
+    ```
+
+
+
+#### Internet connectivity
+Internet connectivity on machines is required either directly or through proxy.
+
+The Microsoft Defender ATP sensor can utilize a daily average bandwidth of 5MB to communicate with the Microsoft Defender ATP cloud service and report cyber data. One-off activities such as file uploads and investigation package collection are not included in this daily average bandwidth.
+
+For more information on additional proxy configuration settings see, [Configure machine proxy and Internet connectivity settings](configure-proxy-internet.md) .
+
+Before you onboard machines, the diagnostic data service must be enabled. The service is enabled by default in Windows 10.
+
+
+## Windows Defender Antivirus configuration requirement
+The Microsoft Defender ATP agent depends on the ability of Windows Defender Antivirus to scan files and provide information about them. 
+
+You must configure Security intelligence updates on the Microsoft Defender ATP machines whether Windows Defender Antivirus is the active antimalware or not. For more information, see [Manage Windows Defender Antivirus updates and apply baselines](../windows-defender-antivirus/manage-updates-baselines-windows-defender-antivirus.md).
+
+When Windows Defender Antivirus is not the active antimalware in your organization and you use the Microsoft Defender ATP service, Windows Defender Antivirus goes on passive mode. If your organization has disabled Windows Defender Antivirus through group policy or other methods, machines that are onboarded to Microsoft Defender ATP must be excluded from this group policy.
+
+If you are onboarding servers and Windows Defender Antivirus is not the active antimalware on your servers, you shouldn't uninstall Windows Defender Antivirus. You'll need to configure it to run on passive mode. For more information, see [Onboard servers](configure-server-endpoints.md).
+
+
+For more information, see [Windows Defender Antivirus compatibility](../windows-defender-antivirus/windows-defender-antivirus-compatibility.md).
+
+## Windows Defender Antivirus Early Launch Antimalware (ELAM) driver is enabled
+If you're running Windows Defender Antivirus as the primary antimalware product on your machines, the Microsoft Defender ATP agent will successfully onboard.
+
+If you're running a third-party antimalware client and use Mobile Device Management solutions or System Center Configuration Manager (current branch) version 1606, you'll need to ensure that the Windows Defender Antivirus ELAM driver is enabled. For more information, see [Ensure that Windows Defender Antivirus is not disabled by policy](troubleshoot-onboarding.md#ensure-that-windows-defender-antivirus-is-not-disabled-by-a-policy).
+
+
+
+
+
 ## Related topic
 - [Validate licensing and complete setup](licensing.md)
 - [Onboard machines](onboard-configure.md)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/onboard-configure.md b/windows/security/threat-protection/microsoft-defender-atp/onboard-configure.md
index ad3404e068..e6720fb5ed 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/onboard-configure.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/onboard-configure.md
@@ -22,139 +22,18 @@ ms.topic: conceptual
 **Applies to:**
 - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
 
-You need to turn on the sensor to give visibility within Microsoft Defender ATP.
-
-For more information, see [Onboard your Windows 10 machines to Microsoft Defender ATP](https://www.youtube.com/watch?v=JT7VGYfeRlA&feature=youtu.be).
-
 [!include[Prerelease information](prerelease.md)]
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-onboardconfigure-abovefoldlink)
 
-## Licensing requirements
-Microsoft Defender Advanced Threat Protection requires one of the following Microsoft Volume Licensing offers:
+You'll need to go the onboarding section of the Microsoft Defender ATP portal to onboard any of the supported devices. Depending on the device, you'll be guided with appropriate steps and provided management and deployment tool options suitable for the device. 
 
-  -	Windows 10 Enterprise E5
-  -	Windows 10 Education E5
-  - Microsoft 365 Enterprise E5 which includes Windows 10 Enterprise E5
-
-For more information, see [Windows 10 Licensing](https://www.microsoft.com/en-us/Licensing/product-licensing/windows10.aspx#tab=2).
-
-## Hardware and software requirements
-### Supported Windows versions
-- Windows 7 SP1 Enterprise
-- Windows 7 SP1 Pro
-- Windows 8.1 Enterprise
-- Windows 8.1 Pro
-- Windows 10, version 1607 or later
-  - Windows 10 Enterprise
-  - Windows 10 Education
-  - Windows 10 Pro
-  - Windows 10 Pro Education
-- Windows server
-  - Windows Server 2012 R2
-  - Windows Server 2016
-  - Windows Server 2016, version 1803
-  - Windows Server 2019
-
-Machines on your network must be running one of these editions.
-
-The hardware requirements for Microsoft Defender ATP on machines is the same as those for the supported editions.
-
-> [!NOTE]
-> Machines that are running mobile versions of Windows are not supported.
-
-
-### Other supported operating systems
--  macOSX
--  Linux
-
->[!NOTE]
->You'll need to know the exact Linux distros and macOS versions that are compatible with Microsoft Defender ATP for the integration to work. 
-
-
-### Network and data storage and configuration requirements
-When you run the onboarding wizard for the first time, you must choose where your Microsoft Defender Advanced Threat Protection-related information is stored: in the European Union, the United Kingdom, or the United States datacenter.
-
-> [!NOTE]
-> -   You cannot change your data storage location after the first-time setup.
-> -   Review the [Microsoft Defender ATP data storage and privacy](data-storage-privacy.md) for more information on where and how Microsoft stores your data.
-
-<span id="telemetry-and-diagnostics-settings" />
-### Diagnostic data settings
-You must ensure that the diagnostic data service is enabled on all the machines in your organization.
-By default, this service is enabled, but it's good practice to check to ensure that you'll get sensor data from them.
-
-**Use the command line to check the Windows 10 diagnostic data service startup type**:
-
-1.  Open an elevated command-line prompt on the machine:
-
-  a.  Go to **Start** and type **cmd**.
-
-  b.  Right-click **Command prompt** and select **Run as administrator**.
-
-2.  Enter the following command, and press **Enter**:
-
-    ```text
-    sc qc diagtrack
-    ```
-
-If the service is enabled, then the result should look like the following screenshot:
-
-![Result of the sc query command for diagtrack](images/windefatp-sc-qc-diagtrack.png)
-
-If the **START_TYPE** is not set to **AUTO_START**, then you'll need to set the service to automatically start.
-
-
-
-**Use the command line to set the Windows 10 diagnostic data service to automatically start:**
-
-1.  Open an elevated command-line prompt on the endpoint:
-
-	  a. Go to **Start** and type **cmd**.
-
-    b. Right-click **Command prompt** and select **Run as administrator**.
-
-2.  Enter the following command, and press **Enter**:
-
-    ```text
-    sc config diagtrack start=auto
-    ```
-
-3.  A success message is displayed. Verify the change by entering the following command, and press **Enter**:
-
-    ```text
-    sc qc diagtrack
-    ```
-
-
-
-#### Internet connectivity
-Internet connectivity on machines is required either directly or through proxy.
-
-The Microsoft Defender ATP sensor can utilize a daily average bandwidth of 5MB to communicate with the Microsoft Defender ATP cloud service and report cyber data. One-off activities such as file uploads and investigation package collection are not included in this daily average bandwidth.
-
-For more information on additional proxy configuration settings see, [Configure machine proxy and Internet connectivity settings](configure-proxy-internet.md) .
-
-Before you onboard machines, the diagnostic data service must be enabled. The service is enabled by default in Windows 10.
-
-
-## Windows Defender Antivirus configuration requirement
-The Microsoft Defender ATP agent depends on the ability of Windows Defender Antivirus to scan files and provide information about them. 
-
-You must configure Security intelligence updates on the Microsoft Defender ATP machines whether Windows Defender Antivirus is the active antimalware or not. For more information, see [Manage Windows Defender Antivirus updates and apply baselines](../windows-defender-antivirus/manage-updates-baselines-windows-defender-antivirus.md).
-
-When Windows Defender Antivirus is not the active antimalware in your organization and you use the Microsoft Defender ATP service, Windows Defender Antivirus goes on passive mode. If your organization has disabled Windows Defender Antivirus through group policy or other methods, machines that are onboarded to Microsoft Defender ATP must be excluded from this group policy.
-
-If you are onboarding servers and Windows Defender Antivirus is not the active antimalware on your servers, you shouldn't uninstall Windows Defender Antivirus. You'll need to configure it to run on passive mode. For more information, see [Onboard servers](configure-server-endpoints.md).
-
-
-For more information, see [Windows Defender Antivirus compatibility](../windows-defender-antivirus/windows-defender-antivirus-compatibility.md).
-
-## Windows Defender Antivirus Early Launch Antimalware (ELAM) driver is enabled
-If you're running Windows Defender Antivirus as the primary antimalware product on your machines, the Microsoft Defender ATP agent will successfully onboard.
-
-If you're running a third-party antimalware client and use Mobile Device Management solutions or System Center Configuration Manager (current branch) version 1606, you'll need to ensure that the Windows Defender Antivirus ELAM driver is enabled. For more information, see [Ensure that Windows Defender Antivirus is not disabled by policy](troubleshoot-onboarding.md#ensure-that-windows-defender-antivirus-is-not-disabled-by-a-policy).
+In general, to onboard devices to the service:
 
+- Verify that the device fulfills the [minimum requirements](minimum-requirements.md)
+- Depending on the device, follow the configuration steps provided in the onboarding section of the Microsoft Defender ATP portal
+- Use the appropriate management tool and deployment method for your devices
+- Run a detection test to verify that the devices are properly onboarded and reporting to the service
 
 ## In this section
 Topic | Description
@@ -168,3 +47,7 @@ Topic | Description
 [Troubleshoot onboarding issues](troubleshoot-onboarding.md) | Learn about resolving issues that might arise during onboarding.
 
 >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-onboardconfigure-belowfoldlink)
+
+
+
+

From 0821c6519db96b9b6011916e15960b582453f58b Mon Sep 17 00:00:00 2001
From: Joey Caparas <macapara@microsoft.com>
Date: Wed, 22 May 2019 13:46:44 -0700
Subject: [PATCH 145/157] preview language

---
 .../threat-protection/microsoft-defender-atp/preview.md         | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/preview.md b/windows/security/threat-protection/microsoft-defender-atp/preview.md
index 3659e79b88..738e008f9e 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/preview.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/preview.md
@@ -28,7 +28,7 @@ The Microsoft Defender ATP service is constantly being updated to include new fe
 
 Learn about new features in the Microsoft Defender ATP preview release and be among the first to try upcoming features by turning on the preview experience.
 
-For more information on capabilities that are generally available or in preview, see [What's new in Microsoft Defender ATP](whats-new-in-microsoft-defender-atp.md).
+For more information on new capabilities that are generally available, see [What's new in Microsoft Defender ATP](whats-new-in-microsoft-defender-atp.md).
 
 ## Turn on preview features
 You'll have access to upcoming features which you can provide feedback on to help improve the overall experience before features are generally available.

From ce0279f79b42448a26a4f5fcd9e257f3cc093ff0 Mon Sep 17 00:00:00 2001
From: Joey Caparas <macapara@microsoft.com>
Date: Wed, 22 May 2019 13:48:53 -0700
Subject: [PATCH 146/157] fix link

---
 .../threat-protection/microsoft-defender-atp/preview.md         | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/threat-protection/microsoft-defender-atp/preview.md b/windows/security/threat-protection/microsoft-defender-atp/preview.md
index 738e008f9e..5daf8735f5 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/preview.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/preview.md
@@ -42,7 +42,7 @@ Turn on the preview experience setting to be among the first to try upcoming fea
 ## Preview features
 The following features are included in the preview release:
 
-- [Live response](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/live-response)<BR> Get instantaneous access to a machine using a remote shell connection. Do in-depth investigative work and take immediate response actions to promptly contain identified threats – real-time.
+- [Live response](live-response.md)<BR> Get instantaneous access to a machine using a remote shell connection. Do in-depth investigative work and take immediate response actions to promptly contain identified threats – real-time.
 
 - [Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md) <BR> A new built-in capability that uses a risk-based approach to the discovery, prioritization, and remediation of endpoint vulnerabilities and misconfigurations.
 

From 1f7b6107a620522875adbb37c0968e24cb43a5c9 Mon Sep 17 00:00:00 2001
From: ManikaDhiman <v-madhi@microsoft.com>
Date: Wed, 22 May 2019 14:19:06 -0700
Subject: [PATCH 148/157] Removed 7 DO and 4 Update polocies from Hololens

---
 .../policy-configuration-service-provider.md  | 22 -------------------
 .../mdm/policy-csp-deliveryoptimization.md    | 14 ------------
 .../mdm/policy-csp-update.md                  | 14 ++++--------
 3 files changed, 4 insertions(+), 46 deletions(-)

diff --git a/windows/client-management/mdm/policy-configuration-service-provider.md b/windows/client-management/mdm/policy-configuration-service-provider.md
index 586c0e380e..6921c8f6f4 100644
--- a/windows/client-management/mdm/policy-configuration-service-provider.md
+++ b/windows/client-management/mdm/policy-configuration-service-provider.md
@@ -5144,13 +5144,6 @@ The following diagram shows the Policy configuration service provider in tree fo
 -   [Browser/AllowSmartScreen](#browser-allowsmartscreen)
 -   [Connectivity/AllowBluetooth](#connectivity-allowbluetooth)
 -   [Connectivity/AllowUSBConnection](#connectivity-allowusbconnection)
--   [DeliveryOptimization/DOAbsoluteMaxCacheSize](#deliveryoptimization-doabsolutemaxcachesize)
--   [DeliveryOptimization/DOAllowVPNPeerCaching](#deliveryoptimization-doallowvpnpeercaching)
--   [DeliveryOptimization/DOCacheHost](#deliveryoptimization-docachehost)
--   [DeliveryOptimization/DODelayBackgroundDownloadFromHttp](#deliveryoptimization-dodelaybackgrounddownloadfromhttp)
--   [DeliveryOptimization/DODelayForegroundDownloadFromHttp](#deliveryoptimization-dodelayforegrounddownloadfromhttp)
--   [DeliveryOptimization/DODelayCacheServerFallbackBackground](#deliveryoptimization-dodelaycacheserverfallbackbackground)
--   [DeliveryOptimization/DODelayCacheServerFallbackForeground](#deliveryoptimization-dodelaycacheserverfallbackforeground)
 -   [DeliveryOptimization/DODownloadMode](#deliveryoptimization-dodownloadmode)
 -   [DeliveryOptimization/DOGroupId](#deliveryoptimization-dogroupid)
 -   [DeliveryOptimization/DOGroupIdSource](#deliveryoptimization-dogroupidsource)
@@ -5194,10 +5187,6 @@ The following diagram shows the Policy configuration service provider in tree fo
 -   [System/AllowTelemetry](#system-allowtelemetry)
 -   [Update/AllowAutoUpdate](#update-allowautoupdate)
 -   [Update/AllowUpdateService](#update-allowupdateservice)
--   [Update/ConfigureDeadlineForFeatureUpdates](#update-configuredeadlineforfeatureupdates)
--   [Update/ConfigureDeadlineForQualityUpdates](#update-configuredeadlineforqualityupdates)
--   [Update/ConfigureDeadlineGracePeriod](#update-configuredeadlinegraceperiod)
--   [Update/ConfigureDeadlineNoAutoReboot](#update-configuredeadlinenoautoreboot)
 -   [Update/RequireDeferUpgrade](#update-requiredeferupgrade)
 -   [Update/RequireUpdateApproval](#update-requireupdateapproval)
 -   [Update/ScheduledInstallDay](#update-scheduledinstallday)
@@ -5234,13 +5223,6 @@ The following diagram shows the Policy configuration service provider in tree fo
 -   [DeviceLock/MinDevicePasswordComplexCharacters](#devicelock-mindevicepasswordcomplexcharacters)
 -   [DeviceLock/AllowIdleReturnWithoutPassword](#devicelock-allowidlereturnwithoutpassword)
 -   [DeviceLock/DevicePasswordEnabled](#devicelock-devicepasswordenabled)
--   [DeliveryOptimization/DOAbsoluteMaxCacheSize](#deliveryoptimization-doabsolutemaxcachesize)
--   [DeliveryOptimization/DOAllowVPNPeerCaching](#deliveryoptimization-doallowvpnpeercaching)
--   [DeliveryOptimization/DOCacheHost](#deliveryoptimization-docachehost)
--   [DeliveryOptimization/DODelayBackgroundDownloadFromHttp](#deliveryoptimization-dodelaybackgrounddownloadfromhttp)
--   [DeliveryOptimization/DODelayForegroundDownloadFromHttp](#deliveryoptimization-dodelayforegrounddownloadfromhttp)
--   [DeliveryOptimization/DODelayCacheServerFallbackBackground](#deliveryoptimization-dodelaycacheserverfallbackbackground)
--   [DeliveryOptimization/DODelayCacheServerFallbackForeground](#deliveryoptimization-dodelaycacheserverfallbackforeground)
 -   [DeliveryOptimization/DODownloadMode](#deliveryoptimization-dodownloadmode)
 -   [DeliveryOptimization/DOGroupId](#deliveryoptimization-dogroupid)
 -   [DeliveryOptimization/DOGroupIdSource](#deliveryoptimization-dogroupidsource)
@@ -5275,10 +5257,6 @@ The following diagram shows the Policy configuration service provider in tree fo
 -   [System/AllowLocation](#system-allowlocation)
 -   [Update/AllowAutoUpdate](#update-allowautoupdate)
 -   [Update/AllowUpdateService](#update-allowupdateservice)
--   [Update/ConfigureDeadlineForFeatureUpdates](#update-configuredeadlineforfeatureupdates)
--   [Update/ConfigureDeadlineForQualityUpdates](#update-configuredeadlineforqualityupdates)
--   [Update/ConfigureDeadlineGracePeriod](#update-configuredeadlinegraceperiod)
--   [Update/ConfigureDeadlineNoAutoReboot](#update-configuredeadlinenoautoreboot)
 -   [Update/RequireUpdateApproval](#update-requireupdateapproval)
 -   [Update/ScheduledInstallDay](#update-scheduledinstallday)
 -   [Update/ScheduledInstallTime](#update-scheduledinstalltime)
diff --git a/windows/client-management/mdm/policy-csp-deliveryoptimization.md b/windows/client-management/mdm/policy-csp-deliveryoptimization.md
index bc9b57fc40..5cb0dd35f7 100644
--- a/windows/client-management/mdm/policy-csp-deliveryoptimization.md
+++ b/windows/client-management/mdm/policy-csp-deliveryoptimization.md
@@ -1705,13 +1705,6 @@ This policy allows an IT Admin to define the following:
 <!--StartHoloLens-->
 ## <a href="" id="hololenspolicies"></a>DeliveryOptimization policies supported by Windows Holographic
 
--   [DeliveryOptimization/DOAbsoluteMaxCacheSize](#deliveryoptimization-doabsolutemaxcachesize)
--   [DeliveryOptimization/DOAllowVPNPeerCaching](#deliveryoptimization-doallowvpnpeercaching)
--   [DeliveryOptimization/DOCacheHost](#deliveryoptimization-docachehost)
--   [DeliveryOptimization/DODelayBackgroundDownloadFromHttp](#deliveryoptimization-dodelaybackgrounddownloadfromhttp)
--   [DeliveryOptimization/DODelayForegroundDownloadFromHttp](#deliveryoptimization-dodelayforegrounddownloadfromhttp)
--   [DeliveryOptimization/DODelayCacheServerFallbackBackground](#deliveryoptimization-dodelaycacheserverfallbackbackground)
--   [DeliveryOptimization/DODelayCacheServerFallbackForeground](#deliveryoptimization-dodelaycacheserverfallbackforeground)
 -   [DeliveryOptimization/DODownloadMode](#deliveryoptimization-dodownloadmode)
 -   [DeliveryOptimization/DOGroupId](#deliveryoptimization-dogroupid)
 -   [DeliveryOptimization/DOGroupIdSource](#deliveryoptimization-dogroupidsource)
@@ -1737,13 +1730,6 @@ This policy allows an IT Admin to define the following:
 <!--StartHoloLensBusiness-->
 ## <a href="" id="hololenbusinessspolicies"></a>DeliveryOptimization policies supported by Windows Holographic for Business
 
--   [DeliveryOptimization/DOAbsoluteMaxCacheSize](#deliveryoptimization-doabsolutemaxcachesize)
--   [DeliveryOptimization/DOAllowVPNPeerCaching](#deliveryoptimization-doallowvpnpeercaching)
--   [DeliveryOptimization/DOCacheHost](#deliveryoptimization-docachehost)
--   [DeliveryOptimization/DODelayBackgroundDownloadFromHttp](#deliveryoptimization-dodelaybackgrounddownloadfromhttp)
--   [DeliveryOptimization/DODelayForegroundDownloadFromHttp](#deliveryoptimization-dodelayforegrounddownloadfromhttp)
--   [DeliveryOptimization/DODelayCacheServerFallbackBackground](#deliveryoptimization-dodelaycacheserverfallbackbackground)
--   [DeliveryOptimization/DODelayCacheServerFallbackForeground](#deliveryoptimization-dodelaycacheserverfallbackforeground)
 -   [DeliveryOptimization/DODownloadMode](#deliveryoptimization-dodownloadmode)
 -   [DeliveryOptimization/DOGroupId](#deliveryoptimization-dogroupid)
 -   [DeliveryOptimization/DOGroupIdSource](#deliveryoptimization-dogroupidsource)
diff --git a/windows/client-management/mdm/policy-csp-update.md b/windows/client-management/mdm/policy-csp-update.md
index 78dfe6c171..1f9522e70b 100644
--- a/windows/client-management/mdm/policy-csp-update.md
+++ b/windows/client-management/mdm/policy-csp-update.md
@@ -3961,15 +3961,12 @@ ADMX Info:
 
 - [Update/AllowAutoUpdate](#update-allowautoupdate)
 - [Update/AllowUpdateService](#update-allowupdateservice)
-- [Update/ConfigureDeadlineForFeatureUpdates](#update-configuredeadlineforfeatureupdates)
-- [Update/ConfigureDeadlineForQualityUpdates](#update-configuredeadlineforqualityupdates)
-- [Update/ConfigureDeadlineGracePeriod](#update-configuredeadlinegraceperiod)
-- [Update/ConfigureDeadlineNoAutoReboot](#update-configuredeadlinenoautoreboot)
+- [Update/RequireDeferUpgrade](#update-requiredeferupgrade)
 - [Update/RequireUpdateApproval](#update-requireupdateapproval)
 - [Update/ScheduledInstallDay](#update-scheduledinstallday)
 - [Update/ScheduledInstallTime](#update-scheduledinstalltime)
 - [Update/UpdateServiceUrl](#update-updateserviceurl)
-- [Update/RequireDeferUpgrade](#update-requiredeferupgrade)
+
 <!--EndHoloLens-->
 
 <!--StartHoloLensBusiness-->
@@ -3977,15 +3974,12 @@ ADMX Info:
 
 - [Update/AllowAutoUpdate](#update-allowautoupdate)
 - [Update/AllowUpdateService](#update-allowupdateservice)
-- [Update/ConfigureDeadlineForFeatureUpdates](#update-configuredeadlineforfeatureupdates)
-- [Update/ConfigureDeadlineForQualityUpdates](#update-configuredeadlineforqualityupdates)
-- [Update/ConfigureDeadlineGracePeriod](#update-configuredeadlinegraceperiod)
-- [Update/ConfigureDeadlineNoAutoReboot](#update-configuredeadlinenoautoreboot)
+- [Update/RequireDeferUpgrade](#update-requiredeferupgrade)
 - [Update/RequireUpdateApproval](#update-requireupdateapproval)
 - [Update/ScheduledInstallDay](#update-scheduledinstallday)
 - [Update/ScheduledInstallTime](#update-scheduledinstalltime)
 - [Update/UpdateServiceUrl](#update-updateserviceurl)
-- [Update/RequireDeferUpgrade](#update-requiredeferupgrade)
+
 <!--EndHoloLensBusiness-->
 
 <!--StartIoTCore-->

From 456b8135a4dc5fa12c4e22b7e21a5e78d377cac7 Mon Sep 17 00:00:00 2001
From: ManikaDhiman <v-madhi@microsoft.com>
Date: Wed, 22 May 2019 15:01:24 -0700
Subject: [PATCH 149/157] Removed all DO policies from Hololens

---
 .../policy-configuration-service-provider.md  | 40 -----------------
 .../mdm/policy-csp-deliveryoptimization.md    | 43 -------------------
 2 files changed, 83 deletions(-)

diff --git a/windows/client-management/mdm/policy-configuration-service-provider.md b/windows/client-management/mdm/policy-configuration-service-provider.md
index 6921c8f6f4..bdcf382e09 100644
--- a/windows/client-management/mdm/policy-configuration-service-provider.md
+++ b/windows/client-management/mdm/policy-configuration-service-provider.md
@@ -5144,26 +5144,6 @@ The following diagram shows the Policy configuration service provider in tree fo
 -   [Browser/AllowSmartScreen](#browser-allowsmartscreen)
 -   [Connectivity/AllowBluetooth](#connectivity-allowbluetooth)
 -   [Connectivity/AllowUSBConnection](#connectivity-allowusbconnection)
--   [DeliveryOptimization/DODownloadMode](#deliveryoptimization-dodownloadmode)
--   [DeliveryOptimization/DOGroupId](#deliveryoptimization-dogroupid)
--   [DeliveryOptimization/DOGroupIdSource](#deliveryoptimization-dogroupidsource)
--   [DeliveryOptimization/DOMaxCacheAge](#deliveryoptimization-domaxcacheage)
--   [DeliveryOptimization/DOMaxCacheSize](#deliveryoptimization-domaxcachesize)
--   [DeliveryOptimization/DOMaxDownloadBandwidth](#deliveryoptimization-domaxdownloadbandwidth)
--   [DeliveryOptimization/DOMaxUploadBandwidth](#deliveryoptimization-domaxuploadbandwidth)
--   [DeliveryOptimization/DOMinBackgroundQos](#deliveryoptimization-dominbackgroundqos)
--   [DeliveryOptimization/DOMinBatteryPercentageAllowedToUpload](#deliveryoptimization-dominbatterypercentageallowedtoupload)
--   [DeliveryOptimization/DOMinDiskSizeAllowedToPeer](#deliveryoptimization-domindisksizeallowedtopeer)
--   [DeliveryOptimization/DOMinFileSizeToCache](#deliveryoptimization-dominfilesizetocache)
--   [DeliveryOptimization/DOMinRAMAllowedToPeer](#deliveryoptimization-dominramallowedtopeer)
--   [DeliveryOptimization/DOModifyCacheDrive](#deliveryoptimization-domodifycachedrive)
--   [DeliveryOptimization/DOMonthlyUploadDataCap](#deliveryoptimization-domonthlyuploaddatacap)
--   [DeliveryOptimization/DOPercentageMaxBackgroundBandwidth](#deliveryoptimization-dopercentagemaxbackgroundbandwidth)
--   [DeliveryOptimization/DOPercentageMaxDownloadBandwidth](#deliveryoptimization-dopercentagemaxdownloadbandwidth)
--   [DeliveryOptimization/DOPercentageMaxForegroundBandwidth](#deliveryoptimization-dopercentagemaxforegroundbandwidth)
--   [DeliveryOptimization/DORestrictPeerSelectionBy](#deliveryoptimization-dorestrictpeerselectionby)
--   [DeliveryOptimization/DOSetHoursToLimitBackgroundDownloadBandwidth](#deliveryoptimization-dosethourstolimitbackgrounddownloadbandwidth)
--   [DeliveryOptimization/DOSetHoursToLimitForegroundDownloadBandwidth](#deliveryoptimization-dosethourstolimitforegrounddownloadbandwidth)
 -   [DeviceLock/AllowIdleReturnWithoutPassword](#devicelock-allowidlereturnwithoutpassword)
 -   [DeviceLock/AllowSimpleDevicePassword](#devicelock-allowsimpledevicepassword)
 -   [DeviceLock/AlphanumericDevicePasswordRequired](#devicelock-alphanumericdevicepasswordrequired)
@@ -5223,26 +5203,6 @@ The following diagram shows the Policy configuration service provider in tree fo
 -   [DeviceLock/MinDevicePasswordComplexCharacters](#devicelock-mindevicepasswordcomplexcharacters)
 -   [DeviceLock/AllowIdleReturnWithoutPassword](#devicelock-allowidlereturnwithoutpassword)
 -   [DeviceLock/DevicePasswordEnabled](#devicelock-devicepasswordenabled)
--   [DeliveryOptimization/DODownloadMode](#deliveryoptimization-dodownloadmode)
--   [DeliveryOptimization/DOGroupId](#deliveryoptimization-dogroupid)
--   [DeliveryOptimization/DOGroupIdSource](#deliveryoptimization-dogroupidsource)
--   [DeliveryOptimization/DOMaxCacheAge](#deliveryoptimization-domaxcacheage)
--   [DeliveryOptimization/DOMaxCacheSize](#deliveryoptimization-domaxcachesize)
--   [DeliveryOptimization/DOMaxDownloadBandwidth](#deliveryoptimization-domaxdownloadbandwidth)
--   [DeliveryOptimization/DOMaxUploadBandwidth](#deliveryoptimization-domaxuploadbandwidth)
--   [DeliveryOptimization/DOMinBackgroundQos](#deliveryoptimization-dominbackgroundqos)
--   [DeliveryOptimization/DOMinBatteryPercentageAllowedToUpload](#deliveryoptimization-dominbatterypercentageallowedtoupload)
--   [DeliveryOptimization/DOMinDiskSizeAllowedToPeer](#deliveryoptimization-domindisksizeallowedtopeer)
--   [DeliveryOptimization/DOMinFileSizeToCache](#deliveryoptimization-dominfilesizetocache)
--   [DeliveryOptimization/DOMinRAMAllowedToPeer](#deliveryoptimization-dominramallowedtopeer)
--   [DeliveryOptimization/DOModifyCacheDrive](#deliveryoptimization-domodifycachedrive)
--   [DeliveryOptimization/DOMonthlyUploadDataCap](#deliveryoptimization-domonthlyuploaddatacap)
--   [DeliveryOptimization/DOPercentageMaxBackgroundBandwidth](#deliveryoptimization-dopercentagemaxbackgroundbandwidth)
--   [DeliveryOptimization/DOPercentageMaxDownloadBandwidth](#deliveryoptimization-dopercentagemaxdownloadbandwidth)
--   [DeliveryOptimization/DOPercentageMaxForegroundBandwidth](#deliveryoptimization-dopercentagemaxforegroundbandwidth)
--   [DeliveryOptimization/DORestrictPeerSelectionBy](#deliveryoptimization-dorestrictpeerselectionby)
--   [DeliveryOptimization/DOSetHoursToLimitBackgroundDownloadBandwidth](#deliveryoptimization-dosethourstolimitbackgrounddownloadbandwidth)
--   [DeliveryOptimization/DOSetHoursToLimitForegroundDownloadBandwidth](#deliveryoptimization-dosethourstolimitforegrounddownloadbandwidth)
 -   [Experience/AllowCortana](#experience-allowcortana)
 -   [InternetExplorer/DisableActiveXVersionListAutoDownload](#internetexplorer-disableactivexversionlistautodownload)
 -   [InternetExplorer/DisableCompatView](#internetexplorer-disablecompatview)
diff --git a/windows/client-management/mdm/policy-csp-deliveryoptimization.md b/windows/client-management/mdm/policy-csp-deliveryoptimization.md
index 5cb0dd35f7..c41848da3b 100644
--- a/windows/client-management/mdm/policy-csp-deliveryoptimization.md
+++ b/windows/client-management/mdm/policy-csp-deliveryoptimization.md
@@ -1703,53 +1703,10 @@ This policy allows an IT Admin to define the following:
 <!--/Policies-->
 
 <!--StartHoloLens-->
-## <a href="" id="hololenspolicies"></a>DeliveryOptimization policies supported by Windows Holographic
 
--   [DeliveryOptimization/DODownloadMode](#deliveryoptimization-dodownloadmode)
--   [DeliveryOptimization/DOGroupId](#deliveryoptimization-dogroupid)
--   [DeliveryOptimization/DOGroupIdSource](#deliveryoptimization-dogroupidsource)
--   [DeliveryOptimization/DOMaxCacheAge](#deliveryoptimization-domaxcacheage)
--   [DeliveryOptimization/DOMaxCacheSize](#deliveryoptimization-domaxcachesize)
--   [DeliveryOptimization/DOMaxDownloadBandwidth](#deliveryoptimization-domaxdownloadbandwidth)
--   [DeliveryOptimization/DOMaxUploadBandwidth](#deliveryoptimization-domaxuploadbandwidth)
--   [DeliveryOptimization/DOMinBackgroundQos](#deliveryoptimization-dominbackgroundqos)
--   [DeliveryOptimization/DOMinBatteryPercentageAllowedToUpload](#deliveryoptimization-dominbatterypercentageallowedtoupload)
--   [DeliveryOptimization/DOMinDiskSizeAllowedToPeer](#deliveryoptimization-domindisksizeallowedtopeer)
--   [DeliveryOptimization/DOMinFileSizeToCache](#deliveryoptimization-dominfilesizetocache)
--   [DeliveryOptimization/DOMinRAMAllowedToPeer](#deliveryoptimization-dominramallowedtopeer)
--   [DeliveryOptimization/DOModifyCacheDrive](#deliveryoptimization-domodifycachedrive)
--   [DeliveryOptimization/DOMonthlyUploadDataCap](#deliveryoptimization-domonthlyuploaddatacap)
--   [DeliveryOptimization/DOPercentageMaxBackgroundBandwidth](#deliveryoptimization-dopercentagemaxbackgroundbandwidth)
--   [DeliveryOptimization/DOPercentageMaxDownloadBandwidth](#deliveryoptimization-dopercentagemaxdownloadbandwidth)
--   [DeliveryOptimization/DOPercentageMaxForegroundBandwidth](#deliveryoptimization-dopercentagemaxforegroundbandwidth)
--   [DeliveryOptimization/DORestrictPeerSelectionBy](#deliveryoptimization-dorestrictpeerselectionby)
--   [DeliveryOptimization/DOSetHoursToLimitBackgroundDownloadBandwidth](#deliveryoptimization-dosethourstolimitbackgrounddownloadbandwidth)
--   [DeliveryOptimization/DOSetHoursToLimitForegroundDownloadBandwidth](#deliveryoptimization-dosethourstolimitforegrounddownloadbandwidth)
 <!--EndHoloLens-->
   
 <!--StartHoloLensBusiness-->
-## <a href="" id="hololenbusinessspolicies"></a>DeliveryOptimization policies supported by Windows Holographic for Business
-
--   [DeliveryOptimization/DODownloadMode](#deliveryoptimization-dodownloadmode)
--   [DeliveryOptimization/DOGroupId](#deliveryoptimization-dogroupid)
--   [DeliveryOptimization/DOGroupIdSource](#deliveryoptimization-dogroupidsource)
--   [DeliveryOptimization/DOMaxCacheAge](#deliveryoptimization-domaxcacheage)
--   [DeliveryOptimization/DOMaxCacheSize](#deliveryoptimization-domaxcachesize)
--   [DeliveryOptimization/DOMaxDownloadBandwidth](#deliveryoptimization-domaxdownloadbandwidth)
--   [DeliveryOptimization/DOMaxUploadBandwidth](#deliveryoptimization-domaxuploadbandwidth)
--   [DeliveryOptimization/DOMinBackgroundQos](#deliveryoptimization-dominbackgroundqos)
--   [DeliveryOptimization/DOMinBatteryPercentageAllowedToUpload](#deliveryoptimization-dominbatterypercentageallowedtoupload)
--   [DeliveryOptimization/DOMinDiskSizeAllowedToPeer](#deliveryoptimization-domindisksizeallowedtopeer)
--   [DeliveryOptimization/DOMinFileSizeToCache](#deliveryoptimization-dominfilesizetocache)
--   [DeliveryOptimization/DOMinRAMAllowedToPeer](#deliveryoptimization-dominramallowedtopeer)
--   [DeliveryOptimization/DOModifyCacheDrive](#deliveryoptimization-domodifycachedrive)
--   [DeliveryOptimization/DOMonthlyUploadDataCap](#deliveryoptimization-domonthlyuploaddatacap)
--   [DeliveryOptimization/DOPercentageMaxBackgroundBandwidth](#deliveryoptimization-dopercentagemaxbackgroundbandwidth)
--   [DeliveryOptimization/DOPercentageMaxDownloadBandwidth](#deliveryoptimization-dopercentagemaxdownloadbandwidth)
--   [DeliveryOptimization/DOPercentageMaxForegroundBandwidth](#deliveryoptimization-dopercentagemaxforegroundbandwidth)
--   [DeliveryOptimization/DORestrictPeerSelectionBy](#deliveryoptimization-dorestrictpeerselectionby)
--   [DeliveryOptimization/DOSetHoursToLimitBackgroundDownloadBandwidth](#deliveryoptimization-dosethourstolimitbackgrounddownloadbandwidth)
--   [DeliveryOptimization/DOSetHoursToLimitForegroundDownloadBandwidth](#deliveryoptimization-dosethourstolimitforegrounddownloadbandwidth)
 <!--EndHoloLensBusiness-->
 
 <!--StartIoTCore-->

From 19294cb9f5884671af9631992328244842f6567e Mon Sep 17 00:00:00 2001
From: ManikaDhiman <v-madhi@microsoft.com>
Date: Wed, 22 May 2019 15:30:54 -0700
Subject: [PATCH 150/157] Removed IE policies from Hololens sections

---
 .../mdm/policy-configuration-service-provider.md          | 6 ------
 .../client-management/mdm/policy-csp-internetexplorer.md  | 8 --------
 2 files changed, 14 deletions(-)

diff --git a/windows/client-management/mdm/policy-configuration-service-provider.md b/windows/client-management/mdm/policy-configuration-service-provider.md
index bdcf382e09..46a8f4ff4e 100644
--- a/windows/client-management/mdm/policy-configuration-service-provider.md
+++ b/windows/client-management/mdm/policy-configuration-service-provider.md
@@ -5154,9 +5154,6 @@ The following diagram shows the Policy configuration service provider in tree fo
 -   [DeviceLock/MinDevicePasswordComplexCharacters](#devicelock-mindevicepasswordcomplexcharacters)
 -   [DeviceLock/MinDevicePasswordLength](#devicelock-mindevicepasswordlength)
 -   [Experience/AllowCortana](#experience-allowcortana)
--   [InternetExplorer/DisableActiveXVersionListAutoDownload](#internetexplorer-disableactivexversionlistautodownload)
--   [InternetExplorer/DisableCompatView](#internetexplorer-disablecompatview)
--   [InternetExplorer/DisableGeolocation](#internetexplorer-disablegeolocation)
 -   [Privacy/AllowInputPersonalization](#privacy-allowinputpersonalization)
 -   [Search/AllowSearchToUseLocation](#search-allowsearchtouselocation)
 -   [Security/RequireDeviceEncryption](#security-requiredeviceencryption)
@@ -5204,9 +5201,6 @@ The following diagram shows the Policy configuration service provider in tree fo
 -   [DeviceLock/AllowIdleReturnWithoutPassword](#devicelock-allowidlereturnwithoutpassword)
 -   [DeviceLock/DevicePasswordEnabled](#devicelock-devicepasswordenabled)
 -   [Experience/AllowCortana](#experience-allowcortana)
--   [InternetExplorer/DisableActiveXVersionListAutoDownload](#internetexplorer-disableactivexversionlistautodownload)
--   [InternetExplorer/DisableCompatView](#internetexplorer-disablecompatview)
--   [InternetExplorer/DisableGeolocation](#internetexplorer-disablegeolocation)
 -   [Privacy/AllowInputPersonalization](#privacy-allowinputpersonalization)
 -   [Search/AllowSearchToUseLocation](#search-allowsearchtouselocation)
 -   [Security/RequireDeviceEncryption](#security-requiredeviceencryption)
diff --git a/windows/client-management/mdm/policy-csp-internetexplorer.md b/windows/client-management/mdm/policy-csp-internetexplorer.md
index c9be35eac1..eef9f657f6 100644
--- a/windows/client-management/mdm/policy-csp-internetexplorer.md
+++ b/windows/client-management/mdm/policy-csp-internetexplorer.md
@@ -17429,19 +17429,11 @@ ADMX Info:
 <!--/Policies-->
 
 <!--StartHoloLens-->
-## <a href="" id="hololenspolicies"></a>InternetExplorer policies supported by Windows Holographic
 
-- [InternetExplorer/DisableActiveXVersionListAutoDownload](#internetexplorer-disableactivexversionlistautodownload)
-- [InternetExplorer/DisableCompatView](#internetexplorer-disablecompatview)
-- [InternetExplorer/DisableGeolocation](#internetexplorer-disablegeolocation)
 <!--EndHoloLens-->
 
 <!--StartHoloLensBusiness-->
-## <a href="" id="hololenbusinessspolicies"></a>InternetExplorer policies supported by Windows Holographic for Business
 
-- [InternetExplorer/DisableActiveXVersionListAutoDownload](#internetexplorer-disableactivexversionlistautodownload)
-- [InternetExplorer/DisableCompatView](#internetexplorer-disablecompatview)
-- [InternetExplorer/DisableGeolocation](#internetexplorer-disablegeolocation)
 <!--EndHoloLensBusiness-->
 
 <!--StartIoTCore-->

From 214e5eb1f34f9461444803dc11b10db7e445e823 Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Wed, 22 May 2019 16:00:11 -0700
Subject: [PATCH 151/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services.md

---
 ...erating-system-components-to-microsoft-services.md | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
index ef5baca3de..23fa72cfee 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
@@ -32,11 +32,8 @@ If you want to minimize connections from Windows to Microsoft services, or confi
 
 You can configure diagnostic data at the Security/Basic level, turn off Windows Defender diagnostic data and MSRT reporting, and turn off all other connections to Microsoft network endpoints as described in this article to help prevent Windows from sending any data to Microsoft. There are many reasons why these communications are enabled by default, such as updating malware definitions and maintain current certificate revocation lists, which is why we strongly recommend against this. This data helps us deliver a secure, reliable, and more delightful personalized experience.
 
-To help make it easier to deploy settings to restrict connections from Windows 10 to Microsoft, you can apply the [Windows Restricted Traffic Limited Functionality Baseline](https://go.microsoft.com/fwlink/?linkid=828887).
-This baseline was created in the same way as the [Windows security baselines](/windows/device-security/windows-security-baselines) that are often used to efficiently configure Windows to a known secure state.
-Running the Windows Restricted Traffic Limited Functionality Baseline on devices in your organization will allow you to quickly configure all of the settings covered in this document.
-However, some of the settings reduce the functionality and security configuration of your device and are therefore not recommended.
-Make sure you've chosen the right settings configuration for your environment before applying.
+To help make it easier to deploy settings to restrict connections from Windows 10 to Microsoft, you can apply the [Windows Restricted Traffic Limited Functionality Baseline](https://go.microsoft.com/fwlink/?linkid=828887), but **before applying it please ensure that Windows and Windows Defender are fully up to date**.  Failure to do so may result in errors. This baseline was created in the same way as the [Windows security baselines](/windows/device-security/windows-security-baselines) that are often used to efficiently configure Windows to a known secure state.
+Running the Windows Restricted Traffic Limited Functionality Baseline on devices in your organization will allow you to quickly configure all of the settings covered in this document. However, some of the settings reduce the functionality and security configuration of your device and are therefore not recommended. Make sure you've chosen the right settings configuration for your environment before applying.
 You should not extract this package to the windows\\system32 folder because it will not apply correctly.
 
 Applying the Windows Restricted Traffic Limited Functionality Baseline is the same as applying each setting covered in this article.
@@ -1593,7 +1590,9 @@ When turned off, the Wi-Fi Sense settings still appear on the Wi-Fi Settings scr
 
 You can disconnect from the Microsoft Antimalware Protection Service. 
 
-On Windows 10 1903 Client operating systems and newer search on "Tamper Protection" from the Windows search button next to the Start button on the desktop commmand bar.  Scroll down to the Tamper Protection toggle and turn it **Off**.  This will allow you to modify the Registry key and allow the Group Policy to make the setting. Alternatively, go to Windows Security Settings -> Virus & threat protection, click on Manage settings and then scroll down to the Tamper Protection toggle and set it to **Off**. 
+**Required Steps BEFORE setting the windows Defender Group Policy or RegKey on Windows 10 version 1903**
+1. Ensure Windows and Windows Defender are fully up to date.
+2. Search the Start menu for "Tamper Protection" by clicking on the search icon next to the Windows Start button.  Then scroll down to the Tamper Protection toggle and turn it **Off**.  This will allow you to modify the Registry key and allow the Group Policy to make the setting. Alternatively, you can go to **Windows Security Settings -> Virus & threat protection, click on Manage Settings** link and then scroll down to the Tamper Protection toggle to set it to **Off**. 
 
 - **Enable** the Group Policy **Computer Configuration** &gt; **Administrative Templates** &gt; **Windows Components** &gt; **Windows Defender Antivirus** &gt; **MAPS** &gt; **Join Microsoft MAPS** and then select **Disabled** from the drop down box named **Join Microsoft MAPS**
 

From ed9124788c51a67e9aaf20f6941faf236e7412ae Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Wed, 22 May 2019 16:01:27 -0700
Subject: [PATCH 152/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services.md

---
 ...windows-operating-system-components-to-microsoft-services.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
index 23fa72cfee..e4a1de926d 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
@@ -1590,7 +1590,7 @@ When turned off, the Wi-Fi Sense settings still appear on the Wi-Fi Settings scr
 
 You can disconnect from the Microsoft Antimalware Protection Service. 
 
-**Required Steps BEFORE setting the windows Defender Group Policy or RegKey on Windows 10 version 1903**
+**Required Steps BEFORE setting the Windows Defender Group Policy or RegKey on Windows 10 version 1903**
 1. Ensure Windows and Windows Defender are fully up to date.
 2. Search the Start menu for "Tamper Protection" by clicking on the search icon next to the Windows Start button.  Then scroll down to the Tamper Protection toggle and turn it **Off**.  This will allow you to modify the Registry key and allow the Group Policy to make the setting. Alternatively, you can go to **Windows Security Settings -> Virus & threat protection, click on Manage Settings** link and then scroll down to the Tamper Protection toggle to set it to **Off**. 
 

From 7c680615f1f4a68ef7df0a9a27e50400c69dfa83 Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Wed, 22 May 2019 16:05:26 -0700
Subject: [PATCH 153/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services.md

---
 ...ws-operating-system-components-to-microsoft-services.md | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
index e4a1de926d..1b75343f35 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
@@ -1590,9 +1590,10 @@ When turned off, the Wi-Fi Sense settings still appear on the Wi-Fi Settings scr
 
 You can disconnect from the Microsoft Antimalware Protection Service. 
 
-**Required Steps BEFORE setting the Windows Defender Group Policy or RegKey on Windows 10 version 1903**
-1. Ensure Windows and Windows Defender are fully up to date.
-2. Search the Start menu for "Tamper Protection" by clicking on the search icon next to the Windows Start button.  Then scroll down to the Tamper Protection toggle and turn it **Off**.  This will allow you to modify the Registry key and allow the Group Policy to make the setting. Alternatively, you can go to **Windows Security Settings -> Virus & threat protection, click on Manage Settings** link and then scroll down to the Tamper Protection toggle to set it to **Off**. 
+>[!IMPORTANT]
+>**Required Steps BEFORE setting the Windows Defender Group Policy or RegKey on Windows 10 version 1903**
+>1. Ensure Windows and Windows Defender are fully up to date.
+>2. Search the Start menu for "Tamper Protection" by clicking on the search icon next to the Windows Start button.  Then scroll down to >the Tamper Protection toggle and turn it **Off**.  This will allow you to modify the Registry key and allow the Group Policy to make >the setting. Alternatively, you can go to **Windows Security Settings -> Virus & threat protection, click on Manage Settings** link >and then scroll down to the Tamper Protection toggle to set it to **Off**. 
 
 - **Enable** the Group Policy **Computer Configuration** &gt; **Administrative Templates** &gt; **Windows Components** &gt; **Windows Defender Antivirus** &gt; **MAPS** &gt; **Join Microsoft MAPS** and then select **Disabled** from the drop down box named **Join Microsoft MAPS**
 

From f376c502ac6dc66ca2004fa5c6b89e3c83380f91 Mon Sep 17 00:00:00 2001
From: Mike Edgar <49731348+medgarmedgar@users.noreply.github.com>
Date: Wed, 22 May 2019 16:08:08 -0700
Subject: [PATCH 154/157] Update
 manage-connections-from-windows-operating-system-components-to-microsoft-services.md

---
 ...windows-operating-system-components-to-microsoft-services.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
index 1b75343f35..c68d13cadf 100644
--- a/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
+++ b/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services.md
@@ -32,7 +32,7 @@ If you want to minimize connections from Windows to Microsoft services, or confi
 
 You can configure diagnostic data at the Security/Basic level, turn off Windows Defender diagnostic data and MSRT reporting, and turn off all other connections to Microsoft network endpoints as described in this article to help prevent Windows from sending any data to Microsoft. There are many reasons why these communications are enabled by default, such as updating malware definitions and maintain current certificate revocation lists, which is why we strongly recommend against this. This data helps us deliver a secure, reliable, and more delightful personalized experience.
 
-To help make it easier to deploy settings to restrict connections from Windows 10 to Microsoft, you can apply the [Windows Restricted Traffic Limited Functionality Baseline](https://go.microsoft.com/fwlink/?linkid=828887), but **before applying it please ensure that Windows and Windows Defender are fully up to date**.  Failure to do so may result in errors. This baseline was created in the same way as the [Windows security baselines](/windows/device-security/windows-security-baselines) that are often used to efficiently configure Windows to a known secure state.
+To help make it easier to deploy settings to restrict connections from Windows 10 to Microsoft, you can apply the [Windows Restricted Traffic Limited Functionality Baseline](https://go.microsoft.com/fwlink/?linkid=828887), but **before application please ensure that Windows and Windows Defender are fully up to date**.  Failure to do so may result in errors. This baseline was created in the same way as the [Windows security baselines](/windows/device-security/windows-security-baselines) that are often used to efficiently configure Windows to a known secure state.
 Running the Windows Restricted Traffic Limited Functionality Baseline on devices in your organization will allow you to quickly configure all of the settings covered in this document. However, some of the settings reduce the functionality and security configuration of your device and are therefore not recommended. Make sure you've chosen the right settings configuration for your environment before applying.
 You should not extract this package to the windows\\system32 folder because it will not apply correctly.
 

From ebe34dcee4e1eb2a69b2db97733774fd32af1932 Mon Sep 17 00:00:00 2001
From: jcaparas <macapara@microsoft.com>
Date: Wed, 22 May 2019 16:43:38 -0700
Subject: [PATCH 155/157] Add files via upload

---
 .../images/ATP_Portal_Onboarding_page.png      | Bin 0 -> 245770 bytes
 1 file changed, 0 insertions(+), 0 deletions(-)
 create mode 100644 windows/security/threat-protection/windows-defender-antivirus/images/ATP_Portal_Onboarding_page.png

diff --git a/windows/security/threat-protection/windows-defender-antivirus/images/ATP_Portal_Onboarding_page.png b/windows/security/threat-protection/windows-defender-antivirus/images/ATP_Portal_Onboarding_page.png
new file mode 100644
index 0000000000000000000000000000000000000000..3a001d880dea8502356ee65d578d02fcc5294515
GIT binary patch
literal 245770
zcmbTe1yEeiwl_*b0zpC&+#Q0uYjAh>;I4zqkl^mF!Gi_Yftlbz2X}XOm*J6f{`b85
zzPiu8T{ShmyMIf2t)5-Idri2qqSSk2d}KH{xc4&B;;L|P@H=pDuSed!e(4dHzRG*~
zLUNMU0l>i#h5r4#irqRhhl6`dXsxd8s;wZ;XX<FrWNhYWV$S4g@AQI(gA)+;bTT%z
zHFqU7F}JjK5F|eVLC8t1%>>D{I2BkFoW#tntfjqO%+<UV)lI!^O?l18g@s53Jo#Q2
z*qgf=lX}|QIRN-P1<C)#m+z(hx0{)q^j{EHTS0P>zXD0M6_iQE99_&wIhnW^O<6hE
zNV$2LSh-ku**F+T*;rV)nOV4*S=kv`Sov7E_}F<#|GCItq`8<`@TrPR{v+$<PLSNn
z)zyiQnc2g`gUN%P$<f7<nU$B9mzjl)nT?I{1;GgLa&R^FWOM*f{1*ptbAYLfwUev0
zqXX$*j>aaAZmxplFPi?_1be6duyp|Z<E9sfF?$+2F|#tU{59!cKr_?-;GEoC?EWR(
z%#_*O&fMPI!4>d=W&ID<$;#2y5n$!`f5ZAe!~YinFRoQk_>YYLQ5Spr|A+v%O1Qt6
z@sC6PM>Ig)%gLNs)g0jH=3;6t;r^l~#b0Zj_{3byja?mG)Eyn|{%fL?|4U_3F|ofB
z!$V4=W$j?*=mDVpZ#3rO#;)dq<S*mAj4YgtY;5YRFSEwY$H~gb!p+CR@^7euqnWjZ
z*Z&CR`Cp+gQDbK8YW)8SHZ$e3aCEUZezDow-q_Nd*~!6@ob*4Q<P&qWb98wT{GuKE
zfA5zO6H|6^w6L~&833qCiIU1lh;gy<a&a-TF|qzjT?GX`83%x?v4g3(jJP2Ai+`A`
zt<Cs&*tl5CdAYe6E!a$W8O<y>*co{&cr0F8=IlJ|#;m-?Y+V0EFYajS_BRUti{9-2
zC%ux3^-C5S+x>6z`J0=6!-r4W8t^i)UjJl|nz{2oEjw${e?<(RvFYDT5F|JK8v^EL
z<o|SA|8INX-)uds%wL%PKg7kqVE{)9R}W(sa}moIZ~cD>J?0nvng6EkzfEEOU#<Mt
z*ndm$|AN1)8-JVsS+HJi{<GwnJG`uOE-wpOiimYG9DHk%jJSxp=lo&z+pm~?_<b`Y
z2_PD0GD=S;508>&t+>W7c|8qQw5mUP@|r;)y>D=2UtUvEeq0C2FzwJgy5Ai0)Yreg
zmxZis6nTIE>~(dZx@X7hOvlrT3Wf;sn`3_E$-V-e1I^w5fdJB)Sme+(N@_qi4;uWx
zR$@4~FW-!DTlB%^gV?3&vS%wgLn5+<ep$);A1x=b*WbWY$^$7uGLc0~eeaM*-v2`r
zR?QHp?jtWRKb*nol_y`9mKmjo&Dbxi{xu4(D=bzECuT!xP7S@fa^-jUtAEpcOZ}-{
zsv3#S$k4Tb8p116&48#W3t+hZB&ZQ*lUkcru$oAbY|H@v8Q~upA1P(<qa}kyJDjs5
z8aAYxDJn<SIU?(Br7q({%CfsyHLEd(IC{U^ApRQ<TY6`Mk5kBWGw^H1(VvlFa2_3F
zwBjFLr#Y8=iXYzyGcl4nP|Bd&V+t=cE;P1Lu)M<j2eAw<9ahH>Dc(|7mk7!PMMlaw
zIk5(d=Bd)+g$zTX(EffIMa6!N9SbwFh>hKKr7sQt`0qC&VxKeRbUe%*04Ucf@V>Iq
z2n-C=pu_57S$8LtvVNC9IhNAh-7UphGd4Ch;}}$6a6+>v@*nb*<ii*=G)6s+D$RCX
zX(txdHOT^2W@e>J6aW6yrG*84O3FfDd+XJ~48POq=tiIOi7N6>_rF@-_T}E?`_PY6
z3H%YBF`g5FyXF4A=~?sRM-}+~^^?SFgYqepfCChng!~^(PgugE9F>~oW6S$fWho3Q
z>)rioJ~u~ArT)rCe|eqym(JY94KjlX`()mgA;3My@N19GVGX2`+#k)*B@dXf<yA>n
zEtv6H5LxwAis1Krz?8^)6CA9YE<fF_r-fs=qmbE@W_{0S{_hF-=D+{lQDY~EiWSi#
zij=hgd(bap@1lE&Wfu+Z85#!L<+Po~y*}cWjwFbdw1vYPp`KgGzZx@2pj1KAt!z}t
zoK{p+luKbOSz&nbmA|?zs?W}8)=6dCjlufD%F<tzPnL7f6P6%snnm22^$6Se-#%d$
z5BH4cS0hT*gb@XpA+EiMnn`GXi8}cED>0*CiwimLCxal+EuQtw<D+jOtgg1M$!_Ty
ztPZNCN$`8C>~)Rhy?0Q)_uTbJRP&&P`5gLb=7e=dsT*z;I*iiy3aSkUx14wIk<fI&
zqdOy}OaC=X0RlIs6GPvJCY<uXw^QA(%f3pLe63$=cT*>MygThH@_!V1&J}c8P2_5I
zrkqQbHD6h7*EcY@^cGZIzGhpxPRFW#l6B4b^tR5=<Ps3rF<NFGd3kxsZV7GIq<HGr
zNO@C7lKf@$5wg?r&gcvWg8p2u{rTNFG^FY|uEE)A#&%Sxu7s;xBmP+u))Jv3-y{s+
z(ZFxaW%IlLZFtl(xalZtberEUX6wto9Xc-C<FhCE+_9{dMPyPwyi!xgdc3u9`yln!
zoe9ntb51^vlIj~V_N^3CX6oVhsTvCmmOk<{E|h}dEWAESbTD<u>!HFvI`=O8XkX@7
z(Z&0ZH65UB-=v*_+rw&loChm~Xf#5ftKV<?-{1(J-h8Usi6NR#rBNZ2ad%Ey0#?z0
z@G_{)W2gp_%GFzJwq&vV1PoYHjN`)mvuSYrr;6R^lVz`Tqs5;}k#!}dtkqFsw6M_w
zX0|y7$3>^5!(}}WzH>U`3V;1}fpmJqy2yk}rPxES@Z?ZU%kMCi5DcB9@whI6w^_2Z
zgN7Jpa#aWtTz`x6G?W=}ikven7da8g5^Z=4rOdZdYGGUf*nNo{Z{gkR?QUkDIjKdZ
zCX->mxbK%7MvS?u&_xO^$oe`Ko4y!T2<VH|2fJ}sjam(#4tpp4#>GAm_U@0!g$ygi
zK>RwaFRr^JCmq>_Rt{mK64>hHJ#Aj>khz*Wl{{G02ilF@0SjkYO|aw!c!}Q=RE|5J
zgpN^Tx0O*ZFoAg79dAB_RW*Kec4QzY=>a=Vh364**){w6M#72XVJ9XO@<t~mj&Is#
zvREy%cllU0r8v>V(Q&SgotpQ-@#^iafGXy|dxT)P)voko)Yqm*O+P~Sq+0iGTS|B|
zFXV>$5hu1xg5LCBl@+N^=(R$P9uA{4tCtjlwHv_Nlg12!_m0HW_sZRaGfTt6QxZC9
zC7L_ig=S{#43-NIWFY-Q#X|FeRDc?->swxx8<KRL<E5FTI|4+-uu$xe`U9Y_$RKhB
zNdrk2QB_Ie{XOB!@9@u`9-p2vxovG&a1AqjY@U9T^?y=sm5rv$Yu2fnAaG8g)A*$-
zBKbH~&V6xZ5kYxaQXY}3K%Lms<WZi&=zcQyupfMHsm{+-#+WauV=l&Q{XLxbf|OY(
z_3F&S3h!_?qAqsawQu7xO?138flXY(96K#W=ns?=qiyJMVIGI5t;}lAxC;_*T>N+&
z)}qI(j6ProJg#O2Fh37Qw3w^wA1<LtHzYRSZRXgcm1?1;z{V`DHyT-P*ICJqf-irb
z8XbBG2e_{?7y8zGCN~7h{RtA*$9_`cu?Q&C?$xjBTYW`j%Y?7(aemJNEFTB#Hg#du
z;9wK-&|flC7!X{{O&@UX9`t_KipgdFWBx`&qkO@2bC$Nnc?R(Ve)Ekehh<6Xoeg?G
zAi|)WV%E%blwSBeMITz^B3F&WGcR_R2+u)^4T`P1pfGmAW)Na>H4et~#k!%;$$CCq
zeLC|FR;7de`;-Q?cImB)Mxy81)NVtX_%EERo5yNE17Sa>huMdwoZ@Z1GX2)e=kYjS
ztLYTV%)oxzI={2cuhXV$1UVarA5cEaWSKKS#G@HDJ7X)zFw_zs><-3Exk)IIQxOQX
zL07ZWoSId)M}`?0n9JYWW<{aQ38_^4p>Kn@bRqVD31ryr7xeK-mtfOOVj~WeYkLl>
zgtMY+uZB6DJU>HwchRwjOcK9zxj{{$2~+ea_J!PcWS<`Z-6XWFLEW<8;u<(O&#mvG
z>pvGv^`GP#9CV>eb7R_RK2MMRK1y{$Su4acs=L_cxVncCw<W4yu!gG0Eyfct`*)i&
zin9AAT`M;wKV8EM6$W|aiIhEk2(ew}2<xKPy7^s8;g36)?{$E09uc(Cto6&{{Z&Ec
zXK0pTo734-5JR5UBk4UBPGJk+>uyCZ&_RD$t8$E&E*pb<L@`Z(mRjR;Or9@I{|Gmy
zUYkqTi6m;3^3cMVNd5#KW{hk$-xKh*CwGTgv7g=V&ETusP3!UIJbmg3l(MA}Zb{UW
zu=F9jn$i8MvZR>sX8cc2vqR@lZycp(T{i+Q$6_9@^@^09+tAh}6!%Q`D%GO%I~1I{
zx;i75vwHyZ9~zOs%bz=}Rh2gbBS1Gn=b_(8v}<i;1vi~&U{hNj6G?19oTBXk=tt$v
zcq6gI7HV%hWaf!5Gqt3H#ky}q(13MF9?)E5ySftKhI{Xa6pUobQSn3BnalBhRA|GZ
zise+q>8*rqjn62smu~J32R<Kv!|;-?ljkAH-QL1YrPka8BK0R|g$$hXvGKe;LF@;!
z0&Z-00?`^Fo9*<bB-!$A0qLCcgNWu@So7yK%lUfyi8kwr;%EXc8||t)%fJLmteY(1
znN}ClT-o}eH>Gr#R=i(o<Tdl0u6`?42nXn3v@0Ls>=4iPrgWD<H~_DAa+!Sbs0&00
zdDaYnmiyVx8hKh#PzafH%iHtQAmxgM!h}it!B*lY`%|{{HdD30cJHhGrdfZ^z6|CV
z2$`N75yR)un*G&ON>)g)anAF2g7UlA2(SfZ(2f0!`^DM2@YC%^vruR#+DYU=gNdvh
z%G^TabY%B(vuKM?>QDc(`MZdS$z#U-$x1EA%j55Rg2{3<(DCLJ2=6hud~3=AN4Cb%
zT_1H;zV*Yiu|8-X=nWpR7<4le{8W`ip;&+4E&KA6@l6;z5%;;Vd3Yxg?RfdrJl0*K
zT+?<e@1}Pt)be@sq3iC5tlfbtvyv#o>6!1rcm#}VYNCutOO;b>%lAtW4O)nWzVIb=
zb>o=G<|qQzW@b588x11nZ-gYJj+cbljjWDv+RhxF_PCaUVgseZ1*KxHZ46&s(dB>c
ze{iq>etVS)V!rqDV`VCqc$&XDn5tU(X-}@<eQ*M4>G!$|@W++His)A1p7Z^^8_4gU
zYPpDiWB;5nWy@tZTkQ~7Twqz{%CN9Mv`67K;E9Byf$k&>=Z_~P)we%Yo;hUkpyIAl
zf6>%7cer|}QED<bn~BqTEYL|My*!AC+``4Zby$jlknXW{-ZP9)$0G1pYc_Lm)gvZK
zr}>i<?eS@<#@&|NgrzPY%!(3_XrWD6w8ScJi7mU$QyK2TJBq6l;*-lwC882#=zlz3
zNo~-|Q4aCE*^;7^7?lPUxNN=>195pd?U|hQUWvzYVy8~-&CcmOT}~D`g>VOW>g=p;
zuhh#Je5O^2%k;Wh57rmN&}}iC%O77t9MQ0!FKw<k9lDF;^#+R1<w<`Tlyp-$Nzcvp
z-M=)yxag8v`YE<C&FGhn6?~VDGm<mR?Ues0<zvHPMSQp;QeB*>H6o;_a`99wuF)WS
z=gv9!BjlLn6y?TJCrVLj+NKZ+^{7&=vsDt{W<7V&PD<y_J(OHz%}S8YW|5~zRiOrG
z+N`HPL7J3Cz)ryDaUBZTdLk-W^_VSL^<QcYcJE4t!Jfx<-rtc7=*g(c>z^tb;6pU*
zm)b$K+MNY|PW!@r8?cTmGdRy(Rl22?TD^DTX{4|e9V+LW!ukAeow*i@P3b)lAE%Qe
zKjfN+Nl~J?@js+kX_sVV!UNAn8v|Z58gs`4;A0i259@MVIco_;hPPo7Q(4H-W)U>n
zlz=@1=mPgA!8+cLg7uLflbA;OcoI{XwXnL-OBh!SznHS6PnvNoq43)?C-M&EIhR|&
zh(}7DZ$=D2wj`3Tvj4;(bB?LVy*u9P0&yP;d{u`T=&DCTd|oy-#0Xz&-6h)_fo8W*
za1v@8k|uBJm>Q1t1#$*%8y$6ox5sM`d0qRMvWX1@fG5@>i6ciDDW~00;-NxM@Dr0r
zN+xu{DXqY(fsG(k<HHP7)>`$c)~QHz&<7)qj7q2~_-PBkbxczR(Smp-R$I2Mm(aiz
zG#8huc|Z#v5<yK?)1wO-XPX__^i3pTePjUF{m~k~?%;y6J-f_n#-(IW@!6u?lD%E6
z<sR93yK&7CXSQd2c<<uUi~3N-ESyT|nct(m4Rkzl+nHKS-IV4VlpU;gpK=o_GgA2L
zeR9h@k3#Z*O-xzg!$S{p1uk%>xnDfzLOJ(Y_nTC*En{Hb6a9MYwqxh-`G09&U)YHq
z7jAtP60Z@Ik|&vLeN5m@{GcDzDT6G?!zw%Q2_0s*b$c31>t!*?O=Er=N%4_~I{rEN
z{9U2G4%CH_>sL;T`F`q79et%6xBO$aaD5#?3DN%4Hf%fB-|c6ELyz~BrM=RkT+`*w
ziAp_6wsN+^%B1T+#k5I1v6w;oP+BTSt^bMX4D$yYJ;3oY!D8eG@Xe)S;FpX-)de!h
z)2!uv+%JB`6|C~Wd&@eelj-0tBSRhmtL+HR1@0@WWhT18M?>Vwl^<)F?k&wNU@zRu
z=sv|d$4NySw_}1q7k6M?>Al6n=J3wa+|-r==+b*5)18(wfg3h(+gmy%BSY&rzh$@?
zJ#~6{2`td`yAV4yzI@_7^2Q{1C^o=XSd-Ix{rHrfoh2@}0&G^hM3(wIw$PL|ly<he
z$6ng0;;X<EWiT)#d9^efq}$P<_({cEQF0Y3<#<G77ZLg<m*1aw4>^JIIp2o+A|X)6
zOW<e{Yy1l!mOZ{X|9DZWNq&lsg-Ok{bCXijim;7y%s|o#b;y(`+~yqYAnO`RFMYpV
znr+wPZFJ?(aC1(Pv28jzQQzX6>nQ4niP85<XRI)M_KF4fY-<r~i@eF88S__aTt)nm
zfK%_d7X>ACc6d*=`Ruh<AOciy@hFnj)CZe(%x={KUTEXk;1EW7?jq`bbK-wzKcE#P
z<7mMnl}yLJy^kaKU=$4%pSw?WY%}dER(4F+baZ!iTj25<U6s&Nh6jaA&b4jbAej4c
z;4{+3^A5B$uuH}0S4YQz&>q)Hp#17xL)~$2FZ6<Yii^qzFRfN(`jhQJRmYE4{n4fl
zhLLQ5O%#Xwd?<=P?&GeYh%y^ert8J;Y5Tqs)cdl0n{lG(R|SOBPpz;}uzhrfzUtag
z=?3Iz$==A*cj8x<W%NF|X-%(@pBl&#QmGa~F=bdQlFA5q)*LWMsA9))_TX(b>HTpA
z7-P?uR!-m2<2p$Pk5=g(-8YEx=pV~(zdu^ox}j*I$vd%S{klH?c7u>LJ12R4Bh(;j
z29F2h`Ol}`Ccm=Axf-C?7Myub@9O@VyW3zJkfPXpj|CCBYCYIwc5Jk&-DWYk-QZpY
zLn?JoAlHFCz1!!P5ATm<t=I}<incgz`^u5Q5|9-4=Hz?e1(4#H3g2O+u~AcI=FvA>
z?$gaeXo?#N2a{S?tbke!_(H4lxlPPoOoUj07liNFWWTay;!vcJ>2JhahNyak9>J2K
z1F^|&a=0s#sw<Y!$|=*gsnBm<?d-@flWw}6@&)3}dO2wKj$hfPUfTdq_BPTlwv#We
zx(mBK)GV=V&Vd;$Ul)4?XZ(rhJ<eTXl3Xg{osiP%d_m9+H_){~H3VPK#_g`H@#Gw-
zAl@vsf6JmEUNY90@U!&U7J}n+O2vfnM60>EfSDIxoz$nPcuo`qKVgd8jz!;qY5V1B
zmp$YelPS<N5|@b!j;i4K#WFowNV4rLumhTyq=>sSWiE2(4kcG2n~FI<;Bp;Vw>FZ)
z%Z^WM9Y7U^oo)rZZ_CEeZJ*eFzXDSSd0k*<57O5sf_Ga^FBKA2p+vjvaGq{(X(Zq?
z8X@4}j}>aSB~Lcwe!PgAV$)-z#g#3<T=EgS$B7VL`c+Ql@_l=s{Gox@Rn8wBVQ4=-
z$EJ-s9i)L2huxZW&`d#Ibln0b^PF&L&T?dwPTBQgAEQj?!h)Ju=jq_O971g5{&c7x
z^&?9oMppq=%05%<D||Y$y~0$f>A&5kGqdo1s9*&UOGcOe(P*!w02F7II#`4dsPfB+
zWp@h4QHa41gxq-3>qBDjg@|R}vy{BZKZncpVlz*=b^{&Hfr}ig2V&I|JUYwJZZW|9
zN@NEJvvviE09JG0VB^WXu>;8rI_vML%bnok3IU&_{2aiBrsT<NF>8nGP9NWvwrJ~o
zKung``;%~Oh${LzfHX?7AU8L+yj;%V*ZeXiDQwc<50aW;qN*EC0g6L6_V#}KKqu#2
z@j@)}F9Eu!VHQ)$7}Uqzl6kqYw;t$mlU>1cKTk?=zVZean7a5*Mwk=m0tJgrKC(fy
z6K?LWaL>JBFXbR4ZMh02g_R_6bcCC#wEh*6lm{gzdhA=hzwWSPgKr<aL#OR(E>xqw
zese*N<r5Sgjvlzx*kfa%<84xW*5Sv7IhkJ^j-rbIf#CPLH|(MHvu);X)yPz-%!Z&}
zL7UFeqv$Xg@JjFMo&Ug13Hps{raO_<zR_r%hP|-=vk8@${~VE!32Yk4pp0NjDde(Z
z#_OIhF=%h?K(ACG8_lTkec32AZPn=^bYn5A&`*kCZHvZY+t9Q~TakHioH_+(fSW{^
z<Lk&2{h8%adFh~q--7wrjbOw*V#=@i)s$tQi4-c>NW_$|->3O}E&T6{2P<>*EW4r6
zp$4+k3k{B;a`VZp$+B+|u#dQ%oo7gZ#AEI8UoSo(U=!T?%@8~QuW8mb@)RGW8*UO>
z68-eerLU9iXU%Uy=FTkrtJKSW=BD~o?SX72?N-0DBcxP)3-oU=c(_Sok>D&Rj;KB2
z@>SgUF0A;}7I>;DZo<Zv`<~eK<dlv(`C|6YcT>f1^4$MUYyk|Mnr8oCamWL)?Voh%
zX=6=UE67Sfr<|jm8P~f$uKFc!r&l8S<?Gi6<`Rt~R&SWc(wlMx-kqBziU;*v-a@@^
z{$Ic4I$kVq<Q5*VmWs#ZAWZ^HG0lVfF_TVtx^>u#8KxV}XY>w2=+q76VuSL!U0l7C
zccFEyRHEJti@`;LHb$KF+Gpdo*OEsIH`RdDYch$#taOqPT7ydWK74Ry6ETY*$*<L_
zQj7PQCi_YBI1b3no$@JbtjkKlGlRRafHQm_v?DiYi(!+?UjD1^Pm+wsT)y|GV8$R7
zuZoW)z}vQ^4GMrkglBT)93MIJ*O9224v9@mE(QkO+U=>(+pQ&xCqX}(`nwGOO%FV<
z-`?$DW=Sd?wlYKE;(3A6cGb%G&k98U_(W7mY@+enM`)lPCauQNXdva#y8BzW-?j+f
z##T(G`0w#aehFg+tGJ+>s?2n|JZjtZRuX+)r_9#n{uHu#cB4rhQo1Q?a3A>e8EVU`
zN~lGrQ5(dZ99<-Cj4tK8oxHjm(ogfamA}FK-0^3P;Iw?QS+9-`n7ok1=U?gnl%UXx
z*6wsXlqVKCk^^FClbVR*YyV}$GgWFaCaVDAs>G+Hi@#Y~UMy}=3xzHQxp3j$5+|A7
zzS33lxDj=0taM&JxZBdJ@!BzD%GeEFVA}ZZrkKmme|IqLD=!$}xLkUGcB0KWh}TuD
zn1MZB=%L_`w}|=Mh?<4;3+mPF{X@=1+{b(~bXC!J7boJ33}{0IV5tb=si^cuK%AEY
zI%!<?-rioGdYR$CE%c}R;yTyb5ml9@st(y~hfa)x=*XB1I(~iy`uaz8@qn7gVHJVj
zuc&A?s^TzCxDEOD7br)9ws&E}NC+$O2K#3LSsio@`=h0Xr$a6DQOq&e0yjTX9-!$D
zPX+7*LJ!`W-e5F)=_ruLwReSrtm3Ujcfn@X<s~KO5ueAvYIk*|fz%Lm9Cys|#6WPg
z;o*--!@R4V9*T8gE!nb8xJvBA#aPv`zR=~vD_F4U23q^P#@X(jPO9k)u`y366q?0V
zeKO}GL-9Gf2F)i-NFu7pwvmtA^!mc+dDNtn#qIkiB$<@)e&2zpJJ^L0#6i$@Nu^#Q
z+v%np)-_C}+eEX|MS|I-+pGIV=zzUCe^cZtL@+;L5?AWPK)`xzSx*e%MgoND9SHxO
zNT1F2xK->AlYDFohyR(X*Bly5QMSHm;rE$hKhFIJyyP_71lh1iejKQ7D_R#OW}lR|
z^~^z}w@`Y6Z6iwT;FnO>^_z6SboP_WE}WTRnmmH6q>vy8IDcNbFX|_%Uvcztl(*YC
zVI<<d%(9Qfe`)dYVDBbZK#%v~0gjtj;exKkdInrMu;FII(L$IVplUSB>Uf_3{{+E{
za>uHg0=h!^CLTPDnx80#V=Zi}4BjgZa7ddK&dJv?i|el^*J+dU_58whzaNcBw~Zkf
zzPIFkYsKCLb^ACGiFQiZ_3rvj`4ZT=NNi8DVE_kbB)QNz5_mYF_POii)Z?4MryRwe
zDQZ7aAz_Q_1SLVHtO@t_kkrrl`%?$l$!U?Yb0FXSitMJ)%afRSsS@@wC%cmf34j*K
zZ)x(+LU!9(5+hjn54S#%sX?njP!f2#1J?AN-=9oLjvi`uK12epDs)m=El$5>_A|i?
zVf^xk>4a6L2?AE`d~_@Mn5c*Xt<K<1dvlVWDd^WEEzPVwxzY9h;3^(+nXcCbWc#iZ
z1YlkCTh<^CBjzr)Gj(^dvlK2W(Ko>wU5AfXiZ6c_cU~e8HnqZ`FV^X+k<m*Meq~MQ
zJXfto?90)5QhI;N?Rb7Wlwm9^pVnmWZ)majr~@d0rm^}=AL6l>JPQDhH=-WJ__5`0
zjc4~0S)((!Z*4<5a`8Ps({@^!L~uUV8kkRY5bgA+)ZOUCoQ?v1YL#C;q4c5RZtIHg
z?QCpq5SS&ac=nt0WJNafl9DBP?k$?OS|{$GOo_t7^gKO1+uYw$DYjkdP&4xy>>nQ-
z7qg`gnZRkDxrlYL|7?cPa`P)u%qCWWK=J6xrRpwogCSeF7jbz!sL6{Zc{3HV1LDzM
zlOvy{Om;`hjtBL;Lp~1WEZ_yAm9c)lQzG)!L;Q0>WdmN!`B+dCcC$m-#a7=rw}k5f
zy!n2y5}nEGwHHrWP$-rAy*Ld%v@;P4mdAXP_9px?z0A8^Ro1=B0oa{N?woN_;#`W!
zji(ckWa2tB)%?0<4ik$Gkw*?%HP6gdN%KqXgm|zA$cUv*-1Y0Z)^6rREhLo4Nw>zU
zFURlm?Oi}xh5GQk_Tt{3X1fkl6DQfuQLhpbfy(JNU78pPz$3xCJho<YyYJQFcOA=K
zMP#fsp^^IE&uk5F-qWb)hiljgZZ_2t5hWqd7Xq#sb^?s42I;HI(|Edi(G#Y}3S4@W
z=U3~khUqXO<!CCtL^o9s?^7rxoNdE@XKV90!F%rgLd|~QdUqH8lY@ELZ>7ck$;MJi
zVdM)oGMRBOk6CO&ZeB{hHl<VPxrUr+@Z^w2ISL-oSGs_U(?NNT?6ee<^VKjP&)1pG
zssp^`+|#1!Ov1h&jV#;U!?<()ecLO-BmyR#-NBW*O%4;aPk{`Lu3Hglb3A7=Q}`I4
zla=pZyB%Rqu?R0uKs=W$w3pjWwJ2^cq))37da5O%J23F&PfU>#Ty_C(Poj;dBPYR=
zUK2-YUB$>*=YnV92%b+V->>ZEJP+;=lM*eTUk!UylHlcbt^4wj&L69CsPL4Msyyr&
zw%XnehNw>cQr79?88WEr{H=<fHO!74y`OSDQ^FgcmQF>;!f?(?(k)4rxaa2WhsI`?
zMVW-!#ZdA=LyDtx3I26t>ZONMMZ3*iRkL_FJN5inLsYK%jviXqHQ>!X(#z{B;lPiB
zsBkdP)y%FaR%`Jp<Pm9k_U7T5j1ShGPUf<ny(_-g%a|3TA}vW)wJ+P~GDhwzK;FjZ
zKP0J#0>mwV<v)(pcbfLx#{0JnEo=G=(WVx#>Ev;>n8KZ1<(b}dBAl}By*Xd~KM?US
zwX;xT$Vx=B1YXkpV=;d$@$>>8izuJneRt*z(+ar!=6xirmv{4tKMi8i&ccDAT{;27
zD&SIhz8Cf7x&{mGG5%3s){o!pmTIfPbS@JKqz*YWGp>jtLB*TQ%ZcEyu(}QUuwHA!
zgVR+_&%+Rf_((-aNMt8^99(YjkqR9tKJku&x5Tcp^=h(D$r=?^BH<BEU>KYJWv}dq
z?QE%By*S;5#E@;bu<DUZOICuiziEYmdKS;|9z*<Ke*!TZ4z1$?AI;AMrozZX4rPh+
zVy19Jtav(eaU_rMM?WR`9ZzOqp^0b$4}5+4D;w2b+UDLL;09ne2p?}6xn*+-xxj&L
zRAa>1Gha8h-D3G|OnQCAm4{&rI+6?}7Ve=vNeoA6d?ER5qu#^BpT_o3m7+|CdB9_D
zGR1pYuL6ch&p#;aQ4GR}I2#p#13G*davv3u^}6PEZdEhEl|9ZPy(+lEXa+^DG{ICx
zvcCz7h$)%>EWM6=dv|yH2AlC%dh2+({lG>&$KX}-4~L?Wq`H^Q(Fbotgg2f(52>^}
z7pK!_Shg|g6$3dK@bBJDVP~es>c>zPl2}O3oSU{3nlnd!%9=8+35()TQ~h9+oBs;7
zybLZH#EJxY7%$Z>S)}Bi4?#9qSWME=X9S*k%$QZAllqpy9M00Iz3{!Q8V+FZ>lv%i
zNcP|{HYG<${`Xhl<>j8iBp+-duvb66tHuMCMr|pduAE+<dPQX@<T0v&JID$4%F1Lo
zLkqFTNPxiCkc~D^DO#{?<12{Sn}&9%PPE*{VP7m%5!wE<vj`x(l`=5V?lPB<#`0n6
zc#YD=K~}Lf9(`nCfnrqn_X0C1$Lz!0@Wfyvp`-;oRoWuzU7IJi<%+BMM`WbEfPN=#
zqZ3kpf1{P(`4R?%iib;pRg>na?NRnOPsX7GaH|-2Ham{xL763Lv)_mr2Th{F{TxE;
zz;516bPn@Am-CtT5s<GGq>pXwH;n0xR(++HNkLv0{&G;y^NHEHu`{F+55{%?Jvh{h
z6T2Zbv6MwLpfw?gP&1H^;8G(o_~@B9Qt%;Fu7ovFoC)>KDG?i4T_%OJ?B<*O+hCXx
zbz)l02QbGQ8^zdh1vJM@56_OKIuHGAQ%B&BpOJ)-_hJe8;@=aKGYVOC`u@BVP0h`Y
zFYgF4%t(l%jtPmuxFwjuzoDkkIHf5Gnx))9aZ2SP;@3cBBnqR!R&8>QL}(DD=wcF(
z8BC3TbAlcK0scs#G^$hI%_XqK5fGTA|8V|vRct5tM4H=GDDG0`aOc*5(_t9PeL6^o
zw|m4r#d@3&WapQH)OUJg*IgT6>3SJHY}qAsoh!h3Qs2SK>pOFX65!Vb9#?bvSrDP1
zg@LJ4lNRe#AUi5qH)qG@JnfM6@e0=_GbqXzqi>1<D-3CHG4726M~2fl_nWT9E%VcG
z)P2*1)a<1PpLEHko1^7wzb-q-yb+Z^zh)yXnFl2+BV+QpX|5zf`R<lHwuQujVM%fK
z6-Thp!4(Bz=PGNs4tB&3ooTDy*JVv4qXj)hQyaCcLp@1Bwffw)ivt_nw53TKMC`%Z
zDU{Y)IjbZlf1n%|wkG4=4JQdua$3c)^?AXdpL@Cdx`HSA5{y=CwmBv_WDY-HDKJna
zZgALNtI%aJmJTBYbEM<m^;jNFymy~NhSKten=aBf4#@4q=f$T}B=UcZI_@mqlDhX_
zKB$9McR;Akacdr>0=?_yCY^j6hc2A&3rkwMxjEH;p)<fI4w!M+=fBOR$?ABAjMw<s
z!<Z}^Z4oF=_41Q|-4RC8*c;A`FT-;}O)-LG%Cp?D^E;lR0Aer)Zp(Fq8lGt><swIl
zeNYc!T{w6=EqJ)7aTfHx(W^Pg7!ki<hP-3VDL4)3tr+GuH|y!Sd8)8&MDp4DqF%V#
z*W2Ff>Itl>si@8&D;^xHZkfHphy=+m#;l<mZ++Bk=5PWX>=7}1c{wK}lbgo%+2R7W
zpm#$EwVpZqGX?Txfs3IvESTuM0(gwv($OtEF3Vzg2Zn07D>e_UQc_V_nOf+|n}`fk
zb3#u9Vr5>xh9@G|%Ib+(>Rlf(&9i5Ps=lEzM;Wi_!>Qh-NTYr_Ng|HN<-J`H=^7Wv
zmem5>F!2I93)SHvWhjGeNt5MCu|5zH;iNECk3;Q;`FSD|&1PhSxg;;Z$zi6T`I3ZC
z&Z`TN!#7|;HHR#wcG<akT=z=VI-#DqK7MGB-V*!Rp40Afos{b4m~AZEfySwz&tVP^
z{yPtZQydx^nvbFHjF8iZbzTcnyzfj$ZS79FoYxr8EIqd2NRJ<Pa&@Blqc}3GVQTWV
zJvCoa7x2Z~pkNI5eJ_M{n#q%kw8ib#LNPbHp8~B!YST&jM-P=%FNyS>iQ{}3h>voe
zHPCBpE(*w>Sduj;!<ldbSn`g+$k&LZ)8h8;Px(e?pc#G82$<-7*n8w@{b7-Vc)V?@
zH^IRt3b+l9JbRn_o=Bq;k3C&py4EzPb7f*`yt&P?fK($M)!XIi@~F_lD7s>wzF^ow
zs0}IP3Xc<M(8m+@$cvhI>j^4gluTqjpWKc{gx+a7<bQd6d`qTj2o(1Rk{8GK9b(Tn
z`gF<Sc>H4eXxmxCVcE2q^PPfryhDyD#wM}b_TD>D1uDhNjeGZoQlnLIq5Z+*emnSm
zW-Yos@OrbqRQuv53HUP3q`se0+Ff9DP|gDBLwBfFJp-#5lYq~8f@SoGL59{A1ZiG(
zZ|@+_3A2IRbmvv9&Qht2Y=HAyV@t*9!*lb*vRAkTGd6B%wtKH~-6XtlWq^;{+u;E5
zx$X9a=_Ye}kE?4Jw~xufkj>SDA!TFI`BKS(?S=uwvtjemz2P*DYSI1#i3t*^JVuor
zMU&+Q@NGpYmEL8NhL^X``J51s7isQ0eBMG5)oFylS2FIFTHJ`d#xbDWV1A8?DZ-*L
ztM|Bj0w!NPP&H=rCwcJ;DwAs#zeX*&^;_c&$;q&H%Bf}LUO()1uF=OU36rpb{rlLY
zVh@!s%HbfsEUlXaE5nPL?Hk<mJF%{Sq|^9GYoRxw#s2o6O^6AwK1HIds`(b%Ouj~V
z6|6IN4;OS2rT|mHhw+J}{B~#HtkTwQ83x!^E%)V!!BL%vDIJ!Z==3+5IltGBW-g^u
z114W9-oY)ujp!Uk)hz8<brz(9fscQO1?yegE!`eeMFLmad{#o{`nG)qoi|Ev9ALFs
zr}!x!5~w<=FW(-Z4bMA!FASJ-=acU@3+j38a{15n<*Z3fYc&|Ba&~du^!$2;aZ~XN
z*E+37)q8ds+V6YSAP8=$Hn{holXbi%!?M)^B<{M^TV`tt;wP(T@dKB}uY5^|M}&!O
zCTVF6nyd;&2Z2BH{MMEz0I<#B@#uwHV{M^rHrwG|M?P*>7j<cx@I=swM;*2T$xI0;
z)kKTrN|{4T2~@mGoBuSmU!&ZJ-l?Ynpxw*hcI~j-sJ0bH{>d08mS`SgITQ2ra7`lY
zOh*-KKU)l_Jn!KV!2|Ep4nuRPW!wyN6ssQeOpnrV(GixM*Hu4Zjyx#-5Dj*@Thj|C
z6;ysbHW{}%`*4BVMH?<#nt<d8R_>qisEW$sulqh&m%Y%accNV%8K<-O%_&%QYnK$~
z(i0Zu2;uj)lQMJNJd`-7i}qaLGMM_D3WOb?AtFl2?^zjq3wPXcrjS(UZ+O;poxE(J
zR|Q;6WdgaXeKxGSytDk%LXDG~h;)-(A4F%fwJjmC1wI_hkaHh1Ch^<_c02dMtqTvV
z%C_~{9)2{50B|l#>*-p0UfqnzPgw>9nJv1-c=T3rG}`{8pSzd_gJi<;s)*Ybp(l$j
zlr!HL5PGqb2|rWz3{2fxA2$2K-eu8GmCfWECKoRBWdeD3ffnC`@`vV}g%t?hoS}}X
zObC_B-qKK2PTiY|(pU%1T@WQ%Og?&-nPyWoz$e9VciH|Z9Hjx9F(OPx1q<okeJB;;
zzFU1e{$7+^B`--dGMtEuN+bk_dTj;wD*-T@^T*0o!Dl7t<6RR&Z-Z$GHn>9;p@1-$
zyAmhHPT%F{0<+JEhGFCC{?i*NZU{5v!Tn}8W}?xsM<%=gS?v$a0?ptBK-z`6chr3M
zu*RUAc)s;|JFtY!vdYj1jkZ|%X77srxsbQcXL|d1f-8$j&vNaKzXnaw&<}FAwiz&u
zk!m0p)5>EubWU`EV?d|lcLA$&$sPS(DHrnuoE;-zjhxBJ<#(FQ5#9Ejoj^Exm_&8y
zC5&Qoju&xV`byW5)Xjh<_1Ie3SRiRB!2XC(eCsmZcK5jenK<idZ_*ySfE|rkpvk0{
z#XxtmI9iJ3K;GoR2YpF>!2*c0dCcN>nXj4a*JAlRmZV=<UZS+&zI3k0=y-KhAL)}~
zzq{h!15=yAesW=_*3hA}>JEclfcGJnr#h;gO+TJcY$p%Xs&hyjKWvsP0X@A$bHf3|
zP6$!iLV%9_w-X>&A?K^}qPK%HCEMu{$yLJDe##r$2FHDcD(J4oNtj5s!EnDxWZe^r
z(_Iw6iy)Wv1QKsXAt!}ByxC^s#Pg!ZS_i`nwnr<MUn8|Pd!Z^x4EDX*0pR`7)yFYG
z=Td7VDGyFtRlt{$UKEd<o$8wtz3gX(!<h!e4F0|tTvjTPPpaE{F&zN+2vBR3!CH!o
z)u{*Ia}}?P)skcCx=ZzkpN7F=7cOops@orQV^(>?kwIQ|gTrKgJFrKEm9s&iT!u_;
zXXC!A1U!9FX(EIEEGVcxc3S!aW47<*P5+s0GvhZ1Pec^#d9y!Jm(#W_zlFEsA~26I
zg2QfFJ>_|GwdNogL6<!FM^e;WTuwq<(#PjQvmyjH{AxlR;0Y3~IKS`l57KXDqBb@*
zK;WzE_0^kPl_MTSXF`RzCHz)D75(^9Q%ytZ_MGk{x*fLsj7a7V!w3y#RQm2Lb2WU>
z%xRoZ|0E+%ZoJuQiHXZe!FN<0+CHVMFolg1pXCo>{pmLsQM>u`8)G&B`Pvy=`)tgH
z!Z$puYJ}FY0v;8sXM&Qul^C7Z9M;n=n@wWgK%ubTbIp1<nndkk*8*)G8|%&<#=tV3
z<?wQnZ2O7Yo@%l{{_8t*JR%)vzIUT_^@V3zb<k4*BMAEbaIQ@DsgYWtHvlORo56s&
zzRtZTstUujQ_6SBZ#OKY9{d%WkA&i{lamBR$Lz1w-rjil%#`&9Th`cXE=Sm9HC2uJ
ziRCo&6)06`5?7p=X2{)vSf9_&K(|!p8AwSYGn#bCbAJG<`#{K(mA6(xmKlumF7=wJ
zYK*~e=td0u=#AT(fk7;x_-JpP5#pb2qHLMf?tGwvu%axTN&vu+x^_V4^mUz?Cfctj
zegBphgflejmr7#FvbmG<4uX|A(3FNdOwGU7-$I}@j_i5CB)BbmFz?o<L^yMIVa!vx
z0x`Ldm*1K_fhf{r`gUKaQ3L1J#%5No_C{-6C`wC}{Va~41d11tI4t*VgP%LqOePHX
z@_3DdnI;BELT%6yIDTnVS{Cuu*PO18tb|k;xm{ml0Li|HU00lV3$+M8Mlw}~Oxasc
z?-(s``X4Pnh%$v_M*{!IH$OkE8j3+kdT>#cj`jVXgdiMURi@qmokUQh9cL@Hy9=}z
zEC&D*tnh`$qJJMNzN|})75-@A8UYmdj=txy$=yVCcHM&|Gv+>j6ga%NhL^QKTamj^
zabU5VfIZdqy_atH-c-bvihJ{5!XN?j!xkCc&cYM((HB^5P^yC3aM%Y%y{XGPUEUie
zn6Wb+?NN>6YSUYK=<0K|pQzD9Q8kJK`SdFxcHT<IBPcAV+j6g?PXt@+RE=iUcN1_|
zZEhk(@>I|Fu=h2q3InHiB0)P`1@Dz86dQl(Sa$E$5czz_cVgnF0^Z-^ok4HwQnHCX
zF1F7Y8nC;B7RzGbPLZVDU&~xa3?m*HaXNQY{~C;4$~UX+9O`~KWkc9l{0Rr+=?hkz
za@t&!AHSO+Z~w;j5g2R6R%c~>0b_8-0IdFOk+CL7Z!RLkkjB<H9S$$Wt)}L0B<ytd
z<3|ra#^p~spwW$8HE`%2&-R1suivgVLa|t%H-JAIl7p#-!*1PI!*Czr9}0ftq*L-z
zJ5Gkh_r+8g^~i?E>uY=Lv~nHk-TLr+7Kq|;yW^6)J8bpTzP~&zyz^Pss!3%wc%(eR
z$C=?~`lJz;dSkJ$H{p*S9(udlA@;B^j2}aUvu(JMTsEVzuZorfmfv6t7VTXz>U83g
zQEelSjcyK$e>sdND>p3rXL_KpvrXAnXtzq9T24WMo`J#FtISqY6FV^e)6NG!pYQTc
zl~SYl*Tc4tvb-bWs*&J#_&QlP$G7V@hy=%J8I5PcOO5XauFjY05g?W(z_OofB6%@E
zzebgxXQV#8RSobh7!(pNBXjG1DHvGcKQHfc9@6WZFB*|W3~U_z+Bg*SnO2l3uiiV+
zEiA*uS!J&QKQLZtb@xzoy!dscBCa8oxW@iZb#jrasl6V;P2?g`$)6X<c15H*49K*I
zQdDf*sJe`S#@FyHs_CNSWIBn8j+uXgA_tF*-%x4%DI&BVM>@N;d-@@My!tZ^yX?XW
zRD&pcO!}EOd-^wcJiI?y(d9CVHC+N~*RDyQLh0F3$BY@C7!!khS)*KDw-uF${@F5F
zM(qa<{($=-TQGdE%c^akF1;cjh=%|f1(jNEil$V)$dzG8EmLPi*I&O>bxg9dBj^`q
zdS+w+wU+%hzZB43QAn=^-kZGEB5>J?Ur2T9a0s76H}K9a7Gn?#I)gYTN=ToBR+Gcy
z-|}t@a}yb9<r&|tQN98(Iv%}9bR^@7kHUUsB!&)4GPA)OUh>ak_SRec=yVHb{q^;A
zt5K}^vQP(nOH0>D{J?&@x&$J1MMAz3NuX@goEgKM`)+dfg{2$q^FseEHzQ}nMU`n!
zg0qyAR7~na*3o#aqdSt!=%aIWiU<Ciwe|IU9J;RrwjQdqDCZYeAy}y%5~-j>)jY;Y
zQava&^~*LQ65$LMb}bZf&s>pCLIn7Vq5KV;W56a3^40+7-TCN=+M9l$9^tM?6NH5#
z_#`;!O9zR({f|(LzVW1!JOIBtl(6RRk|<qYWF6Hz!j8}9v&+=CV9;^<4O<VB^!BIo
zgL91rx#s&fq0386tC45);EWav(b)YlB~_H1pbvM~pjp@U%DVe%%kSj4_ol9DCLD}a
zY;KxW`kLw)R}bS<4@w5I{R7Optu6~A?IFOaqmI33F>r2*t>+A`!?VtphUYa#E}v~z
ze}Dfo`!)r`0w05Q{MkH>z=e_<;Sr8MRKCv_zEwX4<BKQL!$T_h{-BT;HG3l#Y~Ef-
zc;7-WB`WnB?rml{oki(d#cZd_I4wuAgm=g&EK*WzO@_xU@$2UQDA_Pfj^A+Fz3b@S
zA=3zzN9E$0&?f&voNT?RrQ_|N!l~Nj<wgC#_!DJxoO&TsVp4TqzrntW>-kQjr;24j
z?u(?Jl}=*HN9=y~U6l9tILtgLBDC?fGu9|aAh=9B4!kRBV{f=zGWupr6lWirfFIV0
zjiZ!h#*644nSFMnTX=`riML(|9Owy-JgSD05CLWJGlzR<GG3KoPlQhFJ8Knv`QNPD
zkBj;braK3Lm&~dyX+_&@2ONFEW#=wN@8~5nqxSU+u0pf4#q)~42+$-+ImDPVCmiyS
z1b$=3ub4xpr2aKG$ePi%*o0f^`<7=~lSE!yMcvL!oeCxsF+cZ%TgO8eKT+7~jAb}D
z*y2E;6NeVrs#207!a9m``)B3V=8(-5$`eW}s-2X5Lo9E0uSrXKa2>zPDUR&baP;Sm
z8g2-5E9m}R)sl7PmCdJe`U>j@*}8@KQ1dBfPS9ME?NVoz^`8YY*Y8d|>-4YB#CPlG
zQ-8_K+YJqKc22y7TNc<KQaUdk_dU(gz`#a52%+RB=}E>841I^f=^Nx!N=P3B9@t%K
zY?w8|zeD`+j7hQx7V5<p5>M}JoeyHAhaET!6S(hAlxS6LE8OR{k1DK@@_QWqjv-oT
zB;<k4M>G32v;P*(Z$BVh6mWNmRE#I-#M_lnUI{~^+c4HHvAE*9#G3@|gsllPb$h)v
z4r_IG=={wT$|OF^0k=r{d!?l(hDi8s=``=9^iJO)JQagyWYl%++ei7#^thsARm=+$
zGpRAn&0Ce(&hE`ZU8*OI2t+T06mmxRBk4c1nCE@Y&Nl`5HCn~3Fy1MLZ6e5APiUeR
z@kR-FUx9F2dbu@I?ej~8Pa<CWn9FN=j%%G~b@C|tU3p5$HYiPXm2NNd(laxqCo89|
zC91PY(h2vbb*^gGYul=1`{BO%2R;DdFpGN%c2|4Dwl6bnS<lQ3K64woh_zJ)(0;{C
zOChF){-S8T`@XGlyUJP>#CVNe$n(Yll8O<!Za-J+ICve+Xs4rc`Id9YX_f$AjYs|f
zyu-PcGb5fgXKnPoiKO6GWHH}KUGt}Yfe1)Qj88pdwm}gFnoZ~|^;*+z=H}pk_%-Zc
zJ2R6LhEpYj%k=tN({ldqHfeISjixpi>|(3WfsCKP$H3!Wh4@@PPx4`%2N$+ImU&Y^
z*9}`+&tu$OvCZWm0VWyjW{-ExbDo&pJOvKY!hR3W2NGZx_*V%#?Q(sG47dB-pkpKo
z2nxobubLVH2+4Q^=#!H8C=z>uzJ9A3y1*tmmTt0jL5Y(8q)NSZi9pudh$|SPL_!R#
z`|;xoVctV|nSp)+){eZzh#An3M^!~PGvs3sjp~Irs7&YcD{v|-)yKg9G~`Xy1Y1@A
z+WV&C+$C6vN4tVeI|$XsZ(zp3uP@qh<viy7EfeDDHHUwm*Rnd)LwFBu#6ix3@Qk|~
zdI!E)Y+v)=8F*Y6hW$!Km3D`_g-`1Yt_v|X**y1`t%XR80ksQ)>qwAmFTh(uN6Q;k
z!bWhbOJAB)fg&B>#X`XZT=hS`1a7ukQ6{2WpLg-^)yud#c=`RdE*zmPW#Yc;z0$AD
zp*|9om8ML1P*JfQ$>}l-5BmNzH}^9Q_YHx+$^e9i;c<N+@kFf_{&(o{I$$DkVTw)+
z-$kvC6E~zI!3*xx`bz@lbAHUziQ=>8-Vymr-QZSEtNW36@<8(b<gdyp8;SH7820A&
zDTY$;n8#sqk6Pt5d&g*N)Q~8Ulgjq>rCzpTlkE&~V8`h^&YnNp`9?YVBO`r3gi8?a
zQFtYYAv1oc%93d$;9DpGoG<<<?BH*0A{H=)T%l^Ex+csgK7lIIwt;U<DTGqy5G(Z(
zr>AzeM^T!xkY-rN_%*@(-8Q4%#`?y}<^!^E&a2fPAEYG?o{^Wzg1<$MtHWUcFbXmU
z0oTi`5=A#Br|P@<Hi_B=6pv4r^e<<UBIX->phbgP)!Yya_$f3v=HE38L#luOnE`Iq
zAc%i_<xDAOD2?->BQTU{WF%`f)<O9DCa0{}mn^gxWg1M2I<LD3jZicaFCS;jdY->z
zaByFha&+HEpE8Br^9u|6!<bQgTu<hkRVad0X_?|K5zj8QHOaqi!eR_SCMG7&EHs4w
zE=PT#yglg5{_Wgu2r=H+4&#p>&g85#tjxe|)FagNr){t9Cis4NUuOv&$>Aq)KWddM
z@Jj8$_&*D2jY1pvYF9uW&ud*$WMmyL#iv!e4H2MBeu?;NhvVHk&2qnt(?c6=ZP!cq
z=<57+{$CylWkml{84eDH-N+MbQFk|1fP3jUb1dlK;Bb8G(8w~*^Brds$IRSvVY?F9
z1ZFV9|JP0bzD^WC3xBXYZM_edW<qL8-GNwYQKqcN8%(0cwDB9Jb8&BaMGyZ0uVSn<
zlrywHKxGmzDW+yi-DAvU5ar9vkgf|t0>u*y%DUg-Ins|>@HG6xoRpjoiW@CSx#%?&
zQ^!%@<ktR_$>jr955RotBRHjY(l6moV*2Du%E(#uMGXC;F!4Whp12{-&dzg9jz;e8
zjsFK<-xwH4({{bi#v41?WMgY%Y;4;b+t$R%PHfw@C$??dHYUk8&wcOny#K!b+0$L!
zRXtU8uB*;D#Wpvl%O-SGP0}QWoD{3in;ruv{mno(Yieg__tfvTv+1w6`knjA>Z)mS
z{bL<usMsX73y-cQkgG%a<Rb^?Coy4MvnUx&oQnDP2_61bPC!9lLB=O@0)fD7vT8fr
zSBB%R=k1U;YKHyIo4=R6GrBd$NRav*2lw~H+qw6D#n$isRSo~=hyVY%cZ!^U@BY8*
z{{QFRWiI`#)P{oplR^=Dc(-lp_dm|k<JHt}C?+O<i+jK<)`~r$9!?DXg3!HA$Sr&s
zxrLZj_TO9mN}RN-nQHxN+-)wA8ArfQo8fojUrB#HF4oLw7JY(tHZl8eK^Mho-$h$V
z+Z9jqVO1)wb?rtlg<9kq?3pE+IWYk#ypBU%tvvX&M#(<)f2HZ(h~-Oa@ljMtmq;q0
zpQYlzy|`S$w-fm)?Cq8R_FG81MC2}gzIX6t!DfQJS|6;y>n27nQsnp1`EP@G5YL9k
zvi4WY2js~7`WC=s9kV4`pw9-Zd2}^%^a&>>Y$N{riXN!5(%*8GV|22Ow%3)*FLmwT
z1}f5QR4@~$A8e1dUe@r(nAryZUfdxfdrCb#fQuW0FBp2VuH-w3d&g3N!E^Fs&@eZT
ztpxQy1NFbh16y(0Hk)tk!Iiyr07=yX0cY`#O<DyuwgHmL3FQAioOpKZxz3)NB+i`^
zguFl?{ChtpCG?9Qkn~see<kq!a;Km8j$mdCaca{+7pxV$SLVj5Q%bt3tvmY}%D8uw
z9{~TT%ppZy$SHCTSH()Er(rf6C8)uS^}Irwgf=HJXp$iu2CKVrV&d<EFBlX#`>SIW
z<5Q9w?N_<cpSOR9QwOnADp87j9<F|aZg=8Y%R3P10TLedj$^Xj{(Tt&sk)HMC5obz
z?&W(tL-Kyc5nkd&8f0vx_e#k^UV<VXxMVib-)(LX-N%EIYgmwkGgmUqovSb#Xa0Sz
zcSQCQbXVaZom|f4L(w#M6Bm<kn{6^hKLhS2HLImYyTxIA4Su=!Qx3<V>MmRHm*Hq)
z`NN%Kg%%YWnz1>dvYsUPq(`@LqVhyTKDEe`e@pG?mp>KtL5>wviNvvesScj4TF}tz
zwxJeb6Fo3CWtR^&c%xq%fsmk-S<&D`qP5cQh)<SAjf)Pyph$`BtiAI6Jf5LB+9iVP
zd+Su?G#-|~6>s3^_=@i17$jA7P4P8!?o110GCla*T>zeG5&!zt`QPVm<P<x_8<N-w
zsjv8D^a1*R`vwiBp!`T0s&1SbTol^vpeL9W>!U24^n!byf30`wzl^P|wQy`pG7<&;
zCw`o+ozMS_q67ndFS6$^^a5MgU&f)$g>FvB;yTW`oq2AN^<=cr%T&;HeE;yJ$SEuC
ze}4)BiMkN!WzojxFQ{mN>2LJheHR`U?M@{G?9MK?<0yO9H`LmO3o{JxC2{tVNQ;MJ
zD&gnc_!-uWOo{xy+!=hq(Ao#3y|!P-dT8dl^Ut-}Dvu6YD}vz4WxF!&n+a|Bs+q{@
z%c0$4XZD{L^HwGzTnS|w9}uy)TOmAfmNK)eM}4Q}wWAZOl#<}~;+OTvy+;injQy52
z2CRRZ=3-s(G*M}7s`hdGWhciE!cXa^)@dDO&+P;6Qkj1N1uuKPfT<MAR+-2|^1h#1
zAcbdPg?<++dFGUw2D9=()rbxrU&)-VHNG`hy<zBNwi?x7C5U4(QAO=p>9lc3pDjDG
zg-nv7NDL8sxPMV8R48p>d#|LpN&N&Jh=eNi9ValG+H!1ync!o_ckPRs&HZz`dS+^Y
z8a5x6YTQ7UD<x$0SX~q1d5R%<T}6q&?NT)#i+{Z?9;{35yr5g`M%}P)iN`hD0Zl`l
z<*ADUa`GvOj`q&|C%z-!g(R;ilcZ#%7#I>$f+FO{ymlX|>;XeG`3}xbu{m&DT&<Ic
zyNp;*5~7m?h)_j}q$)0M$R;(KGmE(AT*S$gzStsNX_2D2TPoU(I56@|b`$|M5oFd9
z7kMc0NY1&fQK1E2B@;4I(h8zD*j(Me-hI&p)&P$LzYdB<^V&YLV?C<p2p(;0Yx$#U
zCVutxHpl+A)fJ!HzvSlUeTt7uiLvbP*hLQ9>}9y~SSx%$_I5TW6a&vSedN3+2m{J6
zGpZt;cPvS%Lo|)OYQeG0&Mwnee-?6sCb6WMYYf&L5aSg0j@E13_fyE~MYyEg%`zSH
zZ$2v+f#kmofleyN-Pwi~N(%1I*k4@+8m%SVL0P^xNiq$V%kkTaPAB_ih*qjq&po@T
zE&NSWKWo)j>Drzsd#2@3&#1e<5f_b0FI3x3&!*g0+g(#M=>uWv0>i+xPYc!0i^1id
zQ1Lghu)x8d!jhEw^VT<d+V+X>QG*|c6!%-5`CC4n<9$2(x4xN6Z=WxYT10_Ij^fYh
z@VxCFy>k@n_fgPo#1M-TXy@>RD`J4#b#~FU$`NXtr3R~#+}^Uv*hq%crI_8`h}b%t
z-py<bgl+12a<EnWy^%=-@dyUCMSRv|F57nD&@*L>?8`%Ar9<Z>cZz9_wo=<}N84(o
zSwxGI-Q|{j*_S&sC6HX2n@v9i>i5x#88>K!7HNZ|3w=R=&6_|H6$Sg+>pe+w{wn4$
zIn<<#r{8@Ka_)3o<Vtmb)j*}M3a`CP?t#2w_M*JFN|=f{QoOlKQEf6U_Id*omp~5F
zZ6lgu7xL?=Ejn#ZuXa=S+$A;b>29UJJ~5DP_l}oJar5@2he1X}YPHVeDF?*bhWBLI
zI+T}-+WG8VgUj~~PAUc!&ED`_1~!38K;vBV)jl)Cx7${o(_+k7r+l@!$}LR2HCZM7
z>3Na>-gP)1PR(w*)^pq1aR>_SND?N%VlO$yez)l(j$?2FRQYmcNovVpN3`8%Ga0{}
zq2A$X0i#=~ezBqMWxChHQT<|$_H!P^6)hhYbcDyPAU@CWbRIytCFm?{*nVK*cP+^4
z&GI-&WL+|u*GSYEYIA;Dm_!DT`^x0YF5VVN9`&>wYlZ5=%m$bK<<(gj|K}iF>9i6f
zhBex(Up4<uK_0;#zC?%^eM?cybXuV4Vl;{5`SNe>+Xo%#r|tMmr&npJfGTq0#YbJI
z+>mSM)1?%X3)M;&KxT>G0rL;rn+K~a)qSw>e7P3u??gZTd>eVfrih)Y9C_eo?9`+W
z@z*AP;SEaU{cC%{=UwqUKmOQR2o4&(xhB8G6-kjIRlhpz!OAueA?FUhJ)f+n=Z1Kn
zA$Z0`s=9UgS#lyMTdukfcw329Ut51<liu2S+m4k>hbdb7je5OJFVz*pjHt6dwaY)L
z63fuPSq_2GR%72V|Dx0X^j_&dEBxO)RtELZaA-9ebk{<~XpR&cYu$G<$DhYFo69Er
zqll$9RnN9D{hc3^!<S}^p=C0@Z*8N*L@WGMWFTOq_`wa59hfjc=Q3wY&Y$!$$$em#
zT;R7ymm4#8+zUHy-@=s`exaPBF;Ds&LJf11WdekOp_NgHBoo}xjn1xEACLWMt~jp&
ztl<w&{p~*R(Jb!Xc|%ngb%$+FHQPbf&SNCpv4n})C`mH7ewz75AZVvC0+fyRci5ME
z_{42s5j89pEhvxuBd)C3b1_pb1(po4OuN->wuRst{y~QKCKg%M$jYi**n9+Zdm70{
zM{6IPx62^JXkVxPBR{q^wVmYM9&Aebo2OL3gIL87ku+mq_rN}oJgMuwzNzxelcb#o
z_1V$k?rx`7=hrnn;XgP)K!r_L6~D%N14wxELr>U3n}_b{Zr1G<r`B>k%R&yZ4Q>qE
z2w!;RUknS$2xjOvC?gU0Ykf@^V{3G4IAm`WwCRX7oxZQoT4=OAtyl8HjAu!Lrv>z;
z%+Lz_j+foX?L+zmv>#3NkN^$Q=o-IT#XTfoKiD%^0$~SXot8gH2$#tneRot;4gEws
z&webgjB7spB?oJ+z+u(!xE_za()?vFjmlbwv(egl9v~11m{jXx@U?*&{2K)ozd$%}
zWYFOZ%zoD)BuL26V~otB-$=}A&n9lRT6I`;+OIK-oRS1-1)A3iP7-bP2UK#~4QKGW
zsohd)*3Aprs+`rx?|zD1U_k8~A~5P_m1oMD*Ks|3q8`o`$8@-B-<ybPgo?$b_plqM
zYh!o)y&O$a;+4iKvU_x?RNz)x$%FbA*?7x@%1l<Iq0BS)iUlKL>9eFf?g~HFiAtGN
zbWQqvr;p!swDE38X!q*q9w;#l@J-+l@2`gIhV{^tZL7!1<JWW!(SZB$nizx@c-tFg
zFHF6=TKo{a*H6(NotNu+SY-=5pc;JMsi|G`NBWe4a!bDGz3sm%0@jT(ih(AHq+I2^
z!D~B77`y`eFFRYIWfMeWKK%7`@-};OK5)v-o!0BROKmjh`3e-|zmkQ4V$YXoMh6sl
zD=C-C!sW$0CX}hR;l|s!FE+Pg60k%OfAy6Sk6JVpD_X?9QHq>N6eRq)gE7@r0$n7?
zullJ$k#axOXvurzy(UqdtiNUG^QqtJLrKP<p5d_~v@-5;`@Wq62Vqp!kSsC<2e&yo
zoqK#i7P<J$HnqkDHK77gTy$<8^Z73?EI;ULYlexxz%+w6!=S}!jj#3l?%7P0Il^g?
zR+e7C6rqni^7x==i_1~ZBUQtZ(^I}-9db(poAe#_#M@Mz1}I^iewWK~7J~P4BrB*I
zF`V|gUT!J?iH913hWYG8Gm~_=sOf0+uEWato&qDPs<j@Tyco#cxDr8M(z%g9uCt8U
z`e`%NQZH_fads={Bz?+wYyGdiG`>)+k>U3Ne2!V%zEqwJm2ZhjRL0Wy%MCL36MAh%
zX-_AwqY21)yM9{oY{IcSpVB$KW(3C}4jVJ&rFN0W*Ng}js`2~ivSn^GP_NwYgd;cb
z{{{xdFFNn&G+u^TOcb7{fY)T!fm*U0lwW=64`Hx?#mg61>+nb0)JV9dm~(ZiVF40=
zl%JM;lX&J8sVj7OU*ofWVq30C>nKs~`uQ{Z)L;tFS<mLZ97-79Sv9-rfk0jZ<0aV7
zx?sgAE5E>uFic0c@noESmI3~wnNls0KUxBVx$<2{n&I1x{y}b4z6W%K5H92qSR{Ot
z{-~xx*t9mE<oKR86>qmxe(H%I>g~!NeT<u>WOe$JIv9(ukXZ6*@25ogxxG+(o|M~<
za$MGzeSoF;_tS`L>C+Vg`2U7KZ!A73adExX7A`Ii5xlR7$;p&);=D!!*10Bi>Xrd8
zXk%%dBGb%5tprqE&1>Hv2oAtYbfu<_E+X#nQCzVY_b6ZS4|ES^1a*i5eR$R0Lg6yf
zy<R9}EIU)lGy3^PG&bi!Z>v{K$h&<MR{~5*&SZ?knJNCIUPC@0-t0j_tzb#5kYg2Q
zNBF6a;Xo8qnJ5a`7ZH~7qvbCwF>)XYV@{n#48&>bAX5zNnpQQ^lX$#|#2%2JO+qzO
zE~mz4yY5(sFNUF2>!hMY;EM<|o~(Di+V)I8Ht;+BwX@D_#zsk;0kpwRkMr+%zJc;9
zwtu<aa$BpBS4!hkji{wDYlhpX$5AWwA%nT9Q|dQ<!7cw>g8=n|_2XP#(!i)#PWPXd
z&x_Y-jfQeR$RfP!)7%%{{^Sztfz-u`z5*4^sMJRk$YUc14YrJIsiL0;0x#gGX9+7~
zNjPu3q$DM)#gw{o3K4--%;7PgNT?L@5T5R*7}P$@`u&@-d-t&OV6a`st3x{Tr1Okq
zGR!ZTXvrsc1`nNKz0IrE%Mhp*w9!kTar*A{?Eyk2V(|%Iw5(*pKACsiI+lc~z*db%
zTG^7j1CxV+TA=8gJ)^iIjLp?KTi-67!m_&R`ntUTA`Qq$gYg^hd%w=ZYq9~|xtC?v
z{<5Il>lMCS*LFqhTi<yFI+?hWdV<&G4Z})--Zr)&1z|0s`2cUF>nh!_Gn-o+E?Xwb
z8%lIXS<Yd_96GN4zjGucCr5w)2u(GR+AMIgZmnOa_!Fa;|DCN_wq$g4Ox`6>^34_S
zSw}=!^&uAHbmI4ap{`FvcxG?hS!;XBi9FcFV8_qF@x8F<2Z{LeC)XV5Q;p|Fc01}}
zsEDAX{QuqJC0w(u_Z2JKq=<4ow)o2IgKjv*d-%`){$7mt&|iu8?nn8!K}waGK<X9D
z$G?e$%q1VMFCcn)FtU`j)ZZTNZRX|N6Q%Qk?3+`StZKZF*LS18Db07_>0+%!RIw;j
z2^`ofSjR7Z2U~<uL#c|=j7k1^rs#W8|D;Ucz3br3UlJOW-grE+0LIApDN7B<!9>Y_
z>Q7{fPS<Sn*i}=nuSvo2x$Zvu{&${!x1nF+6ruyyzh}D0(i-H+S=gSzl%Ag6eI=i6
z<K#&2bI!q_KY3mGe8LVn$zN~?&;Nf3Ag)<ja)=EMCXGZ`%G+|K^iNhWhjCwB<A!|R
zsuE)i9|pm7q3EGoPFu!Qq17oJRD?JKJs6X#ap>R1dDkH#f9m@{%Aj1P-=0+U+a*Qb
z&&|=Pbj9-W>O3!$FJ~5ndMO#oHVN8SQRyx(Q?0X@E^fkme)-*j=8rl5P5p03_Kv64
zOe8st_^TA3_UzurzB}_P&$ltYG&1P})vJOceP?`-MIVVg^qAdMc?`gMD~>gL977}g
z9E<m0CXu9HQ!@^3^q1`4sQTT*aLaLUil{?PZIpt`JwDsPTzD_``kg)x6>Fu&GYRMT
zB&P0+InxwuveTQ>+&y=;)!NW#^Ye8eish51!bkuU!#8u>zZK*OHWQgzHei1If>x%o
z;`o-gpsnM`@w&VdBWK1cBEPkx2GWhm+TI5<9u9vNXfADwe>^^ld&IcQS7<9cil>^u
z7LE1}{BPE-eFWq-uz@MU)EHz=E=+bvf^V2wWs8xsODw?oMKYDA!oJlmoO1SD;faRR
zBM#0&K3jepvckj*P?ycNsJ!g(Tv2-u|2MLE=at0E05fLW=uh6I%Ml$JC0v%=DQT2b
zBT<F^lM0W=g;XL91&@Hr)^3hVN?d%{{^BMVb|f|?SRc~_;*I>z@gQ29)}hwQ9z_&V
z>ENSXPI*KgH-Kv=e_p!KQezm@SCw!VAXJ=JswOwGJggP{LM*hqUpPEKNQ_#`__qj;
zPqSkc<-}1Nhe?y_E2}XB?RTozLhJR3Nm1K<w;{&$7HeC>Q8mnsf@KV~rpsd?(%}Oa
z)Y~-eIG4Y&B5SB&|5qOZb%@7igM{H#s4-Baoa=19^|0;d@Nn&OzG2?4AEQOM2A^GB
zk@H|!(TanW2zYX*)0IM~oKM1xSGfVlz!<++UH1RW%}x}j5m@Yh756c%uh5_@Su8PR
zP}p}$`!QX|SoBHEPMoMy6(NC~c&T>M6NEcP^C}RLeC(wb+t2aM1PbbZDSe(6vwquf
zL$!b*3Yx2xM%xf5Nu8x8<;xXKM{O%7pZtl;`QzHpM=id-D{!X2(v+^r(w3PmM~leG
zL@2r|zg7HiX#nAzM=91hIty!VP|eY4eyRfcT4oxf;bh5vJO5P9R*e1VLsE|YWMp(1
z=dFbbufuvVbPW1wEF~(Kob&&ZrK*q>wJlU==doTPfLs680f_aB7xzO60l?rEJ8e)<
z3^g2KYA1-b?TqR1CM*acJiKLOpAFOGuRW=EM8T5fRGO|T**p=ujFk-L-R_kh34ieC
zW)3PT4k<l;4{(gJu;$)gt{$d3rZEI@dsql+T#k?BfAjjFLjBM8&ImMXIKW9}kw6uf
zf#Tw&qM&9^&&Tp5He_t-8XQI1$4vgxivU&t|9pXu{-^TZGLU3w*B?VnVtZowCdK^9
zL;UdF{sr4e-VWX%%hEKygagh{5XuMoxqt9|2U+0~Lr4lJb4DjtFw@=p4Jy(AVtmSw
zGV0~R$H7LPnwlyW?JxY#XuE-;cnWb14Y&OEqIEKUA7Ikc#@I2Ap@%c<wF&QSIR2K>
z^lXQ>Db(|9I)qW--wp^<qr)K-fs;moR0XnN^l)P^ZEyPn>^c5<@k%7)tNB@~kntv+
zQiry0D|>fDZn{o2>nECrmT-b{S<aWodBllV)OL5$_<FCPsdWeFR*6+@NiaTjZ2}zk
zCh}ut0W_r82QP1L(n>G-5E;WY-V8%aj=gR)W2)i1MZmU5VYk;OIToZ(gi)fR(Y3)i
zXWgiVQ6?=0`>M&h7L3Ov(4vsYxhARGlITr}T@QWmZBs<vQb?88#;t75#ORe@GToVO
zx|s8A?!CI%!#-2zo57)1R=S>EJOfTB>6lyFo0SZSfj)C~O!pRU4iz;s(@GGR)PKHO
z;hh(MatMLRd-pPnH!fkA^BfA|=c33hsN8v>a|BE-ce+2PKx`&TN=jZ{0#oNsqAuPJ
z_PTPpjwEXxo+gjQ=yh~j&1zHLQJ#$N!}QeM7Z_^++!A{gt5&tz30?S;fErb+t}l}=
z-H)xzG}<k6YR-C$wh4*p8ECW?wM+=7F=`h4Hwv|U;5asWl@WYP15>8aOzXhU`fWT;
zWLTDH$3|tufwpui(P-CQ7U+M<tk7|0lwBF9j;$Z<dXr9!Vv^oWMwLsWTMdT`Fpy!f
znCO<8Jt${-jF>FV@fecw^u}Y<l7Edzfyc7@cA0uCK#2({v2=K8sv7N=Q^3j!dZV(+
zymV^oCX&?!CW9$WrjV<KSaZ(FQWrJV>T2+c)0anVXm(y1Kk9cp!z)GGWGAgp-@0oG
z;ND1yX30wnI+vtj?yna2EsO`-(o4(Op6BYdk?XHbEWc?ySB)>vooOzs@Adk*t?|Tz
zPb>bh^HqG-sAcp;{xyy$N41>Zc~GNWF+4N^p7^Mur^b;+%gU-!8d&y$Sd5gI*ucP`
zB@cn6_d5?A17@6;J!i=FF{|~O$K46mQ;BkkA!E|Q-Z_YRIH&|_epIWeMs#v&S3p9J
z*l0Ecb5Ovh>v8L6j1rk08{rAzCvLxx=0H@1YhkU;JuP>ppQJaJk7(v~XFbf>lC{lO
z8Z1P!JrP$#hM{WpHeln_%3oJlj5pVkF1q5mT+L0p7iiEzzf(^_7!<G*uK65uMde!<
z#RyT>er+EA3E{1crP6HIgU!q?TinufZ4pHa><*A>c@A^&ZoJUj0&lL~N8j*!x?GZ-
zA%|Z!84m9UUf=meGMH-gOR)*VS#o*(wlpYK=91K4ylkW{>9LJ}P-%1|$Y4*qeh%ao
z-o(*w2tlESS)R<Y{0zLm$8G*4I|FM}|J|6TpXfkkOkJ0OY(#qqGQE9GviCR!rhL5=
z)NkST(?FPT`|>#@tdfOi2z3$TlbG0J)3pEWhZ}4jQ#*EREO81x6`XL5@w(j;{rKbe
z4QV7RW;*J$7*%XpSMhV`^_k=K*W{Y1p$`gy0BwOzQWrq^X9+)R<YB(n8J-V%Bt7@?
z6MT?-2n6VUEQ3%EuXfV8L6&wwH8>*8&gW}Wh7t_ATx$TXa}sUP%WN2(WtEaZ?2_}D
zpv8Lqs0GWi%GJo>H0<7Z#GgOkW)QEJN-ZA$j7zw$zU9NT>nrhAP1A%|uQ%F$^gNg;
zQW%UTncPoJ#Vt~NA{1WvY&)Rc^li?g<KgU7gT;D!GleIO;+020F8~<a2zY+g2TEE=
z3`gV>;YpZV2WSNYlE=*5l)r_4dj5X3S9kFz^@GAzn1Y7W8JF#mg}89K3tRRM|2{Vr
z!`)QgFi;Jf@B8K=#rRY;>`n5?u}TH0F<N%m!P6#F&UJ-O6PS%6X5I@oCjEw*N+srs
zje{1+GV5w;OOA9f$(3BdUVCfv1>|(b>A-p><}*heC;y3W@(D~P6JuIKNJ#|N^<W(G
zN137V!Lka_3YQuhQ86aXH~M<#FNBm`S{<WDr_~l69hVUk4`yaaYY=w9DhvUJuwJ&a
ztTzF6_f~^Q5!`WYb(iPL`lVAPr6r6%S7D%F0e)OXeNVF0(sttKFXpRg!a|SF*|(SW
zvg19O^JEfMU6;!8*Sy*e(qOINbOIZIV~CX}LI-Up6Ds`kcFkOCq+;KEgM~Q59<k=j
zwZj465et^JRvUxu@YaGc9Vzi~A&R;t)50>n^n9Q?JNKonGC)^vrTc(P3?t%Xv30-W
zad@*y{o0->rGgj-&z6RoYl>Xbr%z2EJWb{n!%o3+q`dPnF#2~_BL_v4IGaLG-7rJp
zBJ``^S2FC7R_E)XIt}dPhU|$)e#Ze(50A&8+1L~Q=mw{eaXo#Q+ddIFX9#D6Sjdzy
zL#x?Mp<s?Y&d!!AJ@)|&=ZYm0!>Fdu_fTgJ#4?-I<l|Ir<v5uN*h%d=x#@{5ZP_P<
z>L(`S8l0bGr--1_fuDyS9mQmpNhdvmnU!<?VOIxUBp(rj2YFm}#-MgmZ!SmWKER$|
z?Uu;IJVt$<kqsymPv~a6zUjIJmP-=x9NonoH`v46=smBrJD$1;DrNzVq?*Yt#ZvQb
zH-sPzmW~W>TuvwIBTfZ*d0NfJ%t;d-J22<W_K(h^-QAzRJKouDTx_G7F(&neV&UPT
zDK%(o85?7y#9~0{=<DHYwb)eI?~mP;Gge$3IhB}nuSJjSh5f)k@q?O_yU)R9G5IA%
zTz{0+43EoJsr~YVDg^X%x<kRzp@is@K`P~%(D3kRH&~ZT!HWf6b)<Akw<wLJpKbfF
z;l4~J0)vD3gOqEGq;e(?HaC5cxd7ls(I_I(#+*}Rpde`suwdI0w{0S}dB@Sb;W<c|
z_Gou#$|yG!{>V7QE8TNn%&F^z%J@8&rC5vN^(@Z7Pal$IU<TgjkAvBTx>tB=c<U#!
z+)QlvmbzVQj8}of1CkPB@;D1CjZCci2E<u*h;Yz1m9ajP?kcafuO@6(v|N>r0@y0K
z;)fmPBKNdfRTKg#Z#!}~Ypd>T_gjX+ZbrRpi7e0aTz;2blOM4{6?*0Qj9KZHJQ%q+
zw$iPW#GCu~y_W5Q=L`vp$}gyng$&O*Jy;~lqR3+n#S<3m4B${!Rs^06darg9torxz
zx!D_yWf0EPiX<~>UpjZ7r!#g@`*__NosWkE=W3LDAx3pqK`LGt_oWLSU}b4L$>wys
z{u+!@PR({X%g;hQ@Vxbx4{3}-s|lme><kqb(huD0(T4KbbpESuxva@t;E?zWd!5Va
z++hYa3ON<&Rk2bnQ1GT&&%q?`{zQPSv-Qb>JHJY#+u4&}VdXXkfx&FCvYNOawO<dT
z)ALqR39Hqy$<SbLjpks-`o0Vg>Rm_a;7Y4LXswfsxd$<C+n-_ML8ISG1H=i@QUawB
zWh#PL$5$KQBuVqYzQZVoQSD`m(F&Q|Uf|!+askN>Z|5}#X|3pw%n5n7rVL1k(KE=<
zXFAosK`>feg_<qjPbY7Rc>4?vsx#IW8@EM8!}`*%z_aEm1UznonS(s`TN|@bSYbzs
z6q0RTT-21Cat`qv`xAHYz%K<yyZkq5m#{{XuwKz+V(u-L%lP-mN*}ltF%ZhvJx?^-
zIQB2Hx*0PdE=_po5qOT<ozp?ULy}>o5g;40`CvW2*5-?binNy3Ql`-L6aXQ_I26WY
zq1WSW#QL~igvTZN@uV{x4=V1xp#XR#CWlt?)mFDHDXbCS>G%DYGV{k`5)ZbJ!GRO)
z$LY0@dlbEGWIb!kHP>qXZS<j*hq_~BJWgjSPO1{k+odS7IXdl{<$+2SnG^Vk;R=PC
z55Q@V%ILb?mXWUX)b>oOJQ`JB+B)O;y+A3C@p)U0^n1e)HwspoM7vF0<)a*P(*8`n
z^s9hr(!L!Ng1}W<3bo{+w(IRwct_4!yB@V?iX{k`>@Y{#y?lATpIm=ahQnI^b=4h&
z=;!Mz9#83bxRtl&`SiUtBo}8XB|d&{W5b(=9QPqF2L=WP0^9{R%cl<`>jfwvj>C~V
z!tr0KZ6;KR;iKxuhKA%R<7jDV^|q&&)1sn$cp$q>h~>2~1s<Gj9Uf8?3)GVQ{HY{a
zAv<u|-=MFrU#ni00!mTUXw}Y0OABLkc63DRzq7NquUq23(I6u;HUL0Yq+hHI3_wn&
zleDp_v<W#+nZa2wIXaWd6Do?vv83EI@MJdD)&!TX!2122olF4%yStcB+#q#`2?nxg
zW{5RSqz#>NX<|bIt6ARts~%tIsZXuw>X=SMOmk`C<xBWRa!wzB;DnaF)>8pl#o=t{
z93}>T^wsugH}}0bd#|Y|dbg96=C*9}<3lIj^maLz-b!nprS9HZ)B3K6!BbF2L6=9W
zIMre86=RFz9$OZq$)G!sh@o|<a({|2{<@pMo=&NDwtd}AT6Q*3PHQ|MN<-Y|cz_`<
z2ylHXcEp*lEqNYZ(($@3dG2j!O(6-uO9Z{hwk9jp9i`&xPiE{%M{lSC&^ZlkdWrC@
zPJA!-$5PEWjBG%Cv-amU>z<P+cv0$U`g-)i2Kss^JUExG_oQ)M2xZ##zs<)H>h8g9
zs@lbi2c25Dxi`L(4KY*p(3hn8wxRTR%XRI7?XEg?B_{c56iNq`2Df!0>}6DL862M6
zm5NMSeXSwT`K!}yF;zz5q*P}!w?}aUTb5Au#VSu-cREBcn#MA?dwBymx3>?|^Vl;~
z{QKzW%H~r!!gBrWKimkK_F60^QH74e*0$%l#Z6Uy4t(6VmMyj2*G?Eag?lQsP9WW-
zJJ+`3^uy-0l9WT-eX-|6KVQ{u(loK93s^LWkKWncejXY7+5QN~jHXYrHT}J;tWjS0
zjEJQ<waU(m^9F_`Fm_IWpy|`KhPM*wTe!!hqNnPRey_vg*!37AUPc1|yUm}18c9sU
z{qxvU^LSB-hE$G1?&c|k($xBsd#zzIhk>w=sD$GcFWK=}k$K}0H9PLh5=Iyx$IqO*
z1F<@Z=iL?F$J3RUvSdZzN)3sGlJ44$PvfEuV80q|cy8|1Qm=?I3_?Dp%qE(rdA;4J
z3X!6`8xxbEldoHTu;vh-jc8kR$R71R=bWKSxF-f5)qM`7&rr^hOPLhn!_nJP0Kq@C
zDPy(cg^;CkIJKD0W~Hdm(M_A}G-S*&o7MDrc~X$+n6sMr73Ak)whjZHUobxDYqJ{9
zJXsbPIluzLJ!J2%p#?Z*CEPvqm)q=Dg-5Lw$2iFzCr?b7q*u(f#GH=?R#zw#$i6g*
zMTX@LguNQR9P<1iW35o$8d%CeAmEWN7M*4)I0v+vxu?B@78#QN5uO%4SGvqI6ZD%s
zc*i8c^_r?_3p`9_6A3}j4+`K0MUbWUW5=tfR5FW@_{&0-z81()s0$l7zdIbi+UyA{
zrjhHJrYJq0&Yi+&c;)*D%hlR)w%*<VSZ&Vg4m@3~fuaD^EUx6*#`ySsA$-4DVV!Zd
z3estDK{7qQL?NB4(BY+^Fx~EhXJBA}X=;&K2f*X7fN$q}6KJ(#2X|?b8y>DoDk1}4
zPv?7CtyX^VC+Vum=-#N5rVHn&wVEjz8STwbC<J=lYaLD*8cAjZ+Bw-dolQeTntf8z
zscdb|=h`uog|g&*;W!z|$#xeVK3!d1w%dKuNsNvM6V{XK6B83Vxw(@$B4t_)JcNY0
zPqhT*kR^24Oe}7rk)b%MF6)&@(L5TBS}-_-Zfbfuo>uGWW)LMhSGi0(><UaQ!%=Nu
zVecWdPVA7IZ9MbLB4<-#Q*cy&tOEJ)VG>^0te5+<yofR~($o{Ei?w<bjDs+t22SGn
z8UDzma*6odZ8A2!@h{B-BiMO%FE5;vYE7Co;~Lkj1uJrVNSHJ^<nlyuixx79L*1N{
zXh*fz_DU1X+e-PShU+A@Vol66Wr|H4(I@0uhvIdb-PwA2_}p_FXA#z=>evDYQ!z7-
zZkBB$lSTZp@Btf*F&WtH=ZdOXow$xaC=1n;YJ~_BHvM}IVYM(@mcLkDAy7kvU}Ci-
znJ$G>n{I7`7xYUr0A*MxETFtnp(0DW_b>FX=SotU8j?#{)(xW~DmaYCb*9sl3;ksR
z*OX+mLiGp;fZ}eDa*6U3BzOEg6MAT$TyL`4!iTmtBPd)c7<|?4{)S+DvDBtp2RFFV
z73#|$CJlUi3XG*I=69!xqX-#3;>cnADDJiqt?Bn3WxL~I?Ws|aKN8goem&$*xm*rJ
zwgDFuXT9*t?Zio3-ORS)+ohp)On57i%DH;W!bG#<vDq%aYEdk)XwgK=QtFO=|CoU}
zjQ;t0EJs2XL+E$lkmC{I;8+HHQD|;t9AQnWg(7VZ;EK4YKT`UWPdTmFGD{iji$i<{
z=y*%3%+58oZ<v#QVw8mJM@l5}Ssvva#c6+aqVeOG-iwbB>A74|!`3sGIIn^dJF^<h
z+;$ECj-a9#eB35X(}@!60B-8p78sp!No9}~H&!?am&?Y1T)uK%wMmYI4J4Vv_r(ty
zkG+}0CBiF^Lb+HxNw3Ys`cj^R$SQwtFONq;Uiw59YJbEo&N&aJ)9jfxLl-w~rDWdf
z4>guUJ`Qs^`?CXX-xv1h&nnO~VRr?+y>j8Zkp{-5ORMdIx5XqV$oN}DNJ_`d<Y%WN
z3`S%{#G7}XKZXTUIZ;v0BA=PXMr9kj8U%tUQ_!VlOr~0-N{j$mKQ&^xZ-;Buq||FI
z<|^y?_cjRaz3Jm1C<4Msa>>NwCcnD6iX?ioU2?d&J($dqlao^_R^$epEI>eo)5!vm
zg{Ue$K3TceMDC_i5F4-PuChe;y^l|CNP@|F+snfxN_I|;@mS(oqZkS=FK=$*a9|+d
zakj(pc+P6I8ms8;XNgKvQ<L>t%V)!Yo0qvV4O!qbBCeoL)F(tlL=kn~&BdBiPA4KH
z_Wgnk`Du9)Uw62vD9Sjqxswbxhx2+sw=fx50Yi?+Ps_O$i3Hlg!9mFGQKiadZdH1n
zu;}2elav2M7ayVS-Y&Yy4J0zT3ZR1oQcUGhNquW5-dYld<rNe-9bZdbF1McVPDd3=
z?oU>O>JhOYlydsQ#xgi7luH_{mcz08(XqCt1#VvI5T|LSDZf>O+`ERUt?meM6Uj9r
z;_{xmJ&#RNa1^afPS+{c82x0jhsAENP@$Z;?!ym69*gHMzoJlRQZwD>Dr=G|SW9P|
zR?DgXR>a`oCEtZ-##qI6c(Cyuov=BILh0&ehnWzbW75G5e>2;Tx<gXkkAyl*t%R0(
zqvc~ObWW2++>%mAbMlDls?$(3z{*)NbeDr6Z!{UyHoQP#SrY$sdB6T#*T-gZ3b`rm
zg>(d$#747)--L-5ghXb@W=cMj(nH+D-lV=HQ<_Lmf>g4sE4%8HOfw8fd%oT(sxh9i
zntYu|9fcY*P1S6n`oyW9cpa(}PbRGM^0?pB6lmL;5--FO>z5PVfR)RrvK~E}JU4j=
z?`S>?Ppww}9sBUNW($XDU=Dc|Zn8c#gEGB&hg~3F(nZ<M#`jVAl7LAAxaniI8Z}zy
zonzsviY&+^tJYFGxZACvJeD!*+?6dXM34OgS5Y*<T)A}lKq2pC27i>105_ffn5~n5
zTUrh8UebsO`4px}Yx$eJ19FYs&qNGsMbtv3JcRHq1m!=d2KlD(8Suf?ost0o;79(Z
zswQ^a&CMgspy|aXSIoUZ0vVs?UuQI<fO@m(ta?AvhC*x`+n23VnXvd}HF9an7*w-s
z_A35V3SL%;0}i(36Sx_KgBx8t=+Vj+6nv6hdK$0zSP#UQ^eoa~yE~TrL5nHqctj#j
zlHNu3Pur@{LRDSxL`nnjeVPUxV*bbUbe#QFp&(|zAvyC0ofwaFY4Oie#b!TEc8E7C
zn;mgut;Q((%LNJ=2Hl!B_SxHs4J2_Et#4#Prnk>WUR>8|N_};?HPp}0{-I-dMZZm0
zC{E5}c{X|+%6oW#A8hptULLl?j^_!u-TYaI2-m6<j2R3|l*@#a<}2lL20&4dkFL<;
z$k;3vf9hA7UCr-K)S&LpQ9fKwipILTxe+mhIn9>JDP-CF2@4a-Zn16$n1oE42#(K)
zAQG&GwLEXn6m9o~bKCDp>TT6%G+5PJOv*dN6)Az@K_JkJg`y(vQ}Ohn{HL*Wc5c%x
zLE^KVoNVND9wl;Ah`9X%VqY>XuOP%JSTc)UI<7^Wn9kcCAi#0}-}`wYzOqCms)^C+
zBoT;03hAh9U}2ZEX2;2G*OA0YB%}r*f-ITanRchS&LDbtq1{@*Wo;aelQuM{*=kd<
zPU8~B@I&!@aaK4eCU%_sD=9Z2pY(4dKW%Gz4)WYEY!+ZMfG>!Od<FHId3Lr!aJ9IT
zGk%QA_VOv9hHNaTU+*k^s-+Z#OoqgG=h950(DgPR4{j0)u-r&@HFmmN(>L`#Y`Afl
zylHD}H)lB_tsTwDX!5E~h^oOxp^>=+-)>*oA1S8h>EuIMdQNVwoHb(zBjzG~eyo50
ze1-N(?Mo)o{^z2Q8b%Vvlc#Q%9H8!qFwZCAVa(7k=BT`L7UVNXE-C1S%42DsXG6D4
zWC*FSATlL3J9HfAL7~;8k3r?a#1Bu8;%o+@m5deDjvs%PIBC%;<P@QHM-v2`b9)S(
zY@F>;&;Ov27((;EoGSW=WhMpjtC+Ek0<x>;rT&o_j8<R^s42{&&gnMFnIxV|Wx@_s
zUL6DWCFCeN-R^7}7rB<X-MTrr9tYDvor|o2P4D!^y|2(D+;fU;`5lt~lo-pTHRax1
zI64wD2YeYB#Ty6M-3;vdmQrI4=8};JuEOd(EDPh&s!O`%Eb47HHE|XYuW;M*P>Upn
z4Y7VbTPW5VuCo`;Xm;3M3ecZUI6DKYajq%#`Y%aUqOs2z(0@M+w;CNOaK@lrM|EY@
zTk}^#$Qx3kQ7h$J#V+v5@VwAm7#%LyAJfpO5+GnL8Z)6M>*f8^Xy-CoK8+lGP7><I
zO(nT<Q>I?=HLcNRbLt|6_1=2n8&ZlGG!t~_7jA;)00ta5(o1T3=H@ns*lN+2;&P_`
z@kZC<y*9k#^WFl9QaTv_n21o!)knXShzyY1<-^#nyS20Fe6SFFXsO_)W<s$t*{>u9
z*SYEecW38PZ5vLpsaoM8bs7#*&Gm?-yT09;{&B6S_(Gk*7!VTH4~60xF=*0oVo7#)
zrxW+=y$@Wgm^BnXC;;P~`q(Rj-9ln1Qfh+{@iaOq{omO7`4^}lxoh5DFB6vHQ4zh~
zE5p;Jh6=eHVH+FK-rzV$r<$%ct>JVgLbVfmyaG#{QmN3Ak&)C{uXhd)+n=ws0@?tq
z)`5t)%r4jYQb^83frxLkY-|r_tsuz$d3F$)P`kCx{y2w1EHMoYJU2EDvx&=PS8uUW
zNn=w}$j3Yg_7+^qbHB&u;}c3@wVtdtEZOc4cXxG<qv&qmLuj|%R_m(S8%<eOeq+GA
z2|~boI;k0#Rq8Gen5|fUhlOZ36o0x<l@n1x$H*c}`to!uBPlt9b7OK2Nfj=tElMRb
z^EFv6*Vl<{lj5hR2LuEZ$Yema+7KvL4>Oys(kENfY_e-ot<tkxt`oVno-g;DHB)+d
z`6wGef?8(=N&Mvve~10#&dbF3Mn}!OY%$Z2-^0^mp~&9J6&@xgDM^~@*M@zSml5J;
zZBs;KH(gh0J}zIK+Uh5cL1#9DF{I@gi~&n6#}PYYq>0#`maMcvpvbkbULyEdoDRcr
zHMVLI#-6Kas)M+`r9HHe802q1`OOO=^(Y#u5zb?j!58f7BWwPo^mKKNFV2qU$vyJ@
z7KY{!a4l?*#BmCBV?jb#$*5FPvk1M}aGtx5`h-q}wX<DLHR23QuEf=W_aiP2vXp=T
z(v56XDwJ(jt;+5s>|En{Z>R63sK@s>QJq-S(XLoWWT)IOn<p^L#x5Fpp=VQU0Hic5
znWf<0Sq~1igDu|b$=|Z#tD}k|EKNs*Mm&cEV^s4e6M5F_)c|SmMh(yT)M;*14sU{f
zs#t<EC%A9bJwkleYQD(vBLxr&_0}ERF+|~Mrc|jS5eEq$z;tFB?3W^w6y3>Y$!v2a
zt~8vrJeWCK*b)-AQLt0}Xy%zTw9BmolVXUDEKkHkIVDJ0GGC}rl<T#UQ@HSu>uu-w
ze0Pu=9bKB~Vf$fR%H53#+!s>|cC&P^FGTX)rtRe>xzEwl3|2N%;Jmr?1Bsb6o0Va|
zFW1geqQqo&#pm1g^9-rP-P=)7>@3vJApRU*zOzS;wC{jUqcEs5D74a)lCGgzAvKNw
zKZFvhreFd?p*>XbhpC^D!;iht!4**?&>rFIt<nlygbl5-<L~w}O7>kmWbCcHMjWK5
z#5kQg(*k^&k{Fl>y|wUrq8}sj_r-Bkt`DD;$?;SpQ#7*8Xb{Pu1F4EtiXv~R_cmi@
zqIan<5TT)IwO1fCCQ{yZ#a?xU+BIr>8kPFSP@+hqf>^6OiG*_XR@yAF7Cbxx#WwtS
z`|&2lR!YLT#lq0Xz1a{U@p*ej;x(`2>9+gKKC~Cp7&+rUiFkNNr6JLxV)3}4&xf}6
z+4|6NG8uI3lzZio%@0a+7`XQvuiM5HwCV5jhGUE6sua6&K=)_7)bvOsLxFDOgCN$5
zbzlqCJ!G>CPzg>R2;b>+?d8B5Cd|#zG{juqYE`0KyP<fdxdn|Y5E90(`9daSE-ETm
zPY8Z~yX+@WP*CVC#3oSCGOb&JL8DCNbPmrq4dLww;)5#+yt(&%yq>pSIQag6^PR)_
zh|TCkHBdK!MvL*b-xO6yI-ME%bhXkJWeH@m*|m(+!24VZ8$Bs{*5AjI&Tc-JCxHPm
z2D(mOpMQFIaCj`e&gvG~v2!)p!K<}>4o~A9O;?i5d~`Z!XlgRk(OHL@oCMvUq%)f`
z4l(`wnP)I4uTr6{R^xX20F5GRKAy}zy}0<85D?Py%l{zOz{uzhVqLYJFXiJSv_JNe
zL^Nm}gdk8LRxwW)1wo=81L1L$tMq!Keu#Ye{8=i6<z=GN&;9;P?P8c85ivpxg)AGl
z?QQcJ5@`_PZ10sV-=D7w)IpT6h#c{-7-Q#)HO51+MF%ZEILr70f+Gm}vp<T&;qrJa
zc)xy3{%QRR?UJIdjGt#(rygd})qoowiL5}5N*Ncknq1`7;81dB944$z8na}@{`%1}
zTaBMG??m4scyN^Thp;SiaD?0+SRmF?j~?+-SI|x0r1dB@fqlfck9%tV7=2i9q)jV~
z-pyWvCtsyHMu0C;Zmo)mdB3TW$1`HZT@sKw4MkO3l^mjsv6zG}!Y8SRH`st0eTkzj
z_n-Uq=4Rn6d;)u1lHJPUGr#&p$%(-hgyIq`85*4L#jz<%j;o9sFh|QLed|uu4GS;_
zB*}eSaI<(bf*8Ia#xSIqNRr0<j;B8Y%ZtDT!TM}gVce;ArJ^)qZsViOrS)1=;bw61
zKvyk1O7;w#kz?cl(U_|0{dS3eEPu?~%1K$a<O}<CdD@+98gA_rNb>M2l^^T~0xlWF
z0AoeJf{c)KKF~J`iUWmORy5=5TmlYDg#F}5Q|XqAHWA}{4Uu1qH&#s_j(bL;z)k!O
zWE`j(k$`0xNmBKeVE<pYiK-$awBD^{njbl&kf(kdP;A$n2aTWb+MBi_pT$!$1iGTM
zU7P-F(~0@r3X~JgsG$B$6ON*eH@o;fW|&4Ld{?nj80ANdxCKC$JWP<bAskdG?5Aeb
zN<DdrIZ~?Gh@ssqv*`*45g0lNx<Xb8SZ++7#~<s+$jBN@mz7gP$pga=7fV#OY6LgW
zYZhya0{#7OPUq=pX{EtR(?+B6^3fW#CgD8y$GpE6tMmMz5Q`yy;Cp=T9>-*}nL-L4
zk+jrQD&<mto>0ukmpK}Z$ea7Ct25qAFGwuu=(c)e%8QPUK3Af{%f^<g+bwKr3Sn%d
zYqbah<IB{cC6ee_ZUcAR%hc=8VAcvT*{`1AkLMBbnZK!hKIL>ES1P`V>=c+Q)51}$
zH91|XTU}X^P2QtX_YYc6Wbj<d9aIpGz+$poipUWOD^@75N}$!6NOE#=D$>jgerU9u
zDXbbaNTvtiE@|f&N#!ot+u13XX#$5Vr*fe=<QrMnLOMI3hsm-^_#;pBm~Hu6z+c5F
z>$F2y28qs)$x?zZ+j}=2x70aW1koL6qHp|L=c?K`w@5hqldvTDH|<2?Mh0}k<eMZ%
z1j(@}Xu9HgNiAxzXj)Ew2pxtVi7io*#ld8W(jd%YzWR#pG67rNz#F$v<>lpr5jlAz
z$Icd-gDiVAMuc&L^jQZh{?8D_6rk8PWeJ3}#2*|8MG+M>w@AA6J{o<LN*S23M~Tgs
zZC5)ZF>}U(6|pGhwD~RFxQifMlH9MZ_9GdsOaMSatmnEz{o~v3E%ZwR!WU`-p|AKa
z@yIm&0Y5BhJr_ea^{cLL>o959q+3jm{z#E8kuh$1T*fDo+_dff?p;ULi;;_GBC3x&
z^#C4AWVVY|Yp5vq^}LHsT%D-%Y??=~ZpBR4K0Nt`;z(EP2~m%p?%8dK8&v4E^has(
zFIjxlAob<$SdL^F42Oj!20BKH^{QV6SxV@q@d$p6UcC#e_N=KO{Etq-o0oOrWgW}h
zOV?(YgJ~8pEHRGwY^d;NV=z#EU-#Iu^9Z3NXnTgf?3S)&ldc24E|6{FUq^)3X#_6m
zGy?^#-JZk7r&Z@pJajSchR~N)o_{^lCHQW$n+{^v5R*>~XN#QnW$BELRx|HP+&^o~
zf2v;|Y`BaOK~!M8=K3fR3v-1Y@6!8c|HIPMchTxYI|TxsQF4W*>W@CH^*nd|A?*SJ
ziw%qBI6GlUEmrfedF{;Hi*Cdf^*brj{v^Q@1oe51Tqhb-*Ui54;9Zovmhk%K<v0Jl
zTLwgYgMFOfcuInULxZTX_>3xw@pRd-HtlkR(u)uKvmZUO_%0I0&m{VvlUY1SE<+07
z1tGN84uXqyJaddW7vr8P;mac3_JB<cK4Z&m<7{X`gh7S5pCi4A>s#NG*r0wnv{ap<
z<#^Y8Xf&j7mKf8c$Udp38*byN_popcRs)*$e7(HmMXk$MrK;-E%S6<G@5Sv=2bwoA
zIsL2>Qm85wMa<DT??mWbGXS^LPQF5RbzUdAlrWuWvcKP4UF)qoI-PEzU=49|cVDbP
zI?IOV|C~Teps8L-)|)4PT27z=Z4%;_Vy(ogGnp6Q(*5%;e$J)4e4jvP`MXzBozCig
ze!Ryt(8ZHRhiYYgbEaK&!dwQ^$csmZ@tuvhTt2^&ZBC<XxsWKVH3Qf;SmUXWwPDkI
z>2ma+_Lv5GheJrI8!}e}@~13G&-paD9TM%;hZYPkCDtD;G%Vb0b&Fh|OSMNI>kJnS
zd_2>=5@#jqqE+Wr>rU%3jDh~VmwK=*%r1yBQ|+c$ZH|Rce%&y%8$Cf4ewfl<lDxA6
ze!syS&t|g|va}trT;(%&KtZfhZQ|Khrs5XsT7OUJJMHgQ+?M=4f^hjD!hCP948w<U
z%ESoG8&F^>e;=79?%RseV|<PO+i9lm_eBW!fKb9a+7abC|5Sl>*{~jJH!*Cp$(NaR
zOuj)%c+;7E%}>X6v)SO4254(LIpu$2LBjs{fZAzm+Z7g(k&#oGO#?|hUc8ko(M+u@
zIcvDt+4AJ{iXi85UJ&#eFpB3fS`!fP6vDjo2rf=DOsuU{d=^Uk5Ao;i$E;PzdkZyh
zzbtq+ZeejHaS?zJa{MHk*$t^WrGh94sxj1o^9C=esZEk3X#!Oyg|`gaOqB-F(|>4+
zZ^p%|=mE(LSf*bN9sQ!BIb+FHJO?falIM347(}|bE_EM<c8ACPg^c!bND4&?h*5>q
zloj7^B7pmu;lD)5d&|tzqG?xm?Luh37jK12G*)!6f`{AtM}>B`_lTwQ*;+wHbp)C`
z%{F8B@zGVxDDp*}sXswq0y0*-PQW=2{#;05;T{b2-`{}?Zs3_eTpX(9{%0BYt;}p6
zV~8HxWWA%ggjK2s28P5=tn1|hS^&z77(WdJP-YpBh)MHsnZM)fzhgCBt$K?@q7G^j
zb;OwiKMkMvbFZeF=u!|s%KGQv$utw0Fj7C1XYLSTaO`u&GD5UQtT1YAJDq6@n2HvO
z3mjbz%HZ^P*y-&}K-@FA7@XcqfV-l{HU-29e>?qK$_0`lXCEYgpGPKaY^EtJt)bZ9
zo6<OGkWYdN(JA{$m@^-Gznab@p$L0i(vzlbtZp*=@%qbeediU#duTgWl`D9*cXqnp
zE#Xv?B>a|(e6$d+(~i$^C0Cy=)2U0TB4cfh(Inqx%N*#VL-(%5;|Fl8vn!NmxMkL>
z0#s>vMDyd5&&z~Jm)fxYL*Mgp4ZyP9a6LKVbf$8SyrKR;wM#fKAgLen!X5vQsc#I=
zY}vZ)q|-4vR>w}qM#r|Tj&0kvZQHi-#<p!6-@DH_`?<G%uT@oR&ElM6jQN#nHVl=q
zkiG|11v!CYuy3f>Cy$*FpvQ3a-sYl~vDuy1{9V83WyLvzfR#dRhiI;_5J*^qZTgNs
z`@?WJ%~buTYs=5rP@(`5cnf-^FP;Hbi8&)=P_=#7e(Q$$Od*!GmW`rGYAyeVpQ39F
zsiN|Xi~C6eO(?ypcC0f@cT2?FR@Bibi@`O4C3O_migf+U`wwfkh~5$%DN|=-^;uMB
zAiGmj_+lLg&Hw!0>lr1^uk(Cz8cy03ANDai1rKqwRdL4mcwp97X6Ic-!&kC;FRk=p
zc@vm)JnZ;G#N)h>NI;x~*cqkdH{c|pWP*YcB8VMUU!ot8bdA#}L3aL(_itQ$#UG6l
zq!JP<fD8>F6x#%Ep3lr7PP!1KsXw>Rr2I@`K^q_`3LW-?Pa&=x4HQ6I;Hf^RZk3=2
z6HMySp;M-EWJc$X@XljQv#d1!jfE;1R}!RmxUO-#Q?8YQ{zcsT*NBS8`(a&;acXo#
za%!Xz#kf*Pe%-$U^dsHt&6=K~7F`G5hPDex2(kT4-+~0r*>`6}P9B$_tX}q$6NGw)
zMt>z|YoWYKJ50kdDLtI^a5vYjPETsOhP?0uZ?G+PXKm$DH$;}R#|`p8e&2#`Oib50
zLC7QqeCP8*637hDF=2%h@1l26LX1vXt>*CpR9DuzcZ)UbR)3SClcZ?R-Nh_wokDp2
z0u?cr<NOW%m1<X@QBOrp<ncZ@jK!y_wA>IdI^2#Z_{MJ?r^G|jcn;ohwRp~Et*>Ki
zO#FJXA%c(?04?4|?+vJ=GlII%2$mWjO5NHUZue<S#;#%NwD2;FLGN7V=&;9g_4-Fv
zj4J1RNj}?u^;BMt8V4;P`tbZVOt=7$`S)op>;M%qBU8E?t*pWQ9(vEobEte^rv-k3
zW&doR3ic$xOFOK0MQYVsc)j=NlqEE_<T!WLxT#|EXm&CH)FrM-U-KB5=n7_ky;K#}
z)9^@sG^Zy#TDw!(#}1%!oIBYr%GhuM*EJx<J9MR_K+tGJiqr9atN|CNS!yjS=Mr&W
z9LWmAle77cCzsp$aqEUz@^)iLz<S4->Kd(=c#Ay?L#FNTKAt_g<1^o{Caa@`JTcFM
z#S5BDw_9gqp}a^P=@-=e{f-9<wYeU<bo@^87R!*Z%&qV>FtjU;$ncX397b)&`W=xv
zD8Giw#xXh##6FDIyAD?-8Ee>I-0gblm&nCWx{YdUi_~wV999Pr){&+&jK)*c%18C7
zo)Tomg`DjpbZ@fveGt{Rm5Wp+gch^oxXesJQ15R0V5~pToII9d_=t{Z)f9(B+N@?|
zSm$Ygg2hYa^$Wsdw{uI+kT-MsA?Qo4+iQX`pTs0oqZGY$c6JjHCX3g5&=u1Y#6vt>
zoyIy@GO34fl<i{lLH%N&-t>5%J#xr#9e226K|mGwIeu<pQ|ed&yKE0_yiZ4hP0JAk
zrlGF@BGFA1;W09rk%`&VWAB&3QPy9^v-@UZ&MFWND>lbzHCWQeyl{a(NHgs09KIcS
z0(U3xV6!8UEVe!|-%R#4`{N}}ESE~vw$E)pytbUJ>~3UMoBR32Mu`+yw^B{ST5mZf
z1q%<<t<jGr@dU~!!=3}=Z_gS&IT;D!<spKv!E~6nP>C7L*bH^^@)W7h&vFDOnw@4s
z>|!PLam)?lQ)}NTM#uMwh0E*`)3XgQ#*!d;yJbSW&yNo;cFO9UX^bUbE6)EEI3n-q
zt0sC!LJ!s>0iFC}P*gzoPB*7`K42=$>zZ6=IDtxqd0Jwy+&f_*zx_rmHA)E7Oo@i;
zsMz&@6F!Ztq%+3w1h~<{AJ2dEWO6Hw(_=RDC(v@Z|5Y88HynW9DO{Mdi5Q(Z)!NXM
zwpO)O0VdZzpmOfjBiCy3a~<m;!G5B~S!5t3Eq&SEIRHHCt5Sp)>OP<xsdCU?>aN!_
zkyZDIql!z|(2&qe9pX<-NqZy}K~*YF0F-<Sm_ug}2(3uXOT@Kb;KfBGJ)+5;dvhx2
zCT*zC4VIu7VUTbGwj!;SxB>>oDJazBQ~&TV63{E?blEu~7*lv}M{wU7x!~@c=2JL0
zI0zmEETH}Y%*$Iyt9KQsAIJx&AtTz#Xqnu?(I^$A&|2G{m@=BVkyuL;4+Aq^lO|WG
z!5v6`oT10=#n2nf8{w=wHo4tR9{7jTG5J@BC+R}Q4Me!MJD-!wwF^~F|NW1;%NP8@
zB(3g5tvrO%V|>V9`6F!#U8D0=Zt&TXiOvRBgESz|i@Rbagt(pkV{w1b9sH|-`SE_J
zpEV9A;}<3x@La5Fp)<rW>YqCipxER!$*c6%s-t}OauRGEx}D|~w|<6*FvfCDZ|=}t
z&xw{X@w@Zy?ot$SljqH!Mr;2WPk~`LJWl7Q*jZOyg`x^v21gqCi>8bjYVjlEam)`c
z9N7(-IQz5Sc(Vykxl~)R($E_<Y@?614soCT_nC_~nn4cv2B)jqQTrn_1zQM~N;cOE
zZgYl~q|!5@DR(`a^!Xxg9j;A^03z~g=?U{pF30<NJaw?x_M)gv#@+U6iMMtjxbVjR
zd5X+050{YjQ8N0a+1fhIiDFkQle9C&pm@S4V;g6^-PyF;z1KCqL!^_VaOs0(B@}z3
z&59i`MJ3RwI#mDm`;dmUt!)0p)Y1Kuu0-o$BK$~8JfD*pw#|Vh;uiMf<S4a^@@`Sb
zn;Sb7-`TG7#6VJXZj_kVXaZ76uvnVM@o;inD?UmF2iNt;D*TiH%u2P{;V@FsHTYEf
zh<07}S>@C9Qc)(<=wv<HYPhg`-9u9nbM!~lq`2vN<A)aM`N>v3%I|Vz(h<jnzSbKv
z<j~p|Gs|KE{dOkucK4IpVuNiN1&DR_R@a%sdU$b&?Dl5D>;iPM!Y?a#B#|KG-}Z2q
zGouZjSK1Xy=)~(Yt@*@A<0-(r@=-pNaIT}1-Fv-X3%KvVlfW11LKIYeok@_rv)nH=
z&Tgf-{%&c!*M;k;gWoKy)#rc|sQ^LYqd&(FgHKAYpUdN{jT=1&0sf$Se}$aCxpXS?
zd;e0Zf~F7>Gr$;nO)lpuau(2^t<2Jil)&7W5-OEXL)o3!%dwl4uqiZNk;`UXtFh6h
zH?H72qCHJ~+{Gx!3VbH>GiN1<&9m??XTezL)V5n5Qtn@@=5eTM<EeFVctTdWR5?*<
zmrn1pbZ^JB%Yp^E0s+o<nwtGhnO$5~lc!~$9y~F24<-5HC*;R}GqQQd&@T=Si@Xwi
z#lj>r*xfJ6l;TBT%NDApLTEW81QE$j4MF_kP;Kpd=^BIj{5CQI^!GchWuX&`Vak~g
z85E0q_egG)IFlvUylch^Zt}z0MpetNoo``Np8*VH=qJ5~`ra$<KTDko;}Ton;6L5&
zx2q%dyHDNkh0k+h_A`@_k}GsH=Ak4yyUedHJTb&pS<Tif@516LKj_ZGtJ`4JJt#=J
z^?mC3#dIm7^ZbJ&fBmWWE13OxL{xv47L^gc=cUuW2{+vLL<6;D3nB86{3}1fpc=7W
zPCrAPhlp^>cx`rud}_Z2=fg{Vrmz<&QM{Bm0Ymt!?yp95Aogm~Q{O!lmoyID7a%zX
z*@6}{Q%0nEwv)TR>1r*!`BJ`06>&0Wv(2*D`yeQ?ECI2K32C@j<ey7m_Wo4II_jZ2
zeTrajDH#G@9Qw4`Xu~IC_erh8lbSrCr^5s9aFtGy36HLP^7f8EFwYph1O?J6`Zw*C
z;DFRZ44#w;bFL)A7=t`1@L@s_C4PxKYPVLInQwmt!spqpN+#5Q@zN<n8ZMUrc;6?x
z0HuoAR&ex_<2U@LFUw?>EM@DS0^z7a*<wp^iT-6uk4M%v*?NO;>_5n(_1C=d9ydz1
z7B86ND1S(Abzy4fn&A+yzy-b-!QTB=Cgzl=q=!PSm;NR-Idbp#B!ZXW$?uiIVtqNk
zgD_>G)^G!RrP*)ySV#ouwP4UqNgoq5HayhRqk;9Otd<^guu&+pae$m{`Us}gXewzS
zw%jdX2cHMAO=>MxyFr}udcPcAxw|4YNVn-aBcC5LS1KPm%3lCSy<<#ubSBK_$8Hje
z(=s3O03^b}-!fs0CmEqKus1nREzF&@J6<fB53Jt>I}39I_#P+?5*Espch<<Z6bYxZ
zSx^NxyA`S(6;yr+@W4|murIG|7_eZ&sn+($ZhGmqv`6b{JY9yu=j2Qu>lAC%urOjH
zXI$7qGYS^ED+0y-;&pr|{L0Xt2vp~~*S#9XfAcP-<g+4O!c}Lp*?jfxX|+GSDVNZS
zI<1nf=%V~%Wu3fL>i8WD`NNV4kLjy=8nfu2HJ0(n^~M_4`XT}EO?sQv(-})o@P{+c
zXW_6hz9F@2;3X%7^=B`w{7`!e-~d|p`)GUX9$Vm^5g!fmuYQ~N3JD}KShsxn6qnR$
zx%$5O(f#ESPzW8=Wb7Amn0^vb>6^M`w9TJK#<H`EvIlG;p>xETjOB{#f1o+tPQ>4%
zyFVD5_P769i=+*1tZT-{BQuvUh#PY|Z>24C+^;#^>dKRc5sJxYV>Ui{INT*g%Hfg{
z7>J7w24y!_;(5Jh#8ieh#@m+IKt;{QOq?ZldztC*bBl--zF+eMRj$@`i#NJaQkXJf
z&8Ubx`QQz~F>`Z#srEndviaHvbx57DCYwE8+>7aRFqKgr?G5K~h)(e5VhBxB@hr`&
z9i+VO)0>fsKov=e112a0Ng&a_^O(j-BXnn+v>U!Hy51d9Y1dm$#-NG7XYC$+h*L0H
zqA?IZL*8Q)**SP%J;5Fo=jn}}gsxy!D)Q?c6Ng;kimh*~us>=um1V@s4;c;?i78I@
zrGMXy*D2Dgi&L0L8CwaB=8abyL7XSEwY;?!o<0Z&aKEB~qse63R;tpDH_LtJh2!)6
zhvfh4y)DCI9YBC7TqJwUi083ccri^;@2%Z*s5?H_v#lqFSj>G!cjjf5TP{v2EaR_@
z`%Mr`YXYU<&t|i`%E2}vCYHjUvL%Lq@6g{qRZ<?>DbaAVbn1~QC3L;UvZXi6ud6fX
zx5OKRsf>0_cUkkH1V-aUzp8qcb`k5eFF=PLjJI^B7u|59S-2S=?C_0qT}(8e?AI^L
zvC&cF@I~{xg@8%E1B1l_?LY4IA&)Z?oVMB%c5aU6G@LBDJ9*3x0CeV^xG_hp=uA4@
z>5x?9LxcHp&9s?AT+W7SgJA+{{_ugV_Bvp$s+cjUM9Ilm`{pypXYl?y6$`GpVi7Xu
zLQRKwT~mMce4#<+;}<2t{bMnGVMnvIakZh1E|>S%()~PIj<iO0a}}CImn67b`OQwZ
z)k3p121<HW7`&XZ8NNq4hI4Hn-LIQ)F-&f9JSpuiIpd$$GSzb?^>zMl&CHeWPM^2b
z50qeoTAXN^DKw9?u>Ojit%e6_J!Ou7ALyvjZ5m&j5^a+s?_H6(H9j+#ffj83O>{)R
z>#f&tC4wb&>SjvqY`3sQWJn6I<hYIeX+*So$n<L;wcO#e8|*sE=?63%PkJU-x!UkO
zt0~B-@Nen=6iAsGtw!IyHdV#PW8k2oYlOcoJ=xJ##vg2}*&QS351=7u6#hrz?p=pB
z3WpQzVT6K$0-Z*4+JuStW!Q?k<)>j}f~c6X^X2s>WAkqKOZ%0^6JUQu!rnC0KVo-y
zu*Ny={9TX2s6IJ)$p_^70J*-6xX)7_|MY<Y9mW9LiFJ1h2~wyeDROmZH?5Q`{AwS+
zgG^~gMh$vD(QV_{R4XuF$6g9Vvp$l)xDwUn$u^oS&9s(Ky~|CVA(s}4o@OFaVc8oP
z8iE~JG#>jT#~ZWNdY+<ajo;{GLD++Z`b@jas9%L-p+;=D`w|4prQCe#{@x7aYS_@o
zuAxAuCaNE8dY$|OLjm30!eG5>q&l<aFR5YpUw{AnZZy{>Dlrk2^X`6S{>|O$`EtIn
z))Ft%IA(~W)v?A@o{om?x-<5WV4;=H-4E_;=5tylOKvxprPbxZ%p$kZAkjUwwj|ct
z_H|DrmEYF5-_eQ>?yIX>YCd5{qAIE0t|sA3b+x{7H&YActCS{#$vPkuwvQK>-ngTy
zLU_q@Por=ZjOd@3FxZVpR%kc|#?xkdXs75FJX!fYJh1{(ecgiPM*_JV;WY9dy2IXk
zSWv(-YPkjp@$PP@`Hbm=dJ~mSt!AoTuXGfH^mR^jv`ood-aiuXWU!bqlz1vE8mCG_
zb7Gh1ig_*Gh+Uql<E-Sw<OLRuaaqYSxZ&c9%_cKV@`3Wby}fowM2SLWN|e0}5wk=k
z%Iw(^#Zfxl$O>h;M^~>6+lHMh=a?9>gaggWA8nY?RyaJ~oerH%aDZe;8imazsTXaU
zEN{)0@Zp}7u2ra46=d}NBLFJ&O(mj<8}L$z5I`P%wbeZpYzE|J@Nf0^_j|wJ4A0Li
z0*Q%HR@6y`kYckXbNeMQD3r$NWF%xQ{ax+|lM=rwoA?8vk0vwoP1Ewo*|>VP2I>w;
zq{<h}3K}-;n4u|L#meN_3EUs95Xi&W4GN0sVfW6CzW9T#V%j@*!Y&JrcKR>Ed3Q06
zmZ%JGaS_rRbO-BJL=E%cQnVgn0qT7Wx6VX7OS12x9je@A`{BxM7-esR<R>LeyUgZi
z7HVt?>Q%N+Xb*HdtWC2o`TJb`wdi>TcbI!%H}a%<k!-dvGs$7RA0a9JE)Kh0OHPP-
zG<q?%xu6v;9UbUxTA}YQ9gWh~CuYy6iK6_lj@CM!38|_uZ?7E=n>>YUN7Qjz>wYv@
z1p~%3RaG=JRdh%QK&RTy&ulfI`insHd3ROZARlI$E-`dr_pF*~Zwwl`gfA($kBXFL
zhW-T8M3}kEt<@q@#KF-Eq8~V6K%={?cu*0PxL*RnYY*ftVzUd5{xK&>uBexqOj5ji
zWcD9uWTM6pn1h@x=$C6Rc&gu|L-ZNl^z?p&vOz{el-Y7Y$Dim)Uj;vSApHm_xXC_)
zBgj{uQS>6PxQ$nD;Un>hQ5N!+cp-KSLCGR+!T~(FC?@DU*U`3m2ZQ$sF_D&~%92!>
zyFv{uG-cOTV2M8S+_a%`?Bsa!GB<m7etdpjL8p;z)a?dfvu7SZ0#9$u8*hC{U*Px;
zTu-8!a`Xa7h-A3~QV>WFiRKaNUjwceVa$|*;zh~n!#e2VlMwrQ?wCnl76o4ZmT(`_
zjq@Yl?2OMqAw>bjGpcswmZemDK7l$L+h2j*>`m0<&iAnOg1JGsxZgHQ0-i@p;?VWo
zk&ytNCOEG`6cnK?h^4*B{d8gjAb+(p@*JdvJS+AV{78Df7LyQW7Z+#r(ru;X<B}PO
z1BAGBO3F46F3x1+kk(X)x41k#=+-b8hgZI2Q9P@avz*gOOOrLPEwsR`8$_w!M$p#;
z$1kKtEmBq2CX$L9Nq~$50r}bFGZFESBc3D6Z1gj6b%f(U(z+twE}+G~J@cpl{nZ{8
z7TmCX7>v4VMaO%nQK162PUe?BdjFA)`A3_$BV;0Yhr~E2T9wVn{w;{!=pPsCH=y$K
zm)qab|7yMb6Vdph_!=N*`{ptK`xlKh@B!ef*H^+3-}|9?&A(+A7##V7(8DtQQ|mvH
z1?U3uidpKJ&r~33pw9+U3Q5eVl2>(<|M9|?eN03nw=40VyIzD5c#|D98$TB#ea}V$
zj#RtUj6GF)Xu@wEej8Ln5UncYzj7#mRRR^>9JLpQuOv9S@9&z84YQY<rtvjxvRQV;
zk|BZZe?h&#`y&D$%vs%n0g6Q$NqzXspktVP$xvW~V1IvKqEb3u|6e@^4tGY+KopCC
zJm%}^<>h9R7N@cC(bFzL{)~y!<+@z6RVRbt7=F2riy?tndasYu;NV~;r+bskR##M1
z)V0MMEjb3PcG<VDQNTY^f6voDvkS~bysx&}@t&S-Uv3Y8EHfINu0OhcF7+!BSu~=O
z=|4=;&=m5h8-CvO8!+T{M|@k=lko2f<EdqDJ9gmc)V6-B{Lt3WO9)Ki&8Og{7zkTI
zS`$ZSUA=WRZBJ2!6#^w{0k#AzUuxWH2tXN&v7jIpi+M;-tF7FAACM1P?Uv~ZS9|^*
z>D~G!YWdRpMwV|B_+CPw>ZOWaPaBZ;n5AZ6Zn+>c+HV7*y~$K+cJs&dDUQb<g}$z~
z_gdrogX&ycR^30URQ}tH>_s-(FC!+5X>T}ie@z;ZQ+9R|OwY*3$c;Kzdu3(i(%Hh-
zr>m>OLtH#O@7?DcN~QA27t_aawfbx>30_c+8?{{^^R7&>l*8nDTL1z9m&a?ocLp)^
zAx|hA82i6muI+Stz(W14tXRHazF6Uv6yt;PcucSV9Tc=m3udj`+uKXq>jnBC7!DiQ
zg7fXbsMp6^xgsU;I;+*P&5<-%+*{&rm6MI)==}VAWsMfAi#8w*2A9Kuj-9<#dZUfY
z{gMCCf7D>L!BpQtkqN-C(dJmK(#`#^Al?_%0GWq{T`T|dZxL@IA|gO?bxcf5jqXRA
z(L|b5HoZWhB2XU!<6`#20k~pzIx>2U&6kR<>vY;VK9ngvV9$$C{^8&_1<-Owdn57a
zA65VvHEQ)nW{v6vC&29}J25fTi_`otVtac#G@g{zbX74|7KrP0IZL7j!X;h~*Q~?P
zX`_(#4-U3Eu_@d}#?v{UY}fa$yq`f1Dp-%nq%(Y2(kAX-V2+ZhUMjWT9`l7Gx$R%?
zfi$9NC&j|?hzQ%gVW1l3#ONqgmEwPF=JUmneXhzGwFd<y14Kin$H&`0o~L3hm@A?R
z&xM2kU^ZEv{!7<jvI1KA$ccyu6srV^zGr*i1d0!a>z4w#E&3wFH#0{pmaD+Ad%k8J
zJZ4Zw+x>oeU#ftKc>)9<;o#s5PJ01KPiND)`PtuIU)fk#xVW_D&j^Xdat6q!j*pL*
zhiid6BIIE}Fv1rQ%shimt62j4>#v^+J-&&QO2TXI50{>MuW<D%8R_v7V#J%E7%n6K
z9dSU_0wyI+Ummx6lm4Iw6tTrJt#%;L42Y9dTUh}b6^P?z!iw0fyCW6??!_l3p~RfC
zV|i##xA#blH}|(?vblbqCX7KlWI=UQzop?m@Z42EFa~FuR3>RJFQLWod2NbYl6F`5
zOR=XxEob<B35B3hoSmJa!1y5pzCryAL3Eya8RMyUcW#AzM_rxuy7Tzx+q``4V0`Pi
z>SDa>4aNhGuItZ_7F;ej7I>&olNAO+LcP<3(TOzHtEKAh!a@>A$XPN-hLaNoZyugc
zVjDmF9w8eWBHmX{r%Maq&pteyJTfshE}k>xO9Ar2KI+^aqG8Z{`kc=e;Vi3zeEwHd
z-@JdqPTXH@ef39kSCy81`{}|!#Z>X-0|IP<m?B1;*e98c_)i}jwAKCqlfW76xBkPV
zBrH5kQ$}x)5x07yiD*2YCbx$&8J@RavhOF1U7hZ%j{~8|yv8X!-XP5ksNjj>h2n*?
zKhZbk$WeUq1%7j^7X|I&)xwq^Zl9gC8=TAn^A6y0x)rpwnQiy*iK=dS<b13m{`_w-
z|H^!a(*OPYH@y`z<@T8m(2PhxpxN%O-f#HrSn<LNC@cOBv%>z1wvr_<)qa6%g!1AC
zAJ^`$&w}%cij<T!pGHPlWW<>|Awj`zZqIL0M^EuHCk{9qPV04s_O`aMnVDSR9~*$Z
z%i)PMX6#FRD6v1<3h=*JFHIRurtw=foesw_2UfpOd9wxo*QKB4UmNeC`%cm*(1AW2
zcN$p;xbKs*g%U>NDVtrMZ_CT7_Kfw`MN-3N*+_lu)fh;njRg5Oh}#Q)+_ULD-E3^=
zq_=?}BqHG`x7+=js!YywX6vl$V>y?4BZkz7`bFgJ>c+;00tD{o_q!<wSPWh{MMcH=
z9AAGAPfrj}bPT7keS5INA0SQ_t4hksr~Ahaz?rApA4DYf;d~r6vKaMW(_SypX>^p7
zK+>u6>K=`!#;2$MMhg9uo&<r;ktGK*^s2Nw)xF>Dc=|Kq;^UdIq(ntSZcK>1h8-%E
z-QS!X`1o?0o1N#1q(F*ksi{40_o23LJbd1suGUsp-Q3*#R7nO0Q`J&+b){V5f!M=F
z;7XRBn(9jj1Q$(CPM!d#3=|YBpuu_zWB^pD1;`O}a!LvhHy0EH6a7^X6PE_ffD}H6
z9|+_>x3swX4EUd)U*PoM$Yw2bI;RB%`y2GiOyiuKm`<cO%a$s}E>-y!@9gYsa&r%<
z<ClI!f_{6=tEh<JQ9ny0$i0heZT)e)%VSM?q~H_mZ~{d5L;kmTBcVu*9vA`X&M4s|
zUwn&Espl<vW^WeL?zvu~dol`1>-eTs@vFa)tmy)`;s(FoAa~#lE?~hTIY2@FQ+B56
zoWhbsiQAp8z)?P&>-V<?Ej|(Pbcnvd@ge)}i*Nk859P>+@ipH)xheETBi1;E5_Ylo
zZWC7b$;?}Pm&9_VpI_B5ywl<w=Nw|5yGFO&%RUKO{?|Q7Z^#(AYo>>%+Q+T4rnhLS
zNye6}y&;&2MN&GK%-eY=)3N4LFcxk%HM45bcLcB!d%Vz#bcFq-e@*N*8hCT+yt-<;
z85IGdmzS@7@SWFgt*NI|`RAJ8b2c9iD&l{?17yc>=c(2Sl+2MM(BF8V1X197ClzKB
zNEGNqBv>vvO^chs*65oULoH+~?!Qy-=g&`Auk0rv)~`X@@B)QJ_gs{bB3IFrJZyFm
zyl}3RX?3%IxD$1^d{GXpj*}4o-}27>ez{P>_J<=u3FXi8eLmEbb^;Wb-)oUWTG5jb
znOp}2u0W6z*uN#9JGt?0AQMG=W1Wk#(TKrR3j*U>QDE*6Ne<IY>))rq0=&Z-1!^j!
zi|5Q7`RhP5+LH1xTi{V&hW>39AOGFI0;gZh55M(mskt$pcvblO|2`fBWCzdSf=x3%
zOxMBD(NReWRUkBlqXK7`i6bp9_0>I|=>Myvup*POv>(|3BT;=6($f9m1U*KJ1QF(R
zZPgL>%#^6TTG5345<U-qjT7|W(x)@AO29Y_<(HdKG2%Ji(rbk~iOiESj%47knW3wS
zO{S54b0wr1DqS``8UTv5&Od<j|9Vz!aPe!;h#Z>nO>gm*Z^t0oDDtWRRlHCyNcR-N
z&;%Nt^RvTqincu2>wWOPK|E8{CqF;w-=zp>Bl$)6&V|H<G@nCHBd>Mqqd2uikcr^N
zm^r2ohN$Yfl04~5tVW~DcK>SWFW2UQm8e3K`SpJXAS9$Wfw{4oBtDX2;$cRM7i->D
z$f9*PU6AX;W)#W<@kX>;Oae`uxawhKO+!5u;ALe=jXV7A2^-eP&3E9(zhAK<WppuJ
zsYQ;I1hn{Tf9N8bUS`y*w<;BW7br-%GFoCX)I<T5KsVG|Gpp!y<gX2vt$X9lYe>j1
z7MpN+w%Egf)a{4qrQZufd;?@s^VlX|qechGtNvKXV7evNQs(-k;$P;LVXru^OVSEO
znSd+U$Kks24JM4wC796CgF%-Mw_9e1-{zuebOrD29B<w>+dzxH!&PYUV8;gVDk*8I
z34bM-{usa)^_9hch7s*EPnp0BA`qKRNL$i9<;aBBgbCy~Fc)$8&d&DpZ_q)r)*uw*
zI|&LRYaPe;N{^2^3m`~&Hb-?phhAH<1gYP53QIW)pKebeC=jp(C-pt}MThPOW|?L>
zQ@x|3mzR<2Mx<7;z}M<Zsq_&GIj=BIP?1T_0Ho+_PwK-#p=p{fz0DSe8eZU<(|I+`
zpXO9hZGFEoEw3(O*zW*U<Y*t`xQ=s;awx-Kj&xHF@28#_1ZdcXKOQ15+h~Y?U1T5L
zRcx=hNo}f#RQqxIR7LLn1bClmYn`l=w@D#-`g^^*&Bb?)5?DdDnGuYZ0m(F6F4w%o
zXmThEjpofoQt5i&`J9m7NNMS+LF&5P7ARvypI^{*ZtGdTMoh}+)w5g}vGX1vy93SU
zGQbvdm*BW9WiuiO98rGCf%wJ_iSVX~$^VsX^&(bMGIg?QP0x-_cn4TqG|&(+3YZ-n
zn^=CXy7ESDpiKV`Lj49Rx>(l5i$5K$Fd_{Zp8}gh_N+5qoI{5y)cOL=G7V7D(ecU(
z@NSia8(LZ_teQsoQMZ$tl$S@|U9&o|ra|@039MN<H7o97`@)!j;MCZ7UKfnNkKF#+
z2BGV_Dl8<KX<wQv<_CbHJ@-0?CyQ(#@uWaEH<AQQNSC*|r1Xc#3T9MqTq7m?CYYu<
zw&afE8Nk+^ik11swW~-doQ|>f8ew(Sl#=l-aCx?ObZGa<i6k2@XSYE6lP|w+yOEd)
z2Xu%PKgjp5L8UX{_A7DS4H5qPk!riIUQPFw)&1f4k3Z(oT{xA><?ausnJFoB#*^ni
zV9)}Bf-tvUzo}QE)i|a3G7{hco*^aoh@F3(XV+HazgPE~-~<ZJ4N$=Rq3<{ZF&uWm
zdi|1hiuf@AC;K>?F^|n^eT1Ttroq{8x=cMikrrru4o>Lz#ISuAP2`M_UbA;y-(ti<
zM+@@u8kkf?gT<4lGT_cb`)1;klsCxVYi=!!7H0=~{F@ectJC#Ku2A0m=ydL)(yGZ0
zL_py^b^=4m^I>=J2=gU{cb2WgupNy6AM2>^TD_G@V6R|%JZ&XgODR$KV&(}8AYWry
zo1c!RHA$zz{Ut$h!%+n3g-jcCkcwG22OW^-ZoKHtba%gV%o&-P6PffLZk#*j*TO9o
zOcNr7yEyR6Oser9_zK-pt@pq@7R`%#E!g!A6kyj7*OQt6F=LB)+SS>X8rldj@+iGI
zefkjjz`zlL{Nb(Ds;14@Q&X>j=E3YOz}vn9@P4JAmLe?S8vADdLoYu4@px$Bn1N)z
z#Q<&5H!{7+3QN##0=}VuW2|O#EK1*b>f%}N^&QEyo=C(S&av@B-*bXoViRYj{AAhi
zH#g2bCj|UR6!tc;?bRv}-6W6=zmt<Ocp@{Y-71%>YrxQ|7^0%AqyT%iRH0w3{ON41
z*_xd2Ll}&L#eB9*A26h?iE0blIS5>V^(#KQ6^wmzfLAgc_JV=}Vp3wzMR=<&mm5M>
zGBR?u<)I;PMi<`O9cHYFjrLkEFE457$v=iu0Dy#q#KX;vqmz?xlT*OgQr-~eeZoyN
zBX%%Y==G|!8kI!7&$K>NsLUS^4{F2RAZjN~uqc!|V`r)ts}&kXYzX^M*~+qa-QK>?
zcytfW(&*3jpMW$Df@=c-{5bVBRZI%`$mzQEFR%D8ZFB18(ubKCL|s!;>f{hQuHMqU
zQB6+i3EED11s+=N2vbJ8EV?lg1)ep}n<)SE;BWeXuv>JRhO}-Yg)d0&C{6Cq_kNk|
z{rV`ULlRfaCT?Bq$17VBpDfUm`d%H-er(y+hvqX{RqGtSd#l+LRU;#PiXK>LXHEOQ
zn1#fHz(J;N$Sn-Oe9Ic|9ZN#(rV|1a;UuBk*Xt;BsZ4MZL5;v5gSolH?BCU@dbiD#
z4M3Uxz0OWbb|{{x)O(utJ~t(FrKROSLGRr#F{gBT9$!e=e#=x)<j6IS;=_4L1Zz?M
z3es@G;M}mopR|Sd(Y>=?D+60y5X<~+dzV0*5WrSX`xnoSMNQi48|qY7X1&qa;~HM)
zfxz7S#|Uy_k`!mK`|Tw;KAMzVKu83~BOu@;UBltTTDZ)CDLy&=Y@=c=Y~lBZ#kQEA
zOXn}$PLx1E616$YXK|y#*34-Gc;hO@B}pIy2g^bTn3bs#qm8y2^JhMc_MZD7zm5!l
zDvPbdmq?<Q>w!!Ln5wJvYAW(DrRnZq{&B%C%OmX#TSp=HSe0s<JJ)!g4sDASuD<FD
zI_n$1ANt+e3`g;NY$?8MQyxqzz>~`2C#gL7rt!y1y>Z}=9|XC%+poog;UI_zkdVu*
z_Qug!T;K>^5MGN1hhqZ)0So0S5a2&>|G3oXY<Y3HJ$3-E4W;p9npzvXdwV=@=Xc4S
zbU%NZS;YDzBcG3601#Rn)c-ibHpHBWeHUPC@foQ4rP_Mw@p!rrPGxRigq4pKF2@At
zFrp!%9QEdLa=*aIjk^Gl6g-_@P(i5hay}*2n1aE(hxAoGSbYaSazy~h`egE&bL+kf
zPtL`@V)6HPbu=bI{i+s%V;|&&R7F%^M7wT-A%UZr0Qb_=Z>rD$`xF2(?ya0l!0yg&
zxfh)+>I{Bughz{MX)C)<c2xkz1RO7i4$!iaIMFAgshhg7T&LCi=F(0(-a&t-#C>DE
zVH-AYj=n)({FYd~Av=VTu?JS<j2|>PE$j?Dc6GZ%q`%IwWzf1tia17!us#*%9#(E0
z{;@SSL37&pl#&SlPUf_u$~m5vCk71Zf&*AJjFq^IYW$WaN=Q>a{i8#hlX78QER!N?
zQ5>j!7f=>m+A&&)(1UuQlAS6kFSXe1s0}U9c{+dUE^n9{6Dov6ee^Y8!3C*NZ@NY7
z5Ps+L_@OXhj$SOSGjHAbiUgQunhv@t^8=;?N{-^zWQB72yzex*cI#OU#mctBP$fs|
zX1>4kbXNh`O6HeMO1skO?w1hcH_{)mh;N%zKGX&sG|A4*aG=th|C)&_=Ts~H)|l3+
zEs~BEB+6!Ue|h+@J1;h9U<&etKH}qpUyZk}i?&#Q5kBBab|r(mKHhG*^}YDjH>P+|
z^5s%<WrcCAKohR!6eZSjI@%uHlb#Or4_C)+I)c}0l}hzwrDw%<vLR9}@c2Hky7dS0
zM;~=MD;|eSjP5e#mKQb_mfO?i#&9&Uw^}_=UY?kYOy=#-yk|8RkCasfm(3+dYK>)Y
zxZC~f^P|z+%XFh?;zWTAWGS0YR}Xk7zm4I0hWiE!{}c6P-nz)^W5StH85+%-*{>%T
z0j=2!w%zSGx$y0BLi0Jkyfx<FL-SN^6~xgW9;vK@1jhU1>7mYg^8%2*5QtQtwbz~g
zg6}lCE`)c#tnm2$xtVg0*txdR?e%EH@74Ty<zR(45@-O%AKRqvda?UCGO&IP&jsNa
z?lboNJI}rGpH}zR_eS|2sEfJA-IEioORQCL3F~ccFO&XcpueAb1%h5VH1sMiPiOMQ
zhldCjg*2Xqyl+2_q#1Oz$NKZhCKbao+#JmaenLy4s3skDZRo6Y3mmQXZ3)|MZ<{_{
zOXov4Dxh|;IUL(0$uqbNgbZCeO>dSet%rBvq9Rx85q|_l!#_FhexT8b19M%4rr*dE
zHgWe0N7*b6(yrQ=K3*R4U4YU}c2LthKO3zSwWJJ%dvQ4!+`P4(U`_)49EQQDKT}&>
z(=f&0ukcke?>vSNo<FS{J-yy$f!W`IwVPiaT^}z7#wT01vzT$Ynb0CG-4?o<Cev!W
z#buqHZ|Ut%ccBsb?OCdtKGy4#NgJb<r!}0sIz>16bRqJ`7X2~a+Vngr^dra@32@`|
zJw~X`cGo1v;ch5zV*@gi%`M#!Cfl4()!)NIaQ$B!VfL_a=u9ae$4+2a_i#MY;W5{@
zl);VlGxMI$L-!D}j#^%VI~ngSf5&cmrp-{&WUjkCc#$gGnC;BoI&;5@^KOIY%Bm^b
zz20}V)0VZv{aURJr7ba1?pu&RD1&%3tu=f&Z4%(I#M_-L8KcSOw12WKn_souo+jvu
zlBJjI!oy6}e7T$k0fn7?O(%0!S`BzI#p|OEQ_SFUpnJ46y2JhO5L9}~R))pli5bA~
zBUaOT$h04p-f~;5ILm2nXBnpdDE`(p#Ygd5?C7Tdg0)(WwFxja4GkNhp<;X7Q=8;3
z3}_HiSBC7%;;PHGgT|buNeC}&_uiW=#C}puy~x?g_s<}HLpXmjT@;H!w0}=^S~T7Z
z1WQUqaX#!@$fKkzFg)_*T8-(@=#aL3nV(4+P_$3Z*%1I|Qyb+~CsCV{&SX!PQ@xmD
z)4TS$v?EA;df(}?<P;YVOY-2X7HJ`qnqES(w;<L?F3ozxVIy9iOJn(k0-1oHiI(qx
zLE1MU&$u=Hh(2`*3+ZkAR)~q`_ynS*lXYkDl^Z{Z#n;?r-3)cpm*6Vlt^M(b+WP4=
zaG~`B9O2lIqCaa;i^q`$ss09w#h@k_$OS%cCE`?DI@E<f_w5uBob>GvhI6C~4i5ZY
zNy|gMb9^(GSfF)9Q`zd<Z#U*It0iZ1dK^1YF}tYs`fxstVxSe5>A=9yB(h|+By+jc
z+Kjc;%+);^Ha9BB8}o?EzSTArF+B#;ZL$8x^_n9B92!mYId9>lL7loJK4Fo*ASIwI
zS-MdEMhTa}tS`e7eXidAn|bwDFC6fm4+nO`qiReSEtSG{GrdEUm4zD`3bhT)tU>P+
zuA#0D4dxdU^OJ|Cdww1zR(1rrIAyIF1{zwqTKfkLGz?6lxKMBuPQLYqdZ$^Ue5oMJ
zHR7lDq?L^#ojtUAy_@UchyPsC6-YjUn=W!p9qo#}@n)UU1$Jwnr<@I}^$0(N32RI0
z&3&%|Grb<KvyDV~eoi~1R4@AVF#&4o%+rFZqx!pFpnb9D=V)ol{b@!E-$vVcTgC_~
zzo?4QWH$T3c4Kf#k<IOKSN8bIn1)|;RqAHdQAlvAVN09KVga8(muk@=72wV5#c4B4
zic<3Zd93PFV9Q;zWYFgDG}d#jNG6@r`tk6>c!Bulc<eGN^G(w`t$M_p;Q}yqS)33q
z`76;BTHe=wja4$8!*ynr3rp%HLad+r&FN4?N76e*E6YXqOyfhCYrGVEq0`%R>zUS@
zT%K;Q)EWHg()Gj^(FD8feXyk~lSiut3K@pz38%~UNsRwqX^g|b;p$t&>}~s~*}NHS
zJnZ=#$;aW3A3>cwd-cV`-d@hDbrF5yCVNKg6CsQ*^|0$o`3yv+FL8K9UMvrX@#h64
z{Q|;KSq~oxLgvmCN{M$ocrP~<53+o-%Cs5uKqWH`LV8!1!FgwH^#cDPMXJ~5>I=??
zwx8Mg)KeS|$A8V3jcCwS3N};eU(Vc97f$Hk)*4To$U2es?cN5en6aaM-^;@1md4)>
z`)P}CTb*R&5^gthvcexX0wO0%(7os_o{uEv*=*f5nzbOjWx?8NDbMccuc%gR<;oQ{
zx;&oMphnP^vK@OF%o5{@OvTHA-fRw>NSJ}s-J>n<r-{hol@}SJH;1dnt5?RK*Mt5N
z^~N4N&X*O1<=#@X6|+i*QRfR*t7HBVym3EWb0pTHM63$=J9iIHvRST*FiNI;v(X<b
z*llRgj0#3xY-FECC7kLo?7gl|b%}&4H$2;Zy&6K%Nv%{%bgen<1~oBU`8&6Hx1SIW
zRc;tZD!YO%nL1d@yhcc}dmr;rQ21OW&o3*)miEbP;i)RC^Ff0E6D6;=IlaALVDKqD
zehh&0b7yHthi7eY*y1y27s}&pwp*<(#e1hT|6K~i;9Z%r{Kyq(cD@8j6jkB4x{DPc
zolxdaY;qfF_wV{RpbI~t$!x#f7orh8zf7IDSasw=O{XC!mE!T5aolznq9V=l%_{@-
z7pYV(WyVSr7oe|zXDSpIni-cE-<HKLAXh)1X*E{>Xe`nAYJ?^~I-D+_-R7T<RlEtf
zKP|hwf{@0Om!YBz9ygdJ3X`G6lPyYKusnZ6h`-Jh;$(6>btOZIk7X@)8v;WjThz~u
z^5q-#4y!rN#VF=<bk|op%PXY{)#cIlN<ve`-VbW)cMM+J35Ej?SIb@(wI-5E_a`CT
z3SQh`R%iueR+`P%fM{;DCM$D;b$xBE;BYrnVd9=JT<tLF;#VhY9)p3k!01UWN#$66
zUoQmAro%OOS`k=@<z>#>g-*u{i@>x8JI5iq{xMxJumILyLPA15aakOWWx)HOw6ruX
zF7Bl_5wBBIQ<GMk!%nC2ayNzt8jQDQjqwwW&CTv$xUN93L5EAN@ziCj{Sk(LBo=#K
zL4m=+7^+XHe>O0%$?1A)psBeIbS(@=<C!yI*&uhYv0ARP>Grw5%LJ{N!tY3Z+d|K&
z_6<vnkB@(|vyrhM8xyApdzIjfT`P>qkM!B~sY@*MWIDVs1w8qknM0^NV9+s;7N-1W
z986KnmBvCL>x{0lvPN4cCvC;j{I1uF5mzPMdbqpqNg6y6y1s`WU(JR(C6dnCCD2?8
z(=&LN?mmFg^qBGaxfhQ8=X<)Qj9iVY9PVS4yI$SP+iArzoy>5fakk%?c%qkR8AG1H
zdWSM@H%yiHug%`R;*EYPlJSN=`mzC235`e3e^IBZ*_Ty6Yu*T37ESmxh0BBB-lVdd
zHg)|MG*d=4V0s(sAJiG%`3#+)AGJHaNXJzQ7gZEBI2t^AMli8^5B$VB)1N$KOlP6p
zk34p_c04E1Q;k}jKr^7;|8$zVnH<ruAJDZw10dQOO!jwh?l;14P;DGeS^f60>7F)!
zSWDCgLg=^Lmkl{TBm~19?AFS?9YO>-iBbA$<udO-@1J9FnrDNNlmntHQO`f-vNVFo
zYJSU5z0CG4vNCk0wJU6Nm!6RU{ywlu;%wADspJ?OoUm>{Squq#B3q_#6BhtfZEUZ4
zq6sd7FwY*ehqo7w;uS7`JvutdRFqJUUF)d#Ctjb;WRg;E0(d&yUsV`k*BpsbX~)Sr
z(>p$17*s#LGt$*gjO{hQ{Qcd1zSXcKG8EA?iE%RbYH4HZ@i5<$MU=>qG}Bvf6k)-6
z`F63rdt5g9x#I~93;Mhfa@dtg=1ZD8wyR11UY;oO{I=GGjks(C`xGk(BQB;;WBFT8
z=B4@khP>S1uDQRx`|UfP-D(U=c2#E*s&fI*jdO#U!^4CO;oxPw2%fTZ8{N_GW<(AP
zC;r{B)Ij$4lCZTD)xKag{)uo&``nPk)I(mZb9ZR;@UH(&#bH+Jz^i=J=(=|5LVfI6
zLnQircd1|21SogPRHKqpLb6T|W8~-P5f|3frepJ>W^d?pZX(_z*1K-&P)jBG`Ibyj
z@Y9Fe4?xm`#hk~*iO6dbPe+Y@cdbwj?~m{8%p2&yM1*NBEaWvW3jXUAuMRyv)w!_V
z+<EarBR%3(T)tVSJD4_<xB=Bz^L=lCh2obUrP8HL3u<F4uJ7q*7fHxRS98VkKTqaL
zl+wZ`TwG?>u&}@SrB&G~!*uV3=1>0;IKN->9X0b5wHl?&w~r3E*5D~oswVXFc%xk}
zl9S6Oq@Cp^AZ`%0!F`$R4LNRkJ#+ze4VM7$Hpubtoqa!lZmM3dI|Ad_z|h&3&V9^`
zN#lE02QUj!rFye=yVZqpwx<^m(g4)z0qP!TcG%3Ut*s3W3Cn3wqkYfve*gw%jpier
zx7@1*OR305AY^E@I>_Sz@9!VLxU2Be8X7uCZdc_-O(SE26m&(0O11j!;QR_QSr)BQ
z=n<9L%-9mzYcaIwBWm!i&66OZ8cDgFxe^AcacvsheZv@1nt>%Xy?VZ0hkEx0_fP!>
z41!yj+gAH(jIho+%IS86;UuXY$ew}T+)R&OO=QMhHZ*P0OsCvsiRH@q1YrEN8sS!!
z{zUmzUbCDf$71sliQR`Kq9Uy<)g>vQH*^*1zK+NA_~TO07mF)04C01c@MnSaSkUNz
z3;}f!7jq`XOuz4iCHhyrgqN!;n<O=sUsbx(kzhm<nwmm^LWb8cs%obQ;Yr++Rdo!>
z!$-=jeZ7#>9Nu?>&xYZA(j1j&OkuL*4GD;fLb+J|162OC>qXlcy^30LB)Szs{4GZ!
zb5{LTLytV2#&^z)U2e~8j$1{phtqIsUs{O8^XkplRui2qI(F{p*&rA0s&-zhMvqo3
zd2wY7%tl15_6~Dp8^w^Jg`%0|gW{^7;hnCjj*ysKHPk_TMdI5jyrL%LLrtd5(%N>3
z@)U`q*bpm8$;mfH8nCa3`dE#9gJd=KfTr~(cfmc<+|!Zt?VE=ZfZ<E)-f*NsSpox0
zd3vY}bL>s_)X92&;Zck<4w>icXv<9hMS-x0hu4&I4vd_7V_bEJx*F<wgGM<%k1XzV
zf^Y8URJgdVNV!thr!EnA(~tv}<j8uM6b8L3Zi9JwqkL$|R13X?lXRqlt{weo3KgGE
z_<7*pw)}i+uJh|hcX&2sEjddg)5Rvw=x|PLA6N&o#QaY0B`YpIZ@m=!0#^(#0yGq%
zpn6Gab7p@i!K;YW8n@$yly|kt`DFNEmF%sVRt_sXv29^mSa2`aK55)emcM-r2$<ma
zN<UHWX`>hyS`52;{m)xf6i)lG)rXadHgApRp)+}DoS@IwD6cOo)0d~Gx-d2m^Dhzm
zhh^SPcG;XY)a2|W>xR4*QgAVT-1F259@CXsm+M?@_SM9mmWk6HQv&G6g<-~u7Ulj@
z^&s#~$ETMx5|0i@fmv;c=_#!gUQT#YW(^e^9sOE+78vISks1k;zamW<8H1i*L}Dgy
z&8q|LU&qyHPt*7(55kpcS(%XD=v+$6`8R~;lf1IFr<%}1HVbA6PIp@OVe!H=8n-xY
zsx0mf+GBYf(j<<c2GgCwMG)804wUS{giD;a`+&5*eO1@hc+S#6)t{BUzdp9yiy?kV
z1&EH&x*1^{gXNEK+3ti9n+$Zm**4_$ZBFWLt<1S@MLDA}n{W;Xw$PmHbcRcownp}M
z=sZOqui>t4*&<yK`1@Q}_k5w5AC1boxG+MvyMIm&gkAxKI>jhs$91mvQW=Z$^YXq?
zT&*Eg?U~LNP;~F?9na`XXZ^9=eTFJk#F}9MwW7#h7}$s=60^JPaNQ>T$Ez|ifMfLu
zsai2TWPK2~vPHXjdznzZ3eJH=@dkJzoOPdYc>~ulFR$8?Ii4?pG37rZn$kg9WwoLh
zjswX>saJ1=uSc@S8!**0S(cUO-Q~ZWfTIY9pGJ?BEs<kvk@d4Zqi8h@r}Bk?DrGMc
zPrYAR`pgXWn$I^Uf)E<}5HX`xlvRt(NEms5r!z|gM-MezhoZ?r0V|)Yg-g;AF@G=!
z(JMfTD8lfEffIrz$j<&8byq{n<bE-zNDu$5mZ=HbNmE7v&5CRfpoa3>GHO#>Y6=@9
zqv5H%M7ID}Mc?)XD^}kMX}kEzFogEXf;{~jJpK{;&UGy$W)WwLok8!sedFCEjOBbG
zYzI`h_#n|TM^KI*nWj`<HC8YKuikhzL+Z-=#qe$$-(72W0pmD6XRc%*1>>kl(!~Ke
z*V;`O?2Is=3(qIT{&%=}sd|i-+_XZ-b_(J87qa&8eAJ}Zghtb%X@U<|vsPWFDPS>W
zz-ysOU*zc$cr!`<{uX7m+|^my4tx10<gWd~M&v8yTt1qy0)Ek7B4!cqslTQmhAzJM
z0gxlZRDov0S)z9nu4k)>Z}7rTk5Aq6%BurOCyU*+=0HjEJ8|Th!w#o_`JS8{EZ-kR
ztH%(c8I}-Bo;r~-Qz@V3;$s3HhZ`tgBFcNT^T|MkC`@NKOjp*FhA1}vT<41$6j+Q|
z+bT%4uq0RfBMgFK2fCm7k_1GCgiYrDhq-eTkG<a0W~XQLuk{*t@1J63qOfD2CCtgF
zG^DLsA#}@1Hgif58WP_$LbsQ$k*ZgvvhkrTUmLN-!Va+A6e(!Jsj2z<`#x|c%9OC=
z!i%ong4)(391dWq*vX*Hn5i8d%yAHN<#`(^^RytUV;0|Q^c>7S+R=_7!PfJE8q!R%
zAV=WvR7m9uwo#fX%KrMgQfZBk%^>P%7`2>l(N-rxs0L>i6$Kc@c$jF(XU+U>pU0Dt
z%MQjIW~<36ru+ls&~w?vnys;HMH-?4jd=ivBpq7K+l4i1xG|`S?F{a~O+84+kj8G)
z?JYCl!J0KKnTnd4OeU+ZE+VtjleY(@QJoqX3l-^nyWgQTU|0!3B<dvsfv~C9>Hgek
zfBI<y(OCmW`!2%kLSYLL_Z_2nncHOLw(yrqK=`A!*b2RsJ2$@wJz;T-%og_jN^-UX
zboXp&EzB3y-esv;xr}5+Hy+j|2n@JE1TpNsK+lyEVQeaD0U4KP#$rn&0wfxaV{VHd
z)ZNoly=6sO)5Z8)SXZx2Y#!m4*nMX)p64d*%TSjw<xAHO#$S*TW1TAMiZp02>}Y=R
zull_7=1<>XDBt>0TSx_V`UWbDZ4r<eS0w};!=(Fc^N)0WxIktN*29GGQNjlJEgkLl
z6YmS5oZVdg(v?Wqf234{n~+PrlR!M;;H_06vR>x!_$Y+u_ODW9-S!Sl*S~R1KxNfx
zFW>BKa+YzS2m1>uWO3WxLNOuRzl>E*2oV?RnmvIM_!QHfV5{T*#QHzR-Z46|sO{SA
z7!}*>IO!N2qhnN(j-8He+eXK>Z95%wY}>YZs^8~%zw@1cr~cF!8MRV-?AmMZweI_x
zb582`4za?0Vf<5_%@+dYnD+8vYI}QpoK9akYg&^t73v?^$!U;{c!~nMsAjGt-1AM}
z(=RKmZxHq7wWvSgiB=?yp3N9$iE8o^ABIy^fZ_SA9*DrRC<tGqK*#)h{Yo-E1nAza
z`t#B%gt0P>7bUAx^rRF|L`W4^#0<`_=75XF^(etF5nkd0hx}?NPa*X3+Do&zqw@#7
z|Fc*ouh4Tad$Jxf!?{$P0e~%~T`6?>yG!<=I;8)XxGj>?DAftNZd`g+2rXSZx)-sq
zic;Tr0eRKksw=@BbK=E(Ms!{oyf~%PZ3D5-tJ#Ee<qHpIpP1u(z|&H}mtcSB1SGI_
zr1OkdeG}YbQrkb6hkMf55xVhBt`83))9U#vZ4jl3h7{`(Bj-F2HTp$yHD`R5;7>M&
zJfGPv8Oxl--JFTduRZ6f<g0?Bz*Luym))xi-G0OE12OR3Veqss%{^eI3RibjYkTJ;
zaiM!;oo>ankAI)+h~4f!Tx|{DvMwp9zLI7_%ej`<`kk=|M#%TfcHP~ePj&n@U9ZfF
z=f7s{P*T21M+cmk^Iin3c1eD*$83AitZl`X8{)v9M*A`0=KZPv%NUT-s0~nMP4$=s
z3g8<)$rVEU25dQ>xI46L_ebcMakpD&3RcH3W@zP)Od3Ec!lWKVOuvJ?xmerqwbaHU
z8vZtOYf+QnR()thL6=#5%{%*_>9^bvmTee?Z|ood=j{V0xEw_+6V>~~BgQdV+|M(K
zgDfM;BS7{h7r|rA+bQb9^#17($b|5fB&X5p?Jir#u#?kT9<(3lZeLDSPCC%(@+?1Z
zzcuMzg&QeQN!3)7nRWM5Qcg@v5a!NVFr_V7Yb;MPT(|H~?p*5FUAn6FG2aQ*kA~<X
zblMt4?IeyQ)MqT5B>H}|w!h9?S*dKc?fs_>nbLE*-pN+w*IvNe4rxY+jHsk!SgU_M
z-%tCH!E7(yv(r)osqF4c3-UIHXGJK=k`gw{0jnoX1tm3=+{e?Lxp4m-w0F4!oSzyA
zHVQfnEVnl6Gu9s=`Sl@AZg!W(j^_HN5$2}8*_<AKJT?(<<JX%tXNNe6T<};g&aKC>
ztyYrR?PWIQ&fA^LsFGppvZ&UgfmzMgKV#%oWy-l~tuL}5m6NfA&`3QFN8HMt4WRFl
zderb<gl$Ki%_?cTYb2zP30Fs?BSy~djb_a-Y(W;%R-2XO_N#q=9nRnBm)li=dzeWo
zN&3;-@5NmnH?PQIgE6?5^i^Y(SU%iVc=@!G3{|BzqUu7T6l*ym3JMxZ2&pt8X5lxt
z^W0u8risd;6h<W7{OH|FPWGm&S>zkXtCA&jtuAyv+qudoe}>I;tIT-Za|*bDMp#p&
zRt^DC1Tcj#j?Hdr@whxHpQgDuAH60ODhjc>mL)KtHK~RcG<KhP0_JlNMMds&cLw|A
z%If6<asJ6>p}P0YdVKP(arFw^1?Mq4iRbfRZ@`c@Q;C(a_eK2PoeD<9aLr>e0RgZ1
zR*j@cn^=Of@utL>or47uw~nv{;1*s9I#Z~;jCRXm`jO406v9eV#$k~V2BB7mYpAzc
zviJb(Ejc_d?-wCek`aX{CcLTlhwaN7zKGc4iGa0fcQggfBO!OktG8-*+>XCgA+*Ym
zp_ag|`~7x4lP&=+w;flP?@ljE`Vp~U#7NfaiMCIjP~yUAjn^!yCdX%kjYycV=Ut$>
zBha`@HSNtiC4%>)@0vhiX(uMw&YdtZTQ|q3r5XwcYwfG;?#ZPVRJP;kTI25+a;q!!
z8M8*0Z^UUYQHi*v74&o<4@?8>mCvOj;vAURpR+dnM~~-J{X|H(m^((FTn|!$kB|Jg
z8vxj!b_#xq5U)MWvn6nZ(MYDVMq@R82W0E@RKOLvCp#s&<e43Rd+Q&zH&qO@v}GlV
zdM%eG*^y5#>2^jmmoQ6Vms(v~(SWkD+%aJ4?RscT7j8DzdRrK<H^Kyyr5dxo3sP89
zO)Y1;OTLz}{Ylk$L%sHLW+>e{O+O_yo;CY#$##H;SHs2NVLUg~vTqs&Mq(X1-w#Y|
zOl7-qK!QmN73S*;P)bZt@aa@gE}a80as>o}4i68PmC?>lR{J1_ff!wo`eAn{=Fsg{
zH!bsTYJwATkLi`K^_Zdb`b!K`e5cS<#beQL0}?q92H!2PQZ6jK37r#gUH8a&m!Fll
zdlevHL8kC&vk=T0j1!sQd?Ao0TjStvuPA1no0|Ek>X0N$G)u_zgP@KloT>SAr7KZO
zMwrn$b8vxyD^H!gvTo*Y{dqgN`v#xOkwVo={3W(G{~JTgUjV7;x`SzK)WtzmI<Q{a
z9qH5bx|tXafuio(a+B<8xl<EPeS|rl|AYW*Yre!Sr#(|H{{h}=A+HvDlm${Uu<;c2
zM8da4l>0WO>$$15*-1}rRL}+H$gCeXrB}C7;~amZ%&Z2#dl%8ndb3LzfZGsShlhws
zu+j88*<k1!;q6c2KWjiYi?cl!ZYYlzPBWr2t8+BA5|^R8260XsfrdNlwdzYvjsvvc
zt?!{OL+yVZf$>?G7|HD+4VoREPT3qnR}}=gU#aP33K*m%W$AwEt%r1X+g=!2v>X?G
z9EmUSBgjTDv^UroSW#}%N1JaBGNjpm8_uyLYt<fIuv)`!G~FSM?jlkT=9zrD0PuJe
zH=T1Yjf5U#zH(f%wR@4XP&C&mC+nQ|dr~*9%#3$ij51YqL2ecClb#EMXV6p*_7>Zv
zCq-@LHV1Yn7f&Fq>C3Pc#;>?LTdw+JEF<A9ss2oG<~gtqL%Za6G+ouRX_e8@&cY-_
z*OW^4V)63sPTIKQRr24`GT0hQ+A7*sbh^lVYT)R6;gQ7o9ptczRQZey;I158=4?<_
zBM~thXyVW05rf@YmT6gAa9CR9tB>EwH@HCM;NSdgsW555mYoe8%k@ZJD5OEoCoa0j
zeO35uisJJGQ8;bs%Wii^8~i-iI*xC%-!3C9F0F{}Yi#d40>;&)M5R}qPtOb|+Ut&f
zBw1&!a8f<@1MTGUdbMkfhMFoX_I^bs@Nl`_UCguh^rzZr=B_m<gJ4KS;rs<?jxbZK
zEu;~Fz4NZJJ`n6>pay6Ldw*?Pl~UFyGmB`F4^&Gdfn;dAvpJ!RY;%5>bQfyYC;s5N
zCC3ehV>mm$dE;reF-b6`@?y1djIoUk@`?DSo!&OE(c%3mX>NL$EA5?j{B;)#U9SNz
z-sxg(0Ikh^cU+^Pa?Iz2D?d;B&>AV}S3j<zEms*P=75nhW}@=JgU%%|^}avBjs<M3
zGD!bAR%Kn|X?3I1=~hxISUMj`1m>ZRBbmikl4Y7Lud_V>Hv-U(;J&J%>VE1hWBfZ$
zbf^oWy%BQS&-Xc`5j=6<tUV1?ydm1QzWxgY)tIR5>C3oh)Lp(!SHx8<608;G-uBVn
zY=dh1pd_-vE)j*~c}EB`{`P^MWPk#Bt@&zGKxJ!+0A@rsC+%(AXb{n5G_e_j{+0%V
zwT(BG2{sc}he(<`x7rkURAGeAp~|*<GKu^b!ezF+!kBtQABdspb^zG6EDSIP9SyBV
zm!RZh%f-_2EaSTaC=pAPY<km-0~$S8I2RTGXm`J-6;+_rMMFjTNU(<fQ(94ha1>Z=
z&+SLbT&iSlZQaYm)46TKw0lg8!K>Jn6b^91k#Ciap7T32Vqv??93#|LS0!D{7V5VO
z7EYrcn_?hnfUb<uq{Ft(HXAdfAnyM2VAR_ZTk&y+^+6{hd);#H-O}~-{`OZ6Ulyr3
zwx$m}wGJoH^+PFuZ<sJdWR76_?;PzHmn~}IaCT1})`cqXUHpE0%~%1aP~e)W%a$rl
z3Utp?<x8a1z!z>=HqSi8O8$Ayx(^B3CA}Xa!hW~_=war|hVjf(D4Y4_;G=jeiLWP{
z8Q=3}A<DCg7kx~4A0n9f_Ck5y;W!%{E1L>i$5&1p8M@CqbtD8cuQd3~cr_!jbD<#-
zUi8s_tS1F@vD5c2RM9}Be<}aI8X>Sf*D(JaKhcuIrclk^lj844G=yjXUj0eLegKKf
ztkTY6iwZMw?p-R7_;+bH_7}SAJ5&yvR^jLZO_<s86S8BYallG)4vlR<?A$P^%M*+B
z&6r~#h#>FS-a5YC==1<n5TeHg+t!76cOg33fnT(n$sk5(z_{TbCrA%!Z&8Shb=ZR{
z$S893ZTHRIS_dk`R!y(XNKE8ob`86g3y2;+MJ2*cpkf_nxSFPce+HCue%DnaaA!fc
z{rr)E0w0Nidr>0cu*oKvh9Gj?>ly|76`3X1Q6o0Pmj@OdE5<l*Y5<ptxg{49J8Lgo
z+-@6+cXtnI>npArY??G;;O^V>_m7dp<n8gpud28ZPDR_y@fk2khY*4b^3GnbOx#Qm
z@Ig~QafTx2w_(3oDqX=QrH=YK_*3Ob^#oD1h?w6Y4!BkITXm|-{2}}e!9~DZ98ylR
zc?O>QWw##Pw(6W~aK8r>v?2HuXZwN6byz8Af1meM*%FnwquOx8(32Tb77#s6hB`<%
zI)aJdZnEguzzmR6fo*Y*Zy#U>zx+GK4z<|S!33-KU8s)iH`BS@Snbcll{=hm!wI6z
zHctzg?UjJ3Ze8)8Yo(IH`R;mY0K@*5ro!B2J|tvh2+;vOh?7+;b3hJ^o%Ik-C#-%-
zE~?%#WX(5jDHAf`4Bz>N@0TItnbb1Z;9u~=Z^wf_S&`ta2WaS_yWhEo6-Y2pTRwWU
zW1#?i9YGxtc#O0pqVj0{rJY>8h_vyjFfPq|&8{JI@LMym{;OWf;;}WdPX*ftm6UZb
z)I5xDFSCaFU+|h>Re8L(dJ>TvVUVb9*e+Z8Vt!i7&w`8iUE?t%v?Ch{+E{_;38g??
z8DR&Wg1&LLJMcgL;-2%dCJ5kt-Ke3BAV_yKl;;!K&<)Wm9o$mpYgz5QP}+btO7LrA
z=hhto6pH^#m|dihUdzG|nr#G46h&|Ae3E|}b>0f_nL1Bnpq!ZkJgL;@#~iJ*EF4%b
z$~<eo2#b{(q(-q3?8Q+TG`{R-GRcp;v>TlApT!78h`;Cs--B7I?sw5S7v`4E)XvYo
zBxB&BliTJ>C>7tHtTE5f8f*uV*~x0gBRYY8F_FC$D~lPGBAVD2(eQ%<V|C!Krb})a
zgFx~8(DB!pJG0}zJwROWjEZMGc}8r5)de+MA<fjL%39q(cCtCa#3(Waa=rV&TO)9J
zANi{R7DvC@*qs*!1oN-f!;wZTJAsDlzvf_>vK!>pTxgm~uN)F7%ngqzAch>*=85MT
zgO=~Qm~Eqm?Ih>JDJ%HA|H(cq#05dGr)01i^CY8lK4F!M4*65CZuhiTY*fB~Qj9<U
z5oUcz;%GCTFwP$GI>tI-{Zj$_Bf>!4Paiz7#R%x-@4rABJrLc`HAQRx@9+P4{de$x
zwG03Gu7BSrC|L3T>LI|kv;SmkM~&F<$Y1gbe|+iZw4MaprG!hl?!iO4ug0fuJthLY
zq2fE`rR$I^3;$=lpr9+cTKjejf2Lw#5iXzRzMMIR#GgFXsZAgFBGEFZzKp-)stL<D
zb#n8O;+oxN_oDwh?kU^koL9ui5xi8i#-}7Ga&KZwk4+;}MLjF^C#>sRx|zkId84n1
z^w&7<KZI-8VLv{rE42$16BCo#TH5fe&VB0+4-ezN>f2oUw)`JKNT0<J@uP(avla=8
zk`hgOREGQWN|5#{hs|o6+wH@8GNW!5kJ%S7GqtlQgDT&OfNqciGv)dHkvnrDA?I?v
z-2|jbgmwlQdm@74BNKr6m?3Swfa241y`Q04a;V`0!F+n}FSOeyGWa3BJuz+Zw=m7P
z8#o%67x_GkBf#*B5Bfsy;t^lt;^tqG%0`T12Xq^Z{jU%RbXN@#Ft>m)OeUdGE?lE<
z>`Uo_NtV-TJuFN5mG+og^Oo*c&Oux<Q)6sTVEdQz#1<*5iQgj$1Jh~uW?#C~;}I+}
z>FeLTygc2-N{fw-?>RSQze7nR3|z_UVS4XmDN%;^?QKah;F$veudnfxVFSNxdtr8M
z{QpE{T?`)G^EpJuxEjGy^Ei3hM1nnKi<uBbvfkdtJf(X|80-ud7wP{WZOeza8joQR
zcm{()-K7k{sdz_9)4jZTmVfN3&tmsu=TDCd{_!~Vr8<OnWB2gkg1U*!c92Q~r^fk1
z&hyO+<S$NVVUYzd;PdgOt{B%IA`TL>x#d+%n}UwLC*OL#t(Kk~Bb>IJ)<&!Q;`kU7
z4-ft#IVk})P#C1o23d3jgaWg86-pC8g}*I0HrZKFWF0y@l+{WDlm?hjJW#!OcB8`$
z9p%2Kr>Ens<Lb)Tt<?=wc0d>f$@Lnn*TpJThSs_&m1s2^t*tC906Rqm1z(&mc6T9e
zqS{?1*ZT<*s5m*Xm9{}D+oU8c5^Vm6$jC?#J6Tz2rO{*wmq)Tl_}_^W=tDDXHd_S7
zk__?!!o^irR#qOpcx9QGVBjufqir?liHR@~ztrivoDr#&ndvxeu^DQ3v0JD(q-fBh
z-@>{26v60a&6GPlI^qJUf_Kv<x{*AwKv92JS65%g)abDwE<jcki&g5YK7yYhe*NS9
zRa|^?rNu5kq<skVG@iqAl8~U@x?(l)MlOrfjRh)j0|2AvtIdiS%4%vYCXdzt06;+C
z6V$`>D~`hF{LtT6qXK4sDf2p+D=jD}CggD*8y!t&w=gy{gEQU3=d6N|VnBiY5(6WP
zi03(Rwk#;}g+jes{~fg51I2;4ygJ_{Rcg-6%=k)uf#>ylVJn1x1Gd`jLQlzq`lcR_
zXMe}X!QP1Gj)tIa&(F>T0iSoXKsY!!Hc^nD$#HMMQ*<UbA4u7|zQQi-$3({in8QxE
z^$BUbl>!MycL<Yo5T}0Ryt^%nXdwPa!38oK%4!FXhWYqF)#TY?=NdJoZo18Jc@G=2
zLC&Hmu-Br_<}y1QC)WgSx>{ZwRmdx`(o<qcO6)|ff-8z2TUuIiJD)i|j4gw%zzjZ*
zh2?=|fV|-Z6fYZ_<wQoSMkRF3m50ma{qd{|C@f~Z-G!LLl1rW`P?%J&U$NBkYRg4S
zTifMg$!>onQK!>AKpX+_T^|Epbd|%(<L(S@>3Q*IvFGFZW3gOT!swo^&pZ3p5y<hL
z%jaUv*AD{h7^dR=WS-7f<=dwl6m?>L{A^RDX3IcbTV7vZqs1b8P#zTEpxJEJc%}eZ
z@QVv_OaKhhj~@+zSnie4)d2bLg7A<+2Z#HzsVs$(@kPta%K+>TSf!xV>1nhu$G7&&
z5kr>9+3XMV!XsJoi|*rF@Vk3qng8Cgw`GTj3+#Mp!mYfzQkag`x}vUA&6!JYtyoJm
zbIwlYHM_Pe!96?P-XQSV%?(M7TcZp&I*dx$W<dh*D6!1A3<9_FlT{mJV+89RkYCT~
z;%A%H=>q6vf%6wDmV%V2Anm5H)(9MIXL&k)&KYlfRaKck!S5a+t)78OD@#xxyeD%o
z3Lm0POG)X8Y!_;43LkV~w;2Jp7R;mYSh;eBhK4*GqQ8Cd?&>-?I3QU6<B!h{o<L{{
zZdO_f5|?g41O^3xW#+b&NYG>93xxRs;z;JrolH$jl9M@G42+D7Oe|ja{>E>Ui`CGx
z8ob;Y3`OI?o_tQ3E0N?SCMFgZ7J@!g$SAJv_I=7THt2s(3*yjaQ)B%aw^F9YvRB^_
zzv1BCxe5Il19g<`&0LI?C80oe^MOH<@~N6MV7WC@8oSa*428@(Y(KrAv}YYZk%NQ7
zPe=$f<A^aZ2yk$4JPwh7YyTobET69YAYcXt2Z{I{<*8A=upowl!hQ+6-!QJs2e({=
zW)n8*{e67<p;|DYvV~81`qeZv)KfHvJ&nl4qrtx_enneeS<-_BBB)|7&eSRLmsXrr
zgpWv7g)zs{3|2ZPj*i>c)u*!uOfW$~1>sdLjI3x>s^C6?xCJ))L3qfoTSd@{6Ij^T
z0a{<Ybn6^(O9ntGMHQ7++%6Xg3GjY`R{~_qId$K^f6p0ri+CLk#C6P8qpz#47so&Q
zugLN(M2*MMnG{w`S`*5fziH^Ya+7yNRZ|@d4`{7^weMY;prX9Oc2eg#&1q(`SheY(
zF%XO9Z?wVWV%}3m6YczXwrp{k#YgP*23OFn!B7}rP4)2b;Cl=&(OYXEKF&aIX#c$B
zvhnOZh#=8kPMgkY<0nFl9}W!HS7X2i*#7W#5WAA-ZU;m|NXfF^fhJHAgEpSiZg5Z#
z)YhzaoAdAV)N7AL$D<{?mj)Y<L4m1-g~!bwI1e5kZ)9<P)G5<`afDA0Zv6J<=>hW!
zIGjW#xNFk-hHSIo`GI`P%gg(7Rxv&<4%QzugF!lIi^aE@JkdWvfWykl%JkrnYyqFD
zoE+c7{6C*r%(z((Mm=;m-ybPp)&H}!0s$kAZ(Z{x^mmw8O3Dd{AC4QLDoFxwHCU{y
z$zcQZ<&vPHjk{xYsAC%c?du2#7V*3`@W!M>kFPE|^SL!w;ups<=<MtSg<@D*TJm=C
zg64yzu`x8QiIEW|4$cx8Szbv=Y*8xc9{KY8;^ykgh6HzgbteIohKXzi#kTyaU6T1`
zGuOggJW#{2umHLUeX;ywL6YtqcoNi&M1rg19$!IK)#jd@9_(XA5G?{qjq(o&XcdPn
zsSXGb0Zmukg5rRPshXM)WMU)&HrR%g%*@K_YDU<t<KuzWG81K0Wr+P;t5s)`Z^Ogm
z;|w&%G}JP-w)vokQC%I2`~eZ4hrjR(45a7Nws;P)5GLpz0Fp^TBj7B7oKt4C$v?5F
zd8YDxoAOo4brp<s*uiPz3lkHWcRtUwayC~&XZfFhOUw#-K-PudPAFG%xg%7;`RQ)o
z2~FqeAh0&!j!p@-hm1ensJ!u+*~8(qA77eVd+{SI&I*zrG&guTaIds5V<RqN3$a42
zumC_raW~lPe2J@q0_qbXK0c4hM8?{hmbY%7Y7MFXG%dx(s*B|b#!iB!JY{`dGR7wU
z>-O9cj2RI_o6Sa(?2YT<74R^*B#4E%S2pLVd^z!d>kTKHyWRR3BeI8g&^8Nhb5nG<
zuMD+#o+Cq*B_&_ZZA?sHbb9d@KH+sPKo$!J?T7P+^$V@I=;#i5pIt!_Ski@xv-}?n
zn9tR9z(Pe_V&X}U;SRE|riEX8e2{^YoJo!8ab{pNPtwPs$AVM0PG_IR+rBi%F<gR?
zojMUL!SfUJ{ae)owEBJTx|(U-hvV0Sa#W2GA@iAj>R4H!;<4ayOqrekwgeltS9h);
zhY#P$Hyvc$$X`sFVb-JJ#4g)-D!<;}^Y$6@tT#Ger)Yjn4Kip3!tn%qx8=xC#YMoK
zeCD5hVt}#8EsMPu^rkxz%`bAwJU^Bj%=?TG_b6#;HJHtc0UQ98D$=okKopb?mFIiK
zX~CGs%CI4eI2F}yZAFKJM1ZI;W0?=((*PQzB$^M%UwWALa3k1&QPvkZH47!ZG|4F(
z7EB+_psI|)Q-ke>ML+xn9H#)FB{-7xz(ol(T4)o6eYVlN5ToPL4eK^Fy=q0_dZp(t
zN~yJ8<PGI<igsmadYB93`HmM6&ESt4-SUap<Q(irYprvVZ{l{MVx=jySu@`2I--+s
zPtV**o#*7isu1<d55Efl+Y%&MgALnYg8>fOaiVp{G}hDWA@_~UoRyq1V$6qMb;X~B
z%`D?{!s6X;)H<|N+YN;Redrg%_Q~E53(gR4b3bhm^Ju0&qZD*9Bd+HZuhOpX@6*3K
zs2Cd;X?+8Q*z_SRY;qqKFPLl$rgvEV-Q4u)3xw;)B^<(EYJgFA@L|MBgHGUk-k3j9
z+8-u;|FL&j@37#=H`%J|t;USA&LuaPvF21Tj9cSud$`w>4R{|CUeM9hW~ccg{WG?4
zle_c$SC=ZJ;rS<$=&;h~^Jy@2fPPMU6~P8xJ{(j9;T?ro7t!p~cs$Pp#;eGJ+;l<c
zlja`E%+8;5ss(NOr$!^`(olh+=cwsFf~#mhq}~!S+pQ~+cGcT;7Vh86OSw8+nt5w}
zUN(_lp~D8}Kcj$VlfcA^8?;~?nV%qag2v>N_h10}=%pFBTow;?=qC5sEHNF;?=!@r
zGqG9eOddp?xtOQ$Q|K`JfW@Legm3JeoHk>v!?SEw4ZqWq>b=*vIfYzlLb%`ZdqZJA
zxk1mu7G1HvbA!dvV5Hy*Le?caHy~D*#i=JFi_UFKL)pj}cI!7kA;rkxZ}=@6%AJ%r
z*eF_~^cClhSe^@591q+8b#25X)(aI(BkU4MpsGp6DyfvUzEycs53|9t`Ehx0L|afL
z`QTbrv6HkiRbyM#c5vDivxQNQ7wnV|YR^5tK#`fh&#isEW8`rEc-Voe*W5>(d@;qd
z5(4M_CPU<YsYM&-9pY1VYGG96LZpY%BAH%^-8yZ$CsFCWEHbC%Fcf|U3nz+7a3uo-
zBi$Pv5w4BDWGG|1!ly}8F0%|-b4~qxoGagIF!Q53gW}N7AYeGtooc4m37av5*}`jI
z>F1~sX<Qm;4F`{qUAWbZxOQY%)akKX$G#1r)?UjUOnL{e&*~O<Apbv`_3l-PexN2^
zB3Z%e(Ls`%2l=cE0pB<87OOud0xCyejHo^^RUSBD)^2FhK099FT^^Eua=%BQ6v%IK
z#9U?jNq|J2M!gZieqvK=(Q>w7wY866IS{->n*t%X<-rPdI}_f`w&X2-=wBJXHu~G`
z^hXei{M3WJO`TC1Z~Q&-<s40mShL%3aavOt932))i@t>s{V*@+HX;jAbjN@>LvaKf
z>!tTLi2WXN_Zeqx?QhL9GQAQa;eOKK2>@a7$Br1wzzq-)wG}ho){MT{Jqt#Z`6UF0
zS|Hz~Ji-2U1}d4z=ohGQ8eD+zhA`9;l#HW`;|*5wTd}{ekR4HN_QTW4OiULin!m4U
znv-0U)e>=HAyPs6ungf4+~AuQM`SGmy-O5so21W0br&qxqDEs{dC}Dts28iUiKj(b
zajkIf?x%GZbcjiop8?w%T@?A8CL`qOag1G-_H{HZ)^cpG9vQ4q>2f&4K?;TnO)Ybf
z4QrlFHom}|JyYk|5C8IpCs6-uDNuH@iNYDcNu0&eM8&(7PVx*%BeGLdgkaDR#v~()
zZs+yqXkLV^6;vU8D_7&OG59rKao1TJFf*$YnbtMJZ!|dt#7Zy|Wns=c>sEhe?jY*X
z^xM;AL{wk!QRVibhYIw8A|doURoHHnE3Yakf%J!<2HNTCH>N?8{aIB6TlU=vG$<Sh
z+E<p6`-YR4$IV$?Q`SaXE%Q@Ntz=%PN(3I#vu5VTJo?Ypn9VI#J`F=aBB*(+l$3~(
zpy~%I5>wInZGt(H01zt$#1Z05o@#wjU?D5y)aB(NsYyK{9|J0l6!*_ZNN~1{DMU&1
zDIE7hDgcJ?xGa+PP~X7s6$329@=GdIZrIX&;P<);YHFlpuSs)}AqPRbb4+t75|YNU
zvc4U~;YEoSTn5?GaC>{H(UDQ9aB5{`$sm7r1#nxr)on3K9c>*ANb<g4w}-^62}KnZ
z{#&c9B{foo`zzV|m9M_7_Cfj)fLpo*j9@s}Bs1H+IxR|DIR0`vT1aITJ86phh$o>C
z)r90}Ee_1W0V9x*dA$JWcTffS6=H{$3wO(WoD&-bA{GPb1$F@s0#VxDoaiuMD0951
zgr1I`R-d^`hrq75!N_Qz1Y7V%T6)w}jXw$4)KLIB;aQZVSaXT!I&M2$-^LV`m37qA
z#vWNlOBG$Mo~KI__Y<Y4ArjIo)VQ3kl_6S>@Mo|71~HbQVKt^~N0cp^;}jJg`%096
z<cj>*X{e*yP%XNZGuI*k+b?3p(?`B9e`w%A8fy?(Ya520ta3xK6~@z_$$^*-+u&ga
zHKC2~tRmO|+L?e#YnSWwP#tHI%A#hEk64jMGm!nlmswgocM+T}&otnDK5%Qt8h>s*
zuz^E~2q$w-eb0dBLQJE?lLbEUNc<(DfKj>7wS?F9M?#PvTG_~`SDH&Yuifx5pJw$&
zq@t3Njdr6NL(SVwewekhar4Awx9ctG07}^ie0xu5*k!ac+vjJ-%=cfF71Ufc*0PrN
zeq!zx`*AWR%{`3#xG-~2wK8e0R5x=2<(Qb5`*?Mip^vZ47JnGu$?Z;7t~*WgcfiJH
zSo(<i2k#?cS*|abpTbSct1|`MC=O6bT*AwwlEpIlJueBRnI)&`^;EwDFD=)-T7)C&
zHLOgV`Kuf^;>osO<Hi1dFE@Yb$LD#-R$_)MoQG;UXTQkILIdw_C<|ESNMScW95^6o
z^#m3x)Y&IX63fBg)Qn0-uGC#RN?F@|G|omS=5><2#2hcKNPK%%E;xp3Mk4H%FPo}O
zNW)r*OurLKi6MuTkHhGEd0J=A7t>klCasR6Wn{FOHQ5UV%lxr6BHx1+|7+s%ySvZ;
zJWjCbY#}S6T0wBB_;TwzI`hd&Z6~(%z%F>LN`8~G4V(8GjtkFGqLOw(o&IdDT!2`?
zI@b$Ry^^~6#dO6hi~)>hD4e%wp%&%HsC$i3KR-nf$haWH`GnJ3f)TD)5h3Ts(0k-P
zvmF_m)~qL*MrOuixTRSG`q!H9*qMn7GST;+@}<3IQP7<D_Zu*%z1Ae+qGE4#+Snm6
z1P=O_X$b@;{pz=AZW@?{d`oo(KEM5cIVstOG!rOs4QK0H9NSO5iEKR|BO?>>{{C6?
z2RAbu4cX`My-A;6ev;IJ;a#T1?re?K`3G`$XFD)SIU)QkpeyAqD1gIbc7YIAR5?*O
z+}TSk@@Ua-i=fs%?t+llo1<GxataUAn%VNLpebtI^^~V%F%kWhaXoTKGFM6&5zl1g
z$&X$nVr=Y|NPyS*-q2XcO}((rEk++5+GShIz0A2<-DJ7$acV-gF);{Kc(qyUqRRBT
z99dV2DpR~5c)1q8Y|{WG?Lgy27m?WvB{59e(?N1kG+pC<Zg_Ob8E1U^(P3@|3n~xw
z;Sa8~b`A#agg31IEI!m9$s5I<NHqOn99jqJFd+J>Xy(;bJWT|7(a@k~ayJ~WEpk5g
z4rC{db2uzL$>9qq3*7(#$?8FlgzN=g>I=7Im<mOM?RSJEl$eZie8gNQ+O={<Hda+t
zw4Jz^`=|>%yi)-R7&dCHj$v_H{9g1A=9*-erh3Lau4jRHcTmp<+xdf!*bV_%D3bM;
z+3R`q7i+oo)#dN~(yvKl?-OpP7g!g@z6M0v-Fk<O*am|!0LNxvyN}uWn|d9E1rOwR
zJ!o;%mN7yqX_lXtg97(}%PF?uh;Op*ZpSC{;PvX4kEpS(3;A^M-I{nSpy$pvhLVxD
zqm-0)s%Uq|OxPG6^c|YoVw1O)T-i_N0L>7kL%z)pGwnwBbe1YAv7b<8$d97@C(~um
znh+t}qmCXNRVnZN;ZdhPj(2c`ENb#8_kGNHyB?k74dA0~nDZ)w>#c?Cw>Wd{sX?LN
z8(rQzS_LZCuj=D5@|6=0fdmRADT7hzG3IC~w|fgWg${7fC(P@@LPo^80#EBVoi?3(
zO$Mx=WiuU1_}D<*P&3x2-IbG=tQSJH=l8CowQYkzC=ae9C8NWbvv+&<n{bL-J}U|h
zsoSlSYbvODR9WHRsEgte*%!BG+DyTZ^Y%{W$heV0ptaUI>F|Tu2F2WFC)fLSFybiu
zXd|lt4hc!kSs>ld?$7Tfw>i1*ni3L}&q8yIw_V@T>huhoDO2RGx8#%xr_8ptV5Moi
z@0S*c55{!s-2#fC#LCO_zGe19Ch<pcM_(GBn%U?ip>p1*FI!i_M0>WgSJ6g9MJ?N(
z6nNEtaQ)O}YJjtA2AGw91h}uJL|A7o^Y~nJDC0LlF2!H%24pphI7uicdEKZr{8(%>
zYW|3}f4N$?-;_(A?py4T+T%D_=TL`JC|9A6U8%xd8zh#$dP@Hd|J&fxZ=8PL|7cg!
z8}zdbYUA@2$V)UcX1mc=IX;!>gIzq#7rNmZt%>93%A}&U>&K|SE{uyk+%ZT*YIV40
z1$EwDAqnLK{tXLzAd=_IcTzgo)l|JKb}?P=_^eSdcAS1OlE!|Etj_rSttNO<c5~px
zSGd$M{iI+(4?ABf!gI**bbPpfd;aGt0L@Rw;a`u4XaT7^Fq~rMb#Zcox4KutFEO!E
zE0A;~+V`s2cXu33QbBUyNu3zMav#b&nB6+z`E9z8H5treQpzKv7!CNj=Y<Uy3<V?P
zFU(p{t}5Xhq87Kw))P;B#T~Yc?Vutp`m%i~h~e`vn@WGK=7Rb#GK)vji6ym%WGqz0
zae!yhJS8abfhvij?v}{vlREPU*Dx|DFp%GE?r?1&1q*$1#KY0;F^FojdIfJAOw}+r
zIQSPPYcvtx>UO)!bs9z3l=9@*fX&F+Gx+<DnWu=EIc1Y7jHpusMn%iby7lH&4~H&-
z2|oBR)6F94W4Si0WLRby?GCfqDvthQIl}o=kENwqjjQ+S;@KCc$J*c1;pPtQQ!zz8
z1K(x!Si9q+Uw>V!2S#3OXGNv4)iNjZcs#eeJ<rRVy|ZXXk`{Q0`7r;W-Iksm-d(jL
z_9RTc%CnJXjQiTy(jvO}k>A$qw3i!&pIAhZA>e^j<1C}uVD|nnVQ}cl-++nDSmAX_
z3AFC6G`M;pOwG2{A8H+{ZzeE1r#!F`YcOLr*zw?r)=GO9@~MrjP?WFi=kemsMIJN~
zQ88iUapt#iv@ywzol;gRZ{QR2njMoJSzH<S&*(7UtoP#!Ah<@fSafs36|lKs;$Nne
zO<xT=YHV+IGHdMnD>L()iTwI^|3wAK(Sz+HVAT%D*A5AQ^fza)xLh^dxsqEGfv$18
zrL<vuJMiMSz2zV*o87TiQtV5sW}(-`&T(!$=c{@}d0*KVi}KnT>hid~2=L`+zzL=d
zON0G77z*`c5j8uwUGN%k+w4>B<+CUT!19Kc#z!MaxP9tP1pEfsLSoFjJq^8&-HRe3
zYC8HHZJjdH7_`4oh+gnuB);DkG59@r&a#_LzLR6Y&9cH5%i;4i5H1#zM%n))(rLGK
zvJD|2m1m$pLsfP3lc*@Ga6~xf*^fYe`qQ0R^!95yt6+>-mUrwM(Nc!L8}XZ4691-g
zRM*E-L_H@_^yvoVw-S`tBjpfZ-zyva^EEPt;NO~RAa88sMq4PnfF_I|f=?b_B;(}r
z?cqaB@xf`@#VWC+zv^s&H4|e5m~4RMTGw?7yf+w+gpjXgp21odW1z^C&V1?1?O_6B
zCXogS=SqZ5tD8*%!lk9c0a<_6Nnx8R{Oy{lbZWOIYC;eYOOliFXfl&_q)1StsWXcd
zPKk0S(6FkE3j@h&%ZpDVcF3-HFD4iiFTO4$6j7R3I5o&yGc?z^J5uQkb<xf7z@M66
z*2+XPuS7Q7y}k9tg^#qX0@*YiR6<H=SrqMQ1yXoXAQwz&lJqIi+)hKU-VWz|{V@;u
zrT@~~>>Fp_lC^edkjJX;XjHV&GqO?*4Gk)bj-)qQ!MJ8i6{3OaTd9qiQEp~#xWR5G
zASJNu=^U*Z93cf7yv#$aKCGVvWl#8R-ObG{AY7_09$i`~QbW0SUTy#AWTRBXAac5d
zMv)Bd>FJqulC`|2KB47so?{ciJcyY)x-?$6)Sw*+^-=lc<s28(knwUw7F=$`L!?2G
z=hmQSKAkQcxJYT2su1WkWgu8zZMyXB?JF--468KpO$eo9G|D8jD}+ZzvI0=^6spvJ
z4Fd#yjFV>+QpGvkg71~>A)F^HUw&DsoM!f=Ko?dBsajtk)_tL8T`m3Ho~osz5gVTl
zbE2G){!t;{TavghU)6vIz;9nT*X(EIQv*{@%)FvMJpX>#Lu=ubWA*2kLb-D#kv46v
zUA_cPhZn4$);DU#5r|_fEKF=;N)u&MkvaJMDLf~+s3a#_WUCXhFBDW1Xi}#51Vku!
zYZy|c8g%iYyu6v@#8`b$VBj+{U%%0fP5h;U9R4fEI3GJtVM{nr2sli4#D%2hi4{f&
zv5>^g0m6%NH}-YfrE`$_*43LQYLF#zySpk}?{h<=+tYbG-*?a#>hC`gayJB7l`Baa
zDN0*lOPA)<;oViAshmMn=YUZ_eRmTz;-ax<GBHAU=VFFC-3Wwqa?9uF`0=mZ|K7~x
z(!vp~Zyw4ET48MtuBofgCe2{nC6Pj{<pG0xCF6{lb1N?^+-?^tb=aS0CxyvYx?VS2
ziN%jz!J7MewpSc7e60sp!r#U%R5snRMB)EfZ+zJMW4uFu`=u5&#ONL@Ahc1j{if8K
zimRtV*3yx-svNvp6K9a&cwPTg7;&(pfoQQ*T>D#>4vUkrT%fnOjl`%w81Z`YrqI5$
z9Y`+NuvI2UP_rkjVqk1S)ysreWxn483pNb}Uh-Q$LHM_(r`~DZZbH)j0hz6)@ve~x
z1=O~mKiOUy>^Fs=R=b8MK#^|Gc&4jhie++H^Lzb?gGVzFmk$6t+=_6Ww_?B-;|32A
zmW0F>Y%vYodYYk|5wS%<ErE*3p%KkrGsncX<p$M&NipykZz^bHR9Q~WnJG^Y)=L7C
z2{pA5QDnc2S_U2nMFv-O1%AQUUs<rXnvDq?WSoJDcjXo5TM7`OiW7XFQb}M2Z|%g?
zOTj4Nndnm?8#iKsr&F*H>M0N5xa7x#OW?$Z!DjSuP-Bd=!4sp!;!%qb`Z0B7uKl}6
z>TK)FUWnf*e=8jEU8aQ6?xOXYJxpM$m;2^|$f0A))Xc=+%>fN+6wZn-{>IoM-L&9U
zyuqX1LBbp3@VmhGSsOFR>Z5Y;=5szLfJ9qkXMTHmy*&L^P#Kr%_R3gLOdq4k;1{pM
zGLm@dXGE^&+}?9ikvU=^vfR+Ui}*FaHQV`mZwuL+^hAL$UcUQniluTct%Qmy734dY
z-6Woz{gQu+2abPkw^uRfF8ztuSc5h|(|xSB_qcl~Gq_U~#?OcLNKCrq_7nr#a!~}%
zV7^8NWu+w7{snEUj6-23vALF`#%|5`gRyA#=f$&xyvH;q-nk|mF6-klNyLTT8XJHX
zcbnHc<K$db`Xl{*r(#^*!)MJlp5dV|D;{Wzb;QIPXLRqOZa&A|h{VDbOqn5!H@Vp{
z-uYozq<j>UR5s1ql5JV}>*&+=ES~)=Fx&O~srog~__M7vh^KkJt!?i)KE^SU|2OnA
zbqiJUUmB-WG%Z2n(e|Jz?m}>Ewy7p#<GdYS)9=CQTPWayj6#7YGiZK)RKEFIhu~OH
zXJwJ4vvJDS;#Fo@pp%g0(o~g@;Fw4|)XD_0hR@iqXa=*A=$CBit=yP5ra0C&(aW{H
z+#b}=E?S>#nT%2tOk}a?s4fCC4HgS<zs;#AmoRzYb}LiBb>ALgXhi<8_)Gef`1tfv
z=k!X&u(DJh#`+jIBI^N^W@SXzMOTiM4y<Gt7i8?Kd4s|BS+TdC2ye84cw(!?g;U+C
zO2eUSM8UvJwjCiY|5WV9L@w{XXZV2MX8+qzWQSY3W;gfLy1M~yDyRnsR;NJv&%2dG
z9v$?CuV<e?Zp}qdydV;tfd19y#rX~{^Klp4PW0q`$X38U4(cs9xFIPpq-{t*&U!H)
zIp<7+a8FP*n(!Mcd}x}1i#g8xXbNw^GUS_x{i-Xc<5xzxSf*ZM28{yVP|u8FHf0Ww
z5Rfk!2CJ=X%S=P)a0BA&R2X<&=jvkhp$eQJo-xP9g8lscX>*QOQqK=Eup)-=E+=UQ
z7KlO@XT&-bl?)yi<bLyq+rg*G@i2G9LdH@*M*G4)Tn0_k`I*%|BfF5NJsiGutayk|
zsSnh&FLqS~FVhan<>{0iQ1Is{b6Qn0t*(4f<WN_dkkJa5t%r<aseg^`aSbDo&RKT9
z4INqpl99q9bSBk|j4tl__h|-*O(`O*85DVMf48T>RGcK*lrH}R`3qI9=UZs2or3Jr
zv)lI_m8=b<r?8(UxrC{K+5CcN)4!9|9g+uioN2CW6(@~BcX181>bD`zYJstYu%N-a
zC>a&wgNu_NI-Q=F)&!DzYu@McoaEKifd__sg%ph66)dn}X?URG8GKM(o+nsamEO#S
zs{Ued<}L*b(8TN%WTArorR_Ac%FW(PrpZ1Ts^?mj_N~XF9Ols-v5aj?W=Dw}W+Y7-
z0)fE>A`ywKtp{6J8nn9>w^w8`*@9t!XM@o{TI$#Nzey~BqftC<dOs)_?!QQR=eJ;{
zY|fsOO%ujk?xW-Rsc!6T{qlf_4~M@QD@H`(n;(;1#dPer7hp0OpJ*-%Qm6yZH&8NT
zwc;LkjwW=GHb$FrsW-v`K+*{f!t4sU@@+FOD|?7b*C$v0E{E%l-MfTh$r=f6c3ATf
z6Gv{up)uyoCWv;Z)v;8LXGKR(Z=sLfr<6niPY3=FC~MwI^a9uqb{8|k6K}o#6OYL{
zDf{e8jnC16B|}Y3b*DyX^yO$G_P4VGDEx=)aT;p5$kw;n$?gMF!>WS{;gD@C>--Qz
z{#xgYr2fPDTL9~9*7?i+5TXaLgzFJdDVCovQ`Q4sSGGOLOSWg66<s$Rk<5By|8v&C
zbkGoA3ISj>&;7ZbN@$W7F)Cf1$#XXv{GRmiV9xFcG%=H^oUVa(9;G485$6hMY`qN0
zZ?jQna@u^>e13MT<(y#Dd|@>{tW=>j7se-R<2YyUO22$0?)G_;l9BV?xD{uv=l{&>
zsr%bb?xDAas({xR%&~0vTi-NFtl#7B6nJVGy~}A`E4H-&?YCi2cI*C)mje05=M?Id
z;o43BP(YUVVbs5|J*&{@z_^%rwaIf}x~2BAn{kMFvPLDmVfbFW3NtBjz0Kb9xa|C(
z$=SRyc(;VDgk+OS{up(5Fgn}zbt_zXHOA-wo3Gu+VgE)MC=E4%))-z!mrbN!`Q!PT
z&N-Wrnx-Ay&HA|R{+ES_!+cRILZLD~WaK4kl$aIQSj2vydhvAcpygU!=Ed{;eaJWL
z1dJgap6@>Mq@}GX+Y9&3IJ~8eojdh0U2Ozj0(3m56Zf|sG1>>Mjdm$lm9jr=x30RK
z@EUb+xO$oRgb+;Ka&X?j6gz{XfA5QWGhZeT(WE}REiX=9Xty}t$6J;-&xF>4Oc>wt
z1&LT-VQo0LXla`39&O{VD0NbUDvLuRVk^EYjjk<B_ha6Gm;snJ7MH&j)#`C~$QG~b
zXEZukS6oDz-OjTDxJ?&_m(d>0THLScMCe`L6c}~u^`L`BR~~SfEDrW6>0+b;nP})d
zuw8x=X4iK{6!%Qj$(c!*ehj)ty^*ln9Ix5%BVV%FdfOTR@J&?LbZiFqOba{XVGOJh
z!!Rh{EH}^|J9&_-)Y^n{8|$3R7n&?i2QSp3c464;{R73lpAZ|})@M?6^$QvfuO7Qo
zcI<X;$Vr=z#nV47-z}}W-Cnz-Lz*>~JY?Q(B1klOX_F5u|5%oL?_#U-T&#E;_4$pH
zm8SZbmXn^Z2o~EU+1lTtsHfv=p!Q4rP7f(={BH70S<o-=#Nsi%Gs*vEx%ImF^xC5T
zQjJ)n*TwMqb|rg1xZa(yQiN!_;q->R$wRozkl2T)8E8*O%m@V2i7#6lnV8MoR>kRH
z_fA{0-fVh5jkZ+baS!SG+&GN#0uHKb>aq7mc?<2ORAakk@-+B-zH}NXqdBBEtwYP=
zau27~;{iljK(XemEj;bpw!qY&km8V(^!gyh^bhh4{Dlp>`|yGEawlgZKix^q4dyju
zCL1hrPmMdR=0P(Mh<4k>^H&diGRN2fyBhY<MIUFd)h=1Ieq_OF)zhqcg{tAa1la8$
zP&+GwbV?Dc@#N|eA>kG5+YHl$|1^qLkC^Tv%hw269J0Iw09OLtGFuW&mOO{$QL*Z8
z&01|g7Rx!#p7)k0AA1h+spOp6Y<)lb<cG=_nw{_L^Y7yN7!Yl5ubMc})8Xrr@lo){
zxJy?1Qs?oV&s!RR`?zzCYjc-2XS(`kNbkiszvss=yNNa$?|WVfjo>Sz;!Q4H!~$Lw
z9q^G|I7$8H3ygP<E=DS~dmur6L>wwpn{e2nTI+r|5|O<UwR8Rbvs&=!8#4@h#fjxE
zR_k@P3vBS@gzH`&k3Kw8{ovLK0r^H+|8CXP<kYmZ;6L5|KSGLUI20K__#iTRdJync
zjv)#MDG?#~RKL~Ctw5W2eSHnWq~1s~83B?gKYY8pLyC(PNH&M@m|OHkwa+aUT%|g$
zO++gF=D*_}7)b+V<5`--#`PtFOPpB1Wqv=hGOzR2dUG>Q0$8JF^dyq>Ls#Bg&O?Cl
zU#+l#_)-1j0)L_N(h7!aY}2h~!v%egxS?3xwAx1+zpM|tp~0Fl_@y7*hOaD~x2P(&
z%CQVGoFh)Rk}K=tDSX1^3rV^LMW)Y5>wat6Hmu>+M-b9YqR08=8USug+lIL2X2zhq
zGDh#h6mO=R#*rr3H>k(%udflAEKSd?3kT|_5Pt#2fDA9CZ!8`_ti*;TMWEijN48);
zo6AhcM*Lb0KKbE*EJ_7fO7DCIAmAFQ)sxMClP2Gp2`h^;ES)mwIOf*?=_!l8ZH3)@
z(RSolf0FwFR>+{CKKz{<p1RwQQ!!yf`VMa|YKw*yJZU50db>5jW%UbBDYSBLyK^1)
z=1I!l@E$(lr#;+&Az9gR+$44kkx9m=sGLO@1Wwq#8Z6B6T2j^`Swq+%8dUjB)*Aya
zvX_%ZrT&7nmyObV_*(W#0}cB~)hJhQGhT`LsVye_DmP{WpX2;_TdRt$uUEvVS7}n5
zYK%SWk|Mtm=|mC7^~m7ZI}O@OTCD4e7<B6$Ort9B^6kJZ;Oaq1exmHCm<t7?t!x%;
z%?~}KcX0UT=4lBE54Qa;vCtaG9)-^Spmd6><}V;#JdhL59nIud?H^ezkp;Jvo;>+Z
zUFZp$Iny8O_X)vPLNcr@IJ&3wN9BJ@Dcxo1->nR^3@#YU)21(UtFP9Yh~y!r21PT0
z3TjT#ru0~7&&Oe>s+9%2WYCUgBTys=>aq8%Br+L_Crz3B;&tABc<w5<C>vDQX(RKK
z#d7Q?3Aqyk(xxQIeCp-NvMa?!Zl|77Ws<GAfl=wsag62I>W@SZaZ~IJ;oWTvr&=i^
z=9#8WqJ%!m3bn!XJJmRNPH0uxO5>UCJKD{5|3I1l!1E;l(-h3mz`e@Z_84m#rP&lM
z>*bFAp3A}LI;<NcoQ`>{Mi4IYze^w3PsqC}01oO((`A_o-?NoD$e#X>6(<~!i2`=d
zI`V&lJk<Uzl==k1@FvZU#7JW$pxA+TRLXTnzHa|R2mc4E|1jIosn3=qoTCr?F&_AT
zkAsd+jAnF;UV;5b>2Lc$A6Y8>mnsIm{r@BK{|op3ci8`D%>NDXKb2n{K3aqf<)A>W
zai;3yT#$$~M6moj_;m25gUIE!E$2S*q0xUq5pO(KAy(%V+n8TAp=k>hOBb%hb367(
zME-q6pigjJx257iOtR5*Le#&jMc3&3?FTUS>mZ9pqf{=12Qnc~hd7;WrHVxlo&Q(Z
z==pqXFz~+YLM{4F<ev}=SMkL9K9hp8*ny*}x=itTxYfEo(e%=@W2cgt?4^OE*Dqlo
z0{1MXToyB=K6Snoxs0DO1`7!pMNvk7o{@8KT&BM;@goEmS^PT~PNMEr5onofNRl&1
z6>aT-t-KnQ_3pO=3*=n*`Wiy6qlXn;&b4r#V7RXb_B65z2%r3*0>_g`iN3NEblgYr
z#$zs6Wtu~%FA(nH1Q;X2FSLO>k&<OL-J?gPbE-Fl2t_4H;6bRor5Vrcde=!WY0!0l
zIxzbS$5;OgBUVq`y!owwy80FJv|f>GR3m|pn-AznzgnEYNbm-ua^=oq3>aF4j`L{b
zNK(LxyF^%@ck(0FB7!+>)f-GZ{?FMn-hEtN>1~jU15Z*s#7=aBZqBH;e1F-mhtGcm
z5whk}v36mY2LhF=U4{>;Lf?#`KvvysZM(xepaOhIE@u*pqq3;FH_;Dkovz?MDSJiq
zxEY*I(#8jrev2ji>z5XsY#B*8cXO3oAqroYhLP|<ab)RoHpu91XH6cN?zX+@cnmxr
z!qR#IqoLG>Vjw`OJSto^;F(23dF9q*0P}?V-aiHhx`96DtgNhVZEdYi3hJTQYTms`
zwp6#E5JQ#P!eqq3CQ|jQ&UE%0xm3C92Uo5}aW!#(keH5&_i1v<0Z*K9q0)e=Io;^|
z->{%lpQxy%*Z+sEcZ`lK>c4fnW2<9#Y?~e1cE`4zbZpzUZQHhOr{dgt-~TyxoO8#x
z>-!#6qiWZ#wdQZmXF3H0_d#`y`$6FT=LYl*Y#K1nB7qihM$^B3yV_sE@qHb`n@MMA
zU4h)8lNuYJkm_bP-k(KIFd6mYuHI;W?~oH6V~}Y|e=7;?7&~!ppJw;IO<?j1&WX1a
z{6Zsm111G4aVs2FYBbutp4xRbTC6skxvS*U(0q@2(=r-=|CsPJKlNsN^wKO*RZ~%x
zhv=^OR+{K5j;?_>c^ge_zQb>Ie7LQt0BD0@aD|(+=@(Ir@zwk4N&3TR3#p+mfLXW$
zQaO@qo$-9(4%1klzV`}JiZ?$Dj;UzfAW+x~waDp)O;t{k^Xkd;G4a6ZN}C){GCQ&+
zA^TR-K`?*)lxs9@>-lP=pkgG@R_csE5X%uz|3_$MeD};MbwdB;eo+iRkxbWiPxy<4
zd1~=Fb#Do5LAOlFq<C2gQy{J7X$6fP-=uHY2s3~mWhXCHv8=M3i3+F5bKJ<Mf=))~
zV=FOHl4HqVmdH-9z^nVSZzD`agDKCCgyH80qV#00?m2ZC0iMJ*tS%T$F=$$D8sdMR
zJ~G3$fY?506g8C!kp7M-Jr<l9?^dtp6tU@TJNS!EoA>x1uAaC5#J%mjkIJ13Ld2d3
zxUL%z$$%zypRW&sUyc=pg8yDU^&ogG8NGDL-HQ>nn^Lz2LUwB|0#AhUX9l5cQLRIK
zotEy-z=eWk%r;iL6h$~S;?cWyV6XjQTaR|Y<j9`}8bw_eZ1i{^OC63=h=2SvlGwgP
zz%w}qW7fvTWwiJlewq6VM+cPSVT^VKNfzbs(5nS@re6I~!*{KS2ro!Nv1kTGi*kpX
zN}3O1wzEo9@BVH{<SkAQqZCHKiZ3`_3@(lITXrNNwK6gWJ6`=77)H_5+!!V456<u9
z24hDI9W;=lwhTkk1+BJJKGKI?DvB_XrDw9`F*&ufY^%-hoZJ+h<|VpaKSz)L<?J!U
z!k$_Bj!F!6oUE!?=SL4^a~r=GwEHn<o$49Vm(>sK`hx;%!f7w2B8pobAC?_0iZZPI
z05qtPDx;-E2(wfi*}yol7?WLaOj<4$9md$0(wm<zmc$jI<-U+aKZ5{6_`vRvS{Jy^
zIMk)|Sd*;Fv&6ldXo)#>C;YE5dVblNPS>N4vR{p}?VjJRvYDqZODTF;n|D%*_Y2Ni
z&5gIKZtMlpWbuDzo9=DF<rXR`DtfXQy-#cPfw_<UD@DKbo7L{m$Fv2(pMgC+-yJtH
zcCN0#N~x`GZ>=0YZ(w^NW-vsJ^n&Z}{ClWx5<6{*78uL*$uWWR!7U1D&&;AkRz!Q>
zM+W>~S{4sVj45QaAh<W8x?brT*vrL^eogzcV+ri@tRel{9c=I|O>76H+&DmmFet>;
z-NZnZbgj$PwVC0_LAkQcvf%nEy<efAsv8F{DNzF(b-P`qlwOGWj~cz(9m%;1kInUJ
zfu|`46lOUg@1B>Dms`oTKHqd=J<*+cxu+d7H5Fie;KL*ew}4Je^Nj^Kkq9(hOPj$L
z9^tFMgTC6P)4u79I_v7K2yd|6Zr7>)ozZdybUcOVuWzheuR(gK6qA#jSaLg^9UBk_
z==Cymb`pJ02TfE)$;HrFlW4c6hyTM-XbCSrn?=78`po=&R<eY6y(uX^eFq<Aw!(vH
zn$~(seN5+XE{E?P(v0BLBIRy(v0M;|fY(onZfcfpskSwcnh}$I65M!(a(y$-O8d0C
z{ABvN^koxGGyDTPDyc+QveK=>n|ZT0#uj(uPWhnj<b=}s1XtxO>Vn--N~LeFDjnR@
z|8{2IwxX!IzkCrAD?HoVBW;27WLg)Q^Tp|UQB!g^=4Pwks#8RT-T=Rt-Fk&|aRvMU
zJ^nt2)lSrr{(L=Q@;(${>t7dcd;xtXpQpmE_O1~bl<mCup9&i>UD;`+=CjSMovC2M
zr|=DhIE^E9yIk7GZButV(1kNe{9`;2N%SEzN{C<3U|iwx5?ZoWE^rmAg$6)Rn1kY3
zlxQ+2L$ZlIh|GV6$56I3J|)KBbOZSgOu7^-m16SmL$E!(fQ!kv8@cUn%b94}iV*|?
zk7LR@yW_{dt`p<;{g?X=!K{pEpH(D~CtU_8zkXF~x1o5FCzIcONU`(sc1fMk;jr0g
zwwfVBaatY&I&CK-9-V^nu@Cqj9r^kK=Xhc$xcm8e<eQf60N0)3?#VACVIayJ*W+=p
zu0N;Rah&fv2$D(pe1D!EFBdUK4|T>GBq1g!CRxCci-*O^S1i)7|1jquJf$9ao_XIZ
zY0M7?%4V`(cJpsS7*gXEh_;%Y&t@#KcL$#AqP)^|ElAgI&aZnHa!~QD?rsB#YZZx@
zanFb5Ci-Q{R9>i#ucNOUkyL;VdVWu3aYhwzas)hC>f*ZlM3IOTt2Jj~vA-M1lj{!W
z2&44Z{a@hJYz+<*9VN{)>t4YdMo7`p47v6AqOzYB!wEd36{9)~PY(kv%mR1Qxa;gE
zAtE!d<qJ1D>CCS7$U$SI|LQwUwS2Y|f+B#PvG1pU@Pupmi>oy~+1MGXRI^EyZ~EuU
z3w4BjmLV>g5$@-IO<n93%5_W)7&AGV4A07&a1NLyr;PSXg(^-e*J2V@hZ4kWhWX>t
zGXk6ts&pD(Z)K#U#+HY6azed-E{0W2oK$h!W#=`WAl|g5XwaodGUse^+kXX57t-5|
zY+Y>nQY_*&a-G_g1Rz#4{3`b4e0nROVXRi~aeH3>RO_8ub@cSrtbcr7`1jb_&|o5y
z(`A$pKcBf;XK@vsuzQxp+=2et_^}x!98dYacR@eRKRzNXSP<|UJhXG&^E@b8tik5%
z^0>egkBS8HyH61tFW`)7g)Y;6-=)2&)MD@Q=75=+vDo3L6RTr-3!_$ro84+$$>1#p
z{SQrQy@3q!#9su}8<vKv!X-sT^9hNmnS&%8Hj-(1!&W~P)zbPuC9xb4zY($iyUoP(
z-AyFbCP5BhmwFc<9x6*gui~U=awH_IA*B$R%O~Y;+UTiNayt+TJ2Hry#XPzpx#nRF
z(TnZ#WF$MTs3F_waAl`FGY1xTzKRjmjZSY*XAS`SQN?2LlVWd2M@H0W;*h`q0@@Ud
zW-J;S8VCpoz+%+lAXjm1q_5wxD9&Tq)*02BFcLU3l#a(?gaaU;Ql*qs_m=ZtTZqH@
z>E#7wGnYW>K35|zL5Wxfx_O|1RnB!~w1GNA2o+b^f-;*8yUPnV@0&0%w{f&tj0gE-
zc8+2(Qym@t<z%;!ZQGNg7h6(E5o^H;_>~QRcG#)E(?qXkWpSoIUE*HcIlj(%n-IhQ
zV?~8tbSK;s7n5$lomZpe7tCM)nGcqkgd6OH>+rBj(-V)wx$;D}9^4gv{4sF`uj4{Q
zop+b;EGt++k{BXB6#nhnp?;NsqRb}kvCTGD;gq(d&SL2WBr$~RP&@0l$#MUCj6?ed
z3=}%f<J{w4YB<l5&%it-lzPY=exJ?ewb&bee6ams$kvZW{gGZD+739(y@Z4kc{NQ~
zREfJV^_^s{^gFm4K5J$2%KNoQ!#ln2Mxsr;LdCb2XQA++iH2)}p8LZG;|oD+XmjK9
z>0c*WY2YKp$v$0wW&GfEw-^sIYA{NbVPcvGRvN3CRz>p4@0<MLiBO?-EC2MC9nWri
z*NbkQ_^`rgx4=1RG~T%l``HNo)W2Er+HXZpEuJdP%W2Meei(iJ8HF39ML(=;0E(I3
z{A6`MbaL<ql^=F%c!1o~oBfB8FwD@B+)So-;fMPW2ZmNe_+p6Ij4<81hgrlZwVT~H
zU6oL__Le<om`;;JWs|mcs?+yoQidS^RRPEueTK;xW2K?e34OPQp+WzTqCrgbhFCB-
z`0f3~kE)mr+)9V7x4<+D+=Sgglmci$;ai(evv{HZY$R;!T%xfIQ)5hfA1*eUm>jVt
z=Ixfyh#8q@q-Lb4dI!4jWXVvOzGK%!d&WScONxqkWh6Cwd<G&g&KMaP{hDxEDhixX
zS(40I{u@N9DJ}H_V0{X<0K-JMz;9@Mor{^+@O)*5gPXhHsSGGcl~OUs<fPC(*P-3@
z+{oLRbF|hlH`qHm{&Y3V^ZFR12jKED@_sqY2o$t8!_6vi1ux%$#9W+V4%9l(n{vAq
z83y14X=!QxvxF@}tD*qMD0#N_)+~H*ibqFReG462au0(!*+s`c{=k;Zg-#HR>nK6g
zgMj7EKuHQ7D*X8R2NxlA)yYG%cS31NZHY@wTcetYZfbE*P4DieTcE)C%4u1yF^R6}
z&noF$C%IIlfl0v;5ogmEMJttOjc<DC)rt4_9E_6jR|ShCI>sn2=w}r}l_YgM*E{z-
z7G>KK6&XuDBR{eRH{|LDE;XGYLFR_zlSWudiJ`1SSOrdHjWE$2Y+w<sxJ<m;%iEeb
zWjGpC<z<x>c%r6`dZI>k1Xt6ML7Sw8#`)P^b~>PcZh3AAVi+yf0TDwi+_6x>(#fE1
z_Vl+QX^X7X)Szbj1%)O>uLf@E+Yy#Zp<KwHThzwZfP{{MHVp;cCSfY)hWo%JWXZ`)
zY|oC-S1E1ra+XweDp-p}uxGqr_ZJT}QT~9>00H{$%ts6mL2t8-8aTRAI%SPFDaNdD
z155@}|66x@CJE^_S70BAlrnn5cDA&OOE*n!7%pAr&>$OK^>M9+K7B)KXsrt?taw2-
z|Fmvn(403)_qE6}A`bq{&qSTj1URXK!l<rE0*GO#LxO<+NCd!o#~+#^O+gJsvQm2v
zAO+_CHU`uQ(KIF2Mqu!Uz6^`a3v_rG8T;19VYEA$jZTwkGsvY=&ESYp`)_^#GyI2#
zhbJeH;NU_r*tpjgaM$#@ji&*K{1(eJA9n{M4sEy+(Ea=f|K`xp58qckN|mXASQv-Z
zBA=OG=_a7W?Vm_<SHs<CJvJN5d<J>3gzAE$7j;%sWlwN3!UDp7E?!B@B&EWSR7meq
zt_$TfTJ!4~W;+{6iZ#uTaRrU|eO2>eo6*j@hA@-!DWnM^mMi)^oUuS9LB1pRyc&#&
z@|vo|5@fyKL%0)FER7x7(t^6V49Zp|NxU*|3oG<sV}-XLNP<8Yc`1_fC^Y#aU!!Ol
zMU~<;{^(aLA{R?bP$Wi~9qQVJc;8>HapQdoY~Fty?pr{T6B%v?wT?9;3%{&+>~mr$
zsk{~M;RaaYWmeSB98#wJ;EXm0dTbnpgcbdhiaMe?0iiK?XE3Zn9PRCen_QZ}WNCH(
zp`vsFoo9Uf+CMEPYGha$>#HqKmv5h~<2~;UH_hIX%#^&O2<i8I4VdKuPP4mz|1MFA
z#^;7;WD1sA*e*%Ji=T8L(h*ovWGkj7z5MlMeq8vz5zdWmV;o>(O^P7M$^u!cn;|)I
zTxhZ|Bqqz4)%j+kWO05!Tx6pIwVC%8=qW_d=#V&9H@3Mu3b=TKl-L+VmKzowRR7#o
z;sNbPQ##}#Xx_vLP)heHpI+SU^<0`kh6b5G#xq4jI5nEB_GhsIhwQIm5s0q;v!VRP
zTAsG0huDT!XsPyo8Q`As-M-IN|BV5=yIx;@9{ni>F{+$_&pT4+U?Y<FMf=3Q0%PM@
zval5$eLdHJ@v_zl#FeSmghxl)Y&6rpNT3KmUYVsAKfvA}-0b8$_JshUX25=cVrLSG
z{`vWGU<xu-U!U3`Uf^Y<SFnKc=8^R9*}RN1Z-HSHQ?kME047YTm8oWOYYNnCjtxJ$
zyo=i<)0(N&yR|3?Yo=sPGpF~_XL6Hl2isB0lv&$;e>U2*dA$qcIs^e>fFY)i7v#i;
z*VwK{whc?9E4Yg|F;tz@k_)Ss1#|fYb_MZ|bcKQjx98*eviZo@6Oo9mwMw1rIg`t*
z)}|{19LDGlK9kdRd{KoIBv*Jjoo*+u!@VG!660``f}PKVL^2XoMMb!ePG_lx_-<B1
z$R}6#)z#mP4&R=(h!vW-q!&%46#AW0E{EWvqM(96K3A)6Slfq!kQxY=%u=;o&K!1s
z%ZcqM#19TrmmJxtit&1;h(r>hjaN}8^YdE!r}gct4Ac{2j$pvWTy@6D*aK{L&XelM
z@yw0(g2ZGHk-6&R-qDF;%H*e@QEgL*3l19}<!b~$)b)IMYA$kgY|3)pvA^R$)aUhT
zo*-E*&|REPr*p3H#?6(|MMDPb!caRFaU)VnoTxWGU#=!unG<PfgpN!`<B>F2#XpuS
zYPely2c7L?#d>|Ku1)Va!ITyv+V<G+z{1k=@z5VhE~NMhB2Xv2&19jwIqw=vF54CV
z-Mj&T7gts~i^tYDg`tFdZcY(;y2cEg3o-Q;yG{C1*X>waw@^CNI7JNB5BpCo3#>DZ
z;_gc_07MOX(=>F~jVJx!KT`6xdMprD0csoj|5EXM00Y5Q-eA?0^DNd2yrT+^cHcqy
z_kty4y!-?k#7}2RtTO3i!XQ#7=8irz5!{^?BaDJJ8-}yD`>D)z^x?)IC>1FSmVeTL
z4HCASnRjw?I0M7<Wo2bOmAcj@CeMU?d~|eloUcIBmPiVnPVWLRHBE&Eqo&3V3mX9-
zlQx^n2X6%)IDpkSaM19;!a@WnxYahpktIvDs>;eg42>a^JqVrJM<*wiEa_^nXi(;s
zmX>4Q34LFicgemQD!bK%Cdn@Te0&aNq1?h@NTDPM)%e%b%_wDQEiEw(S)>9eAj#un
zQ%!f4uh*e1q#&EaL%_*Xd#&^@%w2M1Xol9O-*l|Z0O;G67PbKi|DdL>l$4INKoS89
z+2}7mfvSOk@o-o?uK~!%v-ADq^F0F$)VaK}6crPf?h4z2;waD~#ju2smW~8k3aruf
zfr**5<@w3+;faL-X|m=<SA_c~!abKL6mD{MS9XjX(J2sZ8YU*Dp<`LR^`_?7h$yrM
z`=^UVx=tE;De`8V&o9WT54_%6R_2yR#M`EZSbdJ)%q`DPcTFrQobN1WTXka*C+7NF
zAzkmXYPo+hxZPZARumO7EB;PF#AGaTZvGl5#M=l=!N5>&1An^NSQuE_n%YtzYq@=f
zZH|lh;S7H>J0voGs3wos0WinG-#@=LF*U~DZqFjk8=a(fd9+$=FY6H|vE9fEz^bNH
zL*|9-TA-PoSX!8vR-~x6y9YS!xyBtvbEB|WtQA=+?VR5;!Tj<74-{p&V{dW1ST2HB
z(NM2Od&FVucHKZ)6=q^awAI7#ghiU0oTTcVnZSJvlsCFKJwG}6x?M&q3C+v;6j@u!
z2k?LK3=W`Bm?}D2%E`%DIyN-pamSy>Z~k+bnMIfR$0GvLPtP$JFJBI>nk&TZWF@AC
zeu$y=%3{4Vx*<W-VzE*e@JFK%Wwndf$<D8%qNFBA+RvUOvrj^UxPvd1j#w;Blrb^f
zfQ1G2a7YvV%jGtE+J@H81I+b#2-*BUa3Z&Z-i3p}K(N*xyZ<|q9Vh<C6bx_jbe}(t
zPfSk#Wpi6^%eUkB+}ykFxE!D38OXuw{k+*fER%-gdR}I8pSuef_PSp2?7yTJqj@!Z
zyc1hXR{TBHnb<^)8eUslTcK8?h&rV8OHb;_=hIn7(*n3l{ZzI<D^=FD*#^RR0GC_T
zapFGO4E#V7A5iQn-V@-ac{RT)ohuj^$k3nN@$1IJ>vFkDujzR$c7H$@HU1$nlYyu^
z1Y)7?<>duTiBY2}_&j|5ufTRv)5`k5=p!MBw6Cs77U2_dny3|_myCt<miITDR%?$k
zyHDD7WKW?w8EH+*KM5212|!U>hRK`OeZP-V0joUywJ$t+O<ubJD|qQvfLEw<1K)h0
zOePOYzK`WMzj1|Ytho>=`xb7_o@?|BO*gKdU9ozG#BTHSF&@#T=z2K#?Td2ct~aoL
z7idZLyDj!F8Sw;MgL@sj)*1zyOwkwvZ1FXKb+`SMte?S~>P-eqhm4;Y&7RbgD`BV`
zUR>_+Q%&x3BG$57t#NN3uhYhkHif98A|UCnTI{hud87;GHY39|n?Fo}>!1L*o6qKR
zwiunw`&cXG(PQ_P>NAvSb=6W;P44LMd`G}Tz~#8zAA;>&kDDd@P>RfQlnRMvC>Ddn
zOr<d4(HlKvQTl8XAO58vL*%ec6PzO|66D(Q8>(~KMdD5DNxjZLlF2zU_f;v=uB!nK
zpppxmA2M2;SQak6dED<YY`;QOD9A>FA6RcU9V{2BR@}lB)L2b%)?ik*q#QIML{(A#
zv~(Dd|IvM$nkSzs;Sl`XtEWivDd#<9@z39Ud}u*#0B=Tkj>Q!Q-6q}ODn7N))+{GD
z$6y!+Wq9})NWMYlx!eZ%PJ6~2z{|Ff#*E_l?-?JfC#%Wv##u49j7GcXbOV+=J;wKY
zz<48?zq8e}Z{`B9RW)yJo+Xs9Mi8CW;-ECm+Y%x6%;%wCVr(q1>wEG31Ia!&B9qH~
zesdF7-sM1G|BsCMO83^6_xlga75h>{A5i^83pC&7@%AQ5YU;geCbs70t@bYCab;jj
zt?X$L0(*A6#=txre;ve4hWy_8PpHmr9vnm{R$i({<FRy$wx{b<5;KPy-7@KiAxm;|
z%}q_`O1;|e@8~{Gm>Q*6%_t3O#j1qAQQ&5!w>@>@@GFr*F?$K>{-_74>$`43rpwFL
zS?gDC=OtugXNciJ6~tz@IlA!v7T6N0xa1+hIR706PQ&<gguoSlA4@`s3o7X34Gc!5
zH-B1<t4(zsYN^sx)mlHV4eF1@d7jW|r0B}iCQTHgAj{0ve4W3o^BTQeQc;ZytOM1H
z;$ylfQ6*j7>(f)HuYZw~lata@J}fe7%E~|jRh_!Fy1Klorf6(nM@NV-kpMyTx6VtA
z`zYauYZ0nYNGs5D2;>c-_|6K6&X}u<iZ!6L1*PUG;cvfK^>?}OLdxavYzW>N%&8gD
z5Ar3552`LF@9GFUZt#Ci(UW8s1H0t(->lgzbff&DLB|p3Dl02%J*vBMX@Ss<7fVP;
zv0DO<|K@d_6SG_y1tYfpJ0kWW_UW<C@a$q>*(}!}i3?XJJD!|&t;QoyR6(T#OT;??
zkeOW2roL(Eg|O~;MXdk>@b;*~7M!C7!?p*fP2s>_CUz8TYFGqvy4HX82}obq%ewEZ
z0}dS-`ZQ5vQ(&1GoW(ok`#J8&U4tC}6%2S$_a;zk;K%+ytA8hqzk{DEw;{H|@!5H}
zbqqAW^*_7b|5>&OmLu5p`apNn|6ZLM|0kL4|C$5;Ut{3^1&#wgpZ~M|&ujjN3kSUY
z|Fi!8ulYYO`TxAkcS~<Qjc*?VoUe7~gQg;c?`xv_hks~Io%sKL-%#JWP+uh+T+s)j
zY*w8Tb_@_N1C$SA_ZY)H!x3Daojz_~W#)tYN+f~b(FW#;Ngng}Vkic?Js)_H2~1x*
zTy6GkNM6I=iqI_PT*;Q4A2s+g+Vp9Us_=iA4WICLecQb)P4K;K_nnI|uJ4;<h=(u#
z@_w6*vxapV1$zx$j<+lkR79KaLCaq1vF5_%rR}JWu8>ylUKveZKOuJZkf*eFMIr<J
zw4rjK2c`@G;vaXyIGF^IM12w*&uReAtg|hK!bj%dvrN5{eb#5>VL5_Y!X~m0&4X%x
z^NM23ru8WX<j>*jGG3gIV|L(RrY>c&4SwI&4fX^6g`mFa0S^L-%N)f2&yQ;!pG;uc
z+uO$bmvO#)NPUHJd0=25wmBP^4{He|KV`V2w0LQC_1A!i;L8k@byVdCgwMb?>$q0b
zEv8|B8U^C@Ke=@lnjCNeq~XYKzGQ1fuge%8V}lDd2=XtwaovadAsN3Vd6$Kanmlhy
zl;5Fm4dHwDO)8tIOm`hh)k`I0OwZo{sjBnZn#so`A|p+=g-7YJ5CJo{`C-JA9wE2L
zfdv-sk0#0DZbe@WI(js;eP`pqi<1h?{4dSoWr$&fyA$Q6_J5(QA9Y>R>PKS@0u#1=
zRDWMCF6+`6;YdLcV1uiqitpNIGd$fIVkB52w}8mp5te;h3<=#5CKaUH9lvil>K6io
zD?gZk><+iP{#$(^v1m+$FQ7-W-1pmuvBmagr-%Pc1BD=1A5+)D9MsJh?YjP$vh|05
zAMF>yK;KJ(n7R2`cutC%ii$m(51r4|<E#3|ESopX>DO|VmZO6M!{P6T9{6Pj@A=Hk
zPR)o4X5S@`qh8cr`nT&Qtuyc=nyTnF_ohF6cFe3=rrQ;C6JhNhMe)G~?|?7@-IVOl
zI``(~6{;5@JRHx9u?Vj(?v0(l7`r<pjj|Q;6v|Zaz63^7DdHt6j({Z=CBwJR26P!o
z99QalcUjUD<jjm-5e-?%#jB1bt`Am=FRyX5HHo;nJI!;~B5lA?In7v``+-ZEAmE#<
z-!vU?`Bn8U0rxd7tw$;7#T8Tr&3HGqt3QA6(pm_&ssvHSFeeNL7FXWwaO_nU{y9-a
z{@1NvnnfX{x&%G>+r7_iEp*pGL9fS+x1jO<>3BZZDEXu)Gp4hG{pQ>KETG8rMwd4y
zT}Pkg@O!N+Np&kG%Hu7+_ZANyCaj&~Q*sfnDA|WLm}dZk@<U~TTgDJV$usH-(E(09
zTdbu3-@YD(pQW=KpBbHcZ~67tNsWqvyjq_$O-$#xWM5gOW}du7BbQI&?T!V<{iI5>
z36Y{mHlG{o@$VJ8p0ZLeVP}=KsZm%FD(}Xf`EDN5lOq^(zq~|Ah6bu8%`DBT%Ia!h
z{>V;i1WmV0xvtm;DYWTZ>rXt%%SM^fiS>r-$IF4>tnY)*i~h~F_moy+DMiih0924*
z?!#S;dI2v!Tf(*=Jp&&&28jQUO%M#OEClVz40ga!1ja5%<R4u=AhWH-W`izeqHPmg
zbb$}*$Cv1TsCoLJKuN{ri!ulArA(3X=bTvOr*C$%qix6d34!!086Rnm5{>g8pI#%d
z!st0Ir{2Tr1&gLX5n%jH<>&G7OiiK__c4Ds7!v$VV>4$>0r)bb6b5ETWd$8fR4=EQ
zOM!Xgl2Q}Y6}?&a{|<#ZT+u=MCH%wE4d9lEa@8DO6+fs~7xST6WWD1s6MD6~I~^v_
zf{Q3VW$1|Dg!;Y*JpY7%+x`rmOG3v`q5fS~l>}~B8v5Infr~<uAdQK{441}2gwzV`
zHd!ClRF)vhClSKdqLHPl#Eh^#8q_*IA&-&LTSlNhGS9k=%Feht%&af~)fKXt-z!5w
z!SvbdZY<>24h~>@5P(6m6RTCd=XINEInwNXcQ$e(hs*tP6~><3y*u9LofA?cIv&ep
zWhYPHE%XY*xJj(;p3e3NL4!#HVa6uuy|=pUITO+A4X>tbr;zw`*<VDhVu6`qYb^B7
z*|=DB!CqqlVgdwe!0x^eP^?-44uD-C$m#MDg540ZonSC0@V4yDcVGyINdZ;TP}Npd
zfWB5fAtT^(BC3H)jG4n83}y|F3X5c<p^<(|;7%#HuETW&rLCz!$T5#H`seiLhZ6EW
zf&G+ZKnq7Qmhb0alIQOJbd?l_0sccWHfEYF%%2~aK)Xt3V`V0D4r&gsH&uuB#D=lc
zTi_!x2x?%;pM`8Dahi!3rE=ApI?=KUbGmL~C(S5?O?iTK`&|K(-?*jny=I0hD^TSU
zMDl;(;`M$_&bn5H&0&0irb^q}he0$8Jo#I{|8flPLmOSq9Zx5lI32-YcaVXws;a>p
z#*Jz^7;s#gBiBmx@Ll+F+?9mnNVF$oq_mFub8ldXDz1yr_E#RIwM?jLt`Ey<r5G}^
z6sJUdAW_}-vUWHQfm&b%#m6oNgtP!PWg0hHRvM^&`oL68N^rXGrAxxrP!<GcIMwN2
zo@NYj@I*z;Fl&+`72d-{MYG}67JC=As9A>lezfj{n)gs(iHqgk|2UM-c=(FtYgow!
zpScmy3HM2b87r4)VBTb9AAQ_c?on~iTf%-@WKdX1@4n7jW3s*aolLSw<!mldr&-1L
z`X>U7KjwTPZ=&NyF8%hpRf52~-RY`2-y)ol!x3QuGvVI?eidh{&t37amLZ~egQ%c6
zS1$ggiyi1;iO375)m_rI5P<Dib^kdO4*|q7q-uQmt68C|D_t5(A>hNATtHw#@n-Vn
ze1OqV6mYZjnWYa*#$&ZTeQa$GUUY3Zd)$0V9E?Q2eq<0R!k~HVf6<eJe+&6sd4>Fk
zUutb=X=wsv-546$*dX|X4-z$LdcWQmjgObNY<o=f_veFkK1fMbpe<>nX?#M${WxE5
zs#x*cY_#3k-rmNC3pSmJNBM<9s%Q=j{2n<p0Gj}J+MT6{;+%XdJR?G(kbZQQ2&Bv9
z@WCS@%1KE9A)`QkPa0MlGA%Liq^P8%B$vgL1|)xOQgF~zhBY-kRb{X@)Yqp6v%|x{
z1Z)13*#8(|8q`Kshp1)rsm6d25k*ThWyM559mRgqO2F#5|GWR8LGYkRkAxCzD+4hA
zWy2DOxt+%`O9}4DW^H%Pa+tMzoT*QcFy6~trv5E}0-EW+z{3c7VcfSlh4Hhz_0Jy5
ztJl~ff>mSU&#uPd`!Nu#6W{ZJGD>M8r0OhA*V&JzJSK)Y=0B9j10Y=*e=skg%9zLa
znMH%o;aSiWxT5}0(0O=SUrd#ADh>Oc<c2~0v|>q9?oYw(#PY{R_+nlR>T4UfOJ?&n
zybpqOW;})sgObH$b@vu#khDyKkKpPyKfBIYIHtAOSrt-KxxKg#Vm77wFrMN$`b@Ay
z81m}bEivIkDB|R-Y$Lq{jip8CkS9c4bfTVA`8yeK<Uk6ScHh0+#Fdq?CjR@9x=eVo
zhZs~7pflS}pMw7T(8!OaIAkdvE4d<N@15sTvbqBc1)D7JsXhDd=5{(B;Vn{TBiuG>
zo!1x@O}fHZnCSkpn1Cd!7|z1D&l~kGDHF$MxCoK1Zy$C%qa7qtO|z}<X7V?gY^+xw
z{F48blGbWq&vZ8X-)(F{LBB32X-S*f(t}{%y&!oKCUlHMXcFI(k7?n`GqnM(d54;#
zp6a9Z1hy;J>M6|pW-x3W4|kbVTdqlAWw(QvutodL=vmjmP^kd+seTOR9WoZBiVMy)
zR++%>5FAR@z84o}pXZ;CILhTjujl&@BGkolU_*Y{`GU~j`^+wx=JjuPB8%!B3<2Ir
z57B?yf|;g}YenZ7+9eiT>1?r4?S<rQiE`K0lk)dQS<!H8WDkyFXYfwra(Q15p>3i<
z!*&n6lyHU-w3uBuI;zaO;G$QG4MVgxOqlrn+PPWIy2~Y8yBN+Q^keN9v>CmlAp}Yn
zP;ZxN7R&+-?h<f3Z4%q0vEJGEgQZQ)Uosdl@0%>rvIYh!FcS3OtoIMV8sYrqQN17k
z3N#I?fH9{tTtWIQ8|pXg7KV}517+d%=u!qU%V)TLp;Xz$Ki0_MV3ZOw5Z+9-@}BIK
zhjSRza#g9{ynXP#|1P+loBG!}j*h*l12MBQo*!3|CQ4?ebpa182AUzT!mRMH*zu?(
zM@GJ%56O0pKz#z);9A6Zbd6&vA=rOdkdiboGgB*F0{)`vG~G2YPf@U+!yD^kt&bX(
ze8DDXfdd?kzf*S*p%!4<;bF)fS*;5M*KPx=bQb!41<JNLPZF0NENAiSuirbvn$l|5
z8D8Ye?MD3jaP64*ue3}1^VHDD$Vf#6P2)o5-Ic*SSDBNGE1G~m8w1d@xYqj;R@mPD
z)*tk+we1nX9+<;n4}xTQd%7P43-p^`tu?64FO=-~a0?YF`e%H7eL0%UjE_!MmX~)r
z-3g{t>j*erZPtOZtUMf^AnqS<JD=nJa>SXnNmI74y+J}n9n@NQxWDiI@)#eDD{#45
z2ZA5bfxx0xPXGcw&uX<bcaWg{+58Z&Mc5K2!(=MmcC8aD5t8NW_2Fc5Ycne|YbJ+#
zqh7_b^tYWMBJv79q1x-~D|XcJQWd1&`uaMMIGWaNvQ5&Bu*29|{PMEodA089oV=h`
zlSx~(h`-T9Nk+LsUK^(^T%R89DE55G>BLkcxqC>c{=V?<RE(1HjQ;X7LlfAd0l49F
zxVJK?8)qMtlb&6X({r|2ChC<ycRy16yYW?h%<*>+MB4Rc^H~p&H6`vXDs`nZStf><
zt<L3^v)X;^<56ZSPYmtv@49o4I<et$8SR^WafV?=hkQD9{#V+(ynqgW$8%TwqrnRC
z1<J=yGP14H_+r}h6-_0G9wxjzb5k3P1IPJzciKB-0XES;3Pd=N>Ri>yM!?=+G0mI2
zS_0R*3pdd8xoXF8Us6(36OGy&Ww$R)EBAxBJf7Io1)tyfT0^z2!#1}q)$5LfZBInk
z#9(v#6Y?R+$ghVS`q%-Yd+UKYL6u$)7r;VHOHDtz1GIXE5S3{--(TU0)r?;9Y~j-U
zV6B<->~_3JepoRycB!s@R=w>&w=x&hiud6=jw8Bx?dE--ms}Iwmc@v<-t>ILrLB9g
zcm08Sde(K(;d&Jn*=B2Ua&2G=O<KhS=*`X&lgp%?m;B5Olscxv;q*Mv%A3}#k|k*{
zTcX>43)?C}-}5&bzI%y}+4jWg3@JiKXZn-cn!@&%f<(!F|J0dQ30SH;?OA4=_nXg^
z4tKj7U<OY7^k5HKGZR_Z@$P!XN8pab+yHQB9%$2+!(H`0JsnFlu+A-c80csbmr9vT
zHH4%e(&YB!+R#Kb<>`9eO-sly-Co#WoVk~Z&u6>hDvn<TcjM?iReo9%>UhTERjMQk
z_~5nw5@PmiemicWR%tCNh)Ppc@jmKD?&lj772WOub`?zX=1TD5gdDg-r`#03yLa$-
zBfS%Hk^?jzn{~vT4aE2nJx}{`sW|I=NBS04lr4@TDy3D;Y%D2P<|@TQce*_GS7;&Q
zmF6obVCC5Ly#$Mkgk8@D{ZGj`x4(Xx7>IA-i|MVld(Q+U^2mJ?5{h?%{w9Q63uCOK
zMC-<P0T|}z7^4^Rg>E|Uvglv$9~r<(ev&+&H(znvk{5Qkw+`uSHa*P_En<`<rB<5z
zd0sXxcmfDQyT2!gr#7|)lRr7w$^@6ItVajl=Tr*4LyEtGu;gM0HeD|#j~paXE)Skx
z#`ByzqRB{k70wH{yPp+CrpI|dX-WQ-_eX+uG-q-7vK9y*TwGA2?~d6kKx?3B+@&;M
z@fRU)ytHxeLoib#K(5DGNPE4WRv%#4#wSl_%d+KKGbQXlU#>asjmt<LpB}(SMVC#?
z;I29D-i8%wi$uuxM2yh20uMT)L(k7c1Bgth0^K&0ckF=6ZSSLH-nyoSi~!b9#iX20
z%Z+8nH~<OCrRt_5A^~EU-=t)Fhx0^p1|R{K_rsc&M6?JSitVq3yWCBcM$6uILCLFe
z`Y`@<OU(!;BnMBc$J^o&cQc(X0^2d++IXiacW-DbGP&!mLsP@3lrJVmg1owFt>r{<
zq(i$xEqxiF{kWI}WJWx4yUucE>4Fh^esX01YlKxzHdBqUeS#b@s~g4e;QZ<@DZR(t
z%W=Xy5<%Z^QwF{%`a1-;)K4|i+s(rlphZ=u9bH94>Z3C+Fy*9#fV=i&wJbseo2hpu
zA(y3vXyyc64S%~q?+`A1{NuiEYvUQWXfmvk+umkRC!o{XEeiDz$Nk)_ESj^~@*%4P
z{I`A-zAkUQJ75nbYIJ4=bhaTg5fTz`$>&WO9>4z9y6$KwX8(M94Jsx_(k;(oed)pe
zjQ_i?R6Km$ok#I_cklXd(WI}>@3*>|7EjgvfYiap{Y^2gmdh%msQ@qSJU;(2I=l_o
zlMM@=-W{nwyFuoNuGSkqWcSsJ%R^gz>GN}faSY^~KCk&pa?H#N3sTrEk+FN_6C(fu
z4v+h<1dQivzUE^TS;YNqj`97`5v*q`V^008d<mr7Z4RYI9{@PJC3Bh50m78`jc!}4
zntxk+uRnqB=VG-tr0urMBQ(sIoJ^>UxJ-119l6j7$t*EDrOOG>{zhC-fobm70(;0Q
zLjQcV>2u!C8a2C&h~TBel35xvyy<ITb8~EEi|p=o;{WR;o2*0)18qCH-Ro7<%0e@F
zaC&874g>{}5bd>WB|o79{)~3{jOJ3i-NnrQ?$%|Pk!W?Hn&e@ux=M?FyOTVGIq$VQ
zNs4}G)7yz%#pVEM_XyYX_2qf%J;x;R4Ge5tSXl6J>G0#+v_<xs%R|KI;(QN^R6`}X
z%l17Pmi;=#>@<IJaMvY3XL2;YlKihpw;S{H<o49ib~(qx*lUK|IMa1zxGc04D$QPD
zY_JKg*TT6>R&XbEx%A|sJL_HZ0wZPxMF*Pu)?|l9X$;<nS?1@*+ZKinBmgM^g}~Em
zW({%x!j)W|?!G5#{`QgM_iz7~ocw?%=(IZs!nMA>z8tUnv+6BRd|nS_U0oX+{h#=V
zcx+ztkObN>kzhZQX|?zqk7@qg$Yyd}A0Iy-sU`G$UUyvEI`?2;sHv-SxZQGpef`w)
zd0Off2yhbuuld|qTMK|?ZcB@ZxCn&)rB<y8PgkwmvCcta1e~%|X|;Ua4#Y@GN!93d
zygh^`EfmY$Y?a)MC6N0m3c!GcdJ!+yx<-;p{I06j>@a(qv%LGMzvq5;a{OHn$+P}+
zv7RwzJe3|IMS(`v;^b=2*i!p^|Lj<gR?Op>s5L6wXz_gb)`vHe&nP{J`N>s_ZTQRW
zb&b1iRa0Y~yTh}MGqh+v(p2tXp8%2-+Slb^x1Lt4H{y9Z4KD*x``!{oAdy$E!^RNJ
zOP?w84the?J3CVYbDrkkn0xKz$ra(47=~;0rpx9S{h~&>PRnUW06U5wi{5t2y`7O_
zM6>k+L8ey64b$k`aaz@b+7;@W2j@6yg-?2lX8(&@TiV2-O*S9CY_kUe-@n|%pox=d
z59QHdcFS_{m@IApxg9?><#EW`4lgaSAn2Ct&1UU)zxOSlaoY?slOv9rsi`A14uPIt
znlMR0xb0?W-jw#GND_6*q+Hc-YCkz_a%Em64^GEei|sm6iYl1f@0-|M>Y3HX%Mc~N
zJr1NB@Tt#!_n>i<xHz(AwL#B6WMa;sv-i|$ME)($-sZAV(^H(JpUPx-9O=Gh;jT{1
zk75X$K#&~zxz1i^Od&~u+ADV}I6?OFryRj{i#2C`meSM99l=91)`tb18QZ^K@<Yvf
zYF3<h3mlaSqMK`oWZoa0ib$tNZdN1oriQt;GgB8Wv^pUFbdEM!Dr4m6hZvUT*O(0&
z7G*L5ks{F<pk+k#AFD0|Q~qi>4<kAzQ!!Su@a_$+O)SAB+XD_iL?-H0j%7fsTxfC}
zpClNA%UWu5>>u1UCeUT@b-6oVjo^mcuI%+JsOWI{F#$Y?x>OYiH`)mmXnc?!<7YU0
zQRy5Tql;XXJiK40XBU3$ygi=B8w6^}%;*By%UY__G1626j6>lfu(n02K_MZ>Jnd}W
z*K%nhD#7grF4NV|%O=m&_`3MAf{NPl=)Ujf2!9>c>Ppl;+YwoYKOeMK@H&@EMR3@@
z=ia6|sGKoR;-FxYk$pc8m)`&2;)~*a`rK(&4Q_8J)VqvziUp}JZz<s*>e>Mi@9Y}O
zRV_Aocq$K>)DUe65Y<$^9tsnsb7GH^rLWhIDx78w)DGAuw73X{g)NPvs|I*xE;k*%
zY|;}_VhXB)lDZ;tQZmHl?d?9F6;*S`Jv+_z_Cdz$-5Z9@8OeQh8_<NMyY25sUZv{I
zHpsToH<IZ(zc^-g_hA?K+Fwu5damO;z#v*f+3C_9FWebLsZsEUBd)yCU%0Q|jQa`%
zu@}(kwK{iYHI2o^Yl8xfn^1Qpn9?rSt_mt#Gn?)0`fAU$*zq~sLfkawHrT3tb#wa@
zH6Bc8DTc55aXfW6YmY{bw7><Kh`;X3o4BvMGB~7?EY;{H7W`Zm-XR|dtcsHV3UiFo
zT7P<X9U34Dr~;eOw)&Xm<>P=s{&gbOVrq%>_W{Y_W%@;(di}L|8d4>l53A`#4Zy;L
zkWfH1!FubHFkCU<BY63G5N8CVYTfVv3-!|2*WqNm>IDB^F>klyLQI9r#yeX)WrHe>
zR#HuG<z%2n+1-lae0p;vg=8l%8ZIiI+1P=B{@JN;xVu3z`Z=B_gM*+O(1nCogu330
z0O<1gdlEJ(EKSJQYJL~|X==^;nPp8nvNFT(z|6^$?|ygi^3up6O~jan?d-Wix8|~|
zY3J53*&3n5|M}>GzA-p+w%QDDYQqm2b6~TL!u8U0+p=9}A+s6bK={$~#X@~AVXmIQ
zz${wPFA-OMdR(QxzPY8KTyHRkxW*!i#<%AB!GqZe9%Jjn>nY*FioAd0^7nH-!L=SL
zbF0~4ZD}xH6<H=n6o1R*6hahZQmegha%pB|Dr~ttva^43y>AWZGg+UeXOPcVveIih
z-Rz2-y*);8ey$hcFHQnMdG@{30nbEJ!N~E*+SnSZ@2humZAttW7>?-&67HAlX8=nP
z9!^L_0Z+8G1rLj3<vMba{&GFp33#?XHI4B2e$zUh+H3=Ce(i9dWCyIW^VvzORS>+K
z77VG$nIxM1x!dMxjkvW$MngAZ{Z}2S&Gm9HRFSs3KbRb|a?OJ?$26uVvuY*1JY^WM
z^H~@jKNR?Cs>k1MGz8J+Yvkp$J13Ll<@ktTQ2k;sbz)pt?<|<OHd;Pz{cUixeBf#r
zAKwM`CdcnZU!;tKkH1%(==la7Bo+wy=01^BetT;tmsGeX=2I)L4~P~gtQ6iNBIBUu
zCtyVL`;GbpXS+xIaX!&hR+OYrH|J2c%1=YYGkNo|?Yu+KJy$M7Zatku&u#@Sv^fQu
zvHf++96&>|o}k@iq+vlibSkOZ{h*pGx=KYy^Kc*c$fQgndRCv<!uNs;2)EiJR_}R^
zcw_=qNoqg50@xgx7xZCI);Y@|r8eC<Bui|ySUO|`z9cGD;>Z0kR7<eB<L0NY4Ic@N
z$D6R|{=5zuRjuk{5&nLNDf)7;SUugWR+5V_N%c*(#v`l}CX%p78f5nDZMZnMm@-i^
z5)N!>VQ)=K&Q6YtW8A9~gNF!MvUmajARE7~T6X#wCue2|I$>?<bJ{ACfei<}Tka~(
zd=_6&G*G>^y#ZozadFu26{3h==T4W2E*Hx(c8phLCDLTSB-V+D3;wv-GzMW`A;E`o
zW6pMg6uiOt6uQD1w@@stuK6{|RnyR!d~_fH|JV@Oa^-GNy_XZi3i@VAV=hjSkxUm=
zw&M3OY&X+cn;n@=y)n}V?_v*sLeow|0`S)O*cv&A^$MS_nGL+^5!c6Iv!2gnjD};g
z-e;O{8QdRduh%(lhHSlE&RjIUN%VsCv66g+Cy?>KR5KJ(T+cS|EaC1aqq9mpBHis3
zeVgS}3NtBDA|{v530yMqn?5SKX}h>y=L+;T-aicSjEP#Fbv&QXR%+yWs*~t>T(4b*
z7Ws$=x}M?im^nH9a&ZZE=IL`f6)x(ocvVkK?Y?auva?)R7S2nQ!9+=8a9Ibn0(aNv
z7f$GiLF1v}>NIF2*>CuG+f%k{dHFmT{+Yo;kaT+kx<4TwuNLZ@jw>PE-|}&^rpiZ0
z@NsI;i4d##z0XIB*k<5IIN)L6FsQr+Lg4VW$+T$;sJl7jS@!EjdP!7MxF3$E8lQ>d
zMWb+kx*0t`wSSV^qNXe@7GKYMlJ)>Tl)Gu9Y_A*k4E!rVQ2s&N{T8V|&u~QV@jTkh
zgRj6K;8;9~3SwR~xb~x|Xb=VlcAl{~%GDI*a|b)!uEO{RL?NY+3yKfNr?>~Wf&m1K
z$-=SgnK&6PS>tq+fF-_G-Gk<%EUb^qLG?$rVDZaY(_25;Q9lHLXf)*HrWTb_St3~Y
zUm_7BuZ}t55WiT~w3eGfj7DLn6vg_Iu4j!7q%ug=E{}oau>tOIWS@>K`LeA-qMz)T
z22`$cX_#eI6g8~Gybv+>`lgN~1Q?#Jlzp|LyYs4JS;6qQP&U~2O18y^&Batq79tTl
zKBVgYu@YY?1j@IpqvoRw`gK?9jZn9k4CSWprRSceSY;!AeFNO0ZDQ|GJ6{ex2x;|(
z3w_T@x_I0CX|ng2fbkQ6BZN!%-HDh$oN}J(I7bw?xx;&_z~>vW_;>qe3H^@OtX_Fl
zX#)^dOtcvFw*l!I<EqDTwY4l4I!^VWR>4qO^+LvayAD>YK{{02kF~ZTgz)MePOf&H
zCK#m;fTJW3uk`a*sAR&^<s9Wt{cxk}Y+cF2#bs|cmHy5&xqr93zXXrz^*p=&=69r+
zs%L%&#s#d3X1hPAj(6eP`%Eino$dYF@}3R-jfZSRsQWn{cYx6@9CONOm#Au6Mj=_!
zD3WHZ`7zz?mF0Fe&zb#PtQY_@<Qnbc+9~{S?pg5*<mXOquneZ{@3DB#VHqIqCP{^m
zQtYC0-G}1=8mT=A(Yx-E$Y1@LfP*OPn#p{UK~gF6^}IrCx=`kdKq@}*j~^(6kW%3~
zzt`UxHdo{a;s6i7W-AsAu4nA^5?6<uX8i_quT&*<5xw`hUF7e@!8wrLQTixeyDt-8
zdI|N3L489A$lXwKRlwXD?1GpRSRgcpAJ|1SK3_J6*?6JYIw)hl*PSc7*Y{yAU`sjv
zluzjG>2kfsa?z2#J1tpf6@~@5Y-E%&=Kb&JE?<}&@3VvKQDA_W9GEjU<L90KX2*RD
z+qXPVz1qr`5HYLCxZ>~iudRSZt3p$r(;<Z{NLlPH{4%NcFQcz}`sKmah+d}S^*mw{
zPnvps8@{ix&ydG+^tjw+S#R5!ez9SQ3M3%~pSLGZ@sm_tAyLb!#BQ>PxATsF`<gTD
znGuMmGi=?JwT@rd0q~#)1HfjU*q=Hu*`9C1-UISM{W3*H{GU)@cM{g3h`5t%iR+Wp
zt_#5siP>Fh_m2}bt~O^UqH4bGPB*d93smJSzr%DohThiGi2OHb(34F6#Nby|V+sx<
zTqt<loGvByx8-=@L8ssD@>L{HZ#cg^c0zY)@Uq~VYA_lnzmNl@I=fE}w_YUh5Ov06
zuo*Oxy7-&I@e+-wSo7kQl$Wx3OUS)ztE6gm03=xghFZ<px2IrspLZ2fnh0(-<Cx8&
z>)=qPRqyuFCuPPWq<473h<J&UPoLB$N-$*IkGdgtoJjvXJm;cmL$*`7yA2Icm&}!8
zs`He8cCm}RzZ{AU(Y?t>{ZyreB2Jo^zIh9N4)c7RtCReh#r9Bk5OULXJ2;wL^8Dyy
zVbSXOG*4?PHj~cZ=;(DqxL=gSJs%$2;r`yN+=R;+c-5@oDq4JUqGef)dcmvK!w+gV
z8~E4#{62=%;qdm@R-q?Qi~z5I@U#(2E{o6IP`O^KRB!gBB<I=5EbngI92l!|f<>r}
z3k_-M$=e^FB64)dZJkRq4bzTyKN)O={)L2twNwn)$1-fg&HYyBa`~ztjs9(t5XL(o
z5VxtutWARQ6Fq_$&Xef;HyvK03NC3TGxhF{YQ~f^h3N^&zug*dZ!e%i-Dq^i)Eu*6
z1>(PZ)sp=F_BNdXkQ5N;1J2uD(xBz7U0q#$PPV_0L7S-W|7A-&kh5_#DZ`=Jc?^@(
z7!hD%q9P&P?u92&C50pAuHdxVnywC%HvGJ6Vbx4*j5BD9JVMS*gEqElZ9)|=naXLo
zj*uIX<Kc3<ETkm%TrqD_ji_rJM%j(V-)?>$k>b?haz-6TO$C1+tC7FdiyAXnTB$c(
zq=;ASXmf9`gA*o9jKGvOts<jk_3ZvUTs)4UWm7!G%0pkr)hZp`a`asB@ueu%Q9~nB
zloTc_=!R2^ibVKhhSCQ`Kv2UJ5X58=F=5&511Ms3Zu(0HXD27jur3_x<+VDun$KKz
zNHq_JUdIJ1vaFo+`=@`d+WnoHYRc=-a08LW6IBrx9Zzk!;(^r0<_E~jnN%ebY-^f!
z@406KH<M=8v_U=<oL}d<co@%QjLc9aGj*Zlx~f_gqlxb3_vIlhiO5FeI-_@IR&fy4
zIGKFu*5IZFoi-)`-ngh~Rf4z(*?9P3VGrP~BR*Hv-iN3NW%6P&p!4G;n#PzNGm<H7
zk()wV{#`~F52a*y$|NFoiKzu$IR&iIgtZSkt$m_*r2P@Q_Hjr<?<PE*+5Shc-37iX
zvd;CzKsE`Xxqy>bW^7UrDlCb~^GB}96Sq|3{BCv?C@Ksore{RGBk}%v!1?0YBTP_c
z6<OWn%1n+D=FlS5{{whHhrfZv%<I9jr@p|lz|Gr-uW5zKLu)hXOvcg&_g203yj5Rk
zvsvTX_BJty7~@7mR?En)T!9G%An%%5OOLTL%WYr1@c8J2u7h8g^AuR#*hmUR7%Ppt
zd9nK%jLo7@DfK9sUtHoD8tfqjxj+cH%FA7DwUPXalOGX{W>Uzuv1pQ^l<t1+GIjtY
zaj8g#+G;8)EoADK@9zJ?hT^Cd_m|5A&eacZpo?uPjKI@}{ea1s^=|I&<&{ODlO{e<
zVOjL_xbO~ro}Tthu$$IwvsIOsAOXSo_s*~U;yeGCcK(3&C<N@J)Ij-+m1)zb@7$}z
zdJpI#RmcTggEN>cX1az~J_i32R;sMp>en(3+|ipzxtD){ud=qLMup)X-a))huUxIr
zktUbL8avvzh>JyRCPW|!4hp!DXEfB7e)RSmRk&BX)~)0!l~7<VEGQ20i}Pf)hqbg=
zDJ4M9upQn1W3R^+0m=?!(U)bs|L!VM9oZ#HB~vQEBDpBHyhVI3kf_0m`UUz6ghGQs
zV=-1;ytHld#a%j+RiN-`Ct=$ZS9^9l+-%>`8Es~xjRAechA^t&5N@SlqeM~xN!lvP
zD)Vn&nmYcZ0j&QpWRyf^HXGg4ZYoZzTr5{1q~4i1lU}d2B5hiM0s);)=pWg_13OKz
z4UPy7^yL(_DS=c%+N>0TseQu$W!G!;a+Qy-8(vaeVxo|iu`yg#BEEs)?uzr8I^%`S
zE03h<`wr?ZmMa9@x{45qe1q5~U7nvw1cpbui}YHfTq*Zbs~l%^>_rWDm=E`9jv<K1
z=$3NS3UV)&F{sf-Bh=^bzg|Fk_wJi4SITg!wM1JYi)sZZyS7dvRjUXv9ZNvhV_!Gv
ztV+4kYBHf<&B>lDXRH>?&E1#li#DlJfmp1S)jC~y=0|VLT?KMSnuFW)C%jv{H-FNq
z59VxAM?d%Mv#q23*e{Sc`;ty)GMn_E)mBtj$t9uTGPa_{a%E(T=nIvV&TmlMZZ>MM
zQiDc~+OcH!)kv$xf_3g3cROVZ!mBy42dNojRjG~&Y8x!H>a~<eArYV!hH&RHZZn&!
zG`0QP#Df*Q(IyCpZ6&EWP0NGlz4GF!k3O2RTm9_9H@)g=MeZKqL2}BZ$0hQ}=+J_@
zwQQF(nrwBTwTISe4Pcd9URE38>*gdK{AnK>TL2UxX6rsLvwY~7(BdDf9$dIM{qZv-
z&43~Fu@Ua9@fM3!Q)@-&JR7aw_|Y5Rtsqe_AbCbBgd|C0-fU-Kq4JQ^#@fm<jWj%t
zV2Km0@D6s9a))1Qbm<rOJbn8(8?8YzWvqumUnutQ_hhy3tpuwo4@MRNLRMW*FS&95
z`plH`I7&XqtG;vNT5@1Flxbik%xpA=wd}g$yH!$y4z#O!TQ~pk<AT41wex15DVwQU
zX9<an4hso#S1SQiHyd?D1-WS%*|b2Skceo9uH-|QZLr3zs;Z*6Z?6bvqS0!#@Yj`<
z6(oBI-3D&*UyXb9?tO9jg)hGN+{fFeqOxM@)F;Bi!;c<4`oj;qb8~X4tE>6*@*yE1
z>({LtH-3DlPM!H}b?~=}>zq2Bj&`&styU}KPGA70zUPM@_V3@<qesucprDUGT9uU4
zy11mcckkXoLBSweo6Uwm8!`~w;7Q;F%DMf(+08Ti);l2-G8RPS89H<Ehcoq=<HtUo
z*t@p}Mp-B<z+Hq?rk}W&G57s-32w;uAElyP1IG!RKW0RLMYq#XHMfgGTC7r)7r#&h
zvk2E<?UYF&^cE}qo}4mcbdQ!!1sgD$<A513)jJQL={jZMq@K|!$Jd=WRUneeJ*^d&
zZ)dg%We*VEym{9g+meu~!-D;$e!Q`jn{yn|pe!$^xn(oT+r|bdk`{~F(~o1aG)EuN
zfPm1VJts8Cc$HFatI55TTJX#>UgQ-9L+igrai_QIbHkq8!i3(O^(G9rYtFDLwSXow
zVqZ^H>w%BIJ$G{bXAG8SaWSA6fuU3*=N%XZMhvx^=kXuEmLv>#YvyA}Wy*=umq3UX
z;i0RKpLlLiYe3mSJh)ej{vCZ*zVpGS@6F>6hMwI1&Amcq`NHnHvI4z8?dPFHMD77T
zvVxil8bKUY0G9VS&q}#dq5PH+E4ECj&N}@=nJ9kUJ1-ze)uFv7K~{qz!_)U1HzFfA
z%Fdk~Byc{D7^_u{1D?hmXvgiR3>$p46DVc!@Kzn>u38gJxKdb-B8x-}WvbA!1k_k^
zzo-Tiv0;S6Cp-`SU-JB;>vy$&wguokRgN;})G+vpqv#+%zq~E`%k)Tu3MtRcxSLTl
zSS)lYV?c(i5|sy+H?}%>vncFR3ly}<+h492G5eiiNr8w<RigY70<#}KX7?uf`=DA8
zRKRjmq~Dk)!T%pFeCm^p2R?XlsM%;#c(IY}-F7gj+tdY<dX}dgKY8Lf`>G=zP`Lt;
z6sfqd_W^Zm^Ga|h=hzk-chZlv*$6i`uEDTES_ODmpnUt4^S1Fl<PxInPD);>;gK-E
ziaR7$PXJKo$vnP2+N_qFS8w!*?#(JToVy+~e0I*Qvw1Z>>%UrxAaz#{ZnRnjQDK2Q
zuU;u7AM=wd`Hn`~M9(i=djH_gk2VTtPwsbR-!_YX&sFm$BKpj2N6uroz%Ri4t3&6I
z30-7D<kE%9nmVmQ<{@<p7&LDD%ToqAleZWF1;f+|Ip<G`x5YtHm{@@FJp!kBg($n7
zY$P}&utnG8j}}aD#&G|_ZBX*uq(!hNJn{N-hZ42gLyDa{akfXqAkb)1E}hrNqH(qd
z2^dGT><EHkLYy`JSYSqiRr0#b<Ehn(1&PtAN3cs5E)H!MCPI-Lw=dVxDo<0|_cv;{
zZCV3pVfn?~Ca%hXlzc_I`-Pcvx85$+w+@gawHfKfr7a|`8ZvA{XY7i9b}vl!hAtN8
z-9CC=<Gc6EH$Zbf|NVNB5C-}O)ZX7#jy&O`R`G2NWX;}pFz#qMhH+=IIook;Q{i&N
zW*-GH`}n9mLXuv7>%%BFr+O`kw;lM&hJi=cE&cqHwV!^nREXFu1W}X?6UsmoLH>an
z?f&b<bo&4$LRH_mdONEBEWY?1!@B^ig;Ae2eL~kR`FPuip`(3p#AHJRya_w@C?_iO
z@{=NYXHskXw{){FSNKT*<WwXK_VGP(<Yc#Jhf0OW?Ze0D;9v=YD5KlH``O04Gn=L_
zcx(IG>6X&%*HcOdC4<q`cI`&0EOs!Lwt(MT1Pt3sg7uFZ;^N2*bTNrc$@W;WgfiBA
z^XZ2=x0v41Ui+k?_QRfBHe*~pr!wmZp_tVg_Y9KCJZCL@r*o92^XWxE+np8{8H5%{
zJ-y`Rr>>ciN5w)c?bewh4SOiu*Gt`YXuoC8k8!@3d*uNJ1~<Mvuoj+J^_aZt7itin
z@Aj?t<*X%K`C-j>7tf6!(M>8~+cs9uIWeI~0@%7xCS@9)Z2Yh7weucEtrEA$1@FGx
zA=a<DMk5diIBOP^Kq6=KB_F;0?v<<(!9%Q>EtkuuJw08i;Kxd2!o-P@kx~5hj2SaM
zJ-w7l)ngMTNTuxVS5Q#UlBLUb?b?}@ofR4y3Nkxt)Fa?;MtVk%o;~8?<JH_*#<?%O
zymiZ#^0IPgD&YR~XP)7CKjLUBg9Z)e#sZ{w?>>N<=jY{9U8yBYmV$TF($d`B-Bl{J
zNF<sxd9uHsAFtO7N$Y<dG+A9+%NqG(?K4){xEYEeEfp0t0t`8_ZQZe3d1{#?w%d>(
z8KQ`eM{5tgvh>|4Qzj-vxP9=-tagb}>36g16f7gxRM(nVL$-8XU5&+VeGWxf3lOR{
zE&R59zFbJZ)X|%)tEnLwdn#4s<rE^EJiPasEvv4b2oy8s=;WTGMh%c~CN40{ty8PW
zZR_7IztcuncGpl>TZbS|P9664x-aHmI}#EaTyC%iixH8~ZQO)@AHDQ+Xh<NKtP;DA
z9n~{XtF1$f7W?-lO)bVMU&@mbJytH6JAC|OkM`@xuYRLD^c{BT`n;Jhg$H<OYbv99
zKA!A}oYZKvI=eAEvr(t16WB*5jyy%hCu)EEeBqnMc{3(}hdPrz6@yk&QC>ZC{ItXK
z-kSY#iibibbPs-P+~{B*6-RDxkY7;LyqQdkQLoYPpWqmyPOGb|8q%r9_iwFVR8!zZ
zXiIBBWZEvHriNd9eeV24YBA~)(|OXk!B4y}zv|r&UYt3{-(6ub>vbmd$=NT5Dv*?`
z*Ea4uh0EN<h_S5JZQ8{C7-ubm-SB0o>Z%$mm#EERs?+HBnlTyl75b{kF`cmuZ_Isl
zSqop$gQDtA2EA|R;R9NnoBQG`K^{`Vx5cw#`xrEJ1~az-i86K7l@<~qtsovPhzAh3
zTCH6jz@*odmsj|-7}7Q2%A3zU8yxJ<;L`5>hxKe5!|UqcLig_7JAVA_dzGmjC6vBK
zTL~CJ=H>mHemo_RDk+cXu5Dwrg{c~yffG+#t5eyxwG6uQvNE^vBRfT&dh3<vA|s;R
zFs)SWhR_Z=#WBF7Hm%pLdCOe=Z2y*cZB>np%Q9)RXzHr8G&1eEk#DY9cG)*Th*4o}
z`ivReQ%cw^4O-Y*WQS{mPNShsJm1pQRht9w>Z~iDY}kQ`l~zGe&rV=fiMMI(`_Yow
z)lWUqyKl#LH+=bK*=<}`UZbnCQ3zww)oEGIXEf;RC@tdMJwds4=Ir_L2_d)Aa*|uJ
zA1PY2h}-eyCu@b&V<TdWwbhk%NUuj8y_vmY?(A2B{8SYc)t!fojZz`0RaH7e0H1w>
zu2!owHJDj(Ebr#Y6=gSS%M0s7EuQMyMpz*bS$>$i=#4NhML~IWWkp?!eq-C-$bM_i
zY;O;R+&^aSQzPmsN@;b}(q#*$PkC`AA$X)?Fa4^o=D(g7rnKdjYm5eCi-F?<_P#u0
z?t)N%Z=tOkmk4PDA2oEyicdGZlyONVAUy+PrawLT{O%1kULD2^=)~D$VdtHYm}LD|
z?=SgCHg94tqqfe#E1A%?y1F`p(b9SNqdQ*)&G?>LDnupzb6=TGk*3<}I(~q#nGIF7
zTKiDM+5?e~8b5yJr{BD~^g8>EL}z{Cg_l^};o3TGY+>7TZC$O&Vq<VyS$Wa6FIJLz
zU147SkSCr}VAvyL#;#hu{^doPo)WsE&NAY$8QvlCcz4U(SuZCfMO?d=9qr5ZR?sBa
zPXmCGdM7+JxaG>lbECq;e1ep9Rkft0!Ct$jy2?y))+%kL+Bz-Y;!JvNty$v}H7LmP
z_1yWdM@4x)$SF+JnS;9Z9@g>n;^$rr3Gg69A+u%;(rIhOW-FgJZC$m|N-?Av#KX2a
zgT7W{-`ca7^cCf$i0{zeNhepl`n;dNuhok889A<76tVJ?Z%s5|G?;t#=_}+vEO87q
zKB3)@pKn{LHN8A<+NeQy*DrhiM0luPQzHrNFs@%KP&M|g28OJwt2J^mwC>z*)0xe^
zhYjGne;wD<LGMO1It=riG<D>L59eJD4`V2D%JVPT%*GlGZ(9W&_4qSyulVfM*RRV(
zSXsH|g;@(QZTYufuX|8MNpWlMUR~5~k)wxn+xq3Q8zG?<O%0|Bdv;VWHgdg|=E~DO
zxTQC_?UnhjPnbHRW2_IWy~EnSrte-kw(w1v(5y3BOt{SN)mLYLz<tL*d*hu|bLQP}
zmrF#Rp_3+z_miXSoMHt%$ottbT{nEN_@JL3!C2$F3?4I}i%DCfk(&9E)N88Bstx1%
z4T?W^X~uJN;$tIBRmBvdt*$}(Kl=39B`fF5y9S~adW1YRWg<#hDyuavpT}6$^dI*h
z5&O0SlpT}+DwekE+GF*1Z=AbRG9W>&t*tg%?0OTV)mU9!1M(&W%P1WC*QhO^m6erX
zyuNz%>XIc(N=izELgD}2+y%=Oqfz+5#?6sv+DD&mEv%^2>rFJf7?Y}1o_!`v8{fh6
z$+6QiH74#O-Oopb8VrWS#Ke;)Pm&}_{3S%ckw3f!zVVtEY-#r9&&SE1_N`y7x;%0o
zRCRb=X-15niWcHm)vwWLymjlAR;&FPvq*f+Mn^>jhlIH5M?F+|;SA#FQ?d#}LnCDb
z`5-gHKQc)vL`ah+HNB{1>$u{KJ1GzH39&M%eJ5WPyZKP?;LiQ*($-!3xG}XCFJGrb
zZgDYzReB^LGAQd_x-ux(OCiY0%<vA41HpM~-6)3H47Jy;TtVEzlcT-!@`^%Q#7l6*
zs;y4Vt%_?EBVbRR-b+c(MQ~9>Y(jL1A4_vN#W=>Qzj5_yr4ebF5NoZf32Ye$UM$Pc
zxRH__-!|ds`p*pB9cE7-37UWU?Q2<ul|reaWn!B^FKJG8HX-*6_Hm~vTVZw<;T90!
zr8Lx)T)KKk=^xcTKC-@>(B>PLFPBtly@R6KwT=b7v9`RR!oY-whJbZTb!lFW4vmZs
z;k^5yoM{Or>)wsb;<}Dqy46+W3*<h5-fEh(7UX0L-2?qS6~>y<Yd3G}%(Pcvc&oS=
zF{|#(nth~<wQ2bkVPWAiu>d4dqo>0nLNSIc%FQMv-l2YOnRl;d6jq0ZMJc7YSmovI
zCMS(GSFc{L(pp1f5?V%uu;$%p^UW()OR6*?xm#j#8y}T~wc1IVGE(p77nh?#S$yku
zfu0I(oxmEB!x(eQ-JGBnk!rC}UsGOMYYGkx72!;2VV;H*w+Qnq%)EO$tso>KQYsOP
z<*Gn$H-s`>XA4B<6V{?l%kZL{2Vm~>bC-gt>Osm~uc&0PrLwR}9~u^BD9<T3i&})S
z{IV?nfdO-i2=YQG^PTHg3M#ZRm1jb$R$eNpi*s;W+RdxkrJC^g))GsZdsu6<F7MjS
z6ca^6#I}kJ_cvCT6xNb4kwN7}d9^^iP(Q#w$_la#m@*>B2MBii>g6g@9w;_`zx&AG
z$+J7fdh>?lSmtilUAlOQmIbs+3eL+e2@H>riwUE)rl6!WI5JL3fTo*r??E0a5J$!)
zMh5%v4(CC=XvzvIETX6opW?i16RwC1@&;?h;=D{s?(Z!!Ub=EqZ$(0*;}fETS-PVw
zyKw2IA~3c?Tu92b^97aW$hZWdrNSe;6$X+r3Zg@OON#Q%s4P6dtF}1%^3D4mp^@Ga
z0vD=+f_)I1>DuM<I^4T+`xXWFGyPh`Dnz)=Sa<E})oQ&hC^9aoMJW4KwlKSnl0}8G
zIw2*wX;zU3VA7n95rW~?WzS4Vn*4^BwWy91x9`-+Q_g;KD9*WeJ0;5}s<oHcK&XNO
zJQR%0c<b7gqAI<2aAe1%nDo2ps^DNhwY;V{E3?epp-p^V+ReLJrIAsQ0<lo3@bK|a
z+6+}!u3WcC`~sQGCA-qUd4I7GM`}uQuHQ<vA((GS%QkVrZ@jv=<M7A(cWlY`AbwnX
zaQjkr71_B%az#ObDmcVjAw{f)jNAfGzYq_l)Kpt?<@z1Hh4u`HXxF-hsjjrBNE;a+
z1EyqcRY_izC9y>q*S)w-k0Nztxz}#px1!?sq_!cxYS8d9!PpWI=Hn&<Z6GZx-^(vp
zi5k<3v}&R5c1o^)1Q-k=`N>gVT@2DPQ+P~ba%3R8o1m-6zj*boGBDInDZwyVP^e!{
z`dyiCw69vsnRK<KT)&cCR2$#E9igp}cm?}-$Q{mxL4!~62#@!W39P!x>@r<MXsA$t
zl^0|hD0z68Uq$ZyD|fPj;}R64S?V6(>!U(w%dIPyiYm44{!yKhBMWk~1xmjFFBMJN
z^0FUDeWQGYy0k(~i>NSdS#hzRiHiyXBV<)+Znaeu6B>Xp)_XUu<(Afn<!%YBlYQm%
zl}lI4YxSP~5$)Q>33wZ{c7MpW`!}x^R$IIE?<GU&^jlZ6iYnxuf$iHRgQm_IaOE95
zm@;$nRNg_}YPrQ?sw^q>3kwI6Rz-f6hEYa^dKYCqKqMZ40qmA{ZtBg{>_VZ!t5c`;
z=9-d96CN8Lz?Z77GXLt0duB!ulh`IQzyqvdQt#ZzEvb=v_;>8sR>Dn#xv4i&vx`Ma
zueR;mt0n9nc1cb;qYMDU5j#HQrQc4=i)_^~(qGNnkg*wSuU)%UtJNczz$+j)DJf29
zw={|wYf7%(01bxm4hnA-A0tAktjsj`pjdY)`&}X@6|91baG@k7J}J!Kvot5eEb<KF
zvXGy77X_`{TW!%*U%7J4z=-1$TalVV_uvGT7&TNEU%h$9U_n5%trJ?1y7G)7eXF>L
zdZ*L0B{L&i<Pi|;t>UfmVknuBk|qxb3vid@W;~F12K#!jpIMD{6*+~qu?aD_!!GbY
z7d$=Qym>SG1@+gnc6NT(>7p;D?@j&j{W*)*Q9>bQV>jjmLZQWE?K=MX?>~8IX6p`n
zODe@8;lsw-onJ|K0`0tZS~dk@@W)AM?xYA$<9NTPyudsQ<b9^{?3@qAhv60CT~h%+
z`FD9=zx*|y1j*^=@wuiPJ|OtmT*ZUL{Xfgve`4uoC-e602bYKSGePr;VGQ2T=9Tm9
z=9*c9R47iRp{Y>Kw$JPb_fU~rct}A0&BL#)+WF+XWjzxENbcjNi>P+}5Lc70&0h01
z=^J>tWSrlicw_FokgP#sv|;4+$+^VrTs$`&78<R+8%5i+0C|hTt}$_DksAbRnjGR{
zB;IbGy0MV;sXFb}H}`In3Ulb^J2W@!7p@J%rO2A8%_hyKfflGUzs{E9Dhy++PRT9z
z3kvsAqTjr~<c`++&E<3D2(K#N{7~kaWv+O!reg66DpxswvIN*!9CfKgq|qh}pBJa_
z&9nr%8N+amtP*o|jAAY}7*Kmd<sAmGto@Y<!@9ll-LNF@`YLPUR=shwO{8jCVpeV0
zovhl##2Ca_`R?Mm@(xeFG_g<Pcq;C$*_SeS_~>viF>UvM*$i!Q&1vIiTt6<*^+xFH
z`vK=|!6ilTI*Q?rp`u}LZI~j;xhZV$ZgVB$6oB`M(=^8Vroo_1M=+=1OV+SA_W$d*
zX<hteL2(hHKh-@PL#ExWsB>s;oT~jd<H#x6NCy5iDBsjs^Y*A?*lVWMH(#nv#wFgT
zlk4l;E2yJKFs@I3TA9S&Nt?v)GU7Chs>$$zIJ<Du0&gm|J=W$XDn|@_0W=8JU><a7
zxc?5;{@YkGJ7np!nuIQoow+pS-tC(;29mX?C6c#FYQ-2WMqMp~KBOxf*TbgHJFcq*
zyN;J#%hsVDg*CR4*>r*78m3Vyt`mdvnpLb62!1L;SMeYb|1YmVc=c+kejcLv36ft}
zVw_T@V>DzJhU~OSQw+~*8HWKl?g$Py+S2^&%`+k1GqgPb!@I0u?>0<@VI7qq_Gl5i
z+A8K8f_X{o`ygPMDiF}RvM*M>S5ReEd51hTXF-p|05E+5>Pb6XLh_RGCtvubFV7d*
zYtFnJ-vOQZVi&*;T?>rWn05HF=DI24hzNDQz#psRdS!jgb{{M3!kbTp&kSbwU~iwO
z_)R8W5@)nrU{>>;&w{gqV=hslsD0RA?1>|ek;KlxoPOP1T%B_{V&_7dA3*q|(E2Qb
z5d-B*-hPhCUNVj(`1)e_JtveuPs%YBdpx|NFF!PK)nqRUM|s+J6I^T4p<&PYSLdSQ
zB|*7O3&!rehBxx=Xl88GI3W?IT{`^EvI`6@O6b)8m1ic%*_ScCW}37yhEsm#>xE{c
zMiG}bhVdEWYnd+#-Zgc7qK-9&v-$CGHX&~NqhVg`rD3;F&)Ny#yALNEg1Q!ty$(=E
zz0fWNjyb%k^J>tXc}jlD;9W0bVJ+g-Vt%@1w}eo8DNzoQ8D53j*>|`jD=61JF}qZp
zy^H#)=ly5n=;>YSK76M@AXRl4`1rI(``G(k{UCs%UI{awO0@4vpeW;P2VB$T8#X^(
z*<E%uY{t$`#kMKj?tP4PP2=c~JdJOVB0E+vyzm&C6j<aln4O$4j)rb$oLD1i?PW>3
zGG2Cg0Y%C+X@>I&>ROL{lXa{x`3BFoVZP0yT>bLx1a}so-OxPNcra-=KG+us{2;)e
z3E&1l`v?UhbnQEQmAl5~?A81U70Mw7iqsDZT-n$6IHbPM+s7!rr0iM1F=w~sUD7%u
zaf-)Rbc0gmeXi5>De{Y)`u^phE8KQ9KL*-s0mbUq*!AtxkwJTMO@~mn&}he{>tumB
zssnZU5a7$eb>!q&C3oV&kqgAWFlJxn&gMAUUj2BF+1qw~+d~|??{>={{JW^j2GoC3
zLk1L*)o6@Adf~GVCw01Lis{)lJ|rwmirWebOY&1M9Y`0PKK<Q}CnjvoF5=H)J!~2>
z5OA;kpS0Kh&n$nW`K??87Vy8h=8<N;*Zc=R82;=htUvUtTm9~?%jUFmUlV?-g@E{1
z;P>veqns%sT;j3(%N?Jr`TFv$>*voLBWYBwR7bW*+Bk1|mlgrv7|rk)B?QEOld`ir
zE%jTuc!P~4h<|Cl+bwvw?4P;r;{T^g0u%(rDUD!%9Bp>l`*hhZb@@!>8pb(O|I>}!
zK|nw>!f)K$2E&ETqPundPWRyxr@Rm%6A?HeKxtb=N$#;L_j8kd1f0KaSiTSte+^M~
ze(3ydEWydP?dl82Z~UfcR~^AHqT!;w(ZOr`$7qMuyx)`JPtc|Y1@dRE7aV(<4YhRs
zsPtTl%dYbAH*B6dbrJY4`B*bwoE<+<tdS1>!?9FzZamWt>jJ;8B<nY_c{|8xeTmp<
zGmaCyb^)i6|Fdn|@vuRQZ4%n4l+|>v%^B7i=C3Y%r~cC~Zl(45El!Q8f0Y&k1jNI{
z+IeHSLX_UI;r;8Hz=Y^vj3Fz^%M50UG1nCdqKAy_O`y=wI0VFB0e+5j9NhdBM5KOa
zj#Cw7b&Kt~^MB&}Y3DkP>|6it6dSNx&Y$~lD3ITpA^yA*hW=6M)w5)VA8%d#PydXu
zDTm(vZ`6!vxKnG_&~;iManRF$;^{8_I{@Nxi1~L`RDIzzIurQ|p8iw|vdi`tl&*7K
z>3W#qH?)=pksyrg3Elr2o3msb$94V%Ck7!P9#+<lus#=Td%yom)nVGVk3FIg0uE0U
zq+VYB#!AoRVP7qt-6~kEH(8;E3<ShqK}ondvLN#wBM%7ibNl5JFzVdj;%EaP(p9B-
z22>vG>xuqp%$;!<wMe~j$tX~HDJ3K#4h!|ieqV}C=HWQ6h8AX}k`nK*0M9>JIfq|@
zpfzO$dQuP==!g9gd+m*g6hqVbIq53@C^xC#C+gRJ=l84~oa)hNBVOysk*>O|qRti`
z5rqE3EUEFTJ8a>U<!7X3l_z)Usup9vf3MwU(G}#E_(#M@aHe6&vDX%3T~TpGU_`VC
z`~Q3Gpx(+03MsMN-`njk*mbU7lKu7t4B8+P*3XtP?LkRMOt=)se(_#ARhVCZ%iR4v
zRdBBz0^*n8HxO&kxdaIP;6#Rg!OW>Ye!hJ8&_QD!pPog9e6sfAK(zSn57u1HC{)QL
zE=P|cARvA#J3#E_Vj5f{_7n1~pLedK9pAP7@bzqjGibnvsXvTwe~aSoI2Df>Ugwpe
zDU(5?H?f{6j%;4}>GtD{-O89l0RCl=kW&H&8pd2N9xnr9C!93n5XdRd-IF_(zO~|R
zR@SKlJN6yFNZXTQ_*Cp6o95bikBiM-1{9w<uS`rD^;(maHLiMc*H;HGr#VZqsgMmz
z$u&m~ktwQPWM?5bf;;1}ah_$)?E37}b(=Z&9?smmyi#A4bb~y))MI_=I*63bY&Pgw
zkLZlev});d=d!h|M;5A?YDIYdgwR@@&SoR+p2!<yhvqA=N!wst%8*T!A+36Y(PE=`
zlQo=C9h!GLb@%wLH<quZS$8&8M;qd89on<Ww<^~*;L?U^+NDv^jzXbbOVuH*qsm;X
zyg_5&pE3^Fn^tRs^5?PuD0_M4l@%YnyL0aez11F`YTP7f*BBh>Hz+Z_^7-ahQ*!UE
zh4TtboH&d#rwH$Pv?S~DTZ<Q!kzA8#+)Z5C7z65*&F}8dzW8qMd4#KD#HCVPJAz$O
z#_`uFSiO+0jgxZP`EcfpH$BW%HDWTE4F-eb1B<iFT)Kv%;#{iRQRWVZyEdCetJSi_
zq0M>m`6W3f)>{zm=uOVDZB%_gAkJHyaqUMdzB_guLF|PF0Ri!cvv$t00gcRfe&+tQ
z^HzR$7{Mjll8o2pzEIBi_=qZQ6`A6^B>5&I0{7Y>Ab#(bn0?RHRTI}?HjKT%Ie<BE
z;)`!j9h8i)P8o4NjPn)8TR3-zzt4TowwoKPUH8uW)eLLyNhDDyrDBXzPj;xtBYYs7
z_Z02i&_?Tb+8i<0i-$W*pwW!u$ecqSo|BzEad5;dtDk&i#DpiFe{RYM!tUtFo{BxT
zrnz?Bvm4`Mc*%H^U#!dVnw*c{UyF#?Pl)4Yy)kV>XJ;`s71E`Y5XUD6)E*}<GLG9H
zI_$~e&O3-R9$YA5?YD|$3WZ$8B}Q<WKpoQIyg5$95qX0=y3}L+=K_}WuzQa8PaRpe
z^E79kjZvuG#jMjhR6yV^$}skPAr#5lO)9wk<+nR+DB;YJOLlly-zd_kZ8$Q<8DgVA
zs-+LEZrt*njZKSJ%Vr-7I0x?nu~em0;H;x?F^)N!2Ul}^HhEU(+6G)~$T-a1xzr|q
z7k4RVXY1ybzFexjL1S?0rt`8ltya4sM@NgIINzCfFC9}y_4(}MWr0e&wv1g!dp4cD
z!zCU^cIr>oatZO4se}TNO6^9V_KzJ-F>uZpnouZKsnxu3Z!QAY7U<f>>=UI_sgO&>
zjuz`^*bO^^!zw6h|LYX2UP!)YyLL>w+L)sm;Cy(H%AtLm_g~6zEHs^M)}?DWDz1Js
zu$OARalk7FHt#u`%Bj2I?(S*<r}>6A9(*vDyz^}a7ji`?S19EYk?Z#&2ndLu0shJ>
zuYfL8TwHwm^l6<=_cLbl>WKtqvyqXrW)0uH_Puhe3`c1~AOzEKi`Yo-m?%HLfV^Xy
zHlM#M6bjK_KuT;jn~#srlqpkw#?1i)#IGg0pk0-fm02v7pKnwkq=$zGm|UGdAFjQ2
z&Rn#ivhYSqmde8$@V2Uwtd!JjufPBTrS4ohed63@5|{aTx#y?fs$mqKGV1)*TLeL*
zUpsd#HP1UJOe$a}ORKK($ie+t6-L6M$;z+r^6?@tgrzE!@yLOl-+#MXkE;WMLn^Z_
zfwgy-k~(<w6e@N1aaZzldB*JvM~+`$r0%{RN>`g8;8|T+?y)0B?q!#F`1;Gm0;|6I
z?8)O-Z`~&p9$soW$_jZygP>J8w@+QXE%yv^Q;6<fJag#Sv1%QuR(c>zO?kD^!@~_o
zS&(u2@UasXLRDLsR!u6s#D;TM@5ogiQn655RdVC*J+)7eHa{i3NTV%ExmTbG3-T>Y
zzj@^7$>JJQKxhzQsoJsS`&~btvMM~iJ>1QeIprqYO9f;=OLOj@IDYa$QKh$kkVJ^n
z#>!Kd?<<vp3&##-l^X*C0|XfAbeB_}eGeo-*lG?PI8tN91N^;NN=aMOZ(lij{B#{9
z4)OQoxoK@l&WU43@1_@q#YPp}KAWc%_UYE1))pN(c0u7ArV!KjuAM)A>b%A#2=Vtq
zxT-A5xN+df8Ahrs&$_Fnr5-97D5ASp&VhPF<=#GSyvIjYm%~_g@AI|aT)v;94Dj<&
zDK4Mc?;qdWka_;}t=zznP>F!GreBnma_rdgoKjtQWT;KA+57$4A5Pu`<VWcp<SrNS
zHm6JTQt#$f2@R$Dj-GY%4^xTAGl%xw&aUta2n5XuWvKj&J4cQjFVWIrp#cb~`*!sw
zCvV)gSY`f!0ZOSzTUmJW*s+_bIUx}dRhhR_3QS4uqmS?Tp_Y*a`?_=5$Y|#6i^oo$
zHz2Y=A9v2zqv71~!xwL)iInc1Dmg{51ABhj&GfwLfB+wMb)l`gdGm(MCq#nVZk#`L
z_QEwiEeP=S1dj?I+)gji2l{w`>$IEa%58EV8GY^MZL7s}_u3^y8R#Yx@<j07jdOLB
zq&Dx)p_7*-Za$zSZHC%Ax9^+G#+#Qei@ZaX5<KJ9g`+3VlM?p;Z?(1}=iBeL*J;ff
zLe(-N2(fC<9zS&XcBZF)utFlNEXqpH&DYgb-bl}L6Wh{Ka!h8;wObh>5h1uufA-jc
z%XhLp{eu(|0h>Xa{^IFlH_{7mg1&v_dfP#dcyL1T?T4{w&Yn1WKd&5NOer_-cNjcE
z#W|8Zd|-cONu95MuvmbW<)_}st5(sP{Ra+JnFS$%USN>Ab^5GD?bjhO62-Bith+~#
zp3E(+^9u<PG3INRE}99YyHdhddUjeyxgM#@%da%n7C$(9`L^0GT!GXbJ$xuNuPQV=
zgkXC%rYX%jc<4w$r6Djl2sH14)LXe#7P2mH|KT%2wU3udR&?w5=ihG0E~@hN^!4=e
z6oLT-h>sY~ow`9N1UF6}&n`EFh4`0cfnIsmj4S-T)O>Z{zk2HUnX9x&<?E@+yK{cy
zw;S)|l)L-*`ODEg2d;M-&^G<_(Ypn8pj!zEcJMLQmYqIv>_$qa#NFFnA>mb(^3!e{
zK6#12sI;^+fmc|EmZ3}&_hb+d5IlH#oRX4){U(+S<~9Oh3JWzzTwGjDRi%}rjCzfQ
zB7FR#DlZ>j^Y+pYzdugk0u+G<QXwFIA8Tg~tsr&z_qJ`@SEXh3FACEyZ{N0yLXhnr
z%-eb@l{Qq~OHH*P$i)NSow!?yFxovkzj^(Q75SC5*N*Re?adF32x2ZzeR1XsHw$XY
z(yo8_=BsOWo~CHW<j7D)gGC?_8+BTf#YzZ;nHTqOKYHCz{$TNfMHe&5087~W<$Ei?
zIV_jsU%s<=|K&`?#bCw#Gh1JLX=#apF1dfBpi-wPPJ4Og3+K~HX;a0!^JZ;4o(4jl
zKJde<i<jQWE-6Sk|JtidN<k(p29w#U)6@|X#f?)tkDR{-hM`OQzFhdmM`n~bxo!Q@
zH<zDJt48!i8@FsNtk8nAstVJ#Zr@sIMM`cSeSgKu?R!sSB56^|>9t!A2o;J8`!;>F
zZYLs=nayUQSfH(|MFryX2R9wRnFZcGwd2bL%Ri~LBH7oE&6z##K^=mbia%Ywdc{X;
zYc1A2U#?iS;YZG#joqI}!L73&uYCWDZ}&17xpC#Pl^YL%n;91leX`}ar;o>;&z5aC
zcoXFP?uqU57B0`NGE|pj-^-~Xa8w|Yl8p78MT_o~lD<mf;-2q*IC)*65dE-W^;f&k
z14eRj$C{VlT4$lD6MMgZZT`#Gb85k8yk*T>U+p|4B<OYTE;@X>i2WSF4VzZ0g=A16
zMr$-W1|t}g=HT{C;FZ)<TV7nU8U)C@clqm$n@F)+`k5WCui8!sag&842+W|@TWl0R
zR09;Hon5@_?Zc<9*A(1-`NjF~zWL^Z8uOJs>)!oj6Uc2@`h}0yY?FEUT-g5c>dnVU
znjvkhJ7=9ngA0VYw@$n`_tlJYgSI67=7S=MT%L9N+|C~l)@rKPEPZLmxokkP_HX!b
z^~Qr3M(td;a^u142x5C}&P&(wsx(Cf=?`*P2`E-a#9W>K{g&@@>)0Eqmydq8<GfnP
zy!F!a-yOL|;N*9oEPn^oAcCY{-oO3W6~2L;*}v(;og&0qcW~E+rSE-~TU16noTsp#
zYxaEg-uoZyJDW=D3l_|taqdAiV%8tnwECS-Hf9!7iUj1rZ$4c0^+AbDu;Jas2d`#g
zG-WhfjYfl&LM*j~?=G2t=6*S%&008rQ5B6;7N)IvYu-0|&ueXzrXu}=`3trkJX2?3
zY?|VC7rlJ)ekD_z@#=zQ`C9OD_4|wGZ##a+sxRO0#h2AK0(W#(P{mYT;qry^_g~D=
zSLbh7yP=L25(J{pyEuRTl2Q`}I@i0aJ~uE(b@ru2Z@l&W_I+lG+Wzt4_rE>CN5N<O
z*f%Q{F8>1bh4c%1o}cx)fyUCVoZPtkIQz_M{PEi_a<xpx<%7!?FFt#(AoJ$ArE{KH
z{^@sF1?A`WY<PX;76ip|t{hshY?X#WZ=Tro{;IFQdzt6=z5Cw#yAEG9*JLf4`^uey
zI_@hPj#3t_!Dt@~SazV@xNhy+D?h8OtKGfn^Eq=~+<Np%ReApEcV0bwvlvwOmeotX
z+<ifeo7S#)=kT>`T!2vshSFA@!31KXtd*PBt}oG9j%{4|&S%>|e5Lo#&UxYGTluw?
z+PtN+XYRe63z+$-?Vm1Nv0i5~ojdZw;WPIXGBF(LAs~Jsh~GjaSXYU<O&fn$`Qq~Q
z!nv2yOL0%X;S*mR-M`HjXXT8s)-3W85v=|tJX-<*@kfw%#Cb}D^#VsRfGDKix$igh
zkx7qs<?mAr#(rVOadTx&@~BB;Ms)7qDSpwim8m62#SdSr+m2d1Ya9p`AgtYXN5}96
z;s8q^6r;utI==P9V^2NN!VO6?7zvM<nKPz>SyW#<<JQdwZF~(|4qTn_;TOsNa<!>o
z-S!`bc6^0bn?b0Wb?bJIpZD?LBtKq;Z{K}K-Qls<o*N3TJ4buY{`8y4ecvNZ6~V3g
zP8>5H8PaRXqSsEGy8C$l!HLJW2MnE%9OIpP!X!|OOeXygdyY<8@WsFcPXrk@|A~pL
zayE*%YC==28UtdnSZtVj(XyqW1Z>v8S<}Pn^j1yIjdQ8jE2uFOM)p5(wtV{2kGUbp
zag#+Xm7B^le>`zz@=NdbiSt5`(d*w?v}x<XH=l{M>2*EFP3s@$*VbS3-j*vRwSxoQ
z1fUeTT@6xilfE$jB{hNcOAL5^<^IAU-DA2Ad?_H_XfTBPx!t^Z@5%1IoA;a;IBmh0
zZqdBU@q=d&v!>+BRV(nAAq$=!2I6Vce@t+zGLzMie(~u2>vxbxI(@tC#4~TL>lNbx
zO1I#~1scPO)6O5inDz9skJ|WSa%1tg-)<S0G!LO@62a8LZThuuZ7h~f9N3dF8+2AQ
zzVm=-!`dLjT8){yB27!i#<ib5-KSQo6ITbH`|*Tj&bT3cx?ZWgJ8{w!H;G*p0l;Q7
zxqAjZ{?wCTtS_EA)adi<g2#u}wDw;3*^&GTLs)F**>i*R27@jl;D-z6=1k}}U|6q`
zBiEmJZi1Su`{LVgyH8&DM8B5&5r~_4M<qU?<0eh<ArMcr`uO#mW8=+RPo_<J;pGAC
zW4&<QwxhcScks_Ds+~Bw^U!uJ5Z*<(fB<bbrekN>u9GSE)55#NUb}Ls!{`O6`_~kS
zV^%DCS&AXUJGXdd*@nCQdP*fC%Awy(^Sb^*L3MFO$I<hqj_8Egb)(sg8O=6TaO*j<
zCV*={!LnUH9P0c`uhL3Gm#HJC4ot4fxw3WNm8afX(>_S*NtUeKux0QUuMg@PpJ{0^
zd0_kV+g9Auc&~YVDsD66-<`4JNX9@<q!v-noBDLDuORcrZkxno<m1n_^gzyUTXje8
zx8}78B8<+tJN@{jyKV4{EQ9+;pS~(ZkPcCb1@G)|I8jGIn>=&)$8s!W)v|e@F(vq6
z%hsGwV#s%2to2MBGG^omsWxWDtDj!DlNX9HQjvP%?Aa;=8PO$d((Fytls-5Lq5$ue
ze7on$ye~Jm@&+|FcI8Wxx17%D*Dd+x){CXKu^x3fH?j?%bqGIrxyB>1?NbxS;pQGM
zJpGI^xYhIHdX(M?eR1gl<fX^H`Fcxa=W*l54XwWK`}U{bUCbIM7UG05aMrBpV1=y7
zpLq6K+N{z2lM_#qfqnb;Xlo-$M|;6Yo37h{3FCUSh!2!5_~^%H7Csg0O$b*mJa;2y
zU~t*Cb482Zd_B2E2%#%Fy#L2u%jWiIy+2LfV_462NKKjzv2+>w)UYJ~o>7WLUtg-I
z9<*=Qj>v)2=S}PmqE7H%|G}p1!`n{Ye)RT)8L#(k9gJ8j(^6kCS>X{l2#7zCwX=KZ
z0-@yWmQO$SlFwMOVsufdNTHU{wQs(?a_p0@Z-{KUVChO7B@_z;yjtYLv~$Tc_4?7s
zn|HI1ekvIBJqPiZkoJ0a;utOv5Qqgqrp}$ce(Ua6(@yms@<`wIaR|fpHHsuX{GwPD
z4ul{iDzU<5s>&}c?lAlrKB}OAAa#z0<wcIJPuf^+WU+9}gQmk<#^T^9j(E6ZTD_^N
zxTwU2U)Zz$q=~W_szlOIz9X?|m1Y;1Lpmq<(O}AF)uO4w>Y6r#I)G?M8VgKF^3)tM
zu{(Hf5fOo0Z^4vqGJ{FSt}!TvByD^b!g0)CD6r_{Z4x{gn;8{IBf|qp?o%D^aAXZa
z2?&hUsl|!Vm{@*yGxOT99fz;0ynPGPb4Y0fpt{^iP0B)YxkFKbKu}&;AykT5M0+8m
z1tCPSVJ&apD?!kBp*kcgPzfS&Q@IHU#%cxm7x29rFvAw{Z50?|qY-sTD2PXAHr_mW
zX4lC(-d-Nrh2=ynQCd<$N@a-&(d^p6MvHNgKqAk*wE2>I_kCLz@&<V>9^QTWPOi6~
zM@B)RSIhSLvaAYqbem{5(qbh<@=#y31T||btICQsr}uq(La)_V)%Yu7fb2Mm@Vu2h
zNy%+ggA1ul8WA1A-c`E0;WpAl=j5E<xa)-4%d;{sQ-ISp{`e+MSwUS&>NhVbLZ}P~
z=4;zGKpEI75?sg>azqHilDRi7e6{n8r>}QKR-u&%=61$GqU=dQi>{)kPXAcvmI!6F
z(wIm<*lf7JPoNJQ7p?I0u;$pRiYgGR_VoVUw@=}96-83_FiPq_ciPZxo7dhv9yDUy
z#8weLtWYG034D6Q`rf~vS`{U}pJ!RoC1CqI_mf+V0+iisrNn^|Dygibu2w-1PJ{0R
zND)Ip0SkQs!?-3*f@P+|W0z1QicfBhaAh4G6J^Y)w3yAFzCl60>>AQsR+d*wUq1ZJ
zS&i9htZ|q5bHxbimL-VgMTIt_^{dq%m~2d?QR)NQjMW+%5vF!$k0^i@W1yd3fCrn+
zqTFKCWchOSD$vBst%@MCKCiA)9orgEb`X)=CnP{lll&o7R-fCNTdwnpOA>JMD}94}
z<*c#x;u2eh{`%TavxTVDYQ#k%%zz5LqT>K%H(Mx0Xk-9cTLBho+@S+qajwoM5m0uU
z#VQa9+qX_UbU!O(b~nYgvv+Uj2iBZ(Z#NXwE|5GtERZ|%K!&%B3-tA7yNR3JQ(&#A
zuByf8s+(s&E4ybkXpFc_gqlq#5gyrsFIi6?RhdP@d7!85-LPJ%95g+j&|n}MBEY4I
zZQ97B?5Pu_+zkvZg*inM#Jq3o#uH*;U0IRXzk|)pF04t?%J&=s4~U6&2bU_f5*5%I
zt+vu=>e#*wyQ_fUAqlNKx9+-gztG)1I6T0IeMKns3ko7_R=$z5j_cu+3IXv)vv!2n
z=@d)ouU9TQb+}Dpi!f4Ob?e&IyfV!XM=vdZYx&;YEuWk;r@&w(2>jv9w(FqqGX}64
zc!zF|ro-_C;xB+mi0iE;Tp(n(80)HP%miqTp~-`mCl5NcW9_E(8=|6DNJWH!^;d$R
zG-cz>MDX@M5V1lbe~?pvbY|&VZhl^kMnE*^_v}8tRAyfvkTx4XfwOU7n9R+?TPPef
z@fk15K;c5MM8bvQ_Uhez6m(u@v9(=*kb4>Pl1o$XrjBUUgTRo=oCmckPYF9+1A<OD
zQ^HV;=LjfL--(1mHyf%iEJM6}0U<Hoe~=&DngQ9i7%U{a`-qUHx~eJ@5SuqN!@Xzw
zX3froCuUFTmt1-~eDV6DV5Nc3EIE)latC;TyIO71m<o%H0il3sA$g@aYQGK$4OS{(
zwZalOit{w-+KVw1EiBAIFa#uAos$XjEGEt0ZU46G3!4VVsjqG$zk6U(t5vo-O>t>W
zwAx+FF=UHT8`FJsS2?+4`Rcb9zaZ45Z8&iLnYl~5#`$0JG;Y4Emw9@Ls`Cn~$v96?
zT$=2X8ZSg5l1qI8JqM4S=8M)^7y+m$_9!rpqYS^<Ok;$|IqZ-m$>)m3goL&B;Qk*K
zF+*oR-p87AX2RT!{N^-@5fZ7m;VuiqQ-6+;v(`VjFE*?tMABm1zine^zs1w~wJ5%{
z<)!cL@O1<PkYI>NqQWsWBfBax(Nn|^<S1+8hg;L3yiF2MHyI}P8a#S@oWI;;r6e+i
zLWuYbnbdB`V;etO_SIKkE`R$qCB~W?0U7EywEv-xj~&_lz^l!0kSk9wzvG$N;J#Rh
zBh|%5o5fG<W=0Ub&df_&UREokxPw#<!!oW~m!LF?@(U3p7L-_ON}9W8Yn;FxhEEV&
z?G~UG_Z#zc0HU*^0<loU58u4jkjmXt?k$}@>uJ!LaG}uG&+p!;6wdsOJ(R=p3TWeQ
zk~;abvnFe6wS-vW@8fxL+a2xwJcP64pfAqM(_sY07c)yj-KA(sem*auwlJ$u$AGd@
zDrt55-jfHn1M7;3Qv|+#-q*9V#`1CyMl8a0SsBF=Uq6B+wxD7Z-u|MB)Eom6E@QjZ
z{qzSO@twfxvQ3nC=G~JgQnDX?;ZZh&7;0}1Y_*cyVg&Sk#%i<5+&v`}9@%Z+*gmZd
zdLtM&{CvC)AG6dq1BzAVVat%F1tN)aYrwhC<4p#E(Zk8<K^wAJNl#xlO5!<o(o}CL
zyR;WeRdNwyu~8zm#NN~p%0}`Ztk|z260uk*AktGG^oeQ>>aH>;vrg?96Qr!HE~zn?
z!VwW-GZtiL#<d>IEyILxN`-*<lUTd`6ue5UF3G%|b@vL26EeBN&(FIu^YZggOdLJD
zyAdN$)cSC3SUOxt^42FT-0q@4Ai#0lbrYTB0D|K<0iHH;N!W<T!@YKhKX-YFVPG!z
zN=WubzF)m+MbC~ghj*V4`L+f9cE{(RkzPU8@>)+HZ@HY^Amry=%3(N<n}->r!8UUI
zxXH6W{?uBcK&*GK-52}xVmRjI*wOS>xszXg{`HJ$kKsa`rW{|Z8QN;Ks{P^zwDnrI
zX8o`p$<-y9-bsV{xT*N=gh+#*7~S#1c{4|i9iq$6X*+z<$caxac=f#%#)3$9=D^;g
z!=GHlZne|(e1KzLJZl8W*o_8SELNq`uUF^Dw_lzyaom91)Vp;gfigBk9^c9bU;FXO
zqCTCk9o|Jrycmi%V8=%$2nln$ar%%{mw#dZ_cnDLZ9~Lf0a7~elMO#iA2(Daz^nCI
zWnh=S9pXM&_EO=9AvL+Tu4U?9d1nYxbHmlAi_<!uowehHvFz^h_djnNt^Q%xo=&4?
zga`X7q_Xq-x0-I@#}8ewg!GqqM-A@U>Z`Zs7Y-Z1=xP)CjujIKEp&Tk_S5greSG12
z->#THGEhn#+rPUi(|y;bL;i`6poIJIj$TXWFBm_lV?}vsX|)E_KzLG@))9xl{c`QV
zZV8p;Wqz?edbLqFq(OZ`y(&)}+Hod+P*NC*)bAY7q!l5=z8>lWmror~)tx=Ek7QUD
z<rNsHuh_To`z?b94-5B^gKY7J%6W@4JP&iQGuC_`Mi9Q<o)=H=-BWw*!ij@=CLBEQ
z^7hvi{rJ`TAD)~vV(hpPE8d=6HEJ}fD~{?mia;@E>9eN{bs8kFeW%FXJGX2x^zB%h
zQyAE)L%&w)&%WFr5E4?QqkO#m*rgJC$`A+4lJIXAuiCx+K<b+tUIMoVJo?nhc?%aT
zH}^~mJ8@`VMC*aALOm<YZK^hW@Y#22slM!9epzRMfNLvs({G*vj7~Yd<1?(zohsUW
zB7gn|3vi^|DV}d+a=&%~8`gX=tXJEbvOHyUk0D;}{I>}3w0*x}2QRExzj=Rrpgcb_
zf7A;zIX_3VbEa^{({bP<ht9wI)mG2M5LISM$*8&0JNE3m``}D{V|XRuvh{=$+vdc!
zZQHh!2`9GAiEZ1qZF^!{-<~<&x%a+5_D+6uKizNFuCA(8tJa>{c8YVD1DES<pmOA`
zfkKti!=KIL>-eW+FA{TPO1@vuk&?6v1S5eGMrb~@$2lYC6pU&bNyH(r$>Ree92EFo
zbw8MA?yjRVJBRDR1aI+kKn?ai0_oCNJT{0w#xC_biXOCh3uxRp&E394q_!wk@5P~<
zkIUy)%{k^7qrtvg)a8ui_qTgDxi;g}i&vVk);`rB3dsjoT!rc%j!!wL|89Sa4&a&=
zeQt<}KtOmzQ{@9Dcv!*~m_Q3qMdGdt*nX5rZ+f`cDx)VQYqHy(azO0z*5!h`;zY$?
zS<Kd%;CMr{s7GRaC=nB#_IcAOctphadz{(5i<!{;;R1hwQK|beRYwTYrZs+5oRTmK
zj8lu+#cX!iP<S=$4)v_GV1FIrYmV048!Y`X1IZ5|!k8*egl0hAp8o?W46*$4@xntD
zbg=g8%5t~5fpEXz93GEb{r1(0tI6)`^$b?OKvq(c6VM&->U{S0aMo<luU1W~?e@M>
zd&O!~R#Nh3qj0>bQtNmkbG}Q5i;j-YoBaDtg<kjN$I})zy?u^2iGRh%?tAj>RSjW(
zCAtMlg7fLhP+oZvsjg5k92E35G%T!ugpGkgE_cph;P9{q@Kh)?h!F9|MgdVA5hqcf
z3?W#xWTGu$t{*R9Er|OM^kX#PrYqzhvnjt#c-orK^rwRS3RHf2ia6A&>8pokhotC<
z*JP9BG~`%)4-|cUYbA63lUKm98f0Sm^~a^su#l*aLR;PNSQYW|S1TCQSE%aE?3Q=$
zW;=<MBy>Zf+rqxwgB6H60S!t-e;(00k8;JLU@bQ@_1v-!1wxompHW95k|6m#EX>o>
zW8~Qi+mfELe9;-7r?T@9Sj+%#7@@5VmkUaqI|#)kld-wAo4mOAZ)xg#2ncBCdvNPK
zo0RCprasA%H&{$8WGn<645GMJvLAtfk)eTsVlTf+Iza>l+GsRgBVpwakI`GehWR)y
z!t_Z6n0`y2AYvoa658{Vo7nQk?dBR1PI)NPbhx%=gnBpVy$8JCcIE$w`m>29a<g>7
zc_LMBpWR~c(H;^M6bSYr(sYV|ex#tNPVEA3z0Imigy8-P9t{5CdO9bfmqm4NeIx!Q
zi%KejG<}^b1RnSd_8J1-aLUO(giKM<0E5j`aQ&K;Q?SKA*fol~7Gd4^OGE|FPXSkR
zIGn@7joeIZhL4(YMo3xLDk3UOnG)3ik!G_1Sl+-ejGLP_SLde{M_xHSq!<q)BQ-fY
z5v5=SoF(R-u8PhvI^I47`i-r%eGT;;bQqNBgD9w=gS}ftu_9EkSy&%2CuN(?Fs-yr
zuE05;wS4wSXlQH>Kil>Uz0dU6ZQ0K6m6c~!8%<Eu!(+$=zl#LqL&e$<J$+#}0uNt*
zgx6;<KXU<G3I<18Z@_r+7Mq_`2t&$RD(c!;Sqm4nwf!Q$KgMB(?7S0;3*rsrV*UV&
zll@S9xLm|#Sx8hq<Aldx@>Z9dAu-7!#EmDqtN)q5{&c!T$Ux29H!VXOPf1Knw26YW
z92H+~1|Rh3)&XcKvQFfF*tok9pse9dBwyH#L$qu~a0)4S#7zoKwrTF##f{%LHUuI>
zcm)pvNv2SJbur&AD`Ia}G>W#|BxIfW-tXXg)pI=~PZ+F^k^2Z08VW^hu32z@xxrA{
zMADo$gfm~|m6%;Dyt~+{#O3ImD{{c|9*4O5$!mZ(i<I$3@=di44=8h;>|_iYQ)DJo
zK}hJsGeD52(_gE};zaLvdO2B8r6yU(YpLU0)!`fvlbCZ`X4<yvdqTcPv*79)Vy({1
zdZkH-ErWM_#s*RK2<v<?&m|4If0$U#HP2mt))X;-nD+WJ!Y0ng+}Jl89jYx!7!e8U
zGB@6TsKV(EGCCYC$^sd?fOcfO7O_lq^x|U!1@J1{sX_2jy$V4H2NB8#?${vCH$wd_
zFimbm<j>wovLqa-o@YJFs7Q+Dx3ZAcl`G&!lp#Y)z|PJ+({9vE3oK>hZP03_?)1~J
zLRlPCgsdf(6PG9^8b*nHk;ag?5EO2yi!sU7O}xg{-YMnLK_%#ysUXj1SaEv;%(qF#
zR!22_3MIuttNBWwWfw>wfnIN2%W}VPnaBi$2_bekA^!JH`$ob5RaI60Z2+l8r_NYH
zLLy9_{GBIQFRg9<t-D}ApPuB$k1XzA0NRv4!Dojxm(4dmUI#&d++?wIW*K0VpnGR`
z_ZL9qFB+HY_2yJgwMv^XNiy5(k>glvz1c>q{%F28AY?+XrpL0;|CWM^#_P0{Oh`~L
zrSk?{?l8A^EaW;r{2$E<tz<7-BlPxykdu;<o#bHG_@d)3$5b`=J>bVjw8Nj`wyr#i
zX{xgNUoEY<L$|KU-HVnB&~h**BQNrH2e9)jyaP8fVU0w~*7$a(<2AJzw1mHpGHjRh
z<eU03zN_Yr>Ck%He_Wr+6es(%@n+~qu%JbD-yvVhrqdK>D|=YE%P679BA|Ec)w1Yx
zy-u2W8<4<W&bw>|n8qb}qbIabpx$Ocx2s*Yd@Yq7BI3<uV+p3q?0vngRQNn9ZG*>s
z<p<8>7_eBIOsZHVyfea{O{7+hn$M^mQR_YGR-Z_TxkOqwfu~RE%>S5#Z^fU;Ccj|t
z8QK{zEw5W0@%d?6Hf`4b!|KWE+Nb=}>{a;APJ8X`<TPR-*;UWFYM2F1CV@3#(%t5(
zsCqi3tI@NzTTq_wq$SYSK8zU+>&0iX=ThOD1ug4QarqmW=7}6-+$Si5eW?j3qYFf+
z=+4Q_(PTPM_Dg`q&kt_DC7)R@w-FqS6KPXq^^yjwZMY4EpF0Pl&jPWoFS9#FpnhbH
zwwWm@YMPp-$HSLun=QXU0wLkxz)A2}e}wXNuM){V(LNxjZBj&eiB|AYUd+fjd%}X$
zbJ<o>an!sOM2X6@wbfMZ55u32$Rv=T{w~B!DanXH9|n!#;K5>*9ltCZen6Z9AQ;@O
zI`~HO0h<{{x&94jVs-}-f$Eu4+$K|f_AFN4;*`)_4*eeATj^)P<!}#`v(e2oCr1_z
zj5+Z6FHg|1$PF4_vB4ZEzJAPdLT!1QuMj3dYXKWc0jMo0SLplfBl!=h=vm(rHy3@3
z>j%#S&E1-eTwf0+8pcfm&f6&;Sg31@hA**`2^IB%O8S>AK++BsQ^=PJeywzdEU`h#
zDtxb`nB2HtUAxvr4snWfvgwPu-D&}1v6!2B`|MR9LM`u|UJVdSSEjmEx<D(X6CPS@
zS54@+*#vQbU9~nc$6%YAm=A6R_BpWaitDXNZiST|V&C%YyyMe&o4Bu3;%d&G_PQN4
z`(|=nT3;RuGk1VwL2y6K3R2`3LSE3iGLv0(DO%VovQ(o*81-5p1&$qM1{(~@elNt&
z9Kq*px9;5KSyBfj>JpwuVmO*0$HU_DNo6z~jm`I|5GTHn!){MR%=2*&hAf)T!1?0`
zC+AuYTVQaYA$ya@QxztY>FL93z1g&E8u!alRC>33It1`u%!y1CXJUW}E8OZ1hlgoD
zRngtVvC&xhsqrQ6mhI0=Y9jwudx8c7<w=)=qj}3Ch5f2+dzu+(m~-kV$TqlafSXn~
z`|%+pIEW$jK;Ql}DXO&`HNc-Pxk*m<XL@u&-p%#|Z{As5UW`?x!2pr)i%b(8cy6cd
zbK5&V+jg;4-mC~%NKj)DG3`hhNxdxKL;8j_tXn|UoAd3fc`q%dzbZ><J0lHyQ~|wf
zkt7M6?*i=4F81TV2B{xVmrOSZvj!4#Y46dP=ktI@iFhyk`P74YzRR=HsvV{CT`vxF
zjH$8kY&I=IL27X{0k=VvEtkFvFyH=;3{~L`BM5Sn`MRq{^9>#pgB4@QQ{%d}4r|N%
zXa}2QiA3tVw$DeHXb|hXcw9D8p@n4BE0pm$0s^0q$(K}mGK9}HO6&vMwzl{2<AsGB
z&&y6P$iU${>~Ep+va+7Zg#~4MzZ$YY@i5`Ja<!}T3hVMk0Hal<Rz2hQ%9tTTKQa>n
z{Ff*X-;<OIo&h4FZ(aQmC~o41!86K5BEtLGAvy*gI60S)B8uGVmm%aY31P;dbjfJe
z&(G_(y0DeaS&ug`kwBoaDJ&y_jIE=uLufhH1jAG)d6!Fb>VVI#qv7r<d5;m&KA(+R
zA`k2Ya_)t2y`Ps6b_ADOK)!VWto@mJM^Nz5wg?Dc5(r<J6>XQ7B&3btUp^lX!AVrS
z+8?82f^j<O*$r_v>x~}nuTI6q@IZtB!A4nWX%dO`R>x!6Oim8Kya^JCpV%-pAN<_+
z1DRiE_G*C+TnX@tV&-HH&Eq4Q_QMxx^gioI{@b8m`{y$(6T~e;^f(_TAwHikRKxCP
zVAewlVqHFFEVX)+Gd>xpbjz$q&uM|5*>#Q>kp}B9z^LK`1fTQIau<zE@4L(X{=lEI
zZf-5T5c)*w%Xlt_g7B{J_B01QXb84!E=$dN-F97D@;WM;MKahuJCJ_g{2Flga`j4Y
z^@=$z)FX?}#f?ZKy0rvD#9@Wsxs09S3Ut3e#YC@WiHHs6d_}REPq#;iE?v<|r>uNx
z4DMPReW^XWFXDUD|0;Q<1!#r>BpqjTxu(}9P4C*A^{`;UU0t6dBO`N#Ldq6TIpGK*
z2Q61S0CK~&(SwFJ@DRT_A0Q)E^Onzg^9_VTyl!5O`^6&l12m|e8yg#p`0)NCg!=ch
z?vW4t-Bkh}K87sY^RzbrhJP3^5;pnw2o~JgQl-auvct~atQfvk(h3y4M|>V&NJmem
zK)`qGDAB<6wHLPsvJTAD-@no7k0+cRUBz}*G5<%8bY$&IeJR?W>(T%x<H;iJahG2~
z8R7eKvs>Df$9P0|_+EcGJHgBc<3CZ<zaPdIKGfQoPVAMVx0XfkxH!WcDa#FafyhVn
za^vd`#p?5D7(NM4jyEw}&|pCST^esfQP~VK7f!Zg3AaUdH}+WOVi%^gSl<Bx&i{Ws
zGx_!s{r4ZhcLnbM-ac@h%l}+3#0a3p_J5bvUk&L0uK#<?|2^d2F`th5ZghGXYINZN
z^I{nN>|Q}1=WpkFX(SXwFL(GUUV*#ypU{pwBh2Ym2Pw%Y|897o9}XA|&}u0Jy%d6e
z?1k>=a3rEc5~a@`eN*vx{O-A$`D6&XyNB~EceLu6_C9Fmh_^w2bd6lg#R4LQhSTpY
zk?W8;1W^^3L(Kg54nlpt@91&?SOw5rFNGB*gD+1U2dGI#>_FsPGV>Y5dfrs4tyG(!
z1fgAfJ2w$%WQZ=1Uw754F#S4gFiZC|(S-HFnEmu*CU&gG`EJ@E*R4NA{qu~+E~M0y
z?!K86YxA-&Cl8XMUPtFLdVHOXmk=-4&;a-t{QU3pH)oG)I?a=x@tIr@p<moK-!~`J
z>yGA=+$9nJP*71(F)`FpOn1-Fj>YVTa_z0?9Jv-<?4;6Re-pF($*X?nHQbdcf^#7n
z=U#P{v#?<^?7=<kJhV#Sjbfnf-&(i(%0+-+LPJ^ocy|L-9#I4WHa)5{|Fh=WeRPFt
zO;J^$_~%nHL}~t8b8>lmvmK_S0<-9jiv*VN-p>dFN1b$!hmQxfkjHZfY{b7CKhO=*
zZCJg@J3QYoX_~LoGy{0xpWJIxpSjYji^;k9WD^+-j+Y&3?v1f@dM)&g!XazTc^3nj
zAL!1$WDOWox;sR6a%^4YMi0~KGcetHF`THH88NZJaU2UeSUfgZ!8#lZ1=-$T5i)3F
z&e!&^tIV3<0y?Bd%LqxOYP@gOMnPHNn6Xp~c$Q%4s5r+Uj7~-zt6J|YLuK=!CX)Da
zEa-&RB7a4V5x&6R!#iEF>W~F%6^R&6ok=#|b=$pO#SpM;hX4^ZA-{s3`02?7O+3Yi
z@!0G%fXV*5;jHH*Sq{GbgenG~Crv{gd9%pstEy7L>m~P&?fo5O9Df5$xLax(NP@wS
zStgF;Pqj7o;Y(?;oL(7g{4R~w)75Mj^~2sE_s@eIThL&|w7yPsMXn|rhqHmg9@S9_
zbU5VC%8&=kgr6tRhi_mKI<NQU$m5r9%gH!gP9)W9D{V?wmo`Q$hrf>PHUP+_c)P<E
z!8IP!Ct_UFK?u*=l{TGr_inl_i0F^NRwd>DBk9+RJBuXqf(83Mchl|NePEKc{_ino
z5KjjE!LO|ny(4iBckiVUY>+BFGYZ5!5c63)T-Dp;h+ds8efh);I82u1Ox0N{J^*6(
zFrapdNFJ>IpkgMQHAYz>{~8P!g1sz811_SX^4t4)M526vPFq7{Hqvny<e&GrksGdF
zu^Oh|D3}jyyn1;li^<y*7R8QY5gOC5^fkbk{0vIJ0kDW5_~r7fRjFF)G$(fK)>$jd
zq{eJiKVDJovZa<?%~R|R_scHO@8mUI&qJchmu!nvx@?^mJ?uKXIi`IjAkw3d^2Ki|
zk)hGMwWdl8`@J50-flv$V_v?u*}b_4xg-G%{Q4N^9cRNsKr$UK#<$~gTjC-)KPZaP
zOY6Q?%p&c>)p*$oNvSVG5WefhmQp+o%#82remls#OT{WzsNXMFNq@?Ix`v+Udfu-~
z(jo!KMA+K?ES%e(mLo*G9*4X3F*tom!uN^Ouy{zqM4Rw*SWK%n5tubmd#X}z#|;FG
zojU8EZUP@{POzBY((YP|9PjApK!GZ(&hFMGiqC5rFP1Gx#`08N87sW2N?t*zd%ajj
z!*5l=NJmin`SxsOS6R|Tcoff7J>^k}^#muc4u`{8$+ALV@y~%iFYhe>X{^uAp~#g+
zLqZ?`@94l3ow}^wXSbY5Ph#}*6BcHNa@`;#_(Zt=fY^^L@g=QQrW|SaI9b>nYrX2i
zA*gXWL%6$m#K*g!-_p+!oy=fuF(R3(t}eBmttBSok_|ILkPe?Y^Wk2o``V|IK7}_7
zg;u8fFczCNvI=e@kkuXy!$fm^l+{%np4El&<KJbuttDFr)5ja~e}Ye*a<`<8CUC8u
z@Q&5mDIagw5bWS9F2)ex9LCwG|61@@$c^OI-zXqk0}n$A5UHl#Digswn<qU9v9>-4
z73es@BA^kUH7zts;NoNaiQx~^?qw@4zYN*`Ht76ReB|St+mUDa<p&~gA=YSzsC>rr
z=ei^1N_qNXzVhtE$#Um9PWPv9^(>joC70oVJ%Zd}0G9>k;U(tqxNt8%O)50W$!h23
z`>`&EE6pa)S54i;GkP`#h`&f{9G$mMwjKlj9^7AJzQH%T;ASYs#Fk(Tjc6h-P8g#a
zLIBm&Da8F8ct^*R(581h%A~9p6qaWuxkNzdj;Os05ntU3uJd|4x=`*u2>ZP%pIfiX
z+q9`}RHGhwv4@0MFL8?fryS*`x>X|a1)Rw(g#ZFuLn{EO){l3GH;8~JwY^wUL)8+S
z(|x6{GNl~ZMiWcwas`cH6Fp3rlB1m!0U{6}1%O6Hgvv++G>I{K8ZL>&gunHfxh1F>
zRhLZDX@eHgo)RKXV*INWK}nw#S$x_smtxMGC@KCGF&HV7gc8-Gm%vuHZiXNJkv3Q!
z!=_H1`BhWKc8qPiKwbO?d20epe$)>p5rrT5sB!s;$|pxdT~<uk1Hjj@l;xFhFponk
zgWo6+BzXoYqjb$Gmc)jI{q&jr$rmUI_<$|A{=E%+k{k0k{8*za9E&&Q6J6i>@PPUe
z`By_^e;sy$?K4T;TP;<kKD<LysF*_f&Dk#n`aVzYbWq>CngRp2-|x3Mg83&^KgK5O
zK|Lit;oe!dK*VZER@@3oYaE5=eSbO3)C4CCo?8cd5%78=EEqJbg@TB&r|>>IjbiB3
z+=Ylwic_=_@dp9L>(U`U0kd+6ldS%Y!8RZ-^b;;~#kd#DEpB~7j3OL#+-|!EB8=Xs
z&#^v8H6SW)gS&G~k#4PmHElWVyOeu)FFO?jD|Q&OX1U|(!;T(~Nhzzuoaa)7YPm28
z%q_HPP@~UFtu2eQJNO_sPtBgEDj~kW>H%iBF|n~+zTpn7{tE-5f*u~9lClZRQ(`=7
z>5Hk&a1VclX4lQBh_O1=_0$6un=>bfAsYnbf1KyG(Z$1k=7+MJl@oZFvTThDuG<)|
z-2=ALb|#O*$7~1uQY9{z!%k}<_F>m0vqW!Qu<vtJ4+Lu7_R9yG>${2u<`Xo_fIr(7
zgu-qpcdOkna(2gq=yDSc%i<w}*N-P?(L~!hqjpxJ!e+-grTe<j*?{=CIqaXM{2>HJ
zKX|*&FOnj*E5dGxs<tPw7@eEgcCK2)o>=3cS#>=f56P&92O;CsBOSl%+6xjOK|WVo
z3L;vuF%neSO<#A~b-j4M1<r)OPYBF!*(3YX6Y+AZw?>c}&MbQM?<WQmTP=C<7(V|=
zCbUI~^8IFQEvP$*JMd$O<BpZQMM@vI_3e7rDA~JZ*GMQ1m}xQR@-EAJfs8~@^!<6V
zO|FQKLxCt60_<HsD11OMA$O|$;o8<fZA+)Az;S)$jjbxA@oc`aFniGGAemSSt<wfJ
zZXKYaTOf(Q;_@&2{AB6T`*nyKY!Dt10T9HkoIi2H59AY>uM`#HA3q?>T*KL_C)Ts-
zvA6h{t{Plsh#Ypp@@k-jUZKl*c)^j-z3L++NWVOdGflpz<*a#NwkNERK6$ji&tx)&
zl2*h3<L>4E4ARqF4$$F<7`(lUf(pF9zLqatoXUpRQ<X<S{{Hg4rL|PW7SE;~KJDdx
z9|(_eX&i}G`g|r|#8=QRSBu2?JRZaUbR14+>i7M^yaAr#HX3e`jJI$w5i=nqET9hm
zfJD{#`f!y`Lax2bWiU2hN!;Pab@6)Z?;$b~p#;u=5`-M@J2SGg^9?aN6y=gIH<vfd
z5=MmE^Mi;;a5Hhvh3D;iDLryn^Cc%audoQjpa3Ca?`M}GFe=1hFXF79w|C$~u~fP`
zN-v0@po$_;`Eo!WRHK=)TT9IM@;`eg=qOk?l<3GU;%GQnm&b=Em*`9FS{~&B<@b=7
z8{IL=p+-Nen<N}|^tN+qVsmyzuIc3(aS}t?V|<KBVuk05tg>4WTm!&PSd2G9d2!{_
zexT@rfIkvfXm+<$#lT$PV`H9P?H@LfLB4_g^CNt4+&r=p5<osaAG%z}reH!AmC+fT
z`->{oe61JrDOp)hgF9q;TAfaFTJ>Z;^;boTm4@bH#`LJ%BS@ivFf#oV$iREe4la-E
z#r(-DO^$i{KmN$W9J3`ZW(dTV48SQ&nL!w_o>Z1_=L+HUSuD}(x6(LRWuFgy3EOMD
z*?K+4<`8Q+FJhLuF57a`AFQ$=sBYtuf{qnLU;KhTquiEHqU+NWBW<V~_SL_+Xd7P7
z*B^k2832X<)FgV6w7eP&d4dQB>{|c!a0@^cK|rAk&Q6j668BjQILI|!*v?xy{@3#p
z?t$Gjc#0fb_qDh8?ztU2X&+|7AU!uTE0Du8KWvN@Hl7*&f_xP}eQnvXuYo7Y1yToY
z@}7Z`|KBv~d3b+0Thv4z#>DcBdLF$>ou0$uG7^1=hw1Ekw^txnz-}`2^}(Beb&=U(
zABH~<SX*3Z3=Zf<%iuVJ`mHFlieKT9J8Y8yxcpZ3CT0cRM9?Jtpo!NK@>wDtCEBP1
zo;WRkYKP}Bjmc;VPrlc|NM$zFF@=+t(Mx(50s--AEK$eQi2X_{Nh+IXw9od!(b6H3
zScH~$;>2k25*wA8Tzy*(qB?B4YX>1|H*xz#4xa#=R<n3qh1WC<+TWfomw<&AiC1C3
zKziv{)KBBhEKaf27YK?e6KZf{)0Ps95kL&{H<^g2z$LX;w#&)ZX~;9WLc7cIF?=db
zOn53|^RB&~XVYD&c}i0(ETTwv3^&eM6@v)f_H!pICf_<Ij;7fUHG;=h0F};SM%{Os
za~qoq>BZfQh1SK_MP0ZpJ<cywgtWp5Cu@0c{W%a<k^jbt8U^6p({}3+xoR6>Y>6vx
zeJkK$-8i&4K2s+);WQ(Gjkg~=pu~Tg&(aX1cG1|u0R2z2V0=Lyy?U=X9W5aQVm+Ug
z=J_s~TO4Ee5`Y}=mYGW~nXAmm3>n4=C_MCCwbGbK6ZCkG`lrIjAOcem>bFc<Z1EGF
zxBp915a7wY4^QOMOzm^|t36DHCi<6eQK2wpW;+y&{rG)Xx`q1{0eu<eyUM>EPBY#+
z%nZ#i+FwJ3V!)C~{{D0TDQlQs^D^9#vo=ZD<OuahH7N<w!p#k4^;bbOD-?X`H_(AA
z!o3N)Cbmng`0mf{fe*Ey5Z`C$Z|JdqFTe-J>iF0>vWH^Kk{JUm(U<4>fvFZc5EwW_
zh#nNQfDRDsc-BIV0|9dWJ=c1dB?z!e2rGt*!4!83iLh^0-geQA@F5alO^(HI_?%v9
zgy{1#9F(8~c6oHH=`?g?>-sbM>~PI}gr9}b%1Z}vA;o6$_7K_?f`3zApbFf`f<XBK
z3L0)7szJUVz1V}b*%;~^Z+5>WjYlOq4T&ibB1H){0me_0V*%BFQ}PFmu{9%)e8iOC
z)2m#mhN!ZtY~jQywp!@#=@=?9i^$`Y<9wb@k^9|&6{Csxns0`&+)U-eginj&f%o9P
z8v@J)YAKn+&TZCq1P6F;dvL9_=_6sC|KGFdP6Ld2)v@=R+3Y_{LGpr&H3OVg*Kj^|
z5AYp<&GB!$uS_mNH-%w@6c(yI4-K-&v3{TUQYIn5bLj5}J}=igi!cAR<4@3~Pq|c(
zbKMQxM;rO?X^gj`Y=kENQxb85@cVeHJ0RI>0l^5q+5VoU*?lAg>}@x5_LA>yzyJMz
zDlCBd5-vC5vN>~VYN~~W#naU$69x>Zz&i}?@<{`r!UU)f2<;qehJL}}WF@hGm2_C`
z>n+b}Z++3oreTR*<Nv%{XgR=2=Klb*&ii+dw9m_yBN?2|w==x~yNHNr5rqu}#s?(|
zAmA`gvLPK<k@L>wi<a#^Ut0+K2+JDtVMW;2@*lW+S4W=KXZz`gcD7O0)RV%S6W@!o
zC4oOk9axun&XCRB3J$L5)KNsRvVU6GOV1G=XV1RPit?S`zBATl4nCPlLi`JRG~Tj(
zPft$)?hH`Y243<$p1MG#QXLp-f`Nl`+2wKZa=ipb3>(A<CzMfM&z$I@xbv<2zGnyI
zL!MD=*<H-Sy0fS4^ia`g5IL#j;=Q@!Hq)@bGAZlulxe|nLW=*}6amI2v60Uk_Ue3)
zufESA&^V@l$L&M@oA;e5TV}ss0@_y=mbLs(@qNaM>P@{Byfo#3tHf(~a)%VuKr11e
zYf!lSzuVLezS7NN1S(6eLfNW)d3m|j?wbAk_iw2bTK_i|78cd=r0i~qc)-ZWeKOv)
z-L518h=kF^l$4b8^fMU9OTZsyW@hN<sD8~kuUrG$5M*F1*v>4P{eaDL*)DGc)3f6f
zT|Y_s_z^xs8uSYj6O-dtkZHUvD`Y!L;^T}TepL~AZ3-=KY$j-GGsBg>d9;o`3X6rM
zlPQw?V@F~H0JdAL^n{g)`}$*hDBYHe!H0@;fC7@ZY07H;@Z%HCEsoiOk!cQEs+@fk
z_x#S4Nh_hs?P+=2qK8z-j|*jRtHb+tW>!h96)VTvpmB}LziDadL_GY(<Ar`-JGjPh
zb|V>L?w&dBBOeAw<gYb*qqcsaGhq+&a=ta!<q^@-LugNAe~l%`@vfFCnc2gtKc6n*
z(`h!Smn#26hU5xTR#vXixTDzlqpy2&dz;2%))W$Q97h}i=-d!jN?f!|e;T6#NS4){
z@V{TMcUc{}Y5-}a$kfLr`u1qFiO!RV{H%cNhiqTR!eZ9$IqJc}{r+VC_<b-<t<N5Y
z+IF<9&(0M$o4X4CbOpFrhDB@1tM2O-Bwa$zVDF`z)d?oKwjrLRHOdj-b|vD0Gb2U8
z1j|XOST@U|fv)0Ju?Y$IEeVKXQ9`q8Q=ufOjG-Ds(k=|&t9Zk6g2N|VldFH-H^vy2
zS5N5Gwdr*GS(YMj6WOrpf<HRLfGNys4})R?GZ1s@nBEEP0t1biMVW$v?y5`Gm)pS@
z#pJY?wPCQR95$Nj>Dk4JLjc#l9K%RE9Qtvvlcuu>*_=FBrNDna=QF#U$EOOJgXTL0
z;ZuKI>&nJO$8mq&L&w0G$9#*AvbXw1>r4PXcsX2eaT_!(7EvRdAp;4~v#EbIbIx^s
zDoTQs>RiZYyRl(9w+}UDEd+*90t-q*GcqPp@gcAz9^VTYe0UiRk*-WS9<j<Sj)fc!
zmRzmog)r+e5sDY~IEeVPtp_u_7727ll6W`yU06h?TftYcDa4QK;;;S3Hgf%lsjI7-
zn2=7Nba^;U3LO~%us!`tb*Pd2UXtJg41UX#H%ya8mwF6_!+(dvSSfe411J}Xl>_kQ
zrE0w|e3vWT_q8)WKR?b)xG81?cu0F~0wkm<@aeOk5cCEgb4eykC}+-!=5}|?B95NZ
zg~j?U@&q;AJvP2uob6ZZOr%_{Ue%zk6`HuDf-N*=#d#2+DFiq|Ap=%R9YNG4#Rzfg
z0}_Yg&`u0Mjl1R3;L=&!tFU0g_ysVbWU&v=$<E<b`}>`-eRrfZoROX{tzs|NIeeU8
z`RWQcuho9cU@eq6hrVz~)F7s%OzA8zK;@7j+|iK?8K<z}v8>R92$*$Mo=w%)0fp0b
zvvcO1*BNB&2+(%qXa&hBE*C4S<pn|D7B#cEBgv?CCm^qOzpmnL(>-*b@6QSf2GDp7
zAM=6L>wS|DkJ2djs6EpXkjWrAcnMvUGLbP{RWa2)#34Y5jfpO!Cq-e?IU`WBi5zl6
ztBsCXLHPs9jHTkG`m%5b=M&nx+b+#RmT0_^K)((T>{e-ayTn)Kt~Lx4<7y2q&yk=J
zT*>5`Pp5U-;x;NnU_Mmb|MMdIvRul_OltJ`>bg6gdU<`Vdi`U>4*|$#9pyGTkk^X&
zgEv3MJg;+Va=vW<ij_6K2qUQBj>l85c-#Y<n;+|TU8zj2Rf4(vJFJKU{Xj#5GZ53f
zjfbh(K5ex5HH^%)`wbTJ?@8xb9tNj})!ke7IU9^SaTE!nF6}N(%SZTdXYwb%CFa3h
zB=wtzuqi14ErdWY8CQhBg^E3OLP|2b&1cKH(xWk!^G}VdG2S1OwsLZ_597;k(Z2+>
z>_za_D#h~Nman|fmb<UEqV$s2l$El*a<!zcWUe|N_dgw%ZTT=*9JU%9G8Lko@{M1j
z%boFkmP^U^Pt&QkI#r5Bra9~1=cm1-2eZ9iPbxDQuR@pPcsWSN<dPgO1{MXeQ+<fn
z_ZrQ6oia#(_Nykk@Aj*p_m6qu+YEO<khgW1Xfrsir`fO%f&2zJ*yMCOwoOI?OZQ(P
zd)<SIfK2GdIso~zs~w7=Tyn9j-n+r@x1*lq>Zj~B(FpD#8SgT=c8u_K_@hxLbH(n%
z%n<w+&s8wnWqbk3m;xootqX9d5wg~hm;-4`Qy1uL_B0|$zns&p!jGr%_nGjE@3hW1
zp9lFoM9V%+doEojeGTZ~PT`{B{eC)HPk20Z@?hLA=Mx9!di2z&#k#Mz>o%*Tjs4l~
zrLNF^!oC}=KW)BJ@N>Px=%#)#ObB@zTvcHWd8~xmdNfxcKD&;v-+WX;-LGoUIfp}k
zGm`yv6eY*|Rwf=2{ri2Q<T4DxhPUbL&E`$ER0ugcn}?0NuDbZwc;^Q2w(73WG5uh?
zgP&j|4*Pq6{Xq)^AJ{Qr`lhiM!uZt1x-bxp2u8K^zvA!>)phlvRWW9pN_hd`P2ctS
zip0MZ5fPE$w3W2xxE=z-H;(|StDypRbhXj3QC3zKKZj)R(c=pwS$I3R>If*H7D=bR
zFRGozh4gQMfd)d$81hRkp%l})A38foKXKHXz0Qi<9e0`v)$FCe>G_!1NKZ3N^W3OA
z<#71}#>b8-C}rU<Q+Xe^vABj$Dwg(?Mo&FOHF*ueg*8QE+^j_Jv#pYmi!L2e|GIeK
zG#S@m$~u|j#377AkG9bT2v_CIBCmrYsa5HWP*({cSe}{bS#!C0Ei9xOwTV?}Uyp4{
zmQDNm(HQo5z+<zucu2)UQIUoJsjCVT(kcUjhm-oVT`ng*?xIvQ8EbW$(%Hs;mBs8a
z72#kT%!Wn{%5Vxb&#TocdA4YIKEg|0+y^``uY8!f;yN%9rm17^`gCHov$u7aVAt`a
zVxHbb$IG<)+EvZB?THf_W&d&u7k0MX>0vBA2hbB}zA0p@a<kfwIwdomz}u#?xI1-y
z+$QhQs3dH^?2@Jgs$MvWdNjzR>{g{nfwsRaUYnG}KE1aVaM;{dPp<bKECW`Ez*G{`
z<7+Y9%Sf_ukHTFnA5<&fmRu$ZZOX||mGikdj5f%dUiQ=#A!4x@HtYWUC0H$HDxHmT
zo=afQ&DXpmD!F^#ddGdHnC$aT6Uy}V7{%3$=NpmW(WTq$Y?o3y9cjM*xwh9_hEYKK
zbmW0wEd>}_zg53K?e%oCh;(p!$-<{S=H>p_Hw(gLQ~=hoNI`pTD~fshgd^N&mtx;f
zhlDWiJ&|*;&u2YOJMS0*r9Rem)_zq$DADikOoZ^3#eLrKFKEO0+Uj%xO`<vw%%!KG
zDD{ZJv*P`@??<KTmBZ=JAls@?jZiJ$<x2snv#pOK?CsSjO6C3)-jmDJ(?2|H_R2IZ
z?fHHqQcVkRi4Zxr_U*WP29}rBN*xY2!i8-YWHIny%aF4IPo@(c$;EQ34(wgiEjL2$
z9GKouc(|wc!Jg%fHDwJY4FxK{V;yWgZpRhkUI&}`E?hpZ%iz(^c@|vf!(Y&2aB4yY
zkGQ!6jN#QNdJ=`iA}?1s;S9zG6<d`-U!gB>aTxU{0$CZL3RDDNqnL)P4!W2-Y~*`B
zmoh!Tp35X;w{amf)fDy%oya64NfH}mEWMPBP8SJ3FXLpu+`FTuW6XkLV8^9AZmxs+
zY%guIW+4;E;F9to`Y8fyjFR~aek$F0!J|uZC!QCz@P|HOaJGo8lh}VKt1J~snU(+U
z$^xD#trW~9;o!aW)G+C`wUG&8t2R!SNqus7gMdV+YpU5<nF0}7=MI@g>9;J)XD*fp
z6@~OjU8#VP<nrKLlUKkY1_cVU33<BMB^GMS;PW2G+3M61EAV=LkaC^7N@@IqvffE!
z+Ndrur>d&1u4L2x-oI3UC>Mjd66K?#<f3$P$mDiT>_AC!5Ht)<%L!yFc>skuS%ssV
z1?2S_Wt%dSr_(q7))YxyPLGnsrDLu<ZHrCJp#0jV#dgK_Zv9&@e>$b*<wx+)je~o6
z=e>!u&lNCIV>Z41hLBbaw!iIqBN+CZ+ix~F@^*H12m5B$j88?7JI22@gwPH8wbtnp
zPcmuB<ilVwcaWEtx7qIMmyH+~$9K7^q@kgqs@mkU-E~@Ki89!OVpOjw@a)^e53h=O
zbQT{Ue|k#EKU2@hL}PllSgzKKn=o3yhM}!u1HfmN3Mo9+Vsw1g#QEu2Ua_(vR9OVe
z*$9b5O0v64J8I;~V4`6_*kHjyp0zT68LXaFdv#wi2Zecca+AxBZzMUcx=JbJIXCB~
zKc3%IcHUpya5=N6vQ?AwuSRKBrt%C)XbxWL+A>Bj&ut*eUlY-wK=cWrCMrPNdbpQN
z0{Gp`zJoPgRco^Dtp)OzIX{|T!hPXPnrc28il&60MF}d#nTQ3&`vg0j(>M{P)``Cn
zYmD|-y{`cySn+3RIHLulL4$2L$PF0w5(@&qNRuzvVhE+tJV;<k|CqC6B@+MTOj8y6
z_9le@t%da|AVAcKR(mC#|89xzkhI9fUsSJo0qqr~N*!Bv7%J2Xg3=|JOF&N5?%l&f
z<khiqJEH}P5v}iZv$$E^`FRu<;R>ec3MeUp(pFO2rlLS^0VM1^Nfc{WghoYzA|S(=
zV#L>JZgMcH?(cW3L@4qm-SZbsrKMWioG$O=rhj|T!pGdiHU44qI`u7R*7bJTt&54U
zY~78175TCCHSu8d5vLT3*c@BnAhe#ndiMdKhogQUgg@Du5?ECbU;S5zvTB}g)7{zv
z`UIL<bv>#;zbq{9jetb{Az2tt*R9>|u`H{{*R9*>0Wv0lAnYa_DBNf3FzIoabQ>Q2
zaJFRg>3w%No`SH1h3oaX(Q4QIa&!i(M@mBCbhd=+M=MQ$2TV`?!__D(Q;<>=LBLI1
z8ZcZ=1tKp|Y7AeSFIyF1oshLRhSzxq0)jZ9mgH@u7k{uam^z!!NPL^snPu^ujTF2$
z^Kqp0;%F|z13vtW9gZpi(L56<N(y44#fy46QankLL6R7SvPXlIc~}Z#85csv<|1sL
zqD47uWeh%hTHF>rDyL!8I;s7IJsFgm8yFahvizHaSPSwlXfW^^HXfp}I9FD#5DHXj
z?#^e}ILD|BlC&vP@GVNJQtU1*DN^H*rh<h**hOgqn_Dzh+)6YK-}tc4?XyNICyD$-
zCifv}0Xb8YBqB+J2(zk^!~HX^FsNkz&(r%~CTFY!-xf#u5j}2`x$eV4oNi{WIJ|MW
ztJ=Ka5Z(t?%z39}E$#Ro!WiFQ{nl&DP$*vj)2*C5-VZtE$y{Wv%S#vi^P*$Iwm&vm
zV=YpJK?{CJJdy*;tS?JtOrpwK#YEt|_pfBv#yEt{ZSvG;RSRGP5R2)p&bKD-yNys=
z(}>D#VmaIORv~r!*Y(a6ftL4MoMwWj?q8rsum^V<`WR2KssXPJurPKE1!4gDCaJ%m
z*1x={8}>^S7SopT&*ZE_7MgE&CYNh;csP;7-2D9A1F4jwqvL{QV|u!Wj7+0sA^6>J
z{WS0Jx(^Hlgm#0ugMk5|h(c~|u4kg7o;w8@+4mWDK0ZFsEYYCn^%qVtqrt@8nUpKu
zggU+a#nC-?pGNcBg~$rb7#Y<uP~f=pxD)6PMB|0KddICV^SS+)c^HO2vnL;7vg{wH
zb+s}0a?$q<IW4P(A{dJKOe^_^tP*G8SKSYT?F2xA1oCf<sY_IZ@|Zk(x|e%oc!LlE
z>WWV$bW!tXPH5PJox<tT;Lz=>G2+6)y;1#i=WivVc9FR6p4Awr{*qinpdBB3`(RAT
zd<=OsX0HfwfzI-3-U<1HMm&&nrVObx;7mvxO;-mu@X0bB(naz6fi3fYEG|4_%QZV!
ztqrhTY`Q}Wx_FGtco>NYYm;Wm*fd%z-K3+fpi??NEp=6ks7n?rj`7S|*~fiXn~m07
z`<iL8t`{PgRXrJvUJH_}_&jgL7=-e79c;{aw^F>)8`CxPYE%<uM{2nK=!5>cT~te^
z{rGc(oGu@CI!iH6%mZ4123y@}Q-2C8>P@@_7&f@N_`O}rmI2$!(g`3<oLT?ASpH@x
zh{7z3;2vNxl9*D}*<^i+EGLh$>9ZFBf=u73YD9L?5LFFUK5Cq|n(3AglvwkTD^Xoq
zQU8F?dVcxQEXI9XA}Q+@GT4263Vc!6S>Cl`ja(kk&joX}i3ZA(ZHd7||Lvtc#=Wgg
z1$e(kPB>l;^vwd;ndQfSLS!qk<*_kI`ZC>4cjwV~Qos_-y{_gqgB-FA=#BmT+wJy1
zg1=OUrtX7Qc7M;Xrj|~0DGlhfqw2~1k1y4-t8?iHpUI@mJD)2Jf)7*vVcC#5^H!U)
zRQcjwl_^|$AZQ~dE-ESx(%u*=URk6%b#nZkAikbYsq*RRBa*n~lB($;D)uC`#(?pq
z%|4L;^rWm*<y>mVyHFp9mwEVry+5<XJQHIS2^s<t+D>5=<<uxe=>t4OtOV$9`649Z
zm%_Cje!BsS>P%+zqhmE?D^Mg8W2Xk~fhR;pGM-9Bqn}T(kx(}@6cj1tn@Ng@1RpAk
zD!`>7lIoxDGsW4u-AeLVf)bqoK@$6DkoA^@LcCl=0X(=E{*{+We4LUfce5e!geFxh
zgGCE_m*UjXap}quh7vE}JRyx!i@8P1$cE<T@4-t?CaQuFgv7-Ck>dG%UX+bazq^Oq
z>vgZsnT_?USK{-=N><$1T1RHvFUICoNL#@U(_()M!&9hgsmAK4i;64H(ij$iTJb@Z
zKS7TVRaaKk<RH<xg5igCm65Qt_iWNpGp>X*Q;cRtir9e56i)439D=cT7nQ{e23_J&
z2G^;ms6wLRQKr@qP&H~>LBqfx?MA8>#fL+VRY*upGsc_SyEUXp%IhlcqT-P7BaQ(W
z$83S%FXrXt){#B^N-7$v<nqsDCg*;Bb^d~_DS(cV9O~fvdzgSE)n9I6!Qa!*DC>US
zRx)4W<Dl(aBzyndS3{4AIN~Ws<3X8NDQ%W@R6V{3UQfSg)LmFhvz*Zi@E39u%CL6|
z0@PS{dgu2i)7k1(oxZ#(IuVuZmI{C67f&^3EKhx#+;Y$X=jUJgM6Z7gjvQg(_RyXG
z6|q?T4YXu;F40kN;hILbG_v+gh>cXb!i-e5vV+$&<g%e0p@7s?G3BN@t0gU`?AW?W
z#PaFg=(v6HjPJAJZ612R17f+@9OUGeEBC`m3(}dW$;0ac#pxyT5idti>*El6wP=TD
zRW&mu&}Xrguc(p#*;<z4V;IMs?ibYL^<ck;nsXxdTunjx_78g+krcO66MHnN{pHkP
z%5$g5w#9Vhx5z)S2m==~`tU+pwl2)JtT4v^Jo8sd;}<lGv9?ZL+ow|}!21xl9bx6H
za@mXeJ$s}g>=ESCT3Ih#(u_zXzZey&2bfR}VH!D*j*t)2wSIqC7{jEojQQ>yl^PMq
z)jA5@>);Nfc8|fT98^#1PaeD<Da)7oAY~X_pEd$vj5po+s>##n`iGOtT0SqMq-0#l
zLp*D$^&s@&l7ygUNvB<cNaKPfjYt7T>>_cq7c%Zu+p&5X9Z7CAGZ`tpPP(G&o5JuJ
zE!bdZnBkOK&1>F%GH6vln4UnDmG|d(0I?WEaO)2lVwd$$7$4vH2WK<cQzN0x>@1%7
zRy1eYVZ6RsjK2WEUbCOC$Ty%HIqj6s_`^abw|x<deuPJw-R$V5)F7%Q0{3JJq^xP$
zUzx;FuoKiQp0y{<)vq-BruFk1&H*@(5P^BA3iCyTI4r{%T!`jE%P>(spW2i%OYf6X
z{;csQ$Ht$0XFkU^DO|K7ksrc~?0g>_ku<FD7!Yqzf1!~7Y&;x$7`sS324Ro)<BXW&
zc9*x_8ic<QIiNa@t&U?Q>+srL8}2w8=BKsxH@uE*{0G&LAd;PTjeZKw{ShDgMFNhb
z`mc+0WX*?gC8m)*+7T@WGrWL2E%=TcfL@)cxELM#97;Gqgm#xWuXiu@#Qy_Cr8Kyt
zDD7cb%q=Y&-C@w%ezimdfyxK~I(lx_f!g3@Ym)8L>iGe4oMP;@AkMVWLgxPgIC=wX
zm{Z0;(ZrewmB-f<`QM%Emr!j#kJh>1B@3Y_L=^0W0lgMBHLKQuZeOHQ6l!0@l_-Kw
z6Mgluszu8lW*}&gznd>-df{?rf+4%JMk%vBO6S#K?LIaLeLEtc*AS8YIWf^LBASX&
ztX@9-H>rU0oe?)-%<t7_O$W?$9_U6Q4_8E?NTJ#}f&*OBK=$Yw$5^yc$)NQQmLaU#
zFC)1~p0C5R>F$Rl@|wvbopiFtGe@gM*T`%#$v!U>0EpGM_VErvpcnGI9N@|Y`yY5N
z#^B<;mT;*HE1Z#8W)>v}2{hdDLA2WUniiL<!F)Ye?d-bWLt?;m@wYUJA+bFU5**+}
z--_uZ#7zi3iG6L0{{dGROPBZIhBFIT6RKg-xv>&GUX`;8wljgK<LG0Rixf|cv^ZSb
z9!u-l;6v%$T8$`+9j><|Ws0@7y@(}o&_Flk=%e<t&^O!K6@7XC9#d3B=CY0%c{wbi
z6E<(5R(a3*aST4M>-T(`*-TNp=e<p)vy`q@cSlp*u)g_fp_tz6$}h%9cY4F;k#!Ch
z$uJB+faLoOdk^OK7LD+=m<<0HNt%V|o{7b2zUz%;)#h~GJ#Dn>#K2B@zf6N2&%)F+
zjh}F{aM{YGJL+gETMGmY2`VLdZuLqp;$~o~A0sM2L_#HiX?Xt+CiM@|Ev|P_Wg4<>
z02Om`H}wp01!#5b-bgs|ZZH{+B?xgfNZ%{jtUAvGmKq!OnKm+#U+$k}dOR66>2kQ4
zi)9Y^?mzb@7zBg(2sq?eq`g?_tgxHxfISPvy9`0r3B?zj;r_QxI`j*|%1nYlg!rdL
zECic&w|9F}-TmXCa{0pK^fWf<q<eYPVFV1IzP_46Lq%0yS;?@ZF3iaBah<vYMum{I
zyvKeuhzf`RF=Z!^4avH{cmjX(=|LFogP9lb9!T${P?KSe_S>uQBY;k}76fIp|Hah*
zu1~FsOau8^jOlT%I92kOgL>F{)2<em{=78oVfd_8l@JLov7ntu*c#1%UJRsVgWCnN
zVp$w~q{t%ecG5U0%tw;bZTPIUpTT|<JyyLUqM}0|Z%=2IRxfvQRWL2HEcm``(ns7B
zhgfqD$8x!dqu{lhU0!cTli1u2c8O?K<-??{rumjw7(2ZIkpSw8e>V4t9V-_fF~=>s
zx8q+s`L~{fo`Z@NG_b@VM2b%HUg#!%v-vDBP0LPq)xAy1@s?Ipu08JG96BCd@j0Kk
zC10+psddp;X=!+8ZO{?YW~`VK(Z?IhBlgXV2-RGjZS3;?x*d4DSm)v4<{z5)F|TFU
zO@k(dRjZ<gZOqM7MNXF@P6`z?hdDP|oW8l}g7wV-_Q-f>=XJ;LL$#cRqZL;FLN<De
z4?swEc6RRS>WU(=aPR%9EGdZ{KV(d;XlS^<%xwR7eK>YpBOerHV4nPOj`Y{d{as($
zOVPlBVoW9S!YHQNo(5~MjfzF{3oG&pzQu0CW_H6OcF)%1TM-l@otz=n+V_1^^O%M~
z>jlTUUcXN2+E<mXl2(lc&+VR~#;)o>h&&EPc4e^HWIf#7$CGJ#z4)WSfC=XY_I{tS
zO#1@lk{H}ZVlOv62xw24-@zbu78)!PORSWqpg*hI+e2o}h1qp7MZtwGx7(YY*O%b=
zw0E%_=Nq2678h0YJa1m|V|dY!k>@M_7MR`ZRHP81jLj)s@*lt(S|8<sG`$1=Jsr1|
zYqogOJ+)Es`4Vvw6LZD<Sp?uP6cce#f}H#DEPNlYQ|Rmt9@i(2dfw;Pl9*~W8<ANt
zs_m=Keb;_>*Y?jBywn)3S68Z*J4p)PTifT;^5ZO@F0<*ZcP~3TyPl&Md_FY5)?u&5
zlZ@(cxw@P$P>_%u04Q<G)q4F5II$1!@9$J<Rq8gZ3A4=lJ3V=QeU8V|iwg_F!orW2
zn_A>3S=<hSKT=MdUe7Bk5Q#-GB8P-R;9lL{U~pNbiQ=xqk37TGs<m5PE-a-Z&`1kO
zEt9Y|YFDiRm(c2U=Hevnl+Ek);Qj%y86`zU0FcGz`3ylvSDh~wT~Jii6lt|uZ$=j<
z4yxPg^|q8Wu9iq?ay+FIjl=8t@#-92fS1h-Y0ON#-&<qQPmMO7%2W&u4aI<Sw%HCp
z5<P0n?Q*VeZcZLrR#*3PZ(w+Hb5rA2m2Rsi;Bkk%l_<oF7&D4*?6!RS2bBZeD0$vq
zrKQ#CAtu*<ir2T%Vi1&Wu(X54AcGF6!(F|<s+wAOTSm)Y&>}}9TDnGbG1li%N?#D?
zS_61z+-_SL$;sfM7K(~ipK!+?kU-KO6RAwT=eNsTF4ooMm6Ky*ua+O2a&mM@nkp(P
zCujTl^5i@lJpMw00PQ|qFJ}V{3k_-M2|tjxZBHXix100T`m-f3i$+aLD=R(kmqMEK
zZg_a;Zu{ML^lYE0;=ydr&Gx6^q;l2Q@1UwGDnNO3$)UaT)m@t1j>FLhtfT0(+ACdN
z*!nNLUA#Y2sp$#ibLA^u?&ksXBN{B$j|Re!`952|2YyGY((PQ^-o_WIor_08zyJmD
z;o;_HWMq7%$FJ0cOvdje?9KT#>0_en?%u{vu+j1IW~0?ymROc?e*WuD7rZwbhvOYU
zBT`UM;Aai!{pPXX&q_=G_Xi1B@UWjl(>nvz(3k4k%!=njkU$c1tt?A$om_M2a+X27
zKV%v?i_Dg5dh8<Vq6Fh24e*eZ7`Yj2%4mrQAU1Mch`!ycl28Kdp}hR=?%`sgmC1*X
zp1#I0g|@b~R?oYYm5|V2YNK_>biL_9H;s#oj!vyqx#`A&%k4Tgi^qfK@y|1%P;is1
z?Bn(Q`(t|bD$$;k{x?@X*UJsZY2M|4^^@tTG1gS+ojpKz#@`|VBT@XN6v!!`!`{Bv
z>pd8^$4-s_08m9ZQ$weLf`U2SY-c0bvsr84sqy);s{Vg8eN%X(T^D7=wr!_l+qRAF
z*tTsa9oz1Xopfy5w(Y5ZzL~nHr*7)vt*6dDYwx|l7#R_<15s5`(dO{=5dZ=PVhv?U
zbKvB_%FgaOIHsPPo4bQcPaa3ekBW&&nLH*Dhr3v-@0~zHOzxqkua004Z@bFE#`bWn
zFD&wbZo`51pbGTZ2fl7wu1i69sL)}*89*Wg$uVPysYNfJ^L)B*8%zzClz0_3Q7b>p
z=(TJnxL^Bkonf1zn#})M4S(nCNF(i(va>hg%I9QdWmUoQ=HGJlt))_Now%$q=(nG^
zwi5td9M-#SpDtDl3XD0jQpvUPeuqLp0CSU}%^e69@>=4NBG5WZG^+aKdmDfUhIvY+
zYt;lbQp|_xrlGNM;b(KJckBJ>*a1t3aep$oXY8VC+dpFX1mu3EqP||d$%)BH5}LEU
zP&mx!P_y)r5vhh%6DDk7rmZ`8DJ&&_<S;`(0I$(#VqP9&@@Vf}u=y_Vc}-1CDU+2M
ze$%DWBEwfRlcT~Um~Xt?61Oc9`O_y$V|BMn(WZ**ebx89DntJdi38!FJy3qdC`|g5
zzz2|_Pm8c4*yi&^yg&QMz$>N3UUU0Ah*#`+7tTmThQo>adXFTwFWp>U=VfL#e$BG?
z>wH7&we}PMU-==OC>|P0tfj16AW^hiLcru;1gyv!wJ#1pt`8h0eWQ*oV8_p9JPlY7
zC0kXC1Bk#x@CgWfA4X7+VLHP4n1I}!7WYw#v2_!02#A#iHCky!Sw$%+wyeqJI(_Tq
z+O8l`V8(QxeDq+9F_*tXntLxg0YOp1`1{j25ef=O1aE?N-7;NjR2HXwv-L9K29ToF
zuN2iJWd9BL$%YLSgjZHo0jFHaNlCpq>n(Oow#y2%sew1>ROCd09w?n(C%@t!iI|K=
zla}L&csYCqpubLj0JF*Pc2r>h`<;6Du+aRaAYTT<l|l^pZZ=m~1;@yL_O3PI{us<B
zEeLSpj(B~>WK)#D`eD%N&=-WmnyVP0$dnnwlLK_@5X9!QxbeR3l2vwbbHmK9ktsQw
z%Hid8zk-H`rl(^h;`3ngU~ZGYyVCCf57|kSlmMIi*o$UtjIc~h%jK}U;A+!Dl&Y7a
z-a|u;9{e!il}Z%ki*mrdH}Yh1n8{}p`0gw(ho*86+6X0m;vFv@O<u0kU2ZV115Wlw
zMn)th;t`?Y!BPBf`rfDcpFj4KDSh8Y&vLuG0$s)ReE!W8hzbWFZTZ((x7bk@RTzGM
z)#$dQ(V-KE0n@z6F(W<USc`^%lnaD<+Vbkk6sck|i5Tz{0_c7$(6GV~A;4cCT8S(I
zf}@yp`O@+e>Jh~MJBbFOH^L!yQBzY2;)?&||1kM6z*$jC#R_i^?o7a|6Ek2f>d&#J
z|CKYSKPU?`^X<WCa=-#lEXEg(!=p5~pP9LNSy>5)7Xcv(3NUZn&df{z@ZDs+-CbW#
z%*Q7}nyA;|R@2-}$-p4M$CtgG3M@$3YCySo0a(QDQcYG#iRtL*C=mbbm`g~s%TWTy
z9H0j;1~M`xYAG@$!0jz)NoGPqFV&>|FDy*VtuALO0Rh4rvtVH&0s=4tMg|5TwKs9J
z_;THSC(;jC{D8>O`{|-WiTeKjURCuPED0g$NVcN0^J8f;tJ|;pV{{G35v$UyYXpX)
z4lvODkhfWc-KZ`vZ}t0ZC&Ge+HfquV2A&HUpu<8SAC0As0}CKKZY-zW1`|%~C2!;N
z-Q5>f`S6W4;I;j~SlEnf$WHBolk)PNgoJQogiqBUY40MSkN;1v_;uuo<G>^|_a*ap
z;J<+h75O*yQXE^|71-Weo6ToxHG!o?N>QTcV_sc=#L<eUGh6M_Mvfq!wx@fydQYY0
z&sBm1&suUNO=CSAlOj#r(QWD*Mwolm4BN)~z-og3uXv0I4{7>Nq;G43=hGAGmzMT)
zW>8=__kx<?T4LZIc7G)c*g;YBf1PytqVk^{4r>EHBD!T>sUx7d8@=V&*FRrp=lCjf
z{+0WC_%-UjLRF{iMq%~ET0m=_srDZi78v5_YISc>`F~d(@UkO`_|^&2Z*wY=d_<Ha
z=xB&-w#>=ARjA$mIM-_}?en8NE&apZe$P6`LAS0L>WBep&ybby_kaEQ|6Y6{y+$bi
zef+=gOF*H_ZFrz&ij#7M)dSjV2Y&M>?ylvW8JTocDNR!0g~)fw&-G-mP>H1CqLp+*
za&GBQ>BEa8@Kd>e3{-=d3yg{>j-A)Ii-zjuHig;#aXsxcJZC9;XV9-bpiFT>)$3LY
zvNxJA7d`}Ph?B1{=Cbc3*MY!?`F23AhXyt<!u5HRz0iM<TeRpen8AfMlz}cmT0b=2
z3Ix)2xXxo>QfRp)>yhC_W4!o-jZX~qqv%bsqKZX8%s6n%zcp>#MjaDXD4DWi{KLRt
z8DMb9#8@(Ve{uwh$KD5Yh}HHg4;e9i{S#B(^1zayHf4z(75idub|<KyO=TG~<Iw#+
zyPvlKnQN3PMBa%QwaCXQo<;G;qB^)hdsjqHrAEg#Wly*1sl-_`9EJ{+Gi&&}3Q=Oq
zf^AW53hXj(%RsJxgO88oURAfM(vyKvS<1{`h}3a9RzRobVslSI5!M*z_~tKIOOJWe
z>0C?P?zX&GH~(*ckKzny0G(-Q-Kekc)V=KX+sDZ6wWe=3go8>-X?k8j)ycP}&cV0o
zfaBy^S?ZW+1}9?I^VYC>v6K;zIFDN`OwT4y(i%}M<>^29W|bo@v?Hj>f<VMhpH%vn
z`wEc3RIs4raJ;{mcc^(L4w~J<L5ChWeWlmo)E`e;P#>6rU}&ErjElCjmThY9pRH*Q
zn7g}fOFNuiHe>y9Y+gB}Edx(E^iY+?z~@>wkzvu#BJRf$DPbDSM%yM)$42%;JQ28J
zKRjrD7I<Bg`pFg6F5p^??Fc%YZC{kn&2n)2<J>Jz;kRsP_TpY1*6Jaa7Tm6goZ-jh
z8>5|>I*bc&Z}t_bKrTkpu55=4j57q@&Dubbu0L8pI}Q5Z{%wDs1BpO@sF=#_A($?r
zfecE$fvaQhCBSfZ6)MWn0PW&;z%Z8$_$_(Zen3b7#5bC-QlOC34j+Z7B5OldJT)ac
zY;Vt0tWW8eD|iSNa!5ZdN-!EI1Jg5DXXL&fIF}Ttv8y0<g;=BSrWIT3JgZ{-V~Tee
z#OoS2dJt@=NX#Zk)4KFeg!#2t0pkmHd&Nk0mylre*9GleZBY4pN;90{IQCXztv-ib
zwp;JK&WRmh_#UcLwpQUy3^WpIVC!r3n)8?g_u*ait`Kbs?+U^Tp>1VbVv<#}GIodh
zv>7J(^w4O@RZ1E!#8eu21T3;JI#mF5t!y~t-`l0^l~(BNUYoZ{-WJtH2|N<?UBq*h
zTmcXgknWUzOJ=-u;){}@o~gkICiu&8L-6WDn>D&+JL?IJ0;K~jv-<7?<+O&PsiR$!
z#;H9Dz@I}Sdv0Q6O=hlfcN7Daa9izcdlEggJ#mz<kWg<LifV8@59Dllh(?BPE1@jo
zEb1ZM?Y(57Rvu8KSJ2^?rIVFLvvW{%vS;Yd2qvHVy)1^lG(JWis+hS+I(qW-D!C;?
zXw5R4jza1v<R}Dn&z7s>pCQP{EsJgO4C30)&QaFF1kP9Gt8P;Dga0(?wB%=f$Za(D
z)*z`#Zjx=AspD4QPb+9ranZ~c^*eligR_G<O|pxJS#vz*ApQ?o0BdZ-H#%2C4m#Nr
z4twi)AAxQSC{F44=dOuWo&f(M3(S<3tgOr=I_2*OAtm6(8h0`PHqgBqvtiaon0aBe
zO<ANoLE5EhQGKx~Ab&^Xk5<I8TB>y{W~3Or7L>;ztQNLJnx@(>{MSOuvO}dS*S6N?
z%1#O3nhjMsRK#v+F(pkCjg)35k{BU*7NCXqi#3oO{3lHyu|_2uYY~HhfbeCl)oQzQ
z9^s`$GzgkZF==&YW6D2pcv~P3qBk{0LIVXNLP3=ycng4?H2L$d60}UF^;sh{gVKnY
z(2GuuGHG%Vd>yi}CQD*eNak4-?u`_!u*cW1DGpY|fJkBK-)aqW(9xHW0R-$7%`lxw
zGoe8g5{cibn#Q1sfMIHlWs#uSrMtgQa@5Tku^LH3Od<@)f5+j`e@jzP+PbRO7*PHW
z#6SpIflDL(fmszxT%TD98-_e?$}&(`RlWo*M%udpI82QibX6Auuu_|7=rwPkb0pVx
z7S73#a4{r|9m-^AY3iERClJG1Hib|<pKNmnmP!@%MZk$`6xB);p+!+(cen|e?6~^=
z82M2y1kz&ki<?Pu1A~}0R8Lb^xe97D@TOR!2;$@Sx~Q2rdpf;>cdL!7D!fd_StDfC
z;Lm2QRSM{_^jJu^gcxIZ305tF09vz9tmqZZ2}nGxPGS>vb@pIbaghlb*tb|*tkbf_
zz-II2$dHiI(lLtyA&(`tACw8Qp^Jy6lz7x~1122Km!sV_$WjO3zkn)xDjYTPpMvzn
zh;%JKGqV5SjE~dFX#k}~Mxdd3l@+zswX*?4DXHosDEVsQo}u<O!@^xW5e`EpOaXi3
zOb!j%pz74U!jajl_nYp5_;uyA4YTldGeBwpd0LPLh=!I(q#nHx-I$Ckr3!7TakjGF
zA2o)7^1pK`$*Yj<Nn)g?)nRjgVN-0WF7|{-Q~%Ht4W`O)n>Jv>OSln$j_^lm36p5i
zciI|qxdBZBKKz8bfd6)XRIbdxHJhboU&+fA&S#l!WjEhC;zsqB<{!>i*{e<8)d+*t
z9Hr+w%)aYQtzI_Ump<p|(#adlpQHQX*VgI{ghbWzXH2~u&?G-AHXHWCJGf2Z8ElrF
z#kSL;CV8Jtu)gEF>Hzgst#3VV8%vv;{Hv`UbbTZi1tldVN^hwuI(ot3#DUa~?(XX&
zSCr>h42pHz-xFQ-+jj7l@Ad_q_m6Py*IB&IM=_sM6B*8H+K8h$T=qld5Bs{D=#2#i
zwB5z6VnmsK&pE98>ey8JL=g4TjqcUjZ55?W>qFF(z>E|YvY*>S_6#XYMWB+{pvRkz
zl8sP*{imBN5!poK^LjK;k_4^_xclQSHe8$jR9KH&sqhPqY-ue7FzWD)Zz;V!zRBBm
z#h6RM&u8W_ozCJD*?l&Hk(q7e;2KxgjTrXaoq+j!cLV+YIw8}}PnW<cH~gPpHm!RE
z3{~hz#l~iC=Z6oSQV6cbev;c;uC{w?3ahiqvY!4rn!wG15hB=FrH~59bGO^p(^?ls
zUh~fL3ab(DJovZR_AEH-@pC>9mU4p{Q;%*bym+(0qBc)h+4pjz)b<@)&-U)2phiB}
z?9&Z7@E=|{wL<<y-{rZYL8TBgJ%jn&hIBAUbJ%@F(1i`H*8Abr$VT>GSt_RKfr_Fe
z1p;1!^%Yz}lf8d5ML4p<PnYL1xZW2UUNZ-6s^P^6(C%K_rN55rc(j;VoG%u@DHxQ7
z5id-5tgJiINAIt3vM}6@m&fRuXC#k`t5^R<_Nhx0x8xU-c&;pPtA^2{?B4CxbSUbX
zVKZ=fjs)TCv$dYskbwhqZa=<k<7%7F!lq(oRn24MHa-r+Z&?ZPa1R5iBjoe^@~1O+
zNyuVAtRSTgc$*Jh2t=RMpiHLK+_0MINRQ%(N*9^3dbEtCa5&wRUeZ#D624BKj*`Yo
zb7xtvGX;PsVfF_EhCZR+R!QiqRZqJ2l@7WEYPZjOO*L=sa}izhC9mBLj9uLis|M7D
z>o!5wvG6~S)!L7?+WO%%)VR!=o>cI8+<x#hbD#@N=(ZH*9GBc%oAW=)eUG<2-9;iI
zOSP2{R7$FQyv&BX$!s^{Mh2?6-6xc_vpA~PHMVB#O6nu;ub_8noAc~vRB9?m`cC}@
zR_}5<u;ggD+z-U0&1LHM?iOW~FI~UM;tPIY#pR7x{q?TXkDloAc1%Y(e7h=w<x_&f
z;CKDqa<Q^~4v50~&ExZtlDG<sUh#vc%k|h8mO5!Dp^PwH)9v!0l;50dso*A}^LiJ`
zm#JKBWc`~|0`_PK!_a;-$8mV)g;-bfeyS#`3w2nL5a0HX%G{sitc?Ro&bH^Z&4W_I
zDFfa;7uv#^_vuW2&*69fRoyk#p99!6U1y8Sf*KMgz-b>9)zZsomOUGjl)bg9qa`<z
z1UF^#g1SMCO#n885IV{tZ3uz2;I?PC*G6NT>QF4~!_uRRyJeT?mBB|9v$io_w@(k4
zuovFA+ckIoO>BqvY-1G^#|5{JR3%%4NmikH5uSkWwMU!lzZh;b$>TR~&)n?}x7WCN
zZZgV=EY9Cmg5R^8Sz_qcKiWKYUIqge3g)R01-l(j6H)K$mHSD3d|0633Aw5N`~ilH
zcIJvDJmz)!HHq???*<(h4MqlsSFK-y+P1kpTE*u`B5xR<kMuZ%iYDfkRub?&XBMhZ
zDPsG$t#hs`rpfEndmNoK?(1siG1|^oNabQV2GwVH!*o4&b`WLqGn=p9JzGtbgQ9tY
zC|5;v^6PRCR<+;%86HNIUZ!PsHkY+LWhazuKbLjC<}JU8?mD0HTt=)GNYIqf*6GoD
zBRNlW7!F$9(s~a3l;pL+k0SvfS*wZlMdnz$9m^ZM^nO^9#o6h3byw<28wt^4hdH`D
zCw_+Wa7|vky0c}kzMO^AiLeYYVE_JW_gcBvOlYu!T;h1O8Nb0#a#}@UsD&|>gvKkV
z3shaW|GU6R{w3-YIOC;bl{NWqU={A4%agjHpQQw{v#O_~I-E#;s-^<IfG+xPUdN04
zmz=8K7;H>WXRJg%U39(=6OvbXsy-&?ee;?aRy8)MK=)sxTDr<VCh?gZ)@mDJ(}EpZ
zmX93JS?+`si@23-4$G@i$o`6}Zg~BXahZGi-tjLKh<KT)D@tA{MnAzrk6|%1;m&p1
zVNg39_I3vM-ZmUrB?hwu{Ek`ig0$AG+%5%#Jj8#bv;TRz3v7CyDrzl#nOkMx{WsrC
z_U^9f?x=b^0jJjJ|MsQHRl(P2Hu@E9n{P$NA_AvK)TXjU8`_*O@kgn;ql%8+awfUQ
zd+nrrqtz5omfBHlM@%kKSJ3BPRe<So%NuJ@65LAK<Xw~KvSW_L?5vt*U-HEh*DJH~
z`C_dIUYdZPet1dGKy4OqHoxhBp$7FFl_%&QSKIP1>7MpZaa24s2rf<@M<lo<8w^`0
zi-rlZBQX$%ltzCl)MYlI&qc%Obg!A0+qp!qb-wNSDauCeI+d->UGWEcTFb`eu0B$c
z@3v~I>b;qWF-1Q0K$I!W*r!v(X0oJgN*|I@r%F~Kj~+TMYR>}JQFo+uRNl_%x~XGS
zzK3sxp`#XA8)Y1a*|C3l+rjTy9zQv==hBzK<VMw9-rRzcgyhf8g+A5&dC;O&(t+5h
zPp}fTI;@HWO|i-^OX?9i8-tr2=l;K<+G+hvDQ?&zomtOz+NxfUe}hHWy-<?Ki{>OJ
zGx^}<(DtG1Ypd$qphW}L0#L2mD~uE^ucPfd6R?eTxN?baG`Cln4|9K0#>$zY9K4nh
z<vf=)O{P_VR^YIhiP=e1jtm_TZ5q1N_&E(B8wQh*^7N?|NHWV+EZwNh&x$<RSLMYl
zMp&rK4F+d9CW<TRm8eKJ58pi1nEV0zks7=o&XCP(5UKS$uQdXvzxuMNaMifTyAB;Q
zRt}en6n>gX;(MmPc?r#%LoFqhORKbP9G5^O0>81~76C>>$$UzWI+xS2S~zr}AYG**
z2y+n|CyU4AC<G-xC9)sQN*8w=?!1E_(Esg`w1_$cV#A;0y3;uitlx9Y>Ggs}?O4)%
z!9~jkcfjvSWHh3c1ay*QMkEX_E+&u1R<9g3gW2!qs<ii%j1`%j#cyyn>}YC2See;a
zShA(2x~|40z2mZr|9x6dDx=lmE2IEkK9JIij!O(1)NC>v1#MScA<v-kVm(YjtVlz&
z!Ijucj?-){rh0&jWX0j?A!BGrqw<Zbgo7mQNM;~kq8&~qsw`%dL@7kHI19RUxVi(&
zG}Mcf=C&w~kdd|~lf`kV`?sK_<W;wugXT%T<Lnn@Zkh6GF(esTveVIII(TJ;nvkxK
zMNcsCj1w&1efAow!$TuC4vlaHb7c*l-?EV?lUT$w4!i3I@sA+6b_YvCZSJ5LWg2w{
z!;C|DkXu%>i3o&66jrLEo`#C7Ql#8+!-tP5QB_glX4RqV>0_J$Pcpz-PB=yBA`$=F
zqvmlfI;OYzu=ZsTis-H%S7l5zOsmhWo`T9nz455U@#1ADLC@#7Af)*FEq*lG!Rvjt
zzuMU*oOw{(S{#{73F?D+T)%2~Oa_M=H1+tq@!NN<;asQyOo*Y(8x<AR&*~hAF}ekr
ze8S3^6CTDqD>P99-xpzjrHqjDyP)X7(BDnAU1~;4*VkEtEOI|lrCH^))bt*A$z<cN
zE3Zy8nq0^tG+bik0t--_*3z>N&1HFOl4)gYPxd6q-xK)xIXvo$t`#cRhc<y{ZeCFS
zs>_YD?bKYN(4`}3A3RtXD<=!@ga}|1HmFcl5Xk<|X{KC=CIdw_Z6I9+X2BUF4w_+I
zC%}@LH}ofLjYKRl-(Wpg+@<#8V5R=Cq<qhQp!YRPh1M%<nL=5^(;BixYwVuFxt@n<
z!k;Y9)Tw+SloM})lo3|?y7_YCL@0k_aG0@B?>E>~mv<Cq-D*;iJ?MC1HY$M2zQYp4
z39%cVICi5|im?{V>P^JG9bJgw%td-HmspA&9V{WCL{+FLHC*@}{x5sm>I%y%X#ze!
zDJN(n@Zvcu462s8Pn*fFYR3j5&l6#yuBx$!O@-n3^slw?>Ax6Mevd1^UgZ%zs+y3b
zEZKC@{(?n}kldWn{c<NRCX@;<5&i@&?%Svk&IU!FPYZiF7MB;7IVt1PnaQ`}gEiHZ
zU#A#g$OnUwE}>;Syu5g*A$Kj{4>3r+{Jz)Xmk9CsjJNiY=pWcExWa=`#c~Ka@cW&D
z9@>_S(6OnBI)a5k){^O;jEjQbl5rs*6B{QXiCF`U3xmz1W2|j$f6&puOk=Z>QXv@A
zEY}#zl`K~&#ifErLxYBchYSpXXHDTxcPJSXWoA^X8TocE8ZSOTf+2%ikjI5{>Z!{F
zuw#_FSOPu-JNspgNaeM0BtWhKq8;`*61(|*&l-VH<1j}T1#^xG5@owaS)i1jD&nM1
z22h2wR?>mt9{>^_-$torCH9cZPybGp8Okls?_cv&al~R!8>f=WO8JX{f*&8zNb*FD
z_v4)3FK2TMP*l_@JQRqq#uNo0tJrdch|!^`Gpua$SRlM1DkT!d?GB*vMc78^g#}S_
z$4cFXC_{Y_4l}f=kUk?aLkh4EClJ|_R*Rk<0fLq@P)Z9+>J0}(-zSR_0uL`}{VG2l
zrAdZ}^Aezfh^s-9IK1%JSJkv!9><!ZZs)0jOBe9uVNbuVCYkFu{|EO*W7m4nZXZan
zaOR0W|8N^QpqT`4Hs<M<5T_+n2DB2yeopT{b(<Z5E5}iz<*<~O?W{b_hhjFojz!x3
zwrZ<xbtnpVcm8E+tgNc5J{zg(Sw2s|J~q?nu2mc#xY_3VOH|feRkW+5tGlpL8x0u+
z?`qk=aBFGu-=$()D7ECB?!P~5{kO>3`PkDu4+Wzz7RPt7-gr9e)|Irn?H9q}hjzf_
zQQ?@EtmgRG;(2i4FHl#VOeX*vk^odW^g*wPw>5l#l&}*Xs5ia%ZZ67f=Gvk)qFdIa
zxF-}NMiT&VVayU0SKHYMx3u+?{EpP(G&2E3X|C0aRd}Zed&_zfBRVvh&TM;^@~59n
zB*-#Mn5mamS6i9U3!G{=+>KqM(M^RxJzQw;Dy`ID!DD!jN_6DOdD%+I!!QAa52n5}
z=AapJS9?q%8e}$6PqD8w_!U!jx$PIP?D=I<2S#9_g-T6yge<Y6)62nXgP9y&A}=)!
z3A&LTl^P~^W??}QHvTcUhde5eU*ZInN1A0hjiyIvi5OJ#!g8alD+y%JMSZ}$x4T}2
z&4mrnZ{Aj%DW#bgT-!W|)7diM@t|C7hd@#_23&QQkPVIvj)&|A7)Ip9?*7qKrhv=B
zOLeOfL>RQM!e~a^*rs=U%ahKSf<3=(_~1ZjBJHoY{0&>#ucMoI#Rymo5RuFN#QZkP
z%t4qSpm&2{Pg3VSdu)xX=CmFyEk*$xabhXWi8vvTGzv{c9H<2fG3N;j)ILCT?gLDz
z4&4QMBnp*WKuBDxBbDQ&G@Prsc3ppYPTkP)aN^ZErQEIET+DG`%eADE3OFq*#>53i
zlKxeWgl7Co%I>PHr66}5$bma<L?^H%{palRgn{R_$lkQ5p~>l<E)0_r93)^uo@NBj
z2(G#>H(J8_o9>J^%i67On^po5DeTI;zV_*8shPv$8q<{)A>UB@$5MWbP3`{KldmMt
zL|kT2(J-8MA?n<m>bwpE;hJy3%G{=bp7P@S=8BT_<jAOUeU~djtPs9XiLtgs)L(KY
zc&J8AF(PgT@h<E0HCReFlfw9ZyUA(Z<rUM^>*98EGvKk2|AzhCqc_p3Jtx1mQ6O@g
zG0YIV>%UC+W0SSB#`1dla-UR1>>cV%^zRGx%^`2xc4B?~H)~&nxPfx8zpLS5Sd$?p
z#JhV-%e2=)OCnG1I6m*o&((Iu-vgoVRi8z2TM}Yxcw(MmvmTo*F9nR<dbdEM&x+Ks
zzJ0T)T-K-L)Q&B$j^v$cX=#+!fD=9+FzDosWI2Jrm?7#@IDjz>`rhr!b>54|>KdZ}
z<4^3LAJyE+*M6Ptr<065FJqeVZaj_ge0)S?%t(rYCE<;mu|ISD0<)D7R-WJxm#oou
za<=-{!<QnV9l!VEecHXosTR%U{FJ}^aDPnE`jVL`5H{WJl*VVlitD6e62i(XW%_`6
zAc3M0pmTc8@;~PJcDsyv6MCs!V+q(k`2>RoMnTr$^INJ7j!oKkKINu~?W2*YanXWN
zK*TkxWBN3mH|9wf!4nCvb55zKVeJq_L`Mwub0*v(Q$!;p<@FL`oD!vVJ6sjZ;|WxC
zqX&|S$rYne6H-^ez})O2|2!F3r8p$&etzoklc1=0GHB(}soB|8Xd_ON(O1%9BDu^w
z=L7c2kfZr9_eh9yCyg|s!+9?c>zrG!Gos;x5}~Y!eiNPEXYGQ9ucuI6Ih54KE7^U7
zARvA+sBxyDI(XQ~<w6imv%`6;#Gpr5$U7Cwy<<DYhDH%#J7AEL*#1Xrcc!wzJ`bCP
zSApX9{0};w_WA?pyV90%?R49IsvBC%Tz*#sZMVXRnd4JZdY>heCwPQ7MvXf3)RdmI
zAscUy`IO}g$_ok7_X=3P?HBX$MWjBy!M{EpW%8w7pu$d4TMszYP|#6og@mJD-k81A
z&SD@HuZ1=MuupJtGYQZIbC8gb<@w`EN+`Y#7RaI`aD;w$lkpn#pRIF@<ieISueeMn
z*l5&2pu^U|R~Z?e4wuV^%D0%xcxbzD*QC9lj$)B>Wk{E_))%0K*zBIht#zkYz)OGh
zFS{Xqm6^89Mz*-{mLEtrrgn}x4&R5b82m{CEJ2);`BRO(^;P|C*tS47biivP%6`0_
zZj;^S8}F4jwN|_XsoJs7evuCPteC*#NMRl4wG~~D#pTslHkY}HS1~Sv-$U)JZqF;d
z;LLgf;>+V^^00!O&f}MLfiQ^G_6&fCEFQW03q%KlX0I}#9-yS3wa9F|Hjx_t;W^as
zyic!a)Vyfu!+q3e9^@-8l;f;uXy=ri^+f@g+1f$`Y`@+g0|{t@rKOaiBDZ-P@PL<o
zvxbt=QbGZr^nI?Nm+xBfRv}w`eFAZ1AjgJp8mv=SP0i)-?hq(%)om4s+X-;+8WCdi
z@h$GkLQ(JWy2<H1?=aZPK5~OG8Sy)r5hex>Ld-XnuG~`|1!1lZy;d)u#(y(rO`2(E
zwCT&_7Y_~%goK4|&U6drL`68nCqs5UgbBqv%;TZ7cXWt}?AtE<&CZ{-nzVJrc)Scm
zaSY70s+x>Trq#=@q^pur4X7i$uCM<Rpd_?IE(D!Uw)!!(3LGAThYGNfLleix9lb5t
zNt(EbX<8R;@uoL4u6xdn7Z1Z!w-lxJt5GJS_|WifQKI8!vtp&H(Zm|`efb4&$A(oi
z(43jwyu5foj4{J+&d-C*#I#6H-)6T}sj8iH@vGIu*3br*3D>c?yUyYt?V8S2s(02j
zl$X*`^t~e?2{4~&GRjZI{X^+)`qSJWHXsJk#NOxy0Wr^C!;yP)2N(m3N2O&SOVLzY
z;U*=gpU5Aw3>(fDMN+QOcyw!C;B*%s8p>G5Q<D&kou2>?5N$8{vo&GF?D)qD|4({H
zjoVoNdi<4bi&IE^8Avg+dkb^<+<d=il}h?Lo^Ewv-QVYo?e9-cqFQMsS9TX=147CY
z*k0xC(n5F>3{(_TrHDCZP&O803&5*QuHP3q?aIVvijY_41NK-8drMVJ?#}Aks?wr~
zbVT%th3&GZ7p-xCMq}yU&S8=eaWNVQZ{7GwlRG6E={4g^=5;xP?#`O=Avz!a1>4J<
zVjcTAYmd0o(=$po$Y6~c4Z1U0ne_=5DXmuNvRy5SzZg)aDnD|X^M&dvlTb^{l{^yS
z`>kfr5C}}EzQ6if+&_-$`U?>-p{TeY!vFor;uUrVBY_5u56ta<z|>rT3JKZA7mp4Z
z&A+m+SI6^l$ybE2@pkTz6oR(4biYXt52p%*P0O|8jemd5T*Jd-%MC0(Ik{@W;p<$0
zjd5G?@~V+wBq}n9c6zcdagCHlA^JMRVKZK<yULx=s)0TLnJ<qVn?qGQzqD3)e$bIK
z5XeW8D&=k6+?ZWiC}n#SlMI>RU@cup4611@23^J$4Gz|pl|+ht@yHDLpdn_(MSz>B
z({4Y2MY|odFU8QSjgXdK2AGEIrdYWu%KFN-{NQ2}k&bY(FqT#PEp#TQlQeU(vb8if
z2AS+H<&nT>+HeP5x@gg^YgLuW6D&f;7t5n(GA<+Y5UA|6VEhXPsjIN6L$ZX`61t$N
zW|_BFvS{`JoxtNPHm9!Zxv~xycgo%M$qJqaA~KqDz}gi!uzX+z#|8kG=wsjHK}ox}
zne5g(o;QrhP2;@t{ys-Y@co@nZ+JR2n4POl&c`j=wfb#V>_(zn?!RYm5Yi%coCB^w
zsQVoCIt5N9dOz&jjxXOVjhb70R^um%rKs=fIEf%yzfxGa>-`0d{Kgh4z@oeLwZQ~k
zik|WatlUZ5gL;i0NNH$kr{TaWz%Akn@Y#m@jihIKcuG|&#Bz<f6ML04f-ZcE0)8|4
z7LqE0P0&FXi&PLZMHM<Gg_!MOgUp~)<9az$Nm<ZM@FKvy2~e?FrS>+!kN?|A0R<%{
zk0U|s&`%KA1`y`s#1HU=p%JqpvPjE(V>sSO%uzqreOD$fhQ4MgT(7QF$a|lD=dvY%
zg4O(1XX4=(PbP=yrH)EYPk|sE_7G7Tg=&Ld08_ZTxT?mQ=`YDtLWHgVag$9vY?LHI
zEKTBvJhls91OWq_+~bGu32~4jBW?^rPJ`Ro+HZB4f|<hKsycTx+rdugKa>q0%^`*d
zkqfyVV5<N?Mc_Q5_6Gfa=*M-BI?{(^aiJ48E(4O17+iwvnMEozcHE%Eg-F1*jO2wh
zz{6%{iowZX<WQ0D--QB*>Clt!QH&_-QNU?nQy=KH-)PjWP=_tT()`cP`I+d_4%Muh
zdO;_~K>c79FSUA1d(8j6nEN+G{7F}~P(4`K)!*RhS2k{yC`plb2}s~JNU7?T6?lhf
z6DR%!U7iMA#2APxgo9cvvV-jriG5uM%~!5Ot$6*$(bI=dh^gXc_g&(3@%{BB5>uD?
z)8q99bp)dxb~2T#HJQ|uZa5~Wvu~!J4~_>6l9%J6U5FnH37*XsbTS+;sTB5d!vNJ+
z`|2`!tB_a1C@?mce?Q*|9n1vN86c~if}M$aunSQn+$Rj)(biiKB2uGrH{;F^*8mDz
zNG!$K215*s__iRnh>I|-Gy_IWjs5|<j~$=}ec~K<^;8(-oag_C@;#1<D3c>4`Jygh
z16&(%3ZP}TaRqGHl-~s-*CGuwTMwb~s}?xf#3UubTum=l{y=wjl>xcrJHku&_=p`k
zHHkk^4ktZsl1x{D7E@S;ALoBf^MKCqHh|nT0Y|BBxC4N9#7E=@eGfP{*bBtXFaj-z
zxblqtP{7|_uo>zdbv_G3Su}8N<iEi|#X`O>2>x+-Ons)8tO-P`KHGzU81xma+Uc(A
zd)BK_RPX>!VP%>q)ZYC38t$R7Ih7PCJw!j4Bo)LC_z7&x)L`W&OM0f*hbk8mBqRB>
zT_Zp0aVF%-+nLF*4S4{|bqoCYw_g2vjnfHLg;HWEzKR`_9G%o42-~%ZVv2Kbc82Jl
zr^Xyq#6ou8k@N3LE8M@OKM0xGbfISG9}1yWRBZAT`Fq=`@5xNVWpY*q`NG=IAnI8X
zz^tK+G@Wc1?-}9XnKp(=Xl*BCt)vX6RLHd~wh-!@RP5zOC%EzqRqQE`1iyawWx(KH
z2DshO(=B4ard`qb?!e#;B=S)?h5%AVWih1#7~7T-tY;+fS%eU82$UMJ%jT$=6wu)c
zSivv|vAiQ>UGiJID}hi<u(2zFHi{HXE3pAo20c5p7|@{4e?+2smCfV^Zr>tP6B1S1
z6(d0M@Q9CnGKTZ0v1em+3i#KKooo$#Na;Jp(in1YdX$5ac;#Q{XqjQV#LBL&{zbEI
z==(E0Pg%U7v*BHY9m%l?5$^E9MqN9}jhCz>5JX0~;(Y8e=|(_kUO_-enKa%BIw_rh
zL&#Dq&{+w6!H-FsRajWi<pBxz1&I-Xl!lN|DTJ#d))kYSBA|hDT+0|KWLiiIF$*Jc
z09-p|2|}8WbkbqxIqvDoGCD7pixkbxZ&Vyn$qLE^^*Q?-_*Xp5EAvOP`u$9=&#^7I
zy4H@ltl!}lhr<s^e7!#$KU%Jzfa!1pq|>=ytte|4933BXIv-U7x&A<-GfWJO3U#ae
ztH$Q0=H^DAF@|J=`J{rhd@2TU)?~Zu_)_K??*C#Bay{;Dc17K?e3vd(iCb!Pn*pXq
zKtDM{zguxJ6ESh|&_SCFHcJ%=Gc!@q{<O)g`MLRkBY+r({Z|l>QmI;|(A3hRJz<tS
z`s*p18yH1IM^6v#6Nke~NkfCP^FEoyk*b*z9v;5!d8{9BjDWYKsjd;2ecf^Wl}x4h
z@bsjRCs5SX<hs4pWqWBW6Y6vW6qrCFab$UOR&OJt;;H~MB^DQ5hYNX0$%^c@Hr?l^
zL-qb_F&{&y;=oDu{t}|aD#d@9MSwH{`^Hbm`Uq(A6SIG-xpw|=Ya@w3o8}gDGF@{w
zSb(zi{2oaORi<%bX(hUBR7vLWtozj^*pU_85yyD(#`A1kk|o&2Y>vYxa-le2iWohO
zPf3+*H^bvB+SBk52sDO&?^zy2a*n!4%iB2WO704bb?BIWcQnq!);k7tM#SWJ62<l9
z;CVjqn%kJO*cc(T?M?@F?V1fimR?(LpK}j51|GwA@3J0=kJy8sM21U3UI=b0Rp9Yl
zBA@{Ww2-qLlLfb@Z7@Qrt~21$@N)Y}yS;WU(G1?7$nCXyuP;{;D80U(YPR@-$9BZV
zC+_9f)iy%m?uyO-q477)mxRP)%F%Z`mK%`+#mm2)vK4@nkC#8c?y)9__|078U0qF0
zL!G6QpNe}v?xH)RJ@1bh^DVt5GZ%N{fBo7Y!=O{MTHM*_J3T$+$+26hH}?Dbs?~lu
zKQuJ#aI@_T3hfr?-kILp+XD(XMnXXckiNh(>{tK3zTEByLn0u;!~5*VE)yU^0VebO
zyQ_<f!B3Ekq`%)~{lQMHt*yHay7g*ifhrE0X`s%d#V&)x*ULfbW|+tq-0#!oR0XhV
zK9P>HLzJ&XE%37Q*}m3(x-%UhbYtzQ?K#_IonLL5=c}Qo$7cKi?(hHIvgL(_4w4po
zx!$7R>R|j5fkKc&K;-{%D|7>#xP4+tmV_*5XXF=Q(8PWEJAOF?)(DgmYl>`-=h56a
z<<x*Ev%=Fs*IIL*_%{~3>)=M9i@25T&h<Edx7lZ6QT*0X@MgLdT(LEQ*}mHQZ)yAa
zTe*Xe69Nh<7%F;jkEQn$W=fkyFf=sOtbtpwC;xBZ-?Fl@#$vTEgx^XRiT&X~j&)xl
zDi)sm(?rHmDWy{Cz`y{oj}aFaM<U>nE1HcV;GJ4tZrL8g7YD`#2_M~K(F6Qxq(Vh1
z67E6}%cN-<5u}r*`R?Tu6sCNix37119WU3^Z&+w)&kDi`r*PO#PJxvHwXwOmQmqo`
zY{+}11%4;!bl@OoQ>|0Ofh&($^}is4E@4AW&9YewDuqn)<?=s&gzJ_S)0se;DdGZC
zQd3hAVi6d7?yPjY-hx8mfO$qOw&xl-3P|Z*F9qR1ig>Qi-7<YYs5-bKZ^Xwcss3+F
z+O3!Hm%8(bmWg{zh>f>X$!S6<BBzUO2JyEX-7g`Mk5<~}TTg;x&UzO#l5hVf87Ped
zx2D$IZ6eyUtmG$tuBJi(MX~Ql&m9gGaY(ySe|vK=NVQ`(c|oRiJlNKPo~@ZI|AdL2
zj-bCF@Lu~!-;n&^uL5rVoo4gThQ|38-?5u7+apht+M9MaTN|QwoSGYY=hvA}-Qn-L
zPjf^(o}VpPKW{Z`pY3z|HXiJY{o_O7<>&oB_K8$gRe>t2Hrw^)v@}eS!n{mxv3zAf
zc9;9~RepYcq4lzwmAaM|@VrQtDP%#~e!zgXcOnnAukk2B+>8R{K(Ul)9{VH^Yk<6U
z8xG}4#(@1=FA#hmqwlYH!8c^1E6!~%yh6`~$Ri3~DKTUSpmHU@VSKQ7(u@;VyJ(hr
zcmimn8ZL2+J`EQb=&;{eRW&ZGY@vu`G;QpDfH(zF*}FH01OW-op!<{|QRBB;$0+cA
z;q2{p{q>L>-=y;+;Pei3*J0%cSgjH6L)g@m!cG37g$Ww*37?p7J6}h~skx+YKdjEy
zzp9u!gA#NKD6gUJRi#Nwh4ngd|L0z@cRRbiBv-GVj7FC>3<C#~l`r1qomdf)ZQ_q(
zNuINT#9|SeLCd{_ELw*g_finv?Ym9M*QkSd8if@3v%rxR0nPL8QCBA+=Uyl!ICzxw
zb%(iOM%XT($+vRHT4KQS?~v|Tb5DP~KrA=upi+E61()y8sjX$^;wU6^VvsuA2ElCq
z<z5mDa9L(-m^T(u{o-zMNQR7H8r;-O2?p%fxIgn$j-f#Z+)vvSE8Rdf99pJxZt{oh
z<}^EAez{7;kXY_d>{~-;`~CJAcnS1<wg>m-<e(3foTs#+K~KtkKBBPsg!#y{^M7N2
z7wTv@dS{F62a4@#A*C4N{0vMa{aTbM8%QmS$LT7ru%~T;Aehi=l=g<mUTTSAy5ns!
z8FT4;VMk)DUBg}}F!LmTOuM#ps@)RgFG<e%fKtiy?-#u@iOcVcIR3Cxmv$flUQ$d9
z7(xoPhH)nHeNfib#k*7edjJN8wBrOAW;E!0x$>435fK46l~7yF62R%|>XP5PWR05K
z-2-Ef;&QnxlNPPS^I3Tj9+YO?E6|6TGYh@iJGwf%b`Kd&pUO7vh?swhnVB7t#q;SI
z8eZ@3C+GPOQY!oTeGNn=10t?ZF8F-k*rXsEA@cFaDJa&eo7>ylfs}hnV2U8Ob7@N%
z6&u?HP|q+UA4u)x<ppXSMDn>491V0u8fW?f0WovFZoS<{Lq+?(eg4g0*q)M_!|%4y
z+WPX+)AOKWX-PAK16YE}C$fNkf4;^O^b-M=a07#_1DfQ(OcL)`A#%<+VovwvZ|&=*
zad#-oOez>uD#!c_=@vX15U*5{`tvgT+0Zr!6uFv_=S{)W{*j<fNaCD;-6Sf6++i4q
zz?)0VvGrxNLkQ0TfL23So3NTimz<Yyv!~E^1+DNqPh(M=0dZ3<B|j-d9lpgOJ!APC
zES*fCNKUk)w`}m(P7TQ)qCYRv>;udLYxD9j>A%B;cV52_)E52uF>~plg#^z|ElR;d
z<I8r_<mZo1lI<<4huI;Kf}g@8))wRV^)E>ag1$&8kXZjBfm>@@TgrM1X~h^s!U*b*
z6G^xIW3Kph0&Jbzc>AA&W@eYFXFM%1UXTv9VH~;I+iK?NdWY9G%}kZ-85Q9%?1rj+
zS+IE5GqvOn&n;6peFx6<!L|zx3w&f%%Z5xAsG)bach6==BYW96-OpkrFv_oc(rk$=
z1{}o7>!|-0wbv6H!hinOiyGaYd)ngQy*@Wh(kC9t4b;iRb!gg}2Xt%;_BF?>3j2`*
z-Ran0gs2yBdpjr1BzG~+{krwt40XD?r%{k?SYp&rsqHy*7kG-I(5o@=DpbZB3RyF;
z_U?oRxi3<PD<1y#P^uKDP(!PIAa)I{%6jwaLdcmiogfE(*J36evjo~&U9os#OXI&|
zkzbn_Z1ugCQ5g~s=00(#70jM4DD}TGUmjS!A<8^JI-d%ThGqFt?@kN6(<6HU;lpf^
z<PXeo_tw#OJ0U)xo&zYjSzB8Jrm+F=d3k_Ile90_^Xn$T9)f~B@7F!wyrlS_x>C8$
zNJIkkuzL#?s)v75WK2!fDLiJ*A6;FW&?x2LVPHPpHd`JaU5DcdAbNR#hH#~&xKd^-
z^}7M0NooOBgxp@_^z?EZNg#9U-M;HXv3MX~8rBQ*Wr|?j*<6mGfLoveYH8_F%tQ?E
zf&@DKxVgFo*bDDj&X*n^z=I|Lb-0s4JLW(D>UXh{<Gu;e7z!kG0%U;S3N#TC7>*<8
zaQN~O78ZCRGBWCaL%`#-p{Dsk0(}<<MWomEb8x9fS0*Z&U1#!ND4g&SASWJ|9oGUE
zcm_dB^7uSiXj#tU#G?TlJ?XzWoffF`^*{*n8;jY@l@I~X-&G9jhkg)jY{UuIS8Bv1
zK*M2WC!&y#huY}T52<b}sAlwyg$llw<F0st9-U=^-$_>FVhYGhzE5LQ4eBT`mRq>+
zb~{o`1c`N;K^f>&jkrzyRuJbfE+f#6@vIPM4_u_z)YA7%QOP#XKneE~k$~UVLu9h~
zJuJg9dxm3t?p&F{tJ{+PymA%+Ifk-GReq0;|L7vaPZKv%QDssmeQcIxo--aa2MFX#
zI$VbALUa>@GSwQN<C1?2>I!B_y-EO$k?pqZUT8j`q@!ReD~C(?@6(k(UyD{E7g=Ap
zi^I(8{^YAHUvDfsR#Jd4zqne}pqua0=-vLJGZmtvmTknmWyDI^?uaqJ{`;G+eRiSK
znpSJA3)0Gii2mT?xCXjj0ftHK0Y6`EILI%Me_X9+n*<O`f7)pHpr)DMXc?~QVeb;d
z(i(klhSp<)%<W{@4jqWWuFf`k3tSR4*BsH6F@Am@?Q1G<ChkL0h}zT6z?A%3Q+e9;
zwzpk%XK{T|6Xc(QtF?cxqQX<uqe44XEVgfHU_8s7DKiGj@0{F5!5yW)+P{c-S{R|8
z&@_o0bDD#vxzm<U*{ZgE3-TrNaxmfa8Jy^&=)fhft^IwYV6hWXDjVi!)W0Xoq-%qz
zmlcKXi!<;1KL?UdktW(&Pa9l^Wu2VDE0s=ci7u@tzsy7&DTeI6-ulTfCSFJ?5W{1Q
zxzrdcdL$95X{MoD39nxs_psP3aYhTe>HFIhDvFW+%t3*LT%cyotH-e!>A#MBVt++c
zvBix^=KAqd|6m=P2IHwp%y4iEIuALu;kBgicv_h4zP(!O(LnyWm3Ud#^`t?!mz9c3
z6+WFbefGxNj4!r9BYLVQh0TPFd^{SAZ=qM9hC!tJxS=U|oy9(Nm0xV#0ZXy`xGH(Q
z%tF{!G3(X=_M6Ei4>=o39_ZJ6rB^!}{^V&zsgCRX>om8&j4!yT>v60(Eb50fhkL!4
zi%qN0{2j)=-zFi(+1UMZ%}OZ@!u|b1u%%3W)74t1@$(lML<zgFBaM~wVVJLZ@ITT=
zE0Jy~GW%LISan6!!?ee$_`EKcyOY3ZpqD3?bC9ZMcz9?OJ%zzB6YS;oNH{~PN0&jz
zUaVmDkKyn*IWYg|q!Ya+<hN?ce52ha)6gm9&)(}TX`o<6sO|{j*oWUJ0G^8zo5{iC
z&vPt`Se#NIDW7;lZ7#PFGB;k`wTT)wvDLsLkq6@JX-eMb<11|yGZnAFi8<k=pcC#6
z-`b$THj^+qtm*8Z)H?glPNO^MOtXW*V*A2i{_l2<OV&x;-t~Z~$o47s#H=!OP4}K|
zD8%gSZ?v!K0@Yumt2_SiOd~g~_4UY@pVwoF<fD>=o(F49*1&~^VUJ%||1N;*h02tK
ztf-~Bx>`6G5+t$%`+c#_58@4HXGxG4@R5<5`?cjQD<lrche{ym#9=Y9knn=sdx#7F
zK4fG>KR5=H@2_~?c{vzW{rT%xUtL9o<&I&h%;(#=JvtT^6cm);!;Gkqc8k^oWzp?m
zPZziWgH}D05bcO@3l#;$_t&%kNQc8Nu)}zIxC3PzjwJ%>e=llLe7@fB><^9&`;_Qe
zXkkBite>g}iphIjb#!=MoPmOAA$CyO?hmTobCym#UOT<31d@E%t*tE-6qKFVJ|myA
zmY(~E2k=p$QzZV6gq9Yhy(h~X=S`dNxL#hXC`5uabAA_zW2~ox!dof(=aOV^#u;hW
z>sF%S{1)U`9fUW?X(qP*phYxe{Br@%hL~udpSPs^eW3YZ`8_&!fe3FsfG!!j6t0Iq
z)Zw|ij;>Z3c5>N|JI(gE5ii?QIQ=yIqqWwwC7|%+H44+w_(DkNWqJ=Q_R1>K%80#~
zGuX^(#Wa~%kX(q8N~sdjzn~vH5I!}c0eqHf`4))9<f*iY$0;%*JBi%!0>N}mfWOJK
zO}&oTJCVIK;W=jFManIo(TZ%N_d~}LYqlDrrcf9EWKwaV$izw(QSi$nV!V38aZ6AG
zsH1`y$Vw7QXelE5bra~1&mM|Z3KH;RP9D4rc6t@3Ce?x#EK~8p;>*dewLqg#cxq%&
zG2nvZWYTD%B?6{FyqCAtL+im{Rbk}a0bn;KL{tS0K7bil+(dH{&0^Rh-JVaY!*r<c
z1Bw~4BR&>v)du`BwTb{OB^v&8(%xW=qQKV~{6TBX?<X9Q3NtPRd!~m=QBX@&p-Q3f
zS)tsDZVS~pyj0Xi>H;O&Y(KU9)O_JGF8{0ielojFUVkC2tc<->AuiaU)HAqaHWd(p
zbkXp0Xp==xP=%nY**pLbYUtN225oFmZ*Lj>gK3=5^bt8?)g%lHo<mjAK)$9cJXS#t
zqTbZ5W`59&wO`L4jF%-#NU$}u8#0`X@&y^D&?&zIZLtc?<d?%D$=XI_q%Gb}D<~$E
zCx?)Qlg9d*0gxKvBF-9x=&0;|VWgRgot@cJb~o_RTo+AJ5ep_rwj$JKo>~$|V&?=<
z7yHCu!YiD>bhqhbbg1RHx%m#+)e&!VM8_4|0A?k|nW7y(hT(Bmj$WU9Q4;zBl?o{u
zw^X#WptEx6nP;gQL^Lj_lM-ZNTBCB1QS2BsYNZ)%Zs8J@dU~jqK=G~Jd<X2nXcJ4Q
zjdyY8CK-xQex;K}Y>H*9v%JrLA<aZL)d*nY0YSuXbFFX1Dplm3m@X)|WQ*j>u6r-1
zmObw$xy-Ye4H;O_tpxc>L4^g>(AlN<)d5y)I)L_o?(klrCQu8nSd~6mUx>soNRK*@
zM-h*c>Qv%DXh0Q@bO0N+O33XOm0vuH71NyXF%)9}vQi)fwd&F@WTi9>vSqA50Kr{F
z%1cPjBn<G5*;{GxcCR938QV_xH`$N-g*8R=L(cGo-*mzVvsYt-eLf&9KmO9d|43%G
z;IrhbXsA>Sl8$+J*^segqoCdUYvET`kJmfFuq314>B~_TKb6l_mH>WeVrTXZ3Os*P
zAFKBXb*5yG-}kh#s-GawkO{!LtGCM4YX*ioD(Q@dOtb7MbT0%^f?h(Jsel>=hiE?^
zLtO?_4UdgEEcg~;U!)fXp@_guVU1|HTs_?xO<3(;AX%(%W?x@p$gjH`Gp@nF3^AwH
zg))_=SQgv^g>!@<IPc{Y78Ivx^z2OH50#3!1n@@09f~GEFdnBvg!C-;4n74tg{|rC
zDldE-$s{T<#fgViNl*a+Je?4cbUBw1m<UVQY2IXhUl7|M&4P@uh8(h7!6J1@o`v!n
zYZ6#wFC|23(B}UE>_8L0=K6U<S`oCM^TX2-UfO*@WHm>SrUkjOaAuG;l;p`7WQEAn
zHITnXB`qeb?9%CfJ1D}xirVGbPzJ;RufOre8vwq0d3k|hC%E<!ei|hErVI)SLavX6
zB;!{=^4>EbFy{hr@7l`plJK<4yQNyK9-Nyy@D2DdU4r$leGaWwo1LBQD!RVD4os;W
z$I00OTn=p|F|@0*6U?yyVY`k30M2&hEbn&6h+I~U^m;>PW~NJJHyVvDKEa<pK0dBf
z1puCMa&i#aVqP-YkBp3zQ-a!shK3>kqal`lImjJgDx-(Dp5<13@x`z~X&Iq9Fw<%<
zH3n}}kZOXtdhtwCyCpCxJ}D*)z`j!lHhuQl7mkpz@nQa>Mh^BiY1-;5@(W9Kev#Sf
z@dPR~*Ob?FGAT)MBra{R;p*hHYy#uz3J>u_d`jjZ(93F17J`MDqPx%TK4geW&x{Yn
z1;*0TBd85to+gwtpFVW7n^mP}rulm4c*zPG@To$m^CwPr*u<pNj3944SQ0wxN)8p2
zYP^CnGc)Ro@=#N-xv>)W4)sB;Ru)Xb%Cf?%2LCX7Yk5gsPuB1eL0Y`7I&Z_K9sYGH
z934F<Ee3&()}1B^xX2csK2U4Zj2xCjh#W~O+8e7b7ZhoIBXhHp!5XDiD@zOWN@`j|
zVv-VLLIemsW!LNi09xJFrW1S5grwx8#soTS4y8ud+gN(wQgJ|JVtQf>OW8=J+Sb`{
zXm6fZcv41E49?jrOG^m7A7N`QsBFs_KGI8rbA84q2#o!tY^*H0a;@AH6qA#l2v#j~
zYdw%{M3C{+kvye$XjVpwg17A3w`b?BT{e%D$s<#BIMq!HK1OBn)e^0@ucNJ|p_?Bu
zW+d0uaOm(wO<;U>QUos0y<Ocvb;6p;&R!{(O|E&4OdFaN<Y8=Ys5p>U;2)cr5f=hh
zewA9?URQSUYDH*7BmkGrO<b@9l6Y5Z)9Jh-JFnlo@7(BN$tDe1e)VEeWm9lWa#}(-
zA|NewrQN(*!}d1xin%$-0u0ZDo7?LvS{xavF{psF)s%KJs<@aiCB|O6c(S_19Fv?G
z5$HvtY{``~l?~l->4V}zJnR&w)v7BCFBH}GBqhh&tUU&gfM7pQptlrXI9A!t3>iM$
zOGm<M3;-_@it?)$P-AFBppQs(T`Fk`3ylN<sjMis;|34hOml=rtk}GDds(;IHzq7Q
zSdT&TWUe&tNJ%?7YUB_V#!IH;u$o}fqpjVikM5&L@8LtT)F2%%xE3uKLJA--yQP~Y
zOa?=JWf4u9)J$h#b@!;TqgA~5=$`$!cT{#t9FBnQ-N`7tTI<TTZr)g@NC`3tiK&_X
zCPhVI-qp(1nAGfqa9^8^Qft(8MHensc8|{rB|y8t9bD(J6~@^vUapKxh%G;L*scxA
z%}4~S)>W5*e1X6@nyoD^pw<3~A({&pi^C#<YKjV2mCvx;jP~lH!&fVUV$%|%!$ceG
z>q<f_Ja?qF7aKe{+oZx69=<7(g*j}PuSwh0THn~wW72BM>sqq2GJy5~n_ff#dyVA<
zmy4=AgJZH%;|YX6cj^e3AMEE3UJb%Rg8~teC6$_niUJ2|(r~@S)$OT+h6U@GlgCcj
zF~iW@Y=ol$ByXuIzH+U?J2WmUEuN$7ghI_z-6!@RvWV*JLAjF4dxGk2-go3wXwsm>
zhyaAOn|r!&ov)|HdNHpeDk-+?)FDb2nwt@i@hs3?Ia}xP;|FM^@9?2n2*&^*TUS<?
zUsB^67MGe7DM~<137J1%UfVeL_rC`jYJ8*aeK0LVv$>SxT+t2tHl*PY^p8q^YQ$(;
z`%(b)z(U(qb*-S*Hvfs=4vO~<H{pMK^}UO2Pd@s<?8n|bHgkNAfpD4oLDa6&dt?k6
zhGXc#b)IplS-DxkoPe;FmgC1S+C)`)R(61g+CeeSFon_~fW571|Cz$XAsHA6;Wfw$
zEV8W)ReLX83rosLjtUm2-fN{*UIC%Dri!vAbH?DIz9t-T$Y(5)-l7tV^Usynwui>0
zWF$p()|FSZSmNVifbL2lOhI9Z(K{g2-&1lYiYOIWS;6_Ty7q{~^t8Az(0jLS-dIZ}
zgPxh3mZ>KNs8_&HcHGtTM{C*~$(h-K-UhWw-Q7}i{8B!q^UFw2HR;I4s*-|h<=zoV
z>G6>+@B#)2P!5}F%kuI|BU1+_hWo->Oo-ECfCx846t?z;+IA`;#N*7dJi-*5m6?po
zM<(z*6bgjxZrpe1vc@}Xa8{bY*ujL~Tv>RzxF#efIXOO3U>JoGzjonxRjV~IH6t{@
z2Wa)}^<{f6mV~E*c`i_nO(t)o1O2z`%9)b-u9&2>sE`1llJ>S%A2?SS7?+k38^$xV
zLZvdd)gL{7Ss#*+n-<N=H#Cs{oOi6BhlPxcDKY193~Vl&%{FDqltYIOH8eB;?AUM9
z_I-Qp|49oOS5#D&1KojdT=kOQxKxgTpSU(`Zax+tnBJ9x>s&+5KP4qqj-VtP!~<-t
zP$&Q>moJ98iguOd3dSUVF28gYB*Xd}{=DHQ`6%Fq6So_l-4-%GKMNVqg-Au+l_PsE
z)(#&xnXf!@xl=uUc-FD4Up25^lcvt}5o-VZ>@%OQ+<5lv>D^nm)H&4Yv4P9p{9}b#
zgH!G2&K3-tKCAxpx@Z6IwKI8_4)5Dl)F_V34*C3zKmFzPZwF7A7Um00cu}|!$f7KD
z<@~WW(R<wBL>pMFIvZARJ^=pH-QKx*#h0{qN=BU5n$N!~wJC=ud;aa2Keq~s=4++6
zZ$M;3kU-HQt{|D_ciwuhyvf|#)z(AfnJKYH)_?T=id_VWS5?*pMkMELe|OXV(<RNe
z_>_bz+m@DFz0=}CwtV*by2Dp2y`61!B`eqNN**%Y-dMc<$XQ%%(wV%H5+hNLhudmA
zdu->bvPOG%Z*Sh=Er(0Y)5qnOUO4*os@1&G<I0ik=j+7@LsP!}^zGeeukj8?V`Dd1
zTnUO1P)tdRHP^20ICz9%tevf`+cvK0QG^UmiON5+;jPcstF_AGdv`Qg$-$XP)tC0X
z{N^&!<aKV(hDxg@J0bMQmSvx;KO)lB%Hj*_cAdx_Jzhu1N5Ytb5caJ6__MY9btc2b
z!`t?qs~R(5c=N@>%f4BAzMuj_=tJ8#U1^|)WXGL5e4wPd9#eS4BqlVT+q$=yAD0un
zZsk|sY&xjI+4Cn3?>=y<xuK-CwfEqr6}|eztOSo`AAH`S@JjR%4jeg8vF!OnThG>5
zXHFSkb$-X|AAGIy@H(-5O#|mMBrWFRfemkcyh2cDt1llpc&RozISbm=(6my4ceT{*
z+q19J#%eu6GZOs2{rJsw2MbJk^3c|`7iyUC!_v;}U$^Glb@|m6l}4YG6eX~{QmLrQ
z+yCLFi?gPW!cqMEwy*XS(US*<e*NkDhcDG&oVmJ<8=f7#edY39#|pJ-cI&rmRiQZv
zVIEtTz4_I)(+UMrcxu-N8;+%CW=92Tm%a7kf&5l2-?D1Mf%wcp-g+fa@DwUd{@#^a
z@;auD%Bn9o^_RcA5t2JD#+O{bVwqW&*nak_YgSW)C$V?`VH?e>y!{g+0xuuicD1Ub
zr>8gn#IAjp+s2K`ksvBGowD|{ee(8;J-Bak{^6Z@^+N}xD<QIgkyBZ7^X|P@X5Kli
zaPO);`SpWy23_9$*}JO_AS_j!cVz34!rCh*+i32<`jxG?|B#f3eVe{G*F>cHBm4Fr
zG_wj14?}8t+Obt1e7)<O3g`Cj+{x&}(qe;meD(UWt*5n0G4Je&6X$9sESMJNW#D1p
zDMHD#{QbFCuQk-$X!_{pm8IS4k%JPCZd<+cO2@R3*&IXfUGZ^#ug{1y-5YOwaQs|8
z&Rh2H-FN!z`PzoMhKBlGn>H9?M?`y4+xDNVyjtks(b5Ztwj92ck~PFv&3y6R-w#}Y
z!d$U#Z`!c2Ok2svZ@rM;%=OYjc5*C%Ly@S}#ICR3Ub^vw!Js|6cjNJ*)|{-2@{5Pg
z<(E-B8l8|B=;tE>#H`Vr*tvZ9s`VX=qT<qtV@D6=m(<qR)m=Gx;9R9`^5~pvhc<t`
z?Fga3kL}rB-9rq|Np8A!^u@ou*^Q{%O0S_FAx5HS^PW?V_SUYR*41CF(8mr+3?x^r
z__B%f$%#`v|Leb&wlv!u^x=))R9dvTgHtUH`ES4eW`mvVDnGmZMAh_(!w#(beASMl
zU@@#NX^0=5t(LBKs+Cw-{)Gz_+<kLLSS&VEK!lH{@%;Y%JsQ7pgOdR?R{*6%r2^|I
z47eqtJ|Pi$gRpJwzR*EADPaMX#h3G|>xPe+>Zt^ZhP|kuKpT*hn4FNeYq=?DOsI#7
z7Y3Zt2mn>mJjWi}yTK!FRC0)SZT``hURlz~5Z316)$4b8MJ7iFdom0MQYtjMn!G(P
zzWF&vkU-hkxBFmp&cxh|=*tJ!yz}Wsy_f0W##O!A$g}`*-Kx*l>^#LWj{5R~4V!ic
zr;Q5MTh{HoFmlpZf5N`>tygxRE!V4&y&KnD>(orl^!(f3KlDpXj|uketi1H)%FRKE
zgCl&j4vIAxbbHo)zW3Ngl0<fHUXKN&c?nI2jvVV{6y9E@h}Z-z0Wdp>(7h{{zImd!
z3$-;hQrhgK$cqQpz5c;+p47Hf7MNlO^^_g|@~dx^9zMr+tf`{B1}8_J*|%HapOBLp
zacbA{55L-O@HFgOzsg~ZP73#P9h`~+4@BLRfBcJYR-L(0jw1BYU0W_x_T&!B?yk%`
zU(3uKH?%hY$m>g%F_`k&xx;y79V15M6z^a4<&JYYHL`Ql#$L=TCnfTmH~)03+{$%T
zb#a=6gxISGSG~P-i^<!xcl}D6J~S~h2owbO;}!U(PhZ}1xka!vw%O3Qq@?<DTVH-}
zwa(k)$kw&Zg2$k=xQg=!UVm>Xukk22vbCUt9F`u-^Ss+a=2kZkXquI7H-d4ZR;%OV
z<0B&@hYT4~Q&ZF4-VTrIB*B4SNucumG@xN$hz;y^Z~B9YT#xf^NFdwE-0scIIe_Y$
zOs0G8x!0u_$PYn5LHFHvzkD<7hm>{mpSR=l=AUjClf}K){_`cE<k@YGn5>Z#<H#po
z`gHS{p(>4rw+ULEV$+u&?>v0r-v9gf**h}d{p&N!-gz-|=!h5I`0DA07jy>CUi#+q
zCb9OO7hYwe#{K!(Coivm<Foaj4Ih&m8xs=~uk`{;hbYL#7x4PEQ#r@vzYu{&RrrX>
z4-Sg(h|#~a;mGm(CdP0KwBDtf%g>hgzW#^#X+hoqOtUrz3@4;e_Ec6}t!lmR$@|9V
zCIF<}Rd#aq-uwri{=Z>~K~}5P=wUk4-OFe)Uitl#CcXNy#fk}FMBuH>?LH|Ze)IHQ
zjIDRghc7K#weP(@-JKb}GI-3KyXOt!>{i(TA4d@zizK8Bd1~Rv_G^iYpIcqtdv9=T
z`hAQ2Q4BA}yFTA@jDLK>>GM~^#xH#0o*6hxQ#KnyU?{YcBoMv}_XwQ1;PDWnaDMOF
z55E0&-h}w&%Qt1uf8x%m!-@`l`}y|$BS+?J{boh%*hlV}k!#8H|LyxbrjAZ_^mZHk
z;_iR)w_I=Y-+uqZ;mbAmj|ewAShYscSaf2`{)>;k`e{yx($YQgwdbGPdUF0KHC|QQ
z@#kMZH#9k-W7Nq%y}cr@V&tOx7F;-gWzpkL3<}lkI%b8N!31GzZ}y8BdjF$~Tg%Tr
z`KxCKPkH~zNf`&ee)*fDM;@FK!%An&o?%0t{9PK|Quwzk1@}Jipa<If=GUvTW;}EE
zxTLx`{hvPDIyE<7+s=c-=0E=6v_ZWs)h#bR&-Iy%f|)xsE`8G2?8{x6Cmx<vad^#v
zD?P7%@@}wF=$bI(&(Htu%)C3*I9uC|z5CZkBfL}$G%=FS<$2Zt1F%9{RUk!9!0cVE
z1qJ1)Gap?%dpKox&<=X&#F=q}?I>$*yq0(JQqefyrcEcS9((rxhNpzLT|0K_#Sb|I
zuQ|JG|5fU(cb@mrVvbk;uxam^XYZecq8!I^X*t=Sy}5@+?z>Xfu130A+S-~8bYorf
z(1+s+&-PGWd_ZLS#N6}~_1fRuH=FHj?y<3<IXS<5U~+f$nMa>kQrZ1rf)Ql}QQ9%}
zTJ+HGI7CS`sGfU!PwhhslfCu4!1f!NNnUkWmIGbf($k~y3cde{U!z^c_bqw?dGK$)
zy>rwlKWxS6b3GHY!BlE7_XfmH8j_w^rpjIXz=F2?gX@kJ-|@&(69z?XU;h5VZJUQj
z6Kf9^KmF3{8Bu}u+B0WQyvM>@7D%55Q^D%!iOQbxz?6)N1kXROJl3&r6u_6#fj%V3
z6oE$oC#}tyixxgSe{|--HGh6<&0m&$F+9%j<r{xKaO}i{CkC-yjS-XYxo`Fe4chUS
z-#mBd)MYNP<G@w>8*l#!2-EiR?>6l}yC4N?>|r09GJkTqzs1f9JdZ1M9oP1)Ia>Yv
zOaF)s@*?R8zkTA*M+?Tyo_%LgNn^;E2S(?_nk}@<2}j#lwf~*>EcRt<{_vZpEHT4h
zer7?%g>8R(bwllw_lBknUL2Z&D}h#2d*<X(>%CJ~F8wTa!ehUhH=L#%q*7CI<TNRg
z6YhH~&e!0@{qFej3o}y2a~vZbbnrGuZ``11cTY$ujn%)f?u2#j@B>>nnLW~9dFnxP
zbJgoFzHqEya$!Lc8IbnKZx$<9(4lC_7zG|r_nJF#|3FMSWMnBDLPBF0=PHJXO;yD$
z-8O)@eS#zXJ@pQoU8Q7E=~L-&n`T%$p&&swBVhzAgn?0Y6@k9G`qr+Ykw%yK2jYyH
z?DQfdpb8YTF8^Y6<cPVyx^t3-#MgiL;`S|DQ{tZ1VH5>Ki*|qY<;Lt84?Hk)q>At8
zDmrW9McUT6dgZ2(_r5fHXk=wD@z=HMW)A*!XMKG@;@rhg-bLEGK7a4EwHtTlK08|A
zc%4RZ{_y&X^}<VUzZRqwYKNx2^2XAF87oFbAt%pY8=V?;>Eb0!?UkAs=&(Z9a5PJ2
zkDd{oVI>56TlKX)`wve2^Fz5Q+sn1X?pZX0V;LT(i6m)m@48%&KlH(O?i~}u3V3%z
z(YlShCO`O>g~OtHEp|ewq>b4RJr;%$sM=Do{?M_f7L5|29Sdo(G_L!0*Z4<YnVJ<;
z?1#Rx`rApvULuhGy=$lyqhfVk$8R5bW^86mXW5zO-~94i{<u)BiU*QK>?^)r>z6X|
zk;QYHuN?W{^KXwAP98R7!ov|g04drUu3pJIJAGo}rBfG&{^7BO!^43dO_?i~f4ybg
zWB-_z6Ok2wyuM-cxSRyN0tM<ChMCVEJ(GC<>-SGdlj2J^fBxC3+(mzyKPtH)QuETf
zJrlAcw{G4LHe~J-3r94RN4)UDmt|ANMQIVX?*@+BLdH4oa~u~M8tUWY1Nu-)OAEs=
z>(;I7>grmsV8N(SqaJ?v;ppgStyT+wdvkMhYisL3RO%)-x#{1fh63zqrLakh7Ej!L
z?6bGtPVvB@VJY8UT->PA2G5;7mQ)jihU9M9cet>;acqzuz_`%xR6#l_%B!qO@79u+
z{`e%%BjI7e-5vG^pLluR69`x<;g!2v1zP~CBgdg8kBImP4~FJL!h#&dZD20NfF=oW
zQc&hyV`G-T^F~5i_KfM%0z6a<3xJ8;GdgSP@Qd44f0lnS?al`tYAU+w6`qz59>lYZ
z96A(~m6Va8l1wU5=@5_SSc8{eKtd`eG647|rl#!O+bAh2k{eaAe=Y)(j8?CYOHLFy
z#uO0Zg;EZi(AHA8e#c<}!<wqfl&Gl}(cHIi(#oB?U#~A4H+AOVq;Q(1r8P*PXiaQP
zaEOU;I9UIv<N%Lj`4{pTg;;cE|3{@~sqRLHpb|REs%jXc>C{J6XH}?Ow6J!8MK#8#
zpco}UB7{D~-{0KX10WZiPf?+(x{mfr9~5b{boXlXKG_*@l~omJEE<uJ5$fYbIcVRA
z2)#ku($$5BX$Cmf#3V1VJg@W&iwFU#IYyWg(qbZ_qXD0OA;GrGO~`-<t4hJL^z-GR
zxl^a)M7A}YZK&uZuAW*_uwP)UUW8ay-AXH!>FH@4ZP(}w32_mvEY}ZLovJ(3?5pc*
zz0(Ir7!=*T7K2YjT1;qVWkV!}MkS?s8I7Xo7+{ix;sh=t(C!KPVYJX1zlbT5hi%`#
zx}~ac%IsNb0ouHi2hU%vL<PFArXwp0FE6d|jYx_L@^?^-Ur=CJcreRw4V4w5Xy3g2
zQ%1zvJ6NN?UH0Pvv;t#fda`!ynG5-ycH68wAFL|6R)cw%5&tv~<Qya5l7wB6O?jTv
z=#4RnNeItsf`S5+Hgm6ldSD<kFbu4%RlBxs?s5o%rNz<f5U`v2vJ;=dy;V%535kqQ
zAqb`OiwQQSr@}D3f&TuecnzpY&~cblC@LGTL!mWMj*b%tb{3q(T53wwL8<xY&IiS2
z#08if6lDsF@bdOyIaZGMDjVmjR6gk`(EynTh6Zt{0CX=5NK>kjzzZa)ghdEEq7R4;
zhw=MVT934xWM4mj1a)`^`Cn+X!WwJCv(mx{o<h{VNzumU_LlPAT2ypwTK*|3Vr`wA
zztzFgL{NBmSa_Jg+2q4pl>)7}RvH>RDBRD;Q5Ll^GAmBo*4)G<Ct#@LCI@kbpOvI4
zM8w7DG#JS!1CvwzLZLya($n8VOWSFLs?7g({{>7zR$j>`LUK3&8=Fmk8lMUDBx&fP
z;6M8Cm^fc8BO+meAr~vHP`nTWgW8E|wQpK-6zGY8VIe$rrKh{Mt-i@@XFhxXU5aMx
zsHUxlpEqyX2VZS|<)zk9lctT#N&qlay08v?SdpaDpR#;Q+ZBlo=s(xa9N2ZC3gzgr
zcRV&_NDAhR)YgY`0AR;d95fS0pmwAXv?e1EJeUhP9&VX)98W?=)yR!UnxLO|RMiuP
zshNoyl%oV9Jw4;xuHw!vi_r_zN<}qZZB%>Rl@^6F6r%A74+-gES<2j8Q{ymR+P~x+
zh0?tW2VvnDg-=j?e6$kbMU5^gI_~00FrksKXEBzlhEDI~!662`$4vVLMka;(UoEJa
zyKvSM?_cQd$S$pIh#tI9j|gS~y0XN0w(#81lUK?}guPVU7&;i5=HjvgpuU-rV`+nT
z;Izrpc5e8nsUYo+yB5)%m5jqMYFL8Z)&*u%Ajq<7c{>iC0+Ot)EJevgr0;$(-Q84M
zYcDy!tMs@-bo8hI^N48Tc~LsFm%9lV6cO?1;r_lfMSF*Zdw3X|JKDpvI8G{%&bl7j
z#uVo*TT<<?bXqt9Va#<!#jAIpBUS3s%jKqwNI~?P_rQYn>zCABNuD};UKH0{+9vwu
z?Wi~@AWRoe;}jz5;jR>DbC3Cp@BVi8mv5HFO`JI|$IwyQim3AUeQ@~z&h@ag*lD*m
zG*;k>D@)$XV>n7>M0(5)Os_!r|7D-?KN?R12o3=HqmMqCoSY1XX<1p>pZ@eGfX?r~
z|Ne-Gh$o(SA}lQIx#ylUo6SK%LEE-%d;Rs-{rvoXvEIRNh>&-KV~rag+(6V#KLWHP
z@M0RmQHUz=SC21#`ngw5H?Tel;XI}{8I=svTVB_m;2qG`)X?1{gamqnF(@rsoX(^a
zyu3(9cR<37KmGAHehR9tp*=J@?81?4r;B>$-!aQur|35V?(-wie>ekHP$z8SU9s!I
z5(pNd#n1kIerwgcum5AYjs3$D4-lwTKm-QU-}U%&GukS@{OJ9+-(LQ!sln}gj<Fb_
z)F=ogi#T_2L}7rE0J62)tQNZ!LE#0(=K5-HZ+IJ<<H5qOQ(}mHfYl-j&C_Ak;J<{D
zWIDHQ*`$b^^2Z0Knu`xS`q#}48p)Y<PtJsy+tz)vY{~0hZ+;rB7wwW&8je$Dn-yfH
zR+DshW4l=&8y!ed#Mn`j(j&YmR#2$*p*|?CWK)Jr8Wg6Xcx1+WU8qrehUEl-mknEa
zQB+D{8NmNU1XG#xLhre51o1NI5rk>1Z#0btIIO3$y$w|=G-@T^)=N1YUIwGU+Tg`U
zy><YSltjVHIZK!100@;Ji_`Sh>3#+|v~6XpD&ds}rb~0OQRk^m8!{o?PqZ?Km#;t4
zTSr+Pb_Yc$jR?xtRMi@CM-M2ZZ*oEqqfXnKR}22|Fz5uTtFfs$-rt97;h|%?KEF3I
zDZna9GYW*jm0)S?;rT#DR7_g<*r>^ETfX|>o%h!K`LRJe51qW{Pwx+l)UA8(57!u0
zuTyn)w1M?rqax`}M{8pfsUWp_9ib1LbH^e}Pp?ulSF1Df(&_-Jilf@x5h*Lb-If{d
zG5&!^mOS%pA?ELsIRbVz6qh;YIe6()fgm)z#s>qSO3t}C0pfXQ<p>-*w`X0c)$fyk
z05!DsuK6#~EZ;xB%KkQ;56-uO)Zs<RDp`g<(65dt3><L)+bMOhu}o@GsrMf<aY~Q@
zW!VYFfJmxjcXL}iPpZ7sIMP{V>Fpv2^7=?&A_w5Ah{#^^p+!D)AOss)Yt(dhcOXH|
z)^|nKaGDtlA}`(GhEepWF0%tws5OAQ+Gd9-$ID0EiRlC9O2Q=7vwi);yDLsgQ5yu8
zpA#S&A778AW2FM2GN^%WBG$Dq(YZzf-U);<ykS-mcqvLaFQBmclI<u^qY+Zgv@cn?
zEp6I^56&1?c52O=U*};4FD=&I(nh8Fm=r3cUq^u+9&vbk@<!`KQ9=Upzo<fiD|Fg`
zz|=eD4QlVSY7Kgw&MP<|_Pwl;M|W=g{DYSbuYR5xKsY!N#c>s>a`f8!^-iQeo|b@;
zQ}2Iz+Wm4vayGj|L=;Y~OiB<G;LqCGmiDd$KYz;B(bCJsMh5_8&u;JWRH_N3+N4wi
zb^ivxl;CT?C}Q$bTf3XOYzUzOvg>SzV?(Fc3cO7~c$H31^mcdI1yZ9%5VpOejq@dO
z(8o<g)~FfLItKvycj!GmF@ZAo0F_EQ9YmVjn@FEf1m)lzV^VF>;+Eoi*sly4M|(?a
zXIG3-tBV^Ej&I#^=uB&uIA>HQZ8HPjNR_6m_}JDxXXZZn*Kuk7J3fDPX9FwuOod9L
zQYsugE6AM)Q%t}6$?-GVR=)q*TT55{c6JiOTe{4MpNCOIaIUj@+s3WI;~sl>W>&?~
zm4EoA%ykHlDl`U9WzLvcVG1jakauacdJ)kY4DjTGa}Ea_$H8odkU%0zq0<cJYHy<_
zLQ6)udc7bh6ElZR9~N)6I&ifq(U*Vtu?<t7dS=1!)N|WCSDtPG{d>&(Cr3=}{ObKT
zmo8oL>_g*yb@-ssv%-`Ni;{P!wMGJ!FR3#OH+=eo!zayO^VyPRAAjNZ`#XKLNapZq
ziJk-_U<-66ql#6kJYq73Pe}CWwexy|&g4aK0`k9&rT&>+a4@X|1O)8Zv7^1c{pFWm
zzI5pl0O%@-qNAhd&YcUy{pzc)0vr#Lf${lE#-lffRJ_?b#f{h9^iPlgU6D}o934Mm
z*1hx2zw+s~EK6G`a{hgH?z!-PuRr_9{%GGz=gudMzk5P@sD^D03<^1!xBJP5t$%#s
zj}I&u{rSQDAG~2!p)~HB@$O$EKU(?W+uv3vjTkjLDTw1J7odSb=+VCDHqiMZ>w1<$
z&u}awAUM-q{`rQJDao;<QiG8&&@l8kq11NQ6l^<J;1w96(Hr?LN8F%^@oP4}`j3~V
zj>_!l=p8m;Hi?Ng)|o%gvLf{AjH@x~!1lFXVw+&D-h8;?*ME5o{OaRpI(~SIpO-i|
zBL?A|+bJwV3w^;2q3cPE)G6_T;({Xwggu+qIs}t~wQk?O)voYX;wlvh2y<dlQBWuq
zmyYlKVr^icirc+qQ_A?q{QYA_riYz8ddNdNk!md?J!8Y7hs~UlvvK!!|9KNdYrBOE
z4i7W|;ky(YARe5T77A3P7(P68a8|&sKmYz8^QH}{$UAbS$LH0t3D(os1arlQA1s?R
zB<9HO&APzkti&*;rwT``8&`g7STqU25SD^MU^yu_3B|H3D>!u;AZk{sEQ4Z1SK09o
zzSutM?#B=9+R|%RjT%3A{KTw7+c$a79Zz+)RJTy`CnP0@dVc!mi{104cNU+`Z?ukd
z0#Ikwp{Ev>Wke)Bcf8N;m!Em%qbY-9E*#m_>z6$yPPzXS1(yAR_qhN^{xK=4<~2*c
z+z_p^?K@j&%Fd>`ns)5jP5MTW8Z8j3TBSi)+r<<6+fO#FKUy3;ZgAk>2_8$=zxnoi
z69*?WUOm}lgNHJS!zTG|`TOo;mouZii!WWum^=@juJG{EA*LXcQxpHX<h88yXS@~a
zXb*Pt!7G1w{V}PnI0(=Ivhg+6A3MJ3#Nbg;Cdna<lS9xAoE<{Kp&E^*qoHcw{ypXA
z4^=dDDoDb$a{}^Wq(00`7BbMU4*0L&?13D^IJ=V|NWa2la=Z?IZ_}RB`}Ze#=cJE`
zJ8<gI;iJ<=WmeZU1Uj&BBPaVW-~7t!OU4h1ZYsN2)odYf#1(oL_DtEkkyJeN5`rjV
zlj7SqfBxl$5S_XFY*|Z2GTb``j0w)D8UnOImDDt#lStk(K!%RhOFuy7O=-Duq_9i<
zr{Ou_n6J;~*JWYW<mC-p7!U1j7^WZDVmRw?L=Kr8zw^jn|Mtp^aYM?_?P<g#AIM4)
znI=#K@7k4=%9V=ZW%SL$N2kk97z+YddT5Z+{0sY)-CMp{D;VP_h2frAIUoMxFFkk7
zWn1gRv&SlN5|oZQ^$#FcUc%_|U=bz8<SkthD6Y81G<?jc_m=NFm*DS-Qbh&yjJwAj
z+_9n2p$yO{RHOp#3CkWiaiy1U0NHUED8njDVEX2YzNlNG)nb<KTVv8iE?Md<6ea=$
z=NXwiG~Q>;r|<Mm8h+vMu7nZuBMm5LZ7HcIrYDCKpWVInSmj+0KOCqPX};gG0tyFA
zgGBto3E4|Od)L}J7feT+cb}Vh&y)T-#BPIUb%;mY#8ls<@4wwSbCO_dI&rCdR1%`~
zju<~8e$SRIcgz@W>1Y%@lOnu4bt-Y!#?^j!m%XK8$Ek{kUU(cacY#4@VX@(($L~G#
z>R;YmHa0Wl#J-(u(4bLizF=yfGb!oMU#uH5?Y>YgVm8bEdqsfGF~M=^++n)R{>`>i
zeuHKKR{eZTyUy%A7-vjL%P=T-1Sjp5u1zb~`o!caHA>8e21R8I%J6;lPk&fAYl5x2
zDJp5OR)rTAo;!$FY+b*d=40h~jG`G&|G1Gk;k&nNn?Gf6Z(9T5pAl$iShf3T;_&Gi
z5k`xRlY(85qPg<pkCsgx9)DurR?IVMNJdoUfqg9HKomg}ho$T~e>6PMLt$&Mp&s$!
zV~lF1=;GO3-PK!GY$6gSp?v3>Pd0kQCxRAMDR7m4+|;4rJGbmyFnOr8qYm*&3JMAU
z%_|C+LeabSvo*T#NEBCSRRZP_F?(Fn&h0x*)5p-=4YV<O>adj2BS&mGur0!47H{n=
zuG21@8uC9M>FGz`Mg=ph)oKOM{M@;7M~)nckB>JP3{_QCyLRmY7$Pbv3gmF&#EH$D
zH>aee==J(Nd-mv|`X$^B)c(hAqq^xAr7ZnV`)h|kfHhI$8JLxo6&_%6Fla(bqK?!g
zW#**DM~6qojvP74Ln+vK<>Unq{O0j{yp#y0(#IvG_?y%ip-CS+eEg(I31PlqwNrZp
zj2b&8CM?)!@Jh=aK4Ng1<hi-Ocuo+!0wUr<eI*xN0$6L4Q=%{!VUSZ8{L*7XX@(C7
z4GZ%%R+ki)R#Zo%jhZ)oq6(E^HHu?=LtRx#S&c_z#sl}vP!L2`ZZ1K0l~>nmy#rH{
z;!%O}4~q}>G2tXiQ<Q&1yuX3SJ9|DdbF44kRoji;wfK>Y7=MQ4W0MojZ4FjlnUoL-
zw-EbW2}i`Gda4NkbT|QzNzckmigR?;H};BS#*Gd1_DxESH@DQ5l$5fh$D;cdM|dh3
z9-7M%sA#tfacLRBCb6irVephi3nt}&r7I;XTgCPi6_rq;3P{Yypo>UI_f*)fT`lbe
za!yPN@HT+j`vyfu2YEp}A_xKDF~QzC37LSUMwgy5SjlyjRn(e7lJ2>8QJ9Cexgx);
zQ!##MN_AyfK>Uz<7R}KSFlBU9Xk~G^Pk5BSmrmyy5F6}8v0`v|WMq&pfH)YTh=`6i
zDN(q~Yw*d652GkPJUYtKTE!_n^%&FE(bd~UMWrQWWe!&J-B+)bQKBL#Imy%0BPlgq
zE85Ge8=}*O49<x63kZ#pxCNjDCzUKs8-0UA0z#EqQ}&=twzIynt|c^i*nNxU7&S^T
zY7E{%(P6<j;zF>3+UT2>6j^z#K;auRJSROUG$K0GyS=HdxTFI0jCkPQ*`WbJ;ekFi
zrA4a1gweTa{(&KJ5z)Crp*41k6&swH*xuF>5uX_!myi@6)=*JgQ{Q3?j7o?JR}yGn
zf5UNw&eNbsA2vR~q%?S%Fn#FQ5vdBC0I1PFB-Yo*J0K)PM>5qd)|A8;lE6cw;(hc=
z9`3edF)68frR+x!35rTIAzfE%x`vJz86FlEpAfBA5VGHKMDmZ6n3;q!l-@fqA~+D>
zOHco>*bqN}VR=rBh)XeP6+FifT93Gxa12E}{X%0x{rtkCaa((*m5E6ioSPAEZEq+k
zuOf7wsmX~(okvbimaVO(u9F@*d{k6;SVUZ;mrm8^0A6H8G9HXj1qMcqKxpG4BSIo#
zB7;54im!P`W)4kH2n>&k@;6W{78f7u=V4$NTA?*YMnr0Hf#C#`Pe^j8w;eH#9g*Hr
zQQ}Ys-uuA4F@AbX?U|VxQ&(Q(6lQD$fpCOc9~~2~#^Iui$u6!5ZBFhG%-&v6Rci=M
zz4zXQfkqY73NSJ#JksAo4aTbMU7evRPyg_U;1FEo7y%0ki3owNOIRFNh9%_;ON(l$
zt2XoMk)uY01%g2z7n__O5uhnADPwS5QcAK(Lnw4U$<g7UY=L96K0z_z{s6jzd_ukS
z6pJUMCTd9(j#N??7Zn*E112GLQDI?wk0UfbDLTZ@(%D*CQrt`7^X`2(G04bDu9<)u
zZ%|_;SMw~2h?Hm_iegnb3N&QD(6FfR0H8s``(6?`F*k~Uj^JRC=!955qlTi9#I!U$
z>L{sfNE<O@&cqy`WELD;SHgwNnUG`aY_ouraq%jAK(H-npTR}Mrg~|~;P~`}U_(`T
zSr0=@op;Ze>^P35Ws4w|6BDv>yl_WZMSXB`){yihAQdpK;u2F7Oxx9>3I<iDq^9|(
z=;Id(;<JYM<F>k9<c|9v%8m&@fr^Hz;-ka7e1bExlWnavRSoSinWOJsFdYDMoKzSM
z<i1Tu?tSKuJ|r!mlCuhqQF{i)g!$A}loB4{BZm+24+@Eo4h@idrk#(CPgG*OD7oZp
zYpgCQt55}|-nU?eUaLw<&GAq$W#v`4&L<-~CoMUqyP>q3H;o%R%-26CGbNg)=z#Eu
zfFM6G>0!3!YsFOzt{F5qx2xvLfn#TeOqy%N9ISwlDrHwyK~XC<et1S*Rk=@e&b@cd
z_f+9D%V|yiaS_3h@hLuP;o8-!Jrs~?vR{CIR%%pzSt+OT9yTmDJR~q8JiNQHvbeNN
z=^uZ`9kc!P>Zp_qg}wP|NhOPFlamv@3~Fg!hsR5u&GjXvC5SO};hhVEjOwt&3?1Kf
zwYbb7C=(JBygf}(u?e0E=IYfVD}yB_r}%jp{sYDf|J~cDXnT7*`1}0%^Dn;mVpCHS
z^g}F)-)$iSl5N?trL?qk!-fs={YbRmjlU?Ln}dI!c;X3w;~#(g@sN-ZmSt}TN^CY;
zYHI4?!-qMJb6dc>>EC6QWVhQdU%qTMo4-R5l`jX!#>4>3`4dF#F7qmYqHees?+k4S
z4Q=_pP)cyglDrJ@FeHzHbOj6K<-IOxsLFRs0X9Y8yn`do04xH)#PCN9bvo2`jpsg7
z>ORL%Pze%vIk*OVhGAKyFym5GNR*c%5DQXF!M+fT(CSi<qlhDL|B@gT@JblG2#6zc
z_!(!s4#|@ePVkntC4c{W$dupQH#yN_qtyz6mZJHB9N-q7AjqOYuJ@h<D+s;H2p9~l
z4Z}{61Ob*_=;lv$EREuFxqZ<(peP8E5G5gkg<RTah2Drs9D`Gq#5uGMfPUF=7J83{
zfnqt%<v3aByQ<qC@?7#gOaM+G)*(oQXE3$4bl<9vc2)iLZ-4aFgGCie5M~1EiW4HN
zkl2@@d|SOQXpZEK*coNrC2Gk#8z_L|cvpaT&=*LVL&=C(k}dS93|bx|07~L{;W`do
ze(OXyr9<E1po_qG>^#fxf^5evS;!3VxsSk31sI2l7z)kGrM>|K&V#Z*l>op30*B^3
zP)H&Kf}Fjn!vX}W)oJqftlE6K{^>veHOdp^5E6s-@zA5Z$g}(a#y}%VVdr_dQqWYI
z=Vae6vRLGovVT2!`%&7QhD|FBi2Z~?vvCYo3U+eXsl@?avt+hq8+qvOxzAgdG>op3
z`GBSoq!EV7Dm3gPD8fp9b>(eoLIJd0C<GY73?2>i2T>B`o;lFR7u?SVEkg*Pcj3@h
zg@=6*#@CeHgvrJovOhyi;uGWteg(DSpd(HKR7E}tAS7S!E@28%dU+BU5C#Z3>?5Us
z^HSh?UUG^L%D`k}np<=Xr+JC|h{|g^{8kEa1EdNq?%;2jQbDpT14qBJflzseUUmpA
zdpDQzK?b&wEClemLP7E@3%fMPQwo>>ZEV1hlgFTJk|&6Iz3%kxb;nD49)0pL4QrKp
zA?6x`x12lsgo(&^Z{#5Z+6yqQ;M!k(>yyz79vYGm3SSZ!2c0Soh$k(I^6Vr5d00n|
zWuU8Y$Q3hif|QyOevV1I{F0%(G=~t-;W{*iB9&Ng^^32)89)A^dne~uZFVRzhL&bV
zr$E5aL*eacC}E&ON^vdNy(>OAWe$G-uaDR*cKLd&+?=E|!Ac^6bCKLLLD}+&kn9gn
z24*mzwKVI(xk6$IOc9`1Xm<y4l<dO5WXVewc$n001;IH1!oxij*Qm)8`?g)FqJHzM
zJ1xCt1VdDML&c$Q-`{-gPcQx{)RSNZFnNFm<mL7N-B=O`4x`1vi2#E~kzith3?q{8
zIXRB(jl4-EqRy#<cLiMly#hi?=?VzTfdp_WW*9jo9Dv|K@^jC~OCabo|GyV;*@K8u
zsr*m+S&`xKnl)>1NoqfuV}R^SN=inK9GRS)?CI$VAcfUxm3<n51m51>7K;U7aesgR
zwQJX^RI2Y*1Ki{$H~n*yhin3iI72N$muJq6CIBNOnA?A+LVAKw(G{GI=NU;8=)c3%
zXSUcMP!Vw<w*FEF9Gf|x`y8hVvhA>}q7U$-2JyRm_%8dU0S~;>JMxWZ2yg{LA^!L9
z@lliTg%l9g=}8s<IOk&77s%VCPPjgYchfjlhSl(}USb1!E`y)(QVdL2=si)kIgv%e
z&@|HLvzg|lSAql>QMkGRy-8MYSXR8L9fa%DEC}?Sa)ua~=T$0%RO@`aj1mBa%fEza
zAY(Ah=KuxZy4<dl^*~X>xH){kdw4mjXdj0H0FKVU?2J?kXK~lBE(3c7;6eT!APGd;
zofU6r^1daMmE;Lz#*40qpQ3E6CEHmzmrVGl$RmUSp$_icSk-DakU~?tW%gZ<MEj{7
zHXDkGas%-!BMuDuD76eHfl;|q(5l}VpjL3b?2Bc2U0)m!^;7oe%QLV)qORVE45*VZ
zu;X6e!*3&VXLpqwNorzN?jtgYhrJrKwJaT1iPvwHUEfQg^qlf!*}hRZFj+rSuI7Ns
zu++*t&-R6m6*-7kt`p|Kvij6h45$aR>`cOGKjVx@dGq>y%V(*7LL&;9Pe!h*G$H^1
zki^T&JJo_9-Y_s+`P?i7xL+WDE*Z2)=Zf-d0rwGHp@{(=wArbwk>d>^P4@0?ok@jq
z!uR5ezT)KJ;GFJ&%yEUXqt!b1o`=IjgE$F-3k;9k<O*48ey7gksw2&F$PL%h1ZN9K
z<H%`j@0vqkcjY(|CA_?SR3s(`3t;3q$F&tA85zor$kG&oD+OEY=8YTAS1`YRZUINp
z&Y;bG-M9~!ItTc`o{2cOVVw7OU9;}MY0Y_IMiBZYNq*pH8pu4zgSN9#@oBzsYL=l;
zLfT{zrP<8K1Pc{$*K8&?H@pl0hMqG|LGIe{N^#$zu`D{M()aO(T+bWps;Ja?r7aT3
zlB}kSeG{ECrSvdha_0Ys{aN=9>L0t;E)NEi$)we4LE@*Lda9tHVDsk9US3|HGXZVj
zrI%jXuwlcgQ>Sz~T~}8Z0QBEsqTt?ZcawXs{m1UL-|C7pGT@dLa+3#`{@CN!y%LdI
zeR5MoX|Z221OK?`I`x1IZ~fM_3SXBJ8E~NK0{We8ZG_I#)1Y$h+w}!+ADI0OLg;4>
zxqb?}{>2R#@rLQ>hHS5|>y7!{@}l|8(#LR|wsdz|7#|;R5=WgO#cwL;dvm^}W1m~L
z_{}`uI-gsmyS^vLC)J2}tI}`Zh58yACwO~Lbxj>5kWq2*UOLihwM$!iH++ZOT)|s1
zd5bo?z7qXw_N|g#*SG^@J)j5Pt_^P}`o`aH?Q>~haCzkR9p<}Qf1q%Xn;I06L$7{U
z+sTzeZji`zwYhc2xCPI*7+JUIXV=daH;MVXgmAk*``C4!_S~Sdiv4yiE-m54s@#ws
zm(Q1^TMakobVK?Z6qp;D_4~St?0bl5ZSPQMO<o2K*EgXdx9S!0d8Wu%D{Ja~!s30j
z7~PLVk?VWYZF=U7GwdxJ3Plj{c9TOtW0Dd84=Dit<^<O%7H#Y4?4`VYeH4AO*>xlI
zmg4%(2^qO@xw^GzZ#5O);?4hW)c&*FYX?B5r>Cc-r3K_dQ53-aMMXuvzR(a8;CO)P
z0s1d4E(UMpgD`gtPB*#f->GWf;)*kJLnyeLMjU$c%Nvs1^3L=PAAR4w>RV-ZQ!zKE
zym8LOaKGRXvCqtAU<JNI2-mr~xk+Tmtyx3ASGKoIc%4(7Ta`aBIjDzH=MiF*j<a2p
z;jIh$o}9lsV%_(=xJ^E{6T-kp^tLH)^P#*A#&fvZn3SG{AtG2QELPTaB#Zul7WpBv
zz3uO}N_J!8-lD&JXF0bW3b*C!W@f%m^55P1-{0=HD(cn}`JN7TYo2c_)$d^JR`N!F
z0RPAh$~^dwyfJ?RGP_O1Zmi0{tay%r23}4xBv;bwzWjbBZ}{wX)qu_~$$%g@p>YEy
zwA=LxQ4~<6J}D)gr5zN*V_1J>Z`-wR=$SvLq0sLcLVc<UG_Vv=7aM}W1N9@saQ$rd
zW7_n4)*j@$Mf?44{^!x=KjW`mj_zqN7(6^Yyu7>u0s<l<BYk{)0BR>m(r7dW1qJ#0
z`xDTply^gRH@V48KlXS*HXisNIPP>Ubv!TrZ`A0=HKo8gY^-d9emltSCO7@SeTskG
z@mgP2*!QS`|GrTmW2PTCp}7tl9S)m(%?J5!85sAgCjCz?_LyJTZ1(d;?TFNsD2jUI
zkw+eT>@kkxqNAgyPoFN^A%H(kCezbTKmEiLPmCWw9!3~;x2T)k^xpu!&U=B_KRL0w
z^5J<7!%6I>gXo)9r#{<X5ne3&&eZ>j<@v{~t4@<jXs1aK{RTAuKFBV>tAvDXG5(8~
z68rbcFciP}wVT}Z3(_|RY6;&x1O`li_)l=m{1@hDH~m{sySy6dbh`cf_rLJM3kHKh
z?2F4KM^5$i^<A-I#rHaq{BHr8KF<%gMKi8svN@1kyC1SqB;I6q>+WH0`cHN3eltM%
z{+ZsO6<FHNaQ|Fv=RRW<!l2bMl#S)TvpdU|j|5Sr)e#tCv)E7^`~P0yTN<VQD0w0M
z_Ynz|R!d+Gn^i!uf7iH`rxArps~|ASZsq@%!)&|BO>T0Nn|`XO9gtF~oI7`Jcz8HT
zk~ds7H<?U9K|zvdpPv?R@4HTcxuE%XthKI7wEdpHZhx)TjnUoopM~hRzPTm)e-xkx
z4g2<Q*Lfw4&yDxC)12(^ao~kc<U6j^^`TjKjndY-b=8jSnGc2;M0P;Txts48fxk2w
z;_9iRCGEoOx#L)i1sO12zT<Y+fHcU!>wd`h-D+~(j>0gwS#ZlcvbXydabC`q{0s`v
z2U%0m=^ZD_7d`NRPP7UL_MP9}%-*dpqk;#OMptw7^!bw7aZ?tUaEcY3t~Zd|U%cyY
zrd!>kb<Z<ya+90f<VNj34l^heinVLkUc7iwqtV>Fq=7f>?d?B7hcGhoE+{C_>vR#3
zkpmak8(hu<=JWFME?v6#@WYRsJ$vTVsZ)Ra<Fl?1?ymImHvIKh=KEht0m+>J>vsMh
z24;o0&zs!zLk8f0ZYJ4XK#y9WZxafoy}PNUiwcQ~#kj6hhxSApvWKPkqYU5gw^=$h
zl3dsEE;|tDNf-LS?)RH5NXjiiDr|K3f$f_@#y=Qk6lnn=325da-B;;HuJ9O2aySS8
zbnUhLBPHDYx#JkgBQ;LoQjkPm_W9@>8WIGRuQ&CTjyYX)<Fbo%UUq{ZdG^KSFz@}`
zO74CodlnJ!WA1Eg>9)tlNAVOb_FY<qH2{cQa#zy-Ep!eBnS}oGB=aE>6Dq4Jbw=-y
zKpz46Ib)$mcn10#1Tz5iO(y$(?Dx%#4P+0IJP=F%qy^dIf@>g4-h^Q=NCHFJ>q-tC
zJ~?>eojytodMlP3gkRr$vP*JImb?tyG0f?@+vz48eCY=6ZgP{G+~h{>{{(6WD@tu`
zZAnSV?Sh_?B&pZye`*VijM{hY+8GfZ0Z_YZ2^{F-R*=HPfQOEb_R^9Pu<ix~1SBUV
zyMC3UO1W}#IU<!07A{@76d4(5GMQv=sS@UZSONUs4O{gCKX<RhZu&9gG`$8ov%}U)
zbEv_fV<}3dAWt6KcHnZ?Q-ArJ2@$mh52H?l2r#g>L8oG%+jCT{R?!X{&7(S<hM^o1
zFvgT5X0y{UFq7<l8$lFG74+3>b12n14^K}LgYhQSYBfvQ7y*>4<`^0}K}Ru_N@+2h
zNwrR?gs#MuYK=iJIq${@kj!fC5io^br)DTh_6&>4{>G&{Fwn;o4ub$WXj-Y(Dlw6!
zDZrant$?B3A-77(ZskN=t5rj8rRXb41!}Q6G+GS?hAP5dIJ{*`k@)eePjM`VE1-{e
z=(7Q6FeGZRSWrT#RjV1Ag63`lqEx9EyM;p)I<<o4Fs`#?`B%$wr`#Xn@8J`b`B+Sr
z$k_#q)T)(si<uQLy<W?+j1<X4R4A1KM^h}K(<lL(QY;bFZnGgcsUR>p7>#_~p;V9#
zD=3A~D3x%MRj7;}UK%ArQ<Okx)GCak7?4b(QQ0lMu2N_Q=nMpmu_R5fFcKDyt5qr%
z)SMPT8X!aQHjYHx<R&+{$xUw5ejCUjElw(x3asMak?e+Ojz1lO8<SG}2e7CE)q<iZ
zo6Y9s<>lHq?C9tKup9iO)oMXv0Pq6>0ulK}H;VT3^njNjy^O+JTU(7rBajAouBa&g
z;Dh%cdE}9toIwhO0=xl<0q%!RFcGL2I2;auw9IBR_!USG{M6Oe<>~3^a+B}I?r!>C
zty$jGB{A{B(Osu67cngF6P7r0`b1mZwH-T;*O>V)KK$y=J4cbY*jQP(v3l?2^0rY^
z=a0yWQleOK-q8a`&)Ik^WzeW8<A*d|Jao9Y-5~V#h{o9q7HJU+FJdG~G*=ev-h0r>
zD+7Z)C=SNeB$Y(rg=2?~pEWaB+Mtn>#tiK(JF)sy?TB#W`TVPPL_2xL+>E$DL5_k0
z1`B6DxP5zJc^$)}F{wkRj~jIL=#CP*&*J%G?RG~?>G=c2^yn1b$#eO>{vkz|F9jy$
z4oeO?a$tXbyM5^7IU_ToNJPv(weRrhON^+<7(Q;|h^*2RyUx`(0!`@U%Z2*jES+O`
zWL?*-)3I%KY}>ZevD2~5iqYxVwmP<L+qP}%)boDlSN%*?uD$1)Ys@k4F#vIIUfX!=
zMkJs&&*1%*bR7w^FY=MdHu<|y#lhujtEs!CDGe*^pqF$Qaa3qExiO~#fru}^>BL5~
z-S}oDt$>9z`f6Rzp|K%FyMQc=%<pO?U@t9ZtDpd&NVJlop>$>#vXlBynlNO6a&!_+
zuP*=7u8N+@9*4(r>O?rKqu_lc&c`!EjV57w;`KQ=)j=JZ86A!LZQ@qXygE_KMs8{4
zlvUEaH<lvtb>p_+5u(`UukTz1_vo%KpJW!l_s+*5YWU#?=`VBnoEa6D-`{G(Xc5OO
z=$kqkHE%+%`!U;EdLCZOy=WYeQIq%_t{2F`#$wN8yFj-tFyl@2jnY1nJ4@A@^3!A)
zGlh9#ihy^^&u{eY@m$~M@NltQW3(HHMD-m7T>HNCzVo_YfsfPo%wsVg`P|(O-&I>L
zSG;<!);(_lo`E=2kd1Gk-1dDp&iM7#XTYG>LFLn)*I0C@W5JsUMRv28V&MBRD{0{U
z_1b>jvAMnuSMzl=nUU<%^spZzXk~3(Sz7A**|?nS`*zx7tK(OP8=c`B_^BZ#7O#p)
zxcxQ-?6vk-BoW3(1#6BH8ru=NdT$-`^tXIhMeF3PFl;Z!x}BtnG7|}9y53_rc~D&E
z8%bpa4URL|ev8=k1w0zy(_ZxfrxM+Izg9&Hiztvuz<BubRM&WE1by!-G1(j*ZYq-J
z#veB$RVuCN1wLo7%6;}j6>w0S{pQC+Ums<vZ12<6ie=a9{=_^Ql^OUPJ7<ibalsxz
z;0q&Gyc#Y>!-Z+}hnk7mzn^sy6w5w(EyfXK;1QH)hY_u{jaA*5@!)azwU=$ln3+>#
zX+AD(3+e)u_9<u$I?vZieK|E(yXQI#UJ_@DNGYWCugN)C1h!56PT$S+J4B<6l?~Z;
z4f_q}HCj4m3cisOJRUAewF0u-B!oaq=%e-N6dPW>cy1RPvxeih>8*9oI=O;=MBCMt
z`<c_+mx~L{>FKSv;UY+DIg$M87;_g9D=XcaqWZ6gIA`#H%<b31IShaZDpV9<y06#z
z9fnSHZsFb8>F18IkD<3&!&kqC{;5!yGjFo}mb2%|!RjbV7hOYHXp;bT^e=U1S2fYM
zlGA$%3ZKuZcpBFHB`ZAHYD_f_a|FD~W87`P`zC{`<Ks<POxGH2Vl2Ct=2OTft-6gs
zKC9>9<)%wz$gI_ZWK-ppT53r;ZH{-HE^uFUEcGHGqnpQ}7IHxu8R8k+;lGCEp8>@u
ziE&)`REuFq2t-zv-t_nDw6Cu(QOEb!O0985db->7+T%z;3<Ly(&r2^<XS9Ai8Sfge
zkW8%aVK_#yLe_swrUJ_`3pO{G26Ho$Xnb~9!&`RiWfK!Kg$$0)!a|d?hEt%w5jgAQ
zbHBPkQ~bg${CJpGOlJ6ec<%o0Z>=|1vwBQW<U8Hng+caH`8_uvod6_Q4t^&qs&jtA
zw=??Nf)ihCcA4IRF*0PPf(q%zGkQJCuCGWQn-&f&Xs$~}$*4WC%?4VnysRb+nf@$5
zizd+Am@_No^6txj2!m#cLsTzDkHP0n;*qLm`NQ{C9?B=xYgZ3PRYe>-o-)-~ve)%`
z$q(|ELOczYk-vJDbXffoIWYjZVjmSga~FMI%xI!819%S+ym=AL#%AH;eEZlKj<9NT
z#K+pH_`TUt{SZf<6ZQ8F#Olx1?91RT8k#RF|B~PKt+S~+B5_PgUG*1t`Jsc6(p+w<
zGsQb?$e(z)SCNfC95iu?*PW_i9qmc;=<EajK+%pysp?QrcYIz?-{_PnTC&G40OpBw
zVduj}?U+a(69vCOzJIUtuXr0Eee)K!v8#S>AVlW9z|WhSat%!wa&~jFSP@8~zp@Jo
zT}}*%pd`;gHW3q5-WrWio1T<;e%?$;O~czeU(|_;r%_Ti*?)p#^?Tgw*u526`trCw
z&zN?X8zE5}G7>FT#1(`^fz0Br>(0#|-<}VuOM2j%(V9OF!#6GPgctRQp7(l*#t}T4
zXoZ82Z;Z}9TOt%2o|pMv0j9CAZu~VFhGOr!k=bpW>(D#?NAK&_+d`%!lRETNj6r#w
z`jU~C_5~GVAZLK?m)mm}$_Z(})lrwd$QXHdXruR|>#Q?0dXn&sX?i}Dl_zq&V(Nbv
ziH(v^EK#aI^66~U!22K29t(UxA6*|MV+gX?EbnIWM0=}Q&8EOdbi#cjtsAs&%;x_^
zRd+pksi?$%a1T3XWn}>Yt45a6r7EQjnshKQFkV><931L-N*60#`@Mq^^K)}TW5qc@
z2kmh-7>o<gCQybUB_V|nzIlA)cmLA$7V);bLOyu+UI2!Af&mx;ncSc*uP=M+6N4z(
zy!^#bpk8u<P{aaIku$N_v~T=ygI!YzB1Po?sxrzKbRJCw!cktBm9J4!P|~m2bnc-c
z_h?PHVK9)y4~u5A>Qode{`6>CrB)wchs7873=J~%YQJO5!oUtCW+I^^T{5fu+4;$*
zH1*pQ9#Sqs`UuaT+oQK&`Hz=JDs)d)$pSE&4u7%m8Ac%zp0U&G6m|F&xE-rZ;)-9r
zTxtRN@MSk=_#gzob5Dp@K7*WClz>^gmHi}Z9=%4#VQeAeCQ{S*Z)ANuwC>@IKZ;Mr
zFt`WyZ;;vHrnzwVdNj)4qUEy1R5n<VT-#KYa(0UmGbnL5*!Y{rhulju6=S8cM!soi
zH{RiUpf~7|_=I%T>hOUun?~8tLOE{{M+)8uTf0=9b^$lIc!EQr^w*P{n|zk{_OGFt
z&v%Ur-O!J>)nl{|Rd`C8B(cLH(QDsU=e-I~(*2<Om~07fCS~X@Uwy70%>2W5GDYeQ
z?(5V^&7p`lATM(#2!BUnaecI%#+qb3At-tIenW|STFc@mP8u=t`E6`~rG{gtp(3QJ
zmM4N;kF@>&3n}-5Y;c%EflMFejCoPRxn2D#*)ev>qLnMR^*^dmn`5x+^E@RbCXx#M
z>oN1u_-8~yE|A>Uy->nH_kE^`T?Z*V!yAqIRX(QQ%+W@C)8{T;MJ~b!WbgY#IX)+O
zp&C`1w{PdwwREI_6^Caj&QE_rc&~6^xU1dsQ>C6+Xpc&}`}Hjx+<o#*N55I4)^3za
zvXN%CBsA)<Qnb?y>@TUm=6|cdTeRG_{jT|+x0@|A%|NZ2>*1jQ96&F}H0cjYQIWt3
z@nXg$*MiK?wbFvaEX3%+ev%-BfFB9w3?0|m?bn_+0llZS;F9ZB;fk2cq+DK?GugOm
zN^&iPAiuKnkjbb9s{zYPXhKGYHk<88*)UO&ps8G>`~>yr-R&O-3oxz7=3q0hqL6)g
zgQ9NSTw_eZP3z*7<}ERju?9B_yo4>!*#OM#MkY$`J~Q_kx`^K`5A<*|OxP*l6l;@a
zP%fB^fxY8gD?6#0!B$*uZ;?@y6$EO<jH;=Dzd944XC$UFd4y}F%=LOl#~Vw-n6U!_
zoO%JCQm_qK!Y(**8@pMO+U*x4)|>7p!CRCg{U*5qOMSP{Gds+QMOsXn1nK}y@2map
zSG}4Qmzx9j5SbsJ_qo5-RxvUdOuiawjk0-Y#T^4nlwy;_HDqPWAOh$+obuY{ag&nq
z(4vS|>YF>qDV&~s-lM(VgX68_<-E&s>JEvBF0fhoeibdeyuUzXL>8EDzxRATZ@C}$
zN%uRqt!HHDtQFRrlmH<%|95oaexg3F{owQ8%0dbLXQ==R3&PAww{Fc5L%{2Hna;kt
z%B@{#w%z5!L906j5zwqnze7w<e;L6j;0IKX=rLubEG&RT`hLmCo4W@Zdg{~DE68&y
zVdS6Fb8~egBPF8=ls@flQOzkSp~c7H7~6$~|IS=^csJJf3;9CA!^1~Lq(I)beU7uD
zqY+>G%7NNIXDUID?jJL=t!IzdbNlYwt>FN#u8!Ha8?@&i$XF;jl>*7%K+7vIOm6ky
zut*s>K1gJue>|gUwxD>rTl02z*uER*$o{v|VWN1<3A=WIatv|FydamVdh6c@Wi-f~
z?}Ntf;=$0T)JkdPFGN;;ucb{aneFe3{%4WTC^unN<EyMKnRpFUN)Co;))SfPq^a(6
zNBbhkUnP8zLO2q@n6pt%0lh~f>$pHGYb;V<R&zdMcQG@h$F1ffG*)tn5aC9xB4*sE
zyQu)}a?YPLrCu$?&6MKAXvg$)ns=k`_FV)AMX2a+TF?BYOI8SwuVNs|mhg~Sf6!uA
z3SIWE7zK5kjAkEdzx2Jr-F^}(BW<%jCnVu*S5un+w8f@dpv<H8Pk2B@X&H%h)ZM#^
z+Q?iU2uM-Ak^7Qy@H}0HwTXy+1*@E&+Jb|9T}k?Vz5&JsUP@NQR&d)eB62c|G@xa&
zq|4Pu{<-o56^|BDwYu2!KizNjQjDRq8(WZwGGm8>@{<Ud*6iMdcXvM}t4N=_P#{p}
z7gCHAay7W$AA&`%oeeSHV@g_}#Ju~ey*&-f3Y^`j&#)8p1;tFO!B!B{5YPQ`)wGn6
zkA`wqeJi0(GgTw%c(ZazMH;M`Cw%GroM=ii=lOcrVD;4w*xfMh{XdP(2s*d3li=sb
z{qc17%U*=MygY+B#Wyp^@A_5X#y${^46k1Lz0I&?`W>0WsDp`*&u4nJ5F_|S#X;fL
zHxPy{PH*s~_FH7HWVXNnaH-~OU)>yobm;K%^2VV5p`^bR5(I_#br^!Bt*zblb|%|C
z390mTK>bTxShL<t-om1U3Rb4b=~fg847$$iu?*<35WG7v*3#0t?z(qVRE&`*P%Br9
z;s2sdl4%6?eyl94p$K?Gbr;7ujMlc6Kg7*VO{WcNgn(0y9Ix+lvIrC^DImy{BV%$K
z<xKX;2p71>kBhk!^Vjb;#*c4MHHRJ_Q{^q2VF#5k=T|Jor@OI-2bU~RN2LbsBA}6j
zy82R1PM)cmojUS|00qW${iB-NkUun1=O3|?{PK`XOa>Af4zii@=EmAVpb-&jPqSOr
z9i0**Ra4oeXfkg?F2=U3;sH8(p;XB6qcJehjTMcM01X#a$;W9jhg046es2Gm;UJWv
zF!VixEBVyU`aCbT<^}}57v<mc-k`VYaYlB!|2-RNEDu8KK}hjT$*m$EQ-ZtF(bbXy
z90oRiRo_a}5+<x#=qsQeU(G<x7C!Q3;oM<L+oQ22RD{%cFUUJ8OWsuvk&SF7MU{$2
z$BLc~6C1g3Ag<|8U70!sHM2tbfX5FM2>qgY-nMigJufjkpj6tCYGb6@^DE#Ru(O#Y
zwvRJ}oSlX}rR4TQ%`mg^<&1rfl5Zu*#_|jy8j+GIQVc)kp5a%E06o1H+?Rurtvo`@
z)bh6M_^pVseA*JDObqwf_!vEWc53!jsfZ;uA7+`9Kc}pup0Bc~jGLFeXcjROZoyi+
z<!oW!xD2f~397MZXC)?Hl@hh`(cB<kdx^ZPBE+P*`^=7>yR2xnC_FsO5CrCrFs81;
zlHAq|*r>=T=%-6d>$4&h;G_u@V?%=Ff70DUjzP)~6^PhtL6{X24|ott7mBY4k;}S7
z0Kf}6e!;2{L?vMkEY|-b3MjAoo3OL9Q-lGD^}vo0qy`dM$qfOfBrh+U3<G$H`FpT}
z@^Nr|ZO$P|8PBv4Nwu`NgbNP|RM)`YLTrA>`g(Y@RIqB&Va}}74a>#a8jA)g6yM)J
zOKvc%Z<c(9=0Ev*Ao!G6H*nE#T_6g>&Vv;o#KIN@=2FA<cq#92jb?&&pmRw$@kR$;
zNg7hg|Dqe-2ZzblicTWVEf*7#NrJ@9S)o=b-O*Byjre7~)10U`poVbV{W-b(sw3cu
zfj+E)2%_@?EFK1?uPzfm5gL&y03t0H+v?P2qto#+Ol5uE@3q^+uPAD-m+69*AW63s
z&cDdljy&|n3S$S8Fd`sF$P3?O>UPc+4OLW}$r7XqTBVeXIXoYt*aw#e#BsM!q7v0(
zY1bjQ1r^QOm;bpmRB%&(Oyvg?pE#>i3%Qa#(@&IWBTptQW4eA3R$`R5zG38EJNJ<v
zF+z?bkA3LK@R6oHV5tNi%80lS2<N*H7@7^BY_JmXKgr>rgTp)imL$p~{}Ylg3=?rk
z0?nvqtU#^6`r|-H3E>pTqEWgaBnL0gx+4lI;~(U9d9~X2f5pnN<TC}xCMHEK7$u9?
zT6hLol6}<*7pEHgiO1(5GonKuw<6iwOMF-TvljlUH>awir`u@m*hw9jS#ZZnk~WAW
z2h42C&o3}#V*~`cgSm5lVhbS|Tk_b<{Dli5v+Xgag7T*n?PucWi|WC{zu_0<EtGtL
zF>RLa_1fVCS(wYrl$okG02C5%$b=h?%`C`olW<X3_!Rt$nT5u;4oQ<W5>*Zk^(Q!O
z*Pvg?wZx$b@N6h<{HONtHhE1L`8>a3DG_deMx$q<HH5*mI9loQaZs}!D`4jdZI+d-
zV{}7$3YJUeK!?zkJQQnliLf6QP6CCnzLNrS0{T#n$7=j9MxtiDqT{DCZHNj+9=s{c
z3>y?TNGnPHCb=fH;?Fs}U>L}%Ovp<#0UNAVSU&68o(vj3bOI&Z011%Fm<l>th~z%K
zNq14|5?#sCF5s+keg=`3d{WN|&|9$~VDdjn^b||Fn{I)j+WC%PJ^*P-=)5EnO$^7R
z9knI4^PGH7TkJhsk6Hb2+J4H)kh;p;{KlEn#C<+SRX`63OcC|q8T-#xrd(gN&-AiS
zU@K2nrv8_+VV#aItwSU;*JJOF>dbKU{%+fzkyC5JeIRxw(?#=W0W>}s2tg7<_f!A-
zc{iRWi7&4ml(#<uHW!#xRI5P96pM09YXnguXpFx58%xdKYvc?15YPG>J^0<_u&L3V
zo`q)Xt}id*6C_K<|HL$4IlycDX6z@xQaK5Q=d2oQ?&0VB0E~lg$1T!3cbTdKL*BnP
za)V|F5IL0%wFu)F633p%{!jn^Z+9LleqFc)*cGvo7Bde;9e8sxrP(l$<h-`1eCUiN
z*~;p=-E4m*dG{Ucsnk(O&U{t)a%t?jx_;+z!&7~E`Pz?MLjL%APnTs7$5z@<%tJ%C
z5dZexv_Fa3UQZX~_*5+Z_kRV;fU=Js6!`a!#eJSs>nt%gsxdwEV`FRJrS;SqP(_5H
z<9nDRO|f?k>igoIhnet^rvo--0w8>bH8}aW@)8fI)xaz6`;d-clP+5iWvlVW_X<I^
z<D5U-j~ob6>b&0^@M!dG$eB*troV}b=@hc1LsWKJiGHnqZ)Zt$F-0bj^)ffy?6>_n
zY3tfpPR(VPws8CQ!FhZnNgPm0#_BFt<biYKP~V<M+PmlZ%A|;P3Jcuf5O)Fgun+a*
z&-(5E`xhNY*8=CFOI1@-+4}V$Jt_AhWHfqpE)?kC0jkK05avr&TI(i9Z*w2_hp2^f
z8?z1vBU^TmLYscR?wEJutBhIv%Ie#tD#$ZxV@MyW$QU%H){~3I!wL?CO%ES=tRb#K
zw6D9FEmyIzun^%l!6Isa%f7G<k{^SI2(NwsXPAzXxm@$-YpU|gA(*@3`ej6r_R99t
znQXmHx`2Yd7^87duOB|h!b!--ROh7yP-W}*u%Pc(ONo3;hMoKqO(L>Tr19Icl<(0}
zAkJjbPg$!U*k4NMH$lCAvr7zKfPg{RjMdKN|3dkIDeC{Fsecy##8RL+zvGzBY~Fe9
z_Is-h#rpOc9V3)U6ykPK90A?q3czwG`o~~DO-n>~?c~5EL<{<ol;C?%*y$<eUn}Q{
z*tJ_ESY)r&LK>!PKlBrt$*c75UY5MtdUMrvE(|EfYu7{OL6mavs$*R#43*>*xZOWd
z%IF%4n|AztIWd^b#!Rk;_S}37L&+b$RL28jsYoUiw~Nz};C>K)@|ZJAXt}$chY6F#
z#u#!&+SMWaNe}$p&E`_{_q3*dpi?{k9RXZI_tmM&8h5S^A(QE6yPG`E%F;0gRu_rF
zQGz+y#jc;r1tDj<CqoppKAE1=z<n&4+mcFW1h7NG_Vyx_!;Y;Rnf4y{xz1gEgG))9
zX_j?F`o3HD^5PAuHI2)RK>Q^J#8bT;{Jis7jK%xw%7J`Av(sy2$L)Kf8LIb_DY3ii
zQ9SHNYeEm*U>7dT=li*oy}7jx04sDSv%vlPX_7q34D`^_%rIedqX5~zuYK}jiUhz(
zk4n{db5qAM8Af;A008yz-`&MiGM>@A?9`12F(*d^A<cZCH4Hj@htB{%)xzX?NebHT
z^MV!e!J0orX2Q3<&U43H2Y3bxDaTf3cGruc9Kn23b{>G6zu&5;J86x4yUP;(uYA1u
zI_Zo6r5ZuOKw&w{B}$)<HS%wBJ7AVUkmB{^NSnC`?r|<WWKib6=5|@h-w2OMqsHdn
zPXVi$n|+2d1<8qiMHd_(vFtox(OmLY6P;#_TS7A7e3HCW>ahg4W4;N{A=<@3^C9{L
zF50xvfg+U}aSHut<%|E6P8-0j>a`)zS+OHQCD#ceRSGB_;|{^&dpwJYFlH6FjZt~8
z%ko>4tCMhysoD=Vk>^hvotE&y&R}~RL<;72Z?d$d^RcI9Mn1MXKn0pLsS{?QJ1b<r
zG(3{sX7CMTRjpi2zK4SQjj(>gqKk>xE@*GROu|J7>Rlq`5mXciR}Z0J|EF+DD<MLt
z#R@j8S1^pj-{j8YDS@;zuQo;)*023Y|5efeE5Z=btVO^?9*zgkqp=(RjzuM1`QuLz
zgi1Ua>2dEWJ{w)&PXr!<y#;!upRnnNKq|X}45d?K)Ndhyw=Rl*K-RVpq*v09$bN&Y
zs(tSI#oaR`U?!n6M=XNW4^lNN2pr_B_p|ssd{gI|K$!xd&mV-kC%V@H93BL`YVJ&U
zGB-gclg$Fis(*)^hLuS8+DJyaYe(~aK3~N=$%G<K!d1<?zq_zznGt2<30W}V6XnKM
za6>xFeJPRpyyGH0-{FFPoRN0wXUZj7!B?^-m6j_WDD<U5mT`IfS|Uu?jWL#M2%0TB
z9H5egD?}~25ZV`pMxBo@$qJm7fq)Emc|$;5>8`W|7?v5tVx?gkf6$C3)Yc;s&Xzcc
zTs3zXx<Zru!BtghLM;cG)yWI@KNHsCa&a3_=9_Fsu>RjUs|+lk2mky~TgS06m|rBI
zJODT7Q9E1#EbU8G+(`yF>0BpW0P`eWzBZ@DE`_M)2n5^i_xpZb(Nj*mW_A}%5i}O_
zsnk9D1zn!n@?Q&_==%To^Zi_(8_LZQ?KS~o3olc;4w6nKp;^BjPe?O0O4)52HGqkR
zzsWm9K@qgsd+$N>X4Uoinw+<1?V#ehEFL<j`_sdx@M)VEbeW=eE_l`bPLp`tq-4aT
zw{~&ia8Aod%P%75wK*?&v4BxcyP09IavX;!c~Ig_=9_o+uw!_9AAM%@n#gBGU?7hR
zTY8d;21jaJtVfJeuuo*FWn+N}cpTTW!2{TXb_fHPBT1qe8H>`t>b#q5xDWQtE9kfk
zw)%kISwp=;u-};8^q9kD%a+_nqEI{yVsXSMs6i$Z1BPJn?(01#lfK->^XmJ`d*?@^
zu<R4`J7)!#Bd~vU--xUg4WJ>pd$Og~$n4Z6NE7(ITLA-`n1b{J<czP?9<BiHl7ZVX
zuY=TjA@OwI2|5m#a@KA9-0Q}g#qaf&sGJ5Oh${D-oJ4z9rRMdgknin)4>X8(SO!$E
z(OQpvpWFQ?cx*h>{ZepAdbfaL5;rc%pER(u-RSX;yjtZGO2Uv*68q^dOtBZs^9V+}
zmAdkjU(q?-eil|_idu*^o8A{T0UBas9k0%xY|yk^da@$tw&?sFfUFXvE|&|7G2k4+
z84b}!-|?Z3y}RUr_bPQ9J%>wkuf=(ZDqC{3sZQS9TH;^;Lzgds+0CdXtb~TE)p1>b
z*DjOUUD+(r>+#qcQZa`J$FRf8%ia@<+vo$kq1kA;YaHdY-x!oFw=jG>R6yHVN%i2_
zq3PYs%%UNE>MXE2I;+a<<e0vLlz2qUf;}lE#(vGyU(G{4qxmQQ+_b{1zbMEU?>auz
zd0H(Dk4~tuB5#TebWYNYXntc%p|Ga@yorI=>RM0kv-z2i#oM8EqA;au?Ztg*di|nX
zV$Tx?)3k|Iv|7D$9Xti9rFE07B`TrRJPx{)WtQzJh7MlLRJbzj<ibC%CM$PI%XCX^
zWVeds^jNDK4U$)kBl{|D9^hhB;!`#{eed0RwWbHYwRJ(XYXp)R-cSgYm_DCJk-0o|
z(PBaj634)aBV-?d)4~0}CS{wfIV2MJd9T{SyfCNRX#QOFtp5oW$K|%RA{ThJ`SDmB
zTGbSl#ne@NF%Vzv1}-rG1blkFLLDENX<6NGdmqZz(>N^LY)tL#+jn%Li_gw=h+cQJ
z4^$zHOi8tPS*_Qpt>@QEN_hO;_I{IAYc3fuf@Tt_JTL3KyIQ~IZ7>R&BcZ*IR&|TV
zW!G{wd&kSExP?|EOiple8&08h&o<>+?|L*~<8i1cw|Tu|RKIQmVVbJVYKN22Iho3L
z-|~I8s^_v2JF1P!vEg!oAVseel>%q(eviSr&uGmfl{`s%15R?AvoLM-2oBW{q+1I}
zT$7)-UIy}JRSj0&uZFih#EK{(0lM6-9Z4G0Foh=%y=bqG(4z!vUz5BBwn)*k&l>9j
zx_A2GSQ5)wey5X)iNY{Jzxt4DKhO3t)=eDX7{Lw8UIws{qBxl8X$O{r|60tp2Fd3i
z*F5~q8c(_6(aBe(UZVFo_h_}<I|!@9a`&r$#QuZAqE8CF_b|11?f1sMN5INPYj=Hy
z#DUMC0{xU9@1!QQadQ#8Nh>JeT`3yj&gi-Sc+dXSD+&qafp>ujJIGWiq2^(8KV0qx
zfC@zh&2VRC<RUg#YFG|GG{9VP-SK{gs_xRYT#hDWZn=0lau;|jfm&?9%<=F$<sAAO
zS%JMRZ{Xw77{c4WA3<PF3x$M7cm~za(Y~?F1AvewT>Dt8Q`7M-NHFf}aA)uX9Ji(`
zqfv5O-FNACMh)K*Y|~X<>@`{)zJlT1jinPLXZ!FjJ?4)ke|%mu=wW5@k&#Q)ev~tg
z>72|tuOsP|4kLdpd{usXT;mb;YoCWdU9M4E@hMq^l6$>CNrt?5z5g*QB)3eYakid(
zrF|71ZOx88TQ+!)owXQOynK1dkS8t`HTJn(98XSen6p9!dxKYE0JNXVha52=o?5tl
z*twgxVx*yz>N<BA%ad<zihq9^7LS!=66Wn_5s&;rsU8-MI#^-CkcF$hu-aA@jR{kV
z;5h0>>*V+`$lOpcc{>Xcp&z10#r$ojn3B`%<WeJYFyJ95?vE=AuXF@Xi@SCzpF+>}
z$DnoXem$tusH<!=FPz?-XS>^kROxo-u<AG_{gW?=8u#n<@-m6dt*z#Hf4nJAIbBXM
z(hPh8VflY;F?zCZGc@o>%OUN3$xW>6>dI?g*4^@`s<TY~yG$hLZn<W^MVNxKQ-0yK
zTW#(8K64Q#iZ(r4J3nlGssH8HOnq2Mc?Gt8L?-#QZSd_|rf_q|1TJp6<@YVZFY)=A
z=FYztI+4aas*jZld{7I_VF}aHY|m@YU><tnNCTN~pB4E_gpdtF8qHoAiXd0JZr2lG
zy0tqj*hZLoBYf;Gzo@6_r^4@B)t96>GpEz|%3Ipfi*YkN4`(LiNc}jd_&ksLTC-tQ
zZRmI$TL0qhMUar>DK#1hq}p@%KHZ^hX@jQmRXyeLBIeL)v#~gSB;s(4Dcf<ls$JHu
z#0CLkAPeO^_5wm`?y|^rrl0;&<uBnp;6eocwn}mw7?Iu|io{F6RDS;uq&Z)+X1KhQ
zNqachYX>QNG|Naw;^5(r`^hJpP9aawc^^T*ia8O*N_@x>>h5t@aXR10E(H+xb#;_B
z4>#M+n;YH&&~R>yhgJi;Ub6vaQA*Dc`f8{A38bNuIqV1~$Dyv?-Y-4;`+g~`-g23P
zYpa@3N}KGiSs2NEG7)#Lf*%xf5jz&qN-EG2m^rJyEtRjMSo(O$C)W-$#{U><*0ih(
z`gJ{Xy9(ypo7-kCI`8@^7jpyl5RRu7JS^f!w=Z@dl<SYC9tv?84S3q0S6X{PjZJ4N
zP!hg~02)8A2OArQmpE5j+Czn6cdpbo@>(z%RbYX!vO)o{3pFG~9<mYb?K=J-0WE+f
z_u(&AAgBoSpwaJL`;BLNzo?#7W2*CcV#56@6Ht{CG4Y#2OA7FTpApeKx7z6?H*N&h
z_R|z;o7cg7CozpaV-Ya{ecHgiPBs*&jpISk`$<^0JC#)9ehZtoZ&RyU)sjtNBp|2R
zvTwb?dVNY(<^H0C+uYvN<#N+<{WCQA%xtJxn>}S+OA7}g?R6~n%`rQ*Df6Dj={d?y
zop&#Qp$bs0{kCE9M`_V|u1fSho&F4B6Njffcf$K+$I(=2^Gc6*KSX-jj*;8*Rzi0h
zvq1|keh>VptcM&Mo<Mt2kvTuD9DMk}b4d0yxr$*9A8d0%l&9oRpNSC$Y+)3Vk;AX2
zC^v=a1+P{a09nfeY=U`lVjDGg4Ca?H!qH)Hftk}ffsZbG$|}8H&jwrUU)a3gdJTGI
z<>zms3>Y|iNiBi7-EC#oI>SCzXp|?F9yq)&>2@;gX{vvk5mlZ`&e!^LTY$cv)>!x&
z76`I+GC7>{KMCqfa?B+@oO<dT`l7+mC?wWc#3BRskm9WAxmNw52;wH;5jx4AFZ)ZD
zU}u=7|7>5+f`}f9(EA~mBAJ=~ZW*#9NJI?kmMlX`at24fikm7-WfN~*k&|mvk9$Bu
z){%+e)lm;Q+}=zVFkT&PBrk4F>N({4cRV-c)r=hAs-scy*2tM72{xizL=-XQSQ4Tc
zGoLo7lQ8k6=iAXFmif=jGyu$H#_1c+*xd4?FSwISVx>e#`W`tI$2Ryk$r8g7sS*{W
zh(|*ikDsXN$EI%K!kiQ8AznT8w*+?cvMD0SSx@Kc7?-^ym!lAqc+1gMJ*BH45F+43
zu_G`NS^@84H6-eqmm@VdM6_iOPX`+_2ox%%iS_VlSvgq0iZjHk3knqoudZ06876JD
zBOM2_ipFFb$@<Z;EVQu9UoLmiq?9PYl}FTI(Q8!>i?mG1w;8>T$5rSVk|3d$@|cOo
z_>LK(ev27Oq5ob?(lpWU@>RbJYh^S4Ovy2uw|m?(&dg$WDkUSO?dK%xkrho$L7)4(
zAwLwt!tH+MVRG&pRrZR50O@S`#wpvyRsy=d0O#c9^vCTW<*-Fkj24-rJ9lDoSTba{
zV%DNYWtov6gZZcoWhhSV(Qc^e?8{C4HN2D*YSDV#`XraI$_e|Y9dRlD0CD)P{*N#C
zpv0rT)Uzh<_tPT`bqkJNok=ZeGB&G+$y-@1N9~0{Mh?Ee3@yUSbbpA8iVimM+W+aU
zBYjGz$378G`DQnc^oJ^L_nWW)lf}=oI~{(h#pCL=V+F=;goFD!mLjr^7cM(FvRbx|
zt@dvs7*#@|x-UsR4nml%d7Zv6?%NYKq*h9#0e&IX0NI7YubQ9G%}vSTQkcqA%rHZ^
z6AcmgtmioPM1#O6M`uM$+s?>oi_2N=Kq^YDdWZ|~@Ip;Wh@+}LWLkQ<Byy#JzMm?Y
z1+!jgwuQ0kUrw<Uio;YGT)%(sSj7eW@e<aJ|C3&-OFB2GXvd+XjTv<tuZ>-wbkx-K
zq%5pBCvG+%ABK^VAd1@(U7Og^%3N+&f;-_4LK&!2LRS%hjMEN$GsKp@7z2C?umpmc
zhQ0!j*VMv)zfd9cVL2y%7FZWwj3X0_i_xfeaKjn^_wgMLx0NpZ6e4r!R8a0K^BLZK
zxt~BUQ@+#^E?JW5Rj2547m_h`unm$nsJSSrwl^LTKwEBE@E$i%d37abs2CEUygZ5c
z9Tf!Y>YGDl*MJ1t`Z2HIcD}YgLneH-pmt9h)hqjlYff7W$}X27iw4{%%)ktNRe<Nn
z)OMSlSX*gQ{5|K?VTK76EgXUdk)Ugtd}Tm3?7?2#FRLPnt0N2yt;^ozs5EvjHW<Wv
zCUBpoYmfVv5opc>#L*q>zB%ZrO5a0vSaF9yLkpUpG!#DbN5c?4#@;^2#!E>6a(g#7
z0f1MIb$<Zdu=}V2-wmAnZw0$9mb0a(^?sfuu>IYs#d4mBpn`Jj==&}>E~9xreJrld
zyXU*N*S#c^EIc77f>zh^+{gnkv9&ftE;eapyRE6d-<o!|mB>q3Xb7TNo%tW2TUxE$
z+M{?<K%Xr+&bsdqwk<oqLPx+u#Xg1jQzjRhPUU!i`|*6^i+j01Z(P3n)J5n5$}Y-z
zG=U;L)AG%IL%JM%%`Z$Gp4-jg6nF0$k-OamVkE?i@#H}}Z59INqN}f6WEm+wKA*a4
zLOL@E0HAe?zl(D|S5j3bN@cU`*LKV{4sm4bs0H0}ohZc=4oj`eT}>_ElVr#(T7Ht#
zqt$vQoEN<<*nmdP+B;CyD(3cHz!v>*aFd$N($qm(tkTMSnQl{6yWXo21R*_J94&Jh
zc5lDZO51$oLOBZ<9oaMFO1{We+CE*X!)~`$tG{vr(fy}H?h{gjG>YQOvVW476+LV$
zaSA%WzlGuO56EE1y2`&>2XzacCm-Xdk}HukNYcOdBwYME|0-_7*-LaGAyE{@p$AM%
z_ery!G@N-oSpWySa}A^VLNlhQRN4M{Lo`n(@gt6NB3N-!xvXyF>t&7kR_wcE!qI#j
z4>69<jztmUmf)fj=;!|em+=wP$TF{_f9uXxB0W@!=p91WJ=gUb&?}=-siR<I&r_hs
z1=_IjbVNPha4ZZg;*8skXmCh6!M8|IOTMlEO_TqfCW3*D-7a`eOHC=G5n5~3Qt1RE
z({Ru^#w?O<FU6{F<|y(27!14=zW&N@CQ5JNG`F@3D(|GkZ^sx6kH+t(0iji8a94cL
zc918wXz@=#e!WrT<L+vwv)OSv!W#)G|3PKkmyz(L4x2W&`O0)x7dAure1+ck)TBIQ
zWi}f&b)oP&Ll{!G7vKZkfHO(o-e%3mBoWQ2wPK?uRXO;dW^q6#uV1^_c<}kKstN@Y
zPoDd>@0CjKYQ?Aw=jq1fS`Z^eWHvGmjuFE|FSDK&&K%&NFebUu7qI3EbpA-0;|RFW
z^^(Lf?`m<ErfZV$@%=0qxIcYF;D1BtZ~e=8q*9qpDoOR5{j|}G@@Fz6KU8ta(r1R=
z$3>8PC*Q`zTK-Hj818^%nM@gxUgzy*#W^l}&2T&_>s*0f%pj1E!+Yy%Vxnnh#*9sZ
z9+dj1ofQZ^Ue!^tVN&Gb9K>-V+;P|IBT1Ov=+HMX+T|OdqSrdK8nbKW{%S}EPapRx
zA#Qynm&tdSb;_lXl5`%T&yLq%TA_Z4x6~|I8MB3ZdVU$O@6kU6#<LJ(W~uD~Dnllw
zr9PLBBuGU~Pt#0O9Bp%ED(z_W6qCWl&oV>WE_JM}ioNg|wS-0FeZR{Vm7sEna=Y{(
z{AUide!zOFqxD)L?PCjTMTa1x9Lf8BX+euUFl)|f{6WH5^?d0vKSmCRoq=y;dlcg_
zmgWJnP;@){xl5b>s4~M&frT<>259Ow&E9NyKR^hR+eKF?w+wnISl2iJG@Q&g5z1;K
ze-T$KCyxbW*B35wyXa0!oC{>t&rc$lmwMTHxmm2P3^TF~h_>w(7ZMu}6>MPPomAa9
z(a+hQti&Yy2;MFkC5h}|q6_9KJ|h$DblC|KDrT~|mJNuGAL)-qUEm%ooHRg7I1th0
zavEDL@^)Aqw~v>EeV*aCXv2*<Fq5N57^rI+#y{aL*q$zDY^8gQX@$LtEnF<N$5g}S
zz072=4JM{zr;Asp|LYlmzQ3km)l(pWtbF_|5LaXhi%7y%o`+%U)cX6;FFQz1#m_II
zZB<w)l!3D}s5VQBPt-+S?wA`%SC^ay^QUK+!|8QLQ#$3*tP$K2KR<m=ZgUOJ;KkZk
zS$5h3pPF?R5|v<m&2}sxULQ|h0kvtRXUgsv#)dHbP*m0lDHfGqd{=YM__B}IOFdwm
zd|(8;xj#dYyBfjUyw4Elcitd$EQ#3Pm-eG`SU9)<alKA2*WN$~Zf<Us(ubms;=Zhy
zJZf5Lr}sjKfch2$eG?VxOv*~kaI+R_tl&ctD&$}>l3kJ0u1wKBh@f6%A|k)L1L^Sm
zpW_Ci8w8%0<1NM*BrnBsdh32>W@gDLDQeaF`!RT6zy%8Ts|~xYj=>-(q(W3_F_VLw
z-*hk=JlwC$;<L52wb7=)B@0tClZA2v11V!gOO6cdg};8T?l583<P<Wdb0sAw+bqip
ztPijE$G8jjKQ*W>20nqYwQ+HAENOJ7y+Kxvj^W|5Zrs2K@F+aaTxWmR&U`T8)RK{r
z+#N$nydBqiraXE!dBK8OY_nO+4OuUhGWMNdHnuhilUOL}dZ8)8?e?r>9g<(%k`lv^
z9_`2G{OmPOg7%Em0dfEC);aA{u<5#bmDzvyqogxTD9qN6{S;*US;x}a@RODNR+uFU
z*_U`X&PZ6-TU4NilMmBnu(kP$Yz|dkRkcM;<K&3wv@AaH(0of;j%Cin!zOA31c_D}
zjVkGmOg#S<@$Q+;Qg%*duCxC)u%~Y#V=NfJ#UcdHPdPS4*CEUMs#;xLWua8GcQ;S0
z-RcI=vQ|$Fj(59Na=|pDH<4|(CnQ%#g;!4{q6315T1vwLFBaCrViK>q@_y)3WNiuZ
zmGQBz{&a-9SLT;daCdsXyLHI(Fz_qNu=kGvc=`@i@;;*rFb_dNAqt3WWpSvJ8o!L}
zL;pcp+lxHsB!U=Te2PzlL(p{aZ&nRIE)ry}9qSSD3vAr#c4jTFk^8qGHmvqMM-|fQ
z4LaOqz!wpDG0OrkO`B)6paA`#)Gu1~lb8H<7tQ>-1_X<m+!68N*@XTL%H7@^Be~rR
zYOw+%;r%3Ffu5>ox|8nsbid;6MVmc*o^Zo669*Rs_!!Qq?Oz`%=(vP6UnlC2?`}=J
zUjv6{M&c!?jMO7tfa|U}F+Ojw{jx!;dZJCgM3MaXnUZuzlq+Y7sS74Ar}-C$h}8*2
zjDob%80cjoK@AMPC{vb?(NA7Q)_a&V77~i7>3N9ZnYqA=%-_E}R14uvCn$V?ARr(N
zTS6M$ym-qe)+SH+x~Hb3=4S}H%8^M@YC%B()1L`xA1Rv7exFULbd)ZCM}gDG$Jx&H
zR<91>&6d6kxkmHY;`&IkNlV3SFK|f!&p2G23K|h#Q(daPl834X)70EY3g*J^fAg*`
zH5m(5WI5@vUR$W);;^!nMRb@~!FuCNrm32Wl=+@aL~(JytIX2ja2jlL=^BF{?ql0-
zw*95xT!}Y9wQxOm2hnja8I+}C16A&Ho07z0al7iUk;3$4vqx)MtP0t6Ya^X_27aB9
ziHFOK+^?#m1ui@#47Z@55Asphp*oR>1Z7BZ6wRDnkf_Biw9-Wc2p4n~K7wK>#uHjl
zi>rzu|Ec+IoAv@04hIiLuwM{Yw;BRa;9ecB=juDG-C2$IyM+Gv%4GDem#h{_#mP~L
zDjigxTSyrk1|6T^scq&;3q8BW=>ws%$}G1-gG8Kma@0(q+{Ufb{}}By45rsE2|jO!
ziIS3&eV<m3pYC;)tn@+Bb5w&&)XS6B!*xk^oAi&HeDXpru#t8neeSS-lKI<VRI%_W
zePys`qPW=vJUF#_UuW}&g@rjEPokaue!ZR)A&v!!hp}0yWqYq^>eNi!*8KwFW{Bug
zyM2bI7`s12_A79>trqU{=h(>cVN+THB$b6dgng@o&@raq)P&XpV5{}&*DP4%v)-Cw
z&z~;Wv8Hm6U=a8{_g;<-ykXd~u5lzt;;Qu8|JCH)bhbK&lwCHiQyztA=UOUV6h~mS
zx3xtAtoc5~URv<o(k`=l?43nn-gsO_cI>-#P7e>s(c!3z<pF?+6Xq*I!trDVA7IXn
zkGD_ArbDp0ka*AX^>#PXni~1Y&^L&6v$TQ~28+&(>z_K@R;jH_6)H6uVgk)sOj_zB
zYKP$3SoIkS_!KG(76Cz9rqq@!(jq5()1L%=<v+-hVe@)%#!Tu~a-=sZiQ`6J&#30Y
zf1}P>1%FYPIJG90kbs!$&gyp9;Zq*Kwl12G;do3)o1!jQ>>UNQibk?)QKiX^Ijkcq
zLx-2E!RFCZ1O+_1^rFi!uyM-A=MojJLffn}5N^mYIbha@#ZogRv*=hBi74FjBIRKt
zPUD~C?nO!}%9i|{G1Sg@8hy_hdd3y(kYpV*F`<2$48|NS1n<8lARk1jhiHS28#|oQ
zGmC)8cB26(YEP(#V>(Ggf0Vb{GdB)Tc-6!74abMB<!z$IMnx=7#iB<9N@3dRix#2d
z4&ow6l&TEIn{hEF(VC)eSTIQ)$iQ?zVvO7WESgUy=a+&HFDn&85cGbvOn2^_HbY>>
zlSi#e2njID#oyT$G4u!*9@)S%_;%_x$f^2q1#6^5BSn=!t2NdK2M-oXrA9;i1tYFq
zp>7979Ht5hX2|BG7vQ)_zTcK&ln28??9V5gA!jCl*e0hRr}9rJuOTF&)$V(0C?iIu
zC~%#>2i$4QqC8~(feMlb#8jKRzL&!US`<&-3|p%ay*=IZw2^ds8-`P}rBcQy)m42;
zR$9amyf58yK>E)p6L`gp6C5euOQvZmxRES<g>Im>^ib0;^l+;KT}*-#=rLUBDGL9o
z*%2;rHccEZuoyNhZV8ph0Fi@@KsCrWd78n@q776iDdV47Cqxz$eKizgZgTVRE;)a&
zNGl`Hu!^-mBtV+^v5T=ujDfAY$)z8jHKlKT?gl;&-}9l}F0H!HHkI7l{8HtqsY{T0
zR`ch^alIBA5`R+V_DfU)*=bMQFUW~j(Pd&Ez;il_)j;ilOOi-02&YdLp=-}_wLv>1
z-OW;EhU*y_2n>jo9p&)T>S})|(l4^rVta#Kgk1|&XgYN+(n74EIY$YcW20$MjTG-T
zkF)i8|3>%oErPGrQhJp*Im2lYZnriqQ_NPGS~s_GdtvGI^D>q#H51H>A9)gh0Flc+
zU_^Zfe2Y?x18}J$sJFM5knqaP_cszQN#b;OVk<p*PIXr43Yv0B$oog1PfBrcC+cM%
zms|Bu$mV0d9PF>P=i&+*_WslfGeN;_#uUcp*)elT^V2zU7#P>hjSX<wQ@@MSUIaAL
zS*=Mo<9<5=oCluXfqpIx<4ExQ!EX>-P==~`t;^E@-_`2;54Ot1-*u_BPsHJ?&*{gA
zmhsh7OGz90g4k2GSq1eq(V+eg6a~U1u|^g_3Y4jKY^Kby97+G^%;KvNOR{sn4d+iG
zYC}5zw)|m|_=4B?x7vpl2)(DqBPo17L6Pl6(nA*)o<AW$DkD{d`ZQ4WNSkdkzEEZR
z)&YcCi>511U`>5OK{qe<!EQrFsS|U8LTHERT(4#~09tyt{co^`M5T4)y%@6jqwm;~
z*HKFEh`;0tf~VN<9-#g1RWQ*kcNMhdAe|vT#arJ|0Un1VoZA&5WZ~&iYu$nkShkH$
z6wQnI^{JOZBHEFd2{XsoXQ;fUa`;r;S#<@v)wscS2ki-m&40^mARCfNCe>*l1c&Cm
zaEHd1+>{_$&r1k5UbJ5)Yy9Q#9z}4XqpdPC5)_7!e#i(nuMbb<indnQPFtaKD&aRr
z-^cT%q8r{fnY4!F_gzVBFcfu|bN9pka73PHa>77qqQ%HuQ(icV8ol#G8Az6(8py_~
zl$yR7E)m_Lu|y8N3o%~UC3{ZoYtgIKT+bpIibVllPq+VUkF32yv4LIV9!4TzQnnm5
zS+5ATW~xw=ZToz>9`CYt>9@Hxtyvy(UQg>Zv?Yp>L4S_sPbXJw)V-7|&U<yfst(gY
zCz{1|e{!3f`z}}MRc_}BOF4|J)|&@3f-z1^OvuSgTW;k;=ys;0LN};Xx~(;wLUC$n
zB#g3|oG85jK2~ZUB3+1xa+++{TU%NZ6B9Q&0n3}4pBt_9uE2~JgYMpFf_2&O2wvAK
zd{k6elUvBpb0NR>j@iNa@$>s>fp+gh*j5|M?;l{m1*N*WI$RDLa00;l(`C6vbqzdl
zG+BOPF=Yu(0}F>F2z>VrE|)6X6A}`9s`Or%obHbhS{{b*^ny>#1K_#6lrs4|_khPE
z5aa7wzU2G$RjiN=4~vM1gmi4u<y`ET0Mtj(X&#S}9j-RGshD_Z+Kh`8KnJ`1zQ1mb
zCHKpgsc2|`3M#1U)c80(Jv9#7$>hg}cge-=z9bY9elUwpqg|zX`DNEpkE}u#&*M(7
z4`t)8cSM5RcJS4y96`VHBY7mn=>RY&5!^g+X=!Q2Y`)XA#_~n0&2B%U2kD3-daI=}
z@`?8A?Pf++T2^A>T?ivQ|HFN*R2?ja%+PENnj|I5z0LN#ygUM4*N=;OQ>27=tHrXY
z4qsZ@FD{y7G{folubZHo39W#*^?S8jET<ML;|a!+(!Dh}E5KKwC~*hf%f0D3tq+AM
zMr{sn{~^E^|5Ds&S{3#wY=ZUfbCA}?9b7(rLVY*E;Lr;mzCXv_TwItDJ&cnp&3E6N
zG;z^{nA}Yi#V5c<O-6_|(qWhepHLp2K{+zD)x;#E(V8XQLPB#bU~h$WQ;Au&C$zTW
zg=s{+g1b)V-68~e8VMzu2R2Ng8qQ7m_Lyz3EB&yQ*tge0K;vK36<T!%>8+rH`_6YY
z+lwDfK&7fiTx|q0@t%FZ{e~&bVX*_9@Gg5BXXV%F`!(gc5~I6$dD2`955Y!@OCJ<%
z*SFJDrZ}x-$WXs{f#bbH(n$(krg^NSi_NB-L6xhA{Kq6~V&5&WCz`7j9sWD=7w~+A
zfr;Lew%%-4soyEn;ssoo1H$`eS69<=e)mI%4cKt_+&?Z0A+t~6j?~$#szeNeMn3h2
z5b1WiVL(5mvs)icq)q0~>DPLD;>3KuKLHtC4-E}!<?88^W@);AoagmY<!Cy6Ki`I;
z@Lt=ZeLojrK`H&C{ThG20`GUZW3Tty->=14N*4j2?}FbpX-v;_Bao4=I{}{}wdER>
zVl*4F!B`Qo@R3o#2u-krsnO9_lUYikzcKjycjt`lJ99uH?r=0t*2B&Zd>~V>qp;BB
zdW&Ds?(GMvL5qjc=JU3w<;=u&*C*uI#Ml@g;3+Z-Pru6rCmsR{N~aRD#0R*0Q)O2L
zc)GwGFht3aZgAZHW8n8GPLUw|O{e=Jtgla)sax;$n7!Feqc(PT$5P|xuPGF`x3~9v
zJjw3#tA50MJXychNxV`;^hp+r5wunJr56-=banJ~APlXwwN)jpVoaA;0eNsxeCEEW
zs0fQuA6&YpV{~*fKp6yYALHtR<g3{z1O6X%mU=loW2m54!p_Q#B!7I!1!UHgAw@Zz
z)i)ZrnHE1I^9PZYq2{~OeM*fKx_GvpTFe*NpMOru?}BiCdk(;dL}cI_uX{5lv&dpW
z9*xncj<C=i8Jp%dQuC?z##R=KEdK0X(8n*jN#<Zmy*{qb0Y-QSHBCRqotCpZU9l#<
zVWxWcUCiT!f|3#s;ScbZErhR8shgIXy3!_(*DA7mb;Uq7Z;|Qj?8wMi?RL3do>&Ha
zje)<No1NYCv~JqJX^xHGbnGC3QgNwVV|sD1QR7+wHwqH^q`xpU0?Q9}71#v71KWd2
z?Z#|A(=uHKLEy6Qo9p?GJfG)XVzFX&2dg!v!xa<~q0npWOV1Y=zt_{*S|cs~cZ=ox
z)n<DJhwah%`G4gO5&@UPYQf{{{eEnGJdZ?}Ls4<M)Ls!xodz8)7$e$t`w9iKY<zs2
z-|uSU{T>VazH3b=qS=0%!|NfHh{KMGnqleuaZ;ygVr1fPWVi~jq@b+O^#4J!pDVP~
z)?VXfHIKyQ_j+%#wOwyKU#-V7nU+%IJZZhbl_<C!iaMv)ZW4JZahQp+?_?*$oojc`
z2>^SWPJKnB;4<<TZ?IlYZ`_9ab>X}XxPB=8<$AWz>UMcHOysvWnS&0QUsL1onqm-W
z2rOTqcod|h#<#_?xoJ90HUbWYf-Y0@iHStMFTx~oftNq%Q9m5;5u}6f+lcu#HUn}E
zTD@^1Gf_xwS(EmM6+PlJKd=DVVIJ~^Igmr;K)zx@o8fo*!!i1EN6&OCU6&QH;N5h_
z6UM;j|0C+11N-WNZs9g+Y}>ZeG`4Nqwj0}OY}>YNw6Sgbp67kPd%yhu%fUW-X7-vj
zYlUtm>?R5W9Y8;B-#u+^f-7lqs`0Km)2T;6o-=H1o1yZiflb`|sdPJ|Ob2WM6UEFy
z9t!EKr80+7RWnkFNa6BZrBX*Y6I0j`-9QOw12hucOkN*q1_rz1St22b9w=CR%;s6a
zK2V$;H*gGg>_rO~O&c!U!V<IA)^-q+AImUT=e4u5{Q)4jBfp<PoPxm=!&%wcA>gIS
z6BYA*w+DsqGxR*a&kcxCqm4Ykz`%$n0NYiNGgcy`_a;A|xRjEYSGSadoE=>k2HiHi
zgp`pHahj8h>-$4vmHI)Mho|Si&bCKG71y-j6OMokU-~>O2+EGW-YJ8Xu-G3;M8w1(
zt#+QGqN=Kg8G)NYdwPB^MGghS`cj2O#Xw9_<MDFNVRZ-y4K;JTHHuu)ERhY6XKs;B
z^iwM;`~?n^2c&616@#4}dG0?b0d`Tfs>q(?JUkmyQ+Sje*+;LypfDNPkUjEGXi9E*
zzheSU1dl%UZ+q~R-0$A6_fWNuEyK|le+z#6p|`!fOr_T=*JvP@cOBh5J36bJn^jTw
z3f2`&6`Ya&!x`Tj&hgU?B;)%|kNE7mrmkq`fJhjywSlGk!g;Rpz2NsOLZ<E6Hc(aA
zIBDPuvsn~KcgvFy?BS|#wS703nk6bgp2*~TzE3P8`Dw~~@{9GLY+1bhSxni<sHej*
z+}^SILi(nKed+ScXXpI|P0xo;m}PQi#>;BG71%*a<w?Dg!AU0;7X7qYz_hD_i$5q(
zAqW0=OifO1Z*2vU0gKS+FodH)RJFw;J<``~bBfa}+N?G3(SA5pDwYPvhYk5okPQxW
z`n$W?`RsCs@bU5O4<D<v`a7Qke?0k5kMBDc_UkO6XJn>Is_(S>et70K*hLdCpwa|s
z?M%Uf9kIt7=xA%_PE!0*3Qd$izz2hX=o1hY-Vfg!ffY3x5RIk>q1S#ko-<^G0+hW*
zV!Wh|;X;bJ{4i5|-jCx6kw?*i66(j%OipN&;15AB@D}1|(Zuw0;>wPL1L2R44;biM
z78Vxpiah|42A1{V_K}{74xDB9lWoA783Bj4v#|BKVJ2lN^F>x(-oD9lDTV%R@-hJ^
zx2jM^VuhT3Uv9Pf;@zs=#C^{QMfjX*$||NZ9~C3;gUwp*)>#W`cOgnmV?h{fV*;9r
z|1I5MPh=BJWTyQ;L+Zu!A5oYxMR+wFhL+hW+03O|r#XHa4W<W0+AcN2^meXir&={S
z1NNzv@5pvE9><}eYWRmgsWQ!Z6?e8^{B^I^+fZVJ1O*X!eKT8HVk;`nmg%%SA1>jd
zJPxBy>gtwcb9i;CG;vA8s?a<BgKR=TA>hHFKR-J??0G3TC|GGLfk)=Am!b~qmaSmJ
zmI-i>S5+-uIzdK0t=8y*UNtr_FwoV_9x}XnI5><lo6h92TJC_I+P@oYQLEYP`Fx!y
z5JM<Z{4Yobg(q$s>)KZ9gML$Dpr+2JVfP8@aj{(a+x4bKSSeViO)HXs%Gsz|0saWv
z*(US`FO}*Ixb8G$zRCZF$7MyVUM|<M+FWnTq1VWlr)0$Sy59b7Z_Wup|9QcoH!?VQ
z`q2KI&c^NLYt;MOf6K4u(RNn{C?y>o9o5zU^y#;H9Ziqq(3T%dKur66zL+V7-!E5b
z1%|?+Su#*jh2USV^nB%u<ossp4Q<R@Yqt4;+wOYt4+ecQHYzL#4241l2wtF(;Ly0-
zrjzeaTRC@|UVuhhI`<O~pB`VJz*d#llV+1;pt};eT)@t^zFhwREF&=o38+<Nd*o8S
zMJGUv-%73KCl^=WEI*oM)4!3Gmd3_?Kjx6A|C-6by6@^idM{UM&`y||nSrV-oj5aS
z4UBY{<tl<mwfTJ*CbVgsp(88325XgZ7I4?T$?y5wJ(X2puA7a9XFN^gy*_xxFwrlb
zy~Q3~_PnZJoKN0*HFd^u_GtiyV+c6xlienVeh7k);lnc6piLswyA*?i!|iQt5I=s5
ztVD5ONA;5b=;A6h^_C(0%g@7xZ5C0C46O1}1w|^2Grx`1AcE(eOj4u^U1U@gBs4Tc
z9nY^{d%NWVLff4^Iehjb*ld=+d2;Di*sYc;eL`b+d3pJD_jY$-J$>}`^+^$cpl}@)
zRytZbU(aktapWJk2@3}o?ECv%K|!H+&jADh4lXdUSJ-BLc(Ap#bv43f>w9aNWK~GM
zpr9ZR4^Kfs{yNVu%cW{KYn6%xK$I^UlS?sgJD}Iy!*f`*V!2R4DO?!Dk=<@nJFe67
z;WQ2$vL&^J!`>tg%Q6%@GBR?ne57lxh=%mrM(v*|!62+r5IBp~QiI=q{7eLlB|@R_
z^4%R7I7tXo`;aXe83J~{_n3@E1Pu{8Y&Se5i~7x3LxMttg@xTcJp@1nwu`6IHE0jR
z!bVf*w9=+bYi$Gth5A@Qobr7GA+(d+(og1_DhR6(Ar+5*U<!<av-13jjRqZ8(Nu-z
zVYlBVWE|^N2ZpWL)1oLNK1VLp`hLx}wklhWo`DJA6XnM|HzNN}04M$wh1A6nEIjFn
zVuZZsWMYbUs(HTfD!7dw;>2+2+FZ@Q%6ym*wR?7+58c8`nXpgJ$mxh0AEhg<8n(oP
z_-u9c*d3NL^=oQdA7=y(4!@M&^g1UJHW=+;3n?=_Hcjn+DVZn~Agc8GF4d`f)vIAV
z_dCW##GTHlX<`j-lUeSr#!)Lbji*sxloR*DaL{Ztn7L*BgwnU}ye>B)3gGZg2Fa=E
zM;D$k7_7Jln*Ob3AR=ES3J_M;fMk%qTBl&yCshZnfEd>>(*O5F!tXkjI$<EUnpgEf
ztAZd-QQ}pK*_$t8@(KT*4^|+5z69FA@B9mp1}mC;J#PM3u6jTJ*U~^irz1DE$h`f0
zepcU=FuT$pQt-IJ5ez4T#7iGk>p`)LNF}&h+b~||Q=??iBllKa`e^K$LL0;*KodX-
z)3oN%=95G6CSATwNFNoq$6n-WVS`&uEZC4m05i?kpCJDRQTm8iaE=}<-$WQvYo(Z6
zrai)=hsRd$^@JZYm|jPBFO1is*L1ais@}0DS~Banj7|xPAq<{&0SJS4u>Cb@MhLaH
zzCs+at#fj2He{-^S)ulo>F3+v7~a&~Aqo7yJKSYE(GR2J*~e*(eK#i8GWqnqMk=IW
z6hY5>iV=nH{SvY-Vd>w~R;%mF#?l=*!`dh{t7Ft!#oI%k%yENO9O2B60}7>SGHnb?
zlZvSgIEW=h`b>_uZ^~1!%CD<r<C$akCH&Ki7el-jb03Yg7%aRYcV35NmPb0G3(|y{
zNS>`mwUtZEkgH%H-6EZsR9qN8gPFClpSKA!;QyO?{;L|y-)&=2J90u2HGOtc$%HUX
z?;@_$J<n^#P6?K)TbmrG_h&eWpv|bpXQMEw-~0x1QM1a2rU7{HKfahSA-rDy*Z0Z|
zdip?pSy|asR|cGjJu7rS?qvxV{jth4JsW|fX=LHT^Dpl5@LwHjZL1W1YDfPaM*jP`
zZVtvhUtp6OqFe4Et^?oKT?tB|vsdi;P(?G7BSo3`-~U_N0JrOor`|#0pjM%R;p*e!
zZvdI57*I=W@_+B+zkupuaN)WO{}nF@Nu&%r5Rs(wKX>>))lnE9mY=g)LBx_Hu8Nsn
z4rT2Bdwyc!cZ40e)g^K5a?1aGr2omuerSJI|NoanEZliWI7km%<3ad9w3e25*c#);
z?Yq#<Rz(2H8d@^?lJcO{H+dyoAq|J*EXeq#|BmD}UQf#MWZK>jVeW9SqhF<^L8Ya{
zpHSE|f<dGIzC1V@d;k%qK0T`6Mi+jzODgP(?>Z{V@iN|zUGVLa^XCJCQf+C&2IhmZ
zNH?kfqQim>3wR2<r;$TU>eQy2QqzyQ+f1?iBQjnhp4V8>1;j&K)OH;<Z`I5zffsA_
z^`k3vmU{goxblAHpyqM@{KprMtafnmS2cC{Xh;}M)R*q^bWhOlnjSaOFXspax&d=h
zQeooHpW+Uz9hur|Yktl=Y7zc946>pPkp9FR^)eUTa(64@mH7oxVLecs5h;I;>6uP-
z0t0pP>VTJ7`H?daL_G>9pcGkX=E--)t$en<FX^Ut#T6D7zQ4Z%f%7x<5Rmn_yV)B_
z=djy3KYw4V(8q)rs0A>FlZV$3I2__#?Ki7$x%|NpntHOQCV!4M>312j_IecxqZYN&
zwh~sQ>*6?Z@G$_E;!R5#Z2;y8F$rBK%*)pQUf);mj@5aY`zk3lwMyfyOPCnRw9mf*
z8El29_i%?IW^ZU{$o~BF6xw3D+&=q`W!OQ#r5}qE@v|T3S_egav$a8&5yGxcg#tnT
zmPk)Wr%<-oTez^WKtN6gRk@KZO_|~pK`4>u-AcXRqy-PFM?)09dJqKG@6X?nXM<dZ
zdirW{Gz|bA0y?k=Vq-a}GUmMM%=*LYoem@n408Gxf{}#&vn<5nUs}3C$b@oWl8BU3
zVIRO}5*WolHE5@!>hF*qA%I@7>OlNSzKtn}R0<|Ulb!Xy&j#Dk;s#8kySl2%%g-iH
zq-L;NiN=#M>iAQ_EUJpT-XAM$kJ@!}{qdr>sl@=VRMYPTSwokVbZ3qRJRf1CSK!N(
z+YMiC+wL|)_hNnpo#G}!JqF6hbg7SM_zA!grN#C7%0Ik-)5gw_sUyXxD3>kTvV1cM
z1#J_IafG?%s!{cd6b?=6QL*E4!%~eRCE2Y3C!yTD^6Zb$q~5jjQ;xv<uU+tE)N23v
zE6xQ-{!T~Jec$CD3k!d^*=}Jm+7oI6;-pc@q&hk}E0wwjJ3H|yDeP{Sod8gR$K6~~
zT=@L*@^rFB!N^F-!SOU0zGrWL-TO%{lhJIqwbOCcJvB9k#c3`NWFz#*gX^6E04DiH
z{mc1ywzl>fYoTPT$Iotjf6T7yA*ErM>qJ1YX0t1=9ng@-;c-jJO9S*b`MK;(0kmhO
zQpM?Nvx`4nEEa$7?97T{DlHAmY$nsk=~|z&+x0@z(^E5t*Jmb^%V_qj>E}g}RBAe#
z&2onv!OnN`SqDaiW}A)lv}7!F^yQwfZ|3nshP<_3y-jB;y>XaKhQ{LJkSi1z(_gQE
z+}`)^s*xh(si1s-RBZ<P$2UiI^Vx6M!C_7p|1bFXp?r#T&~h<PgZ_8~Bt_YHyG<o6
zB~?|)Gd*tisWMTkH`{&AdOv*tE!Y@9p#=fKZlyX)w&ZR1ZYCPSD5v`)N%CNxOiEHp
zDq0kD_N=pW9hmnz2VTbfAQbQ$Ky>r*ADh+h4jkB53b_P8GU#$|ui>^M86xn%6YJ&W
zB>=TVghhEjU+)0hGPfFUt>vrp><IpXyLV|yi~VY?14GvL>*F5)*>umnz%inwc(?z_
zr+k}NXGD9v+#nhCU|>SR<ilO>_Boqi=#i&V+30WqF2BXl;mXCuEkK_pZOV$x_u<S$
zMCAE&2}=4ofPf+RS~*FZd%Mx`bbWjKdbwstbkJ0xmPZGmCY34`%K%`PR}^<18jS;#
zOud4$=BxqV3IAVY-nHxNv8vXw*KTt<g10w^9njHM{#nJ&#Kc5MC{LdXz~_)-%GAl*
zj7lWD_%UZIcJ_ypSXsJHJ7NSooSV4<fxyR-#p6|Mv0w_EJbQf(9ABEO)D{-z{o{om
z0eRsqKl>h=HCLavN6^d5LRU}VbdKwMzJ3CDHR^P@0Dpmwzq&dJZ-yc<AQ159J4IkP
zL#P2D`)`vL2jD_5oyDzIqf5fbXg{6#SF>t)YDy+fhB{f$bqDhloHzRV@+TY)TR>F6
z_1SXG+20C`35sstk9L8Y999cv?Q-A<b#Gyp^UERM1(3bV%#4VD?gJT{o({NmyV~3U
zKmSv$4TX@1A3!>*mX?+#J3So-Q)a(`WcSCfv@ar;^5}GoIBNUlJ|D~;+l8~QoAKbQ
z!nHJmA1UJH!$kG)Aj(#jw;K#Z$ovpNYSb)s+y0FZ_9$VBE685KQ&*GR89Krs6SYSA
zks@~EtLN!6Edn}FYL3C8OegUo)_K|WHg*LrFmi8w+p&q{_{t&T@D`c#NiX7M0~_8&
zKsV(>DLKL^LpZou-}_mJ_Z{_B&E1oGQ}yc(NO*&KF@AH}9kod)@V~J@r#`j=!2$4V
z#+X^B!&9bpTDev+SiA3*=yB4tVaz-rFyP%gSrJNk&3vCc@8kV_VtoAfG7Tzpp9$`P
z>?^c}eZaT&_xqCt52r0|$LFvy>v?l+^K>c(njhaIpd;g;5gvAT4NJ*6In_%!7#SfY
z8`Np-$A*T`c2<(1Hy<BW<48qV8trKlC%`ax%{7gM3+)y6c0r;81npr-B$z2EC@8~d
z^lDa6z`j3*Z|3%RJx!mxnfY7KBJ|$wlw~I-;-R2`o)8s9R=}_loM!Qu#VlC@;LTgL
z4j)VomGILaKT4F{^`c2up_`nHa&<j4DD?z`%6Gnm1z%gJa{@QTLl`qU*0Lh?Vb!^-
z2`jW)kR5%Sd}i395{*|88;@=<-XE3)Vlz$YrlX3;?cfGj^_lr}laX&?>Xu`X1Aol_
zO}=-Byx(lnl&GhCL{fibEH*mY!?CVxsAyTr_5N!_{Zychad>O~oU=9X@Pak5;2Bzq
zQKek7D?VqGMBQg&KE7J9FO8g6%vC<lVe5WZGx^8gX9JQ2%F!)j<R@0}xw;TizoB~k
zRX-eoNL2s$^@<Y*(*jcY3b+i>biZ2e4HI<hwR|4w^k{dus+25PWM%<?TyPSH?K&d5
zm7t-2aY%5miK%IENeNXl0EyR+jKvxmRXBj*jetu==VKb_)r{3c2Rj~3;{lt&)9YX3
zaC8PHtY;p7?lgWj{;vr!st89nw;!7TG)9%T8HvHri<Kr#9^_q@=ry9++G>95=tLD!
zumUuP&?8mEUGJ7<i2Bl4N`!<2gItP`!%2yMy+2-P_3i=q6d)09xVvEr;FfFcXvP`5
zMxuMe(E_BX1H{B6Kxc`nlBdgk2LuyBzF52Z51(IOF#(6)&CAiO<;YZq@OxmT%H>eF
zQFOlc?z%nBUmyDKAw~k(x0b%Q;shQ+snQ_0oBV5sM|y*XdaNdZ`w^DzjzFL6-apR}
zDz5Q|^K~4nuRGdcLz{p(>Dr!!RaJa{YIK9=neVVPYLZ*xvtU-W7>x&5OhJN(=$H&T
z$+yq}Tvmm99nXu8guT4kvzrYbaj?jI4J?rxheTYP1M}t^m@;?vT(|Fy$1rr6<JfxU
zU!8?^7g~h^Uy0J<f9_i0v;6~*$dq5btGAdbYaXT|ZwIC<m2b15ro(~-81KQMFjb2P
zcR|n;cyB57+G<#2aazsLLh@=X&sjzoRF!hiVIzCyW{uSG*f?5gBa{^aF*K3bRSY$t
zFaC}e_}P$2aUJjbo%;z;U>O?Y%uF*mrtIS=mO+gAVICa8G}>*7F<&6BhjPp_l4`Nc
zm&pVno9Qi5?xR`Wt+A@cEf^^AwN|aK8>6&84|br;;(T@d7aFz#{o+GmYmN1b_=~gH
zusJx~^oIdcmsJ~c_0<%*46$fzJXBOx^X=cQt*3I?<e{O#LMfur*fr{Pzc@JTE<4)*
z3|<S66$Pj>s*yz^k?0R+D}LA8yt6)e_JMu+%vixjU7NWJ7Tj*9?{gyrMa6~uXy_G7
zfYkpTCbRo>KLTGsi?D?S6)8TK;eITiZMyfz&p4MfZC;acWljx6MPf|Q>lVN%pr3IY
z-!DF10YLolXM6m-r_!I0QNR(fYRMey8-Nt&Fus7=rp<oT^~BG}6Wji9>c5{zF5^7c
z%Ku%b-4)0jHtU6BDN`9aq!dzxii{M$;}LLvS_5eUi0H4+?n2Ywe6#VvKw*9y`(`xT
z2youmzLW$QC{R6`+Qg1LRXxE_W%5%k$HNivt1rsV2WP!+L6V814<WHvtlmDP^%Gp4
zAPMSU&L~8eFMg3VfM7}{N?%~Es9fkk6eSg7wt9dJGp)fy)PDp;_{Wh2byQv+-inGk
z6yyKcl~kxqP4)be|FY1^q3^LIRi+&4B(wvc+52~SMWv)D?Fcny1FlSk2@>GZG0}6j
z-;g`%OoR8<oUw%vx-e6$2}z}im8;Fze;`~)6Q6FiJolWR{e3RvcH6FjEC0#6g^-~(
zO!t!XI&-AI;iPS|VIGQ2Ta9hSxlJ`)f_QzkvvWk3AKEXJ(U05a=$wWi+S0(PgeP?z
z3!L>6YbbE8gid?|Gj$4-M;(PGG1rvF=O)~B=O#aN2$g&w`)|NxUEQ%$#H%)6Z{%#m
zb_4h8@?7#~oVmR+T4-MtwOtXtMqRMovt>l2+d6wbvaj1J2K>U^_d$Vh%#(lkzDIV4
zxSeLhCX`oW0o|-`6+e_Au|tTGlGE0gI|AoBZ|W~EVth9komR`E9MOFab(>ATHVW=R
zsP)R~)@{&^3*MU(XF6VnJK9vGBUo793{|`xUcNA+(f+3#)`6_1wOMPn+UgF}o_3Jm
zxq7>r;mDBTKR%lB`uhCvk}R^k|HBkeBMvnAySlnuG^>=Uad^Fj0nfC%yE`79u5zH2
zr6wda06@&re{%4d91DA^c8)6Dwp?5x7WnVRD021>4njjhKv-N4vJTBA|9Aj^ub$o(
zAnQlCWlx@GyRjV?2UNNN?)r>CH$;G|Vx<zWbnveLN<Vq<>+^`RAGXA1kC|M(D?}g1
za|OX-1Qujkz!zSn^&}Qcuu`dk;^_ZAk>YcBZ~~<^5`(wWXwd*9S3QE9(qnVV{b-JM
zVG$7wbkye`VBhwBSoAfj1GGIrD(?RA_V)T7HD69p&p-a#4>rri-`&Wdqwh+6J(f~3
zjoF@KQt4&^Y#^vl_y;q*HOZwWELvW6xaj?rQZGznqmqn+ve87`eSYu$`Sza_xZiq)
zpFNz>>*^d0cCpOSr`!B9CY|Gh(Or2B%tNFIJ3p9EhuS1$ZT0XQcX^_3a&EawFbPkr
z)8eUT6HKv1z$i?i(laWm+WM1pEJX?_CF&pBtv$Go4D(n&aRM|Sr)p=TSh$qr(vUDf
zzVlA22|K}qQm%eGfK-I9GD5<Wz|d-48<VUHi~g36tJ26E*#0bYE%MVlzT8Q4#6~i{
zH%s<<E9-n2Vf<<w5)B#$mI)1H8{QfpTSQG-Iv?#9>Q2jCeIi#>&Vz}@4(XJ=@RW6N
zq{Tm4Sd?IUlln*Y+a^d<rDOHMO|<t+nkiMt0ktRW1w!8xOd<<%IXNfI`*&rAqpYcN
z)P!$b%(iNe!G`U=t#?OwJZG&)RW19bIG9>9Yc{;NO()5LKzk}^6<yr^ZoPRB6@u!o
zH(i>EzO@?7k5nA7O{kE%Xw(U}V#YqXI#zKhroRV;3UX?)$OV*&Dng95s@aEY)axJt
zA%xb&;p1$xnMP1Uk>e)`13pC8?wM*t^E>Fn3VCwYa7VU6mlVMc9J1Ldley+#W=9`M
zH&p${NY(q}y_xLMRi#6l7J_bn*;00_%vQ}bZF+)(X$3t6jM^$7B?MgTg>D=b`tSKB
z65z2T)hJ8$rXq>^DPqS<{6Aa~x3~d721cV}oAC1JD3nu}AQV(C`(Hm921Y8mO!`k|
zEOA5(3^Tr%@bF;2$Mat2f&TuWP5^us4;GTr*Uz<Q{`nK)Q)Swn8P@&<olXmyFIY$F
zJ3emuzXg7%-jm?@-%KznoFUd~Wy)~RbaCgiIQP@C)BJrqIr5OkuvKwz(3QGf?OooK
zKc<E6?31QKLyhYCN4}42B8I>5!NN2A$`4rJ^$UL+vIisKT5*1e$B)NmFxG<aMr$rj
zJFAhC@r1U(y81^W8P0M(_h#aSpN?GK0ed^Z+byqYDKg@GZRq%LW}7rJ)b0Y;`?S9B
zWO43#S4XrihjbBi*{R}s$P~U;nzXHo)ql3Nq{LJoLoOL;hL*OXOE<y7jEuF((bp6o
zi&}7O!y!3i<|M1P<9}M`q63-8^&=i~u$MhioWxP^Uqy)JR+VC+G<#R|p==COzaAcu
z8HYAiTeg{qiSU&teHDl?I!x22phM(vc2#HCdb=%wWE_Is@!4P-e1z&a)1zU%>w*kj
z94OU{Zmu<!zobX~Dy8TGiQ);dfL+O{sxFP4@`#N!oJ&;DOMUE0zSS$FpGxWCYik&o
zMf#%s309dh@#IP9zZ`rV4H~BE<cfsGUu0xDLdGSD<IQ~AGH87^F~r5q4o#<1SdEQt
zt>?Q&8?oU(VWJ1YDz>8B9ux9n8{jHz&EY!H7D=bUe`*IZSxuw$W1+>&q0+d-&sd%K
zJ{g?M$W3jWcC^4HNvNA%Wz`E=m{Rigs<AN(?D^046l(r^7WeDY@np$yzEg~<xk4`F
zpW$2n{9|6)NUU4Yp{@=az51L1=ETabfn!$nZG=(cRxo16_qz+9Mvk^<j@Lqon*P{I
z%e}5ZIfs>nVdl-c;axdRkq0erS(TW8<lkx10=3e+N%f(a3^I<}zc*FuO+z6gVU3A6
zt__(MSk<)jtUi8Cg>k!$$`LRrX#Z$8!58_bnM?4KzTOAHP+3;>c=A&cYmlYJSbY7u
zG8=9nJJs+~>5*<x!aXslA`HxnZpJdenhG+1D7!fhuhPW2a3?y8CLPbslEoBXF{!^H
zzGRiO6CgLC2d$w&R>s3mbwP-X$86GUWgBm!$L^}nv{zRJ8aD=SI(6Kmu4B+@vW$Dk
zv!N}5kGJilOa~Y^{qrbB|ARK|*r?ocSzV_i)ACtYUJ*OqiPqTx7qJYfC`#lkN%gnd
z-;6C&a*5f-Xlcx%U8Tj@G#$K)V6L~ypWByYqqm*%{-oVT0zw$j5ta2;Pi?P;a(orU
zn&;6>Q_|P;DySUo^=zLAU2%eQ>yMD4tEfpaJ?1hZCtp07I+g8qydSOF&0wWDk|wS8
zD|Wjzkc6eFPT{D${70d<BTT54;KH}Qu)un@Pm1@iw<-qW@7EyaC4EO?G56!3aA_gQ
zSqG`RWI_Y%miEdm{7Y%;SQ#Wzvhw4WFhGML&vhNQU9(9lY3?WE24K3nxDDU2Y#n=k
zjPvg!v@v9BE#yshl9pQ$Xa@>p(Y<*Ww100_Zwd<-dwYZgh1x6xE0*f$Vq}`7p1q+M
zl9rjG#h1VSCUwovsoL-O%;CiGm3`YR?=`u$q^r;NwuXjG{2q%nzkKy9|0PcGYgDVw
zOM3MglPdygf%|!od#_Zoxx8xRewe<Op@aP%6RV)`U@*xP->Sod<1w+R;^K4R+t)WV
z=o;N^GE<s@TZJ4v0`{t6Nvffd#(N&F#Th&^V!@@jy4Lm6odRBFVn)TlHurM5ScDT4
z@`pRc*qW<CLTa^$K%1R%MOyQVjmgls(n6;-&#KeYg;AyXx|FvYBHwC9Z)cn@0`86l
z^6?QNq`k=vSyJ$p?<<xZXuNf4I0i+M_J$jAaeYY4EJOM5JikH7lqW<Nm!5Z}dBdxZ
z30Mo7|C#Taf>i;SfkC~YQM#w^>>yNKZJ^d`HvX>K2;9??ye$EKdu<&y6X5{1r}x~H
zowJKcP>tnXZCrMrBK>pZ)Ml?3+v9V4#@1juHG<j8KY>0Nl*KSG0(CKz5<x|m$;|3c
znzeR92vbAu9+rWRiVozP&v8$GXp}J-@p-Vie7V_7%iFg$^hFV#hVDdFv2oUM(1L(7
zE+a{fgSt8*yCLe0EE7Gqr;L^Pf_7-3U#MauA)Px6a|O@iz5*=B%3;Z(3j1sY=j<^P
zFsdH#7%3RPuABzt`hJcHC_o9vY|b$8FcPzYI;iO_%{dqV<kVzlZ)KXC1)+~*N-YlM
zJ6|P?0R4_dXTOpvw-rXN{G=(HJuFHgtKbR@*9Wf_fAUF@=F*I>`jqOh_z=mqBZg>L
z%RM*GT0I#!{Nu89ChGHn5ZSPp^wmW;R%#Wgo{h1uiRJ3Bw6s+&eKlah2#dWk&C5m(
zN`i~lDEF@_T<3Hwyyc}ptCev@NJyo{ML?YR(Z6bfr<)AK8u$mrN_<pS{NYV$E%io;
zBpAw&mI~y>!wqccAOXH}jLwD(vpA3n{8Mjd@8elWEJHyvHYcZnKi)9yoqn_TKdFyf
z;$?U^?(fr-x3Jm^{hYQ60zU+m)nh%g={^qDN4~?JZS)!$2u0(HV5>NNbcS9nzNYhY
zyrlXB@>UlJn_D~N^t#}!d#eavy=Gheba#bM0{+Ewtq5dfQ_bbA07s8UG;22X*n9OS
z&QH%?d6&}5<zXB@MPXOF<EEBajP-=*@(w*5f^|0a!-9C%2&F_;GyK!a(J<NXIUFmf
z=;<15-iAJA7%5bS*D8Sl<f?n+o6N-f4aL|LZN{cnS0;E}IPOScN$Py0$6f8RCZ?{2
zUOjMG>(s2O&h{8YyIUM9wy^<*6uJHWK5Zp?MHty0LrWOwx4#x#*4-aGJaGA7I`dga
z5<$8ymnvF%ABq%DU|71_b!y@s`LdC2G?iRanqDBpX+mNRDp6~6R$&gc!Tq#}L~*~E
z@RYa#*X4uu2jj=ttd}t9`kRYmx1a8;uXWcke@k3)lT4B{Su7GH20#`c)~{LICL}G;
zv#GdeFr?S@FgMAsCG=X_FXwS1hLD!S3_;J@R46JHXp|CIDv=(#5=UMhDvCAJN;7PT
zLD`U_J5;dppp=lRPCZ(&C!w}@eUgM?eOS&ThpEM=JUGB@T_~S4vQ6Q&X|Ow}YHWJ8
zjW&3Q_y6Q{NDIzU;3r-E%@}Fw%B|HCT6t58JjA0G@GgpkKLD=?UzP9YC&mL!8d0Pg
z(NBfF5ASQ=H}{Pyp`BFH4albpNY43+Yii3rl9sbvEXK`JrV{&0%p>AHx@mFI{ABHV
zb@39WTyHG6`0QyrF@1<>&R)U4W%Ht>5p=d8VK60F#8;w8T}Bx|YI6M3FC(TlfnYPn
zy`pXHyaG!vi>myL?#?AXU4eC3tNKx;Yh%*o=%!Mj0~)Cbtlq`;$l5s0t^I|}eRgWa
zlr(uZY@PGs+eJk@s{?tJqKOaRuigo^5W=$>sjd`j+j*8}Z!eiVf2_G)nm)9P`l{^&
zd^mW=ba}NqpZxAjLHTo+f4`8ML|Tk#Gq-}bJK>Vz8=3p5Ep?YMXv(+s1#gu0KGMBJ
zYL`W~eo0J{3Z*~)!UmjMTI}C^E^1XJ`I<Uy<5)+eRqs+Lf@T%d*I#B=se9p=G{|jd
zS~Enh)RnukbCB~IQA0E(L{G>ww*I-iot$&H+5h~y*e^A3+34<6e?1rrfONAc45gKt
zS$v4^cr7(uQM2PtW--^o-#zp;b1ls*eNGt?K_)|Qdg}CTDIH3uZT)K+8>T+n>-0{R
z6(bmjY;?3FXAyim{C<4sJAY6qKt6>3Ysu}695j9cVJ5=6q1x2v`=>44(t8zEq+E*s
zgUjj0pScGe_Kk^bKT^Iy5#%G18IA&%0MuJA(bkNdLLAL%$%Ta5!6DlcJG5q<j9~Et
zF;fxcRQr~?V8f{XBLh@AI_BuL^xIN(*Q3NyQ3K``XJhNm(*e9Pn3xp8y!0dwB-*`W
z;StAd2T!M(hcYse$uM7{GcC(}IW)U2)ue2aJExTWvociy$s$qah61<ofdow}X8%YM
z>Q2$tM0f#DjvHynq?k7*BdG)|1>`$~L$$jE5l<3N*or;b#i-@RCz8#LTjwDt8+)Ug
zGZK({^k&aLrs6?{)6@4?3DSiXhL$ob*k+L^O^_i4QKM@jVb3j7O<!`pJc!R6Q$l}K
zF*-zodS@M`VbHTS=iIDa(5!Y3XE<{l!<|+5zFxDzZu8?-`{5r8(*#(B2gFSr>-&Nv
zIyFumnz0ll{9pA(NwZLq+Xua=2Ih$*H+VFgb_6Bh!|$svkSPtGNU<DX!Hd(%_i!~@
zA(5kOmav8h9igyyh}tqt#wj!gMHDqn7eW08Zw{d@xkJHVBUGr0O2G}X6j)ca5;U!4
z=nRn<h{<vq<<DWNM7CE|u_b6pklY028pvpOgKDK*OKRMOtMTz&{XEqJVuk4k3Mq*b
zcfxSt5L`d=YQEm4v^&X4lN;#e2m6d5C0P=q#`T(f<*(00>FclsE5sNBz|r%`IRi(8
zf=PPuTM_HR6hq!7;*?HQ3C+Twxl>J?lToMvVv=>)azH7mWE2~Sj$oZxw<)8wXZ80m
z!T`k=(FjuerbO$9+*}cx4U|sO7u6KfzlhO;A_2Iq1!AaRL<5K@N7S%QZdC`F2}bRi
zR^KJp+EdnseZQmZEnTkP^ARWKvGEwkLQi6eB0D7VP}X0=a6|d&$J6rE#vk22W-}MO
zII>IVW8S9QJWWT_jy=DYcV8ZymGHZ$szwwPX4|4()#Z0(1U;#G3@1l^Nx|&MO;+}#
z(&`3h%G9~HN-#@RjlIC`kVs85nA1sjV)vw(Ql?D&RC9}|*W~@FihW##sX0N#v+&2z
z5Di&bPcmH{)uHdsC5p!#fwEjPL<Dj4ulBKqt$mFtmO!NU`x4C0x0;iEq$9c|g{S}l
zvTWwy<nA0(0d12o|49z!$^kJt`EyD#ubR=QZLrIzjd4aM%G08q^&_dfN@OmgcmuK`
zS`NFAJX#Sm3>>6jRCmYhaMQw|4A@lS`(R{bhXg`QFP4Gx{C-1{%<glf+QuTQQW}F@
z@;ojZWuwt1+J@!d+uf3KDZU8?`?e|}lgzWqMI>ByFb3jv{_OGge7Qdp*yJlip`AqH
z_P|N=iH%_s3&o6E3sCUPInpz1nF0N-x_rfiJKg^97abpt$6H%8%0PwL#4yDOmAn3!
zU(Cd&%1|W5Bs)akTus+br!j@DJSJaEL?Fuj+*#aBL1mIqs@eSKA_m(>8_5q%o1tzJ
z4o=0Zf`{#;K@&)v_taDE+TWJrn8cK%3lYb4|07mdedWA({=SB>u`$>iYO_a5M#U9@
zbba#i=`r2h+f{);i5@SEe0?E0IQ&7jc-O*PD@6636<ei!H1+=WYA>+Uue!2!_D?Xf
zjg@5~*oaD~a_T{nM#T7-Q(8!=eaj|N0s(z$=1j?^?e?WDV>Wf;3nrz#?Fr6!jr)MR
zDfxgxWHNX)0l~rIx)y|Ww?bnEHqjM2qf&aS2Ns-<-{k8{odkq;iorsCRh@5ys)Axr
zf5!@h>D#0<&eeob!2mL@f}<8<9jBNGB8b=&x#O@L7F_fGGk9sq2)D+wlq6P*{8hB&
zCEWTf7GIH%qtHx%OP|bMzVMI`Vrk=Me{;C2?IjJ~m(yb-3Rx+1pN8)ysz~2{+yvMa
zY^|7lmA@pdk=T-hql2J8SRGp?0ebrFxI{2&@^vI37VkDs%r6utMB#9_rB(^7@K~oe
z!l8kZS3<p#&A$3%3P*}7`k)Lox)G<y$~IABYbgxv0QXWT1_rFLZx;q7w$m{cJD)mc
z2!rA=7N_{sdE8YJUpI9M@cS{QH5eHMpvp2IN%9Ya*wdLAyrN_lRge*1o>k`mHrEki
z&}ciV>2^q{yH!cUGMG{gx&DTPqFcKVY*|v%>dA4GUeq<Fy$%|YNT@v=3A`L6FoNZR
zKUlWeUF^L9Mip}D2L{D#!*X+7#hJ{E8<syS$VQtSr3CU`9C^D6yF%IIo~-Kgl=D0*
zLKf;m4>J4tiI6`t$fw33Q8Bvt4A!?(Fps5v8Vj>EB_a<M4$iu#Qv8K*qZk@J9hVuY
zH$7(<ZOPa7h<`!v0<%+EfU*|rv7Bb(Ax&1W=Kr8N)rMN57u-7vn1^J_jcMr9_emEE
zY$8n7ryZE5rAf|hy)F|77=hp{Ba3S2DNe4TrCErxA%sEl7H-6*><}e6(-8vX@R?W#
zi>$(|`ws7)WK*#fw223ugV$91t5k|6raWMmYuiO*nA7=Xj0n<_)cDM)V*V;)XpTqo
zO?XsNk(v8v(+kG!#7hbXh`!KpS0M2mY$pr`TN`>8EHY8U&WUp`&L20(kU_t6xMbOF
z()wD7ZKBX!6b{~-9%@3cQT9;{rq(ixyNC4)He_So?qp}uD!ZDu@~LOzm0P60Ad@tk
zP4Q|)P_;7nNgU{hB5v%lhNYb#9pILdQ%2C!vIKUvWGBgOWZiA%b<R{L@z53{I^+W!
zryq!h7-5Jve2~k{(Z-VHk5hVSbRX}()F+!#tk<d%T4K;0Zg6wproUAd<z}9)^|x5)
z5Tt>TO)U;iVR0u+U6&JlDQy;KXUCdyF>!`yR0=(!6HgDmgudp#(vLgdWm!kMwF_*{
zzBs1O>6@%04*n)Y_a)BR;TX(o?efyV8>3cmor%sTAVJd-3n@NJ`)1~S5gy<qcOP9Z
zZDYx;myI1VO2#T>gxP)~*cYTpq%|VEk8|t@!yz!bS{Ah3uCzmBR9i2oBOjb?ERLGB
zL1SFYkRWH&t~e2+Ok!nH^NTs!V$Z8jj`=B@y#+9a-9aid6^?c!7T~~YEz`Z^mt)d@
z*&Jgk#?<k{N6$19S*KK$bLvCC;+;c5vQ0G$cKxgTr>dl2pHk5@&5hB{$*qQ)C9@Kf
zyhW2dlUC3?stA*ZfCkh&4awMxoSMv#=&wD;i$7F+Hg!LEUAIGdE2PT$97_ZD4_J$_
zXMJn*NYo=N-e0=+GF~%cSFN7Zb-{1-GnnR-SBi=!VH@)sJl=L@8LnIOc5CAYuO0E|
zj5Ok<5j-9R`|fyCDM$v9jr$}hFc1lm*lXT(?siGHYo7uwcU5z`336^n>(ly7Z2hw}
z3zo{Ckwotwu6oVgU0V^=m)Y5ah5^s+cGL03Eaih5g9gD6A<U?-;npLi_7EbA%=eFp
z^K(7>$qS>O6X4v$AZl<>IW;9di_eD*9&5}NgW_2dOx<&n2jb~WJxQ_)iu3%&4CZVT
zG*QV&hpSVhM!RBDgJm?57F7*TN495&S)3DT{Y+&;tdGt&Xbta{yj)FM_K}7^hr#Kn
zh2#q?hSTO{=r)v&te_*R&|!2;o7z&Zx!LEOT+Oadul#I0ld?s!m<~U(JaUN$d#1-B
zb@_6MOw${%Bb^&#D{jy4%?a29&Z4jM=ouJ{H@Ot=J*2kw(=VC971A|7Uk)6r5ME0&
zHJQlY%lx4dn4T(WujYr+C3p*AjIul`-NnpW_MZ%4CZsV3P}9|Q&oD^{XhtOKL=%ue
zhI^}^L!3QQZX)jva-8q&)MijnxdZokoqrY7uM>EGT+3(n7HH49xuT;P$B)!kO`UpW
z!L7J^h`Wf+8y55aOwzK8+bSxHCk@c;*5kYgS&ATR^9cD|b0m<4*Z#XyOD2+|ICC=l
zXV#l$SD1)2WJ7{lD|w%{&1w60aW}%aL}2hTW!;FIGlA~1%*pXuWyp}4P^LI-m$M#)
zgP^!3ED4FA@Q{s$y80;NBw*u-L8~5@m`IW=sdr&QL~CDJ|1cwE_C~GB-)-2us?Rt$
zGLrMlBO#yCfQA@}_>&QiKU#FJN~@(&v&x64Zz73{nwhzjSb5s&p)O!YRUseTvwY=n
z5@yU(J7liMZdzj19IuFScuTFzEo|$7duR^<!$8rthV0*5S(X8rVyAB$HUE^%Ahyh6
z8>&!SI9fpYH-`IL<wod~1yUb!4L$P^Ss_diJGAOS*ku$8)8xoTjX%^RLQlDW6wAqM
z3Y23N;bJ2sk~=z;e&6?_bZO98T~c&?3XcRIB_dAstMpm27WH}~9XCWpJ}t9rRu!JS
zi5NG11DD^wcN`y6S*B9dP_*{V6|(e@sxCQ!p7f?f4^bH{(lOd!QG!b&U1n0gVO;s6
zE#B@imH{Xn^3GRio4|b-b57`bmdh<UBK2gkC8X?7tD0@58pgoNbKDFfl%yH{GEPyv
zli^vT67~5iqyHQ97^YBsgk@)vSZ7fFFFRq7wqQ~vk5PTv%mL08_X3sLB!-v$$J-bW
z)9I`di(q}W?yac+bY?z7F=o9-z!tG48Bx_pPC69$9I>*Bx?#H(KXGUH;2#sW!_cHc
z3^*<eTLMC^NBNAh1NQF^H*qa+@mo?X;@St(tUjk@NMS1Szw7gACasBQNO1};BglCZ
zV4fO-A(uJ(#|Vi0e61}}FHpr9SDeQ589a3TF9ne3R1j}`9q08QVjQ<NL>H_c76vp(
z%Sr!<ly;)2Yx=(^HmAL2#dH21(2%O4*@VrUU)_*Y%X3c7#YCU%4UBcR^ZrmiC2snZ
zWkY+sC1nh1tVj9z)}y4u>ua{Wqa3O2pB5Zf(2q>Gc{Q>ov-wMU*pa1HTr>Uzx<n9@
zKr~JOvQs1Ir+m06diqRJ2A3Or#LcZLzucy$cD9A+0BEwy(s?!oIm?(R80B8laX4y0
zwxN{>r-wXhl;!|t6O0JHEDMP$Ix{;$3aCNnvvQ8nzACAg2bCuH_(J5Q2`xI2P)sp)
z6{;f3dRZ}!>uDZQuU57GXkr;UQ7*-}S8#<+;YGi)VoF<ju^e4do{$wd4Jg(te|vae
zt?7<z;j}wf=%uobilXh(UILig`!T3ZcKE@swkm1&xccnaN%KNko;fG@8&(|jLfd1J
z^$9kKeMN8?ozXhyC>MHKCcT+@eXu{Q*1~bnjR%JHvIoRZ$@QTLGEIUizLY*-&b+Hs
zh$S<Hn9{5zrTYFkk}dpOqOYSoknA~wF<p4B_I`)^BxHXggY+>g(7p_XN6pQg0`;W!
zx(b1AMT=u)7+5kD8Be~7#!E3XSfnG-Bi~}8spuZP6<T=`^W+OfyJMy~L0J&aiv<-L
z&WW~E@VS@q^^?M)3q|jtavK$7)rny<I8iP3cS$l4&8*}fTlZh@M@cibm`G5%49Zw%
zqNpi}*QoOiJ#t2E2s)zeE-ptX1wy@&@yNt07&krN{PFEJ+R>gTuZ%80ChF8_O&ebL
zaKI?b<tcNE)r1L=G&%rY@|T-BcaH@3FtaFjU2SuiCu%gKH>L<hCo@Q{k+p@^v*q-U
z6a>eqfBoppwEcGQ<31V~j}Znh-zG5$Xft;<{2gF-@QhmH<`W_yFH!v_uk*&q`j?};
zK|&B(DZevMj5s!{4lW%oto5@edZ%IbY$67UX?S%a5vpiggdwtb6Ekz@C}0dRlq4&I
zMWIIY%li-iCC#JR)q)Xm*j&<9z<nTkVHF;dtriZR^lo(50<+B{F!yS?&Pxk27F?pG
zK^^@FEY~NLzAcIDmsEm2t)3Ly$5g9Cyo@{aLJ+6flV=`U1=$Il1eBOeVOFN9=nhGa
zVJ6sLLPEi*`OL3e&cg8(B)9DLZng~+)(9LY!D8xYjZADNenNTSUao{U!JPiE0TU^D
z$(aUI6ui|L6k#nFS3<H0aR}3ZKa2}<%c)Jvg)bLT_Li)tf*_#LnYGWOpjuw`ryNJf
zuZ2iK+ud@4aXl&jIg?CsoPijdP>M-~s1>1VnKdAqSE-{JfUr4u%Y0p+jpR&l;O1^<
zW1!KN|7_SMhEjVi$yO_3Q$(GlgejT1qBXg!t0nKz-PLSzjGU*?sm4t(9mZWtlOXyk
z%ksn@)U7joFJ*tVJ+}Bof1ybqEX8$1uYa)>4Tp1On?g5L+s^_9HlVOpf<WVE2kn0p
zjI*5AVLi@}iGixpx<_qCgGqAo^wGs~JN2S!EX`8GxU6g^LcQ9rT|oq+l=t4FWF)do
zzw4LX^u?P3i}f3J3DCAtC=g|p>G4F~FlNr;b_4j)7ktxO|IyrMASAbGi^M`3Z}D`*
zia3}Bjd^Tyu+p)6=qQG|Exf@UMhctXG*(rE%k%|tvA%hdj(~&Eu1~CUZO&xuY}NdU
z+G5H&h&?F%z)a0!?csv?Wnt|>Lv0w``EDqbM|nxS6Q>rl_WUO*_I)(J`NB@VHRxaS
zRJ=+d1|)~}K0KnB0@9Bi1*i}SM4~i)u5%HnHAUtqA?yITJwg_-hoWXxr;-X+7|WiB
z>yH6d*0heWg|{m!IB;~~7%71Cu|vWN0XA&2^jB(_$sC*y5qD>}ZD;`gz{ya*)SlnI
zV+I}b*qi2GNeTq%x;wSoP_iP+Rqyn*kJZ`5mc;K*Vzz_utk90rK;P^oZA6wSBzGwI
zE9~?6tORhiiN6tTu4@1_MFB~mBEO>IxVEaUbm|J{2rW>_2r5FQ(pbc!#P##fTk)U^
z`5t5I<Xs?5DY~T|J`JpLQ8OoOmyaTUE1rCz;){Z=U`B{IIJl7YD}sw8wUT4G`07%w
zAcU8Tc`!L=d72Q20S-ttVwsGl7R!qk)Sf$+Aa)rn-bPii(yxJ(WbE`Ss`eDIKC(4-
zF-$KWl_w>laHPze$+VpSgYerY@(Dh$Af0}|tO~cKY0)?IHW}KYb=s}7%KTNAYk?&s
zgHPO3nR!PLN#1oD6uRz&JyQA7g&ZK{a{CfkjW9~rtZ-P&8v|qhfUKLx-*wUfMnHy*
zle4w5@*I$naBRb+>|R{~n)=D#9s@_?lw!wo4o|4s4L8$r$Y(0*B`m=~OAS5NHq+jP
zjSk)|hUoNeWJUBGtY<_T7|Kf}6~u>F4;nnc+ZEgVq6dnO&U}(fy%idbL>S_(+gNAD
z&(-(tT)HX=T7?2U-Q?g$s-N*Ra~Ohr9L63WyTxIBr@qa4c4d2;d9@3VPsunkp&<2z
z?2P3Mpg-0Sec!#nQnsqCY*#-Pw&#hx1D5tdvZ<ezNmGO(CvCi?=Xd!jqb6I|z$mn9
z(q7$cUk$$Y2#af<ZYdoD`dG6Je!uDxV(6T+by7hu{ND;n#yjh-WDRO;l{!3XOFn-0
z&#7zGshGQ9?i$qZbuDr4o!zJ?w9pY|7kt??t0Bauo7D&1V#<q#XFndX{P73~AKx|<
z^w<3LSM?`vLAms#xbFT!V^3V?P{l<=WE1EC(>CwA%eEOtMjF9_4iBeGz?RgYO~Gg<
zh$B6@yzB<%IUQ1Tg2H;D;T@E8tyS~5XlnZVdOwMix|cK7zOJIdzw&;wY1ue^`I*kB
zP4YW=XEnC*>pzYi`UPYMWUA8mFv!@gDUE%m@&l<K3<>RFCe;4zF7Y4jkY;PRFIb{M
zGXgUjwp0Qw6{+Y~r$Q~ChkZ)1dd#@dIt6%0RXaj8fC_znRc_32Y;?<&_<&BE*-6lQ
zxBAG*)I|d5td{OX=M~qLBb`UKNQCrp4L(c^gu$qvf1oO+vH5}W&pQO{b?Dcy@oS83
zH^fjXT_iu>nSxRtNb4d3O|)o{PitPA8f>3#%m3a3R;7;qDTqUhW>xQm1U_;&*vJj_
znM|Lf@6Kfg@%dxyl*C+~nxEY!^`7E^Vls6$!Qhv!Q(Wq^%*SIA@#n94^}ad1=UvpB
z)Yu`vBEUiNI)|;5lG^fQYxRy{c|H~Y3tZ*D*oM&H>aYJ@kATnjy-*_YcNqb<D=in7
z$K`q(85tRf!`F{^(;&BQ4A`iiKfFH`kG?oeTFhEf<%8pUY9siv>c6TFf8{8?quyzS
zZZ=nN6WgLt?$-Eder8uGzYNm$uqvMaMDmLrzTNQ^21g~Tcg3Mam&*F-0*tWoem)y<
zVzOB#H8ePRc(fsID&+Rtf8!%VbKf9Wx~Nou<oaUHr^;+$dE*oJxFAJ?evi(()EoA^
zkg5GK{$4WK)DzVg`5fE(98Sp#8MSIe{3$rJ=Y#26F`XB{63J;ny?f==bN4kO4ENu4
zxkW(N+nme*7FzFy*TZRYMn*<f7G3Iue{2FN;B=iNX#%LC%fA5J%8hQHweFAywmfrJ
z&9s~xyCzLgP*6Q_R&Y&=qq9+hjHs4G<+t4pKzGK}xbW#@;i=`$y#rH3L}abm77iZ%
za=ytbxs(3@7|1;;mdSv=KsIK_j(&T(vijGU*3<Ll7v4lc!Po70Fdj!Fq^Hnr54C7I
zbGczO6798FCpieS$q%_pI$+A~Mxd@l(x-rqL=i9iUR0@LW}q2dh6vU-r$)N>srr=S
z$3-Y_qcukfuuE?zg{M$aPRT`{KeGR85dbU7h76V`Pg$r~2FynXL81K4&5$PNMBuyH
z=x_sAd7E8c9c^t`upvOw%jWa@1O_7nuSZsb@}Uenxvf(Aa<`rb$ZJ`HH0*yfdcoyG
z>%q>?&r?RgLO}%^y}fFV(x1b_j0hHh9l{|p1H(ZQ!L*PBNBFWJUa}G%r)OtJmzTCp
zn%gCWv9<0PI}{JWWZ(I_FIYYVb-7JK6Dw4GOBMjV8#@L_{TUc4tPozGQ)6l8#@>H<
zxWK?GS{9ejPj+&2b#7Ahe0$ZxBOw%$(plFI7X>mbzsX%rqQ%jR>4Vxsb@D_L6O$ZH
zUtD$WOw@Wv@}ODbJl0W|pP>6d{tob`Sfqz!SY;7RbKRTOjp>ShtbR_l_c7o^MXvlm
zWW8f_UGclF-L$cd#z|u~b{gBZZ98e4#<tNUjcu*iwr$&I{`cAM*?WvPpVyirYtEnN
zb6vL=tJ$>z+0JFwS+^da|L~=LA0(ievpu1IND5ojGXicQR*h?rTVM^)_2&F50m`JZ
zyu94w_TY-0fdL6RdD;2{2(AVY8$j6u2sya?KHlK4=)u9k+Yx0^T=n82BjJgn=l`jE
zTV83hLmK==dA_&AN9udC2UERHN<wm;xKe}GY_GyI+Em<hd2X4b;T9PQ^PlKAX1^XN
z`?Y!t<|im?%#u<g7{Lwdey-L)p`zpCW2cP_Tue+;J%qENJ7Y)Akkt`%dQNWcTZ*4z
zFy}H`ZlL;k6E`;pYuX=mb!N7Dm9R~Cg9~6;kiGDTzX-he;i%5Zqhe<!H~n5B(;f`V
zSlT6t6khFlHZeZqv0~_S6ON|ncP_t$d_bi%N+SJIkP>Ofyv1jeQhZCM+1Z>}3HIvl
z?JWSRk^#{JAUH)Mm!_nr->5U21WY=$7PI7l+v(;0^c%&;({2m`WN$bI4S>X*%$0sK
zMwI>N(rNu{&saWiM{sTj#5h1{=HX-(!~$aCf2^i}r{F(#QG314i+zcpn?cR@F{`-v
z5NN8M+MOh<tS-GT_s7Q;e0-gDhy-|qgh*!|uZ<NyYiip3-Wwct$=6%m^lA(_Gx7MW
z-P<0{ffIy-aem!SXBg`Y0C*OlXlJ#hbp}=E37L*%ma3NJ4Zxt0f4$vkbr}WpI~L&=
zD-~8vw(I_R^y-XV5((t;v?8-aiq_WUj82m}>7RV+!bXFU1gxHS-Tr}qy$aGMPrO!U
zwecGy{2qBDjp<+Jnc1$_i`BKY_7xXPp|5${ZkKC-&!9oK>T<fyEQWv=V67YhZ)}hV
zDjJZe@{qQ53?9tmex*PEFR5Qd1i)|t69M-QWP<ftbCaW!Q=|1Vljof|7S^Ipn=haH
z7LmY~(}ow)5RZhztE2T&H6II0y~(Jm{o8SIL<XxBB7%Q1;4K(2XX#*n<aKk40cykl
zV{w!$;_|#3>g@1x@#J+rSgJ9aw=B-$c2zG=j=YQXdPEhA#Dfs}wvWf<es!4R7tkn|
z!S}6oC#D?Xskp<-`ZN;4Oa_?hTy4A?@^|u+!=EVr16_V@StM>IeNR=gwY8o7D+BOc
z4f;J_w@$m=_@DO@N=iyHGcytKx$t=0?cbiRVS^2a<H<I?Z=*yDfDV5eM=EAIk!jJO
z`T6k2^;P>dZMN9!@p!$^Vm2TkfI=?2J1rpKt?kXW>UVkh*k}p^tJMO$x={os-KLiv
zeZ4baj1d+U@x9(pk;!0%aLrCif+)i0^+bn{CzDFvXmRoah%i#I=u8fW8GupB=JSz^
zS1l5(F~2s{zXH1Ov}MC=@#Gg#Zb0WSp3yWkG2)w=2<}qx`tgdpSS4gO;pInwd_<SQ
z-a8CPE+}}#U-Y*@VOLj^d|IY8>flXy&ESx~05oyQVfS}!po;ze$iBtwU!SMx!S2W=
z>t%RQ^_v-3ZX@6bc4%mB2J)o?Znaze<O&?Xgbc5DM0!JFo(@(o0Xv1y=LavP%WVul
zwaN&9csY1HYdipc7jx?_-}nDeCpSr>K=1gLu{V~+tnX;O*@+*CoO{+iF`2~+g({oI
zm9+c9LN^A<?|DZ_!7X+)kil*TxQGAa6K%9Uj!e7!WoTzdm?fLy{#YqY-2zNB4>qeI
zNQBqN#Zuj(nl;{>GPAM!XKBo&0C&J)K6RKwM?*#B&)oKSmd)!m;pKGbUrNdctY-cj
zV7B^1N>tN7r%|i4o-0uRTv4mQ0A;_`eRg&h!}mf-Ol&Zj%?kzw7DLE?F=>R3#BsD-
zclZa5A~P#X4=8vCQPfGL&?hA(Z*(}Z)6uaqGoJ#}kG%wS+&^V%Vw_YGRG6mB{?XCZ
z_4Rc?^#-Vgzy;uOnC8~k3#=AxH*|G>on~cb0=dOp^_N@w=lH-M8X6i3%5t-V5l345
z4Z6DH{r78NVLm)QJUlrGfQTq@aj->9Ow^KBldeuq1(YWOGl6-%AyDAp0JP(F@iqV)
zFy`t4CFJxvZNJXDt2IKVPwyYde^CS~pc4?#$G(ESLn)VGVqs%1HOc9fz*!@G9rRz%
z=5|{cpLYR797NJ7^g00T1LzW%&1B&wb{M7YtL-lNj$*fBk*i7CeZ0?X_lsq-_IRh$
z05M+p51?55?D!aFU}=sjf%r1@rx7qd0#mM8=PlwKE|%K*;NT)(Gj$Ov*Q76e^6%;&
zUua3Nu&|IJH7Dr8W5plO*H>$diUFyLkGFRSB7XAQ9*nyD1;GWKRztvn+vx%?3oR`T
zvl4wmoGJ|qf+z03z<l8a`v1lWpRjfw&uhVzV}1;;t!ckXe6i;U+Vqqtp6wqPpx0`I
zj~_N>YBsJ>CsI>Zo&#n&-OvTt2@DFk%&W&+e)l6H#-ZQczX3k!?r6HV^Ch7mW9>!x
zA~l~X{Q!@@UNdV;)22bah^e$JBV*dUj}bi`h6+H}I%&qhwZ=?sA@T&lWIkTXFn;y<
z&jIPvf?v1BDG8?`P}m{|7>|CI%+1e>lwi5@2y9IyOx3M{#>4lEqal&T14*bpQXQO{
z=sq1EuYUi9@$jd_!ocwF*gon<3{Ff+76{PuT`rop%$k#p%3uir3ow>#-*W||f~n&N
zy`hL8l~Uz}b`K{G99*;vV3e5CpilYM5hCE`;smkWeT6KHp-(1J5AqQqNfI<79yQDH
zy9VZ=*N00ly9qDJB*|)oT+AcPAia86gwP9!<*lm3rj%S`>|g-oRjttKVzydHpD&BS
z=jQSlnFDMhpI$u1|7E%P&nx4zC;YR)pWb<2h`0XmE<nl8@9pgYP%0a+e+0S?V7LN+
zRaFa%W1!>fhIXHWsO56&{`_&{*QhrijxUP9^lSCJPltNE48-370OFh+BpwV!0&Z7r
z^(h#B8FI8i4I`tvx;neHX0SxSA#!do(+j9Uj_)BupO$}B*}R4`YgeN$|3Mo(ov-58
z-|EiY+5&+Da~r!mMjJGVUfNlp8I5u)m`a^5vpWP)#G>&KVPOLjf5cv<#C-i-D9-V4
zef@F2s26k#^>F!ke|`V(0ETMKf(`u2oYd6RxHzzsi5%`nMk<LsdDSX~-v0Uf-5CDo
zld`HjD1dnHQ5GJk!9w&qovYkEK5luMCDZe6d7CAZT5&u2VgiiZSj?tlK}-zV9GAcn
zV)y)gbh52EkKzfTky`MNm#6y%U=`Y4d?n}irS<OoqWA%@Ozc)G)&TG!pO{Mr<AMeN
zxmHX#2J(QQ_;mXMu|GhD5}X}<4CBZq_h$O%Pd$1)6t#{QBwTiA*9iAb0PXv)UhrY_
z^jR+ILri?Yk*o|`?(^~X3@9vtP6c&U0X$QnbpzLH0+#-MUP{5aL9dVJaELHqY%q5y
zKLF0w1r^oz*<`WrPXg-6!ufoin6|cyIdX{OgERn(@P8bUn$M}}`P~9iEx-*#6Jk1N
zIS(+nhDK$;{%Kjr>uN2f#w~Q(9FN0(3xK@6_HUA|!t4PxW``~zDr&rZ@kBS+I~JWL
zt=drV^Ua?Gay#`d+o^6a$Ch@@hGvC=LHm5wu@@nYw`=AJ5nv;W!@Q}{a?{2Rg#cav
zEq-32P!K#{qHoa$7-MQpM%_#&<heOjBBBuBkQOaRt>#Lms||X=-d_bg&7X>;l3|Z&
zY&iJB5wUTR2zl||4v4m<el;I5JZ+5~&+5bchS=FTx!L_I0~j>NJl!6Esev1qWl}9~
zH~cmUe2amgvdgi|<tn|+=4OtIUHFmyHoVUTjw5ezPM-mIVzRq|>b%}xynyErDhduB
zK9$FW`p0jS8b5X9#<-D@5$$ICJb|jm`+IzDSG*hRc6?x)`+wCHelSx&Gu8J8z+#<h
zeF0fnM1HcjPlsPnf1!W4jHUjhQ7!+XNa;SL?g5NL1%PfrE{Crhy$qe6W9k3CLYnDZ
zKJ<eDg?^1yvfru^`vqkSEBMbHcxRhWLKF-L_=3PtVPHl^N5@U;nwr=_&%@^aw*L|(
zqaq^oA-l=U(b2y`*+ZtXqr(k?E~>e*REuZZ0L(gv9C{<}Z*J~yxPHn6fsR;R<S$P&
zc<!E_uy7Lo$AUGWpV08}OS_46?Gj&>gTEXSQQXm?p8~dP;a{OE2FStLL56u2-R;3R
zp2W094hnJomcdK{jN*1R>c8LzZy;9TZ$M<?kR4!5&?X=<^F+ncfY#jnnHfb6n0+C7
zaoVwRAwv!%n;<5Lu7~&?LuPFiY8`EzvU>5@soq{8d7g;=NP}j3T4h*><fJ4GI!s3X
zpm~(f>w>6QNY7)y1jT4vrT-i-tEOyhEN_2RcCPsU?spf#S6*NNOf&f7vs}<W2WY89
zMMW-0QvypyL%uLiYe1;L*=&tphCj)fMz52@AoLL`fnc@0e-_+0O5yw!a&(pl5u%k7
zL^c4QnC}bLJW&5O1M!PRLu+{Z_yp%LLJF$mmW&P#4#tVW(%*n;I$*hr8mrPVynTOH
zaUVdm+R0sBTzv3kxjbG~=YV<O&2oRZj9I0CeZbP8rd!)ZbZ|mnQj*>M#((&pV;2|N
zOZG&Sq81%Zgbfn=?jlVpx(&c*|7AXTgS)1vc709e0t_4LwI&g~<gKK?x8Dc;%zP4@
zWnKoGWn-;2_KepZmuXixzIi`SVm+NupEdTum6bRiG=<$+g8kF>>`YcO_S1N-Y8=-k
z-YyINAK!|`D`7wuAK>%E5_Lyc#Z*MUf0T_|Y5MB1oOamn)zCeOb>CLoPVx>X<(2mK
zsZhANL^61zmwd(_y><D0=aX`bu<F03VPGUOK4-{1kltsKjI;jp-vblS`mYavMS9Ww
z&!+%y%Kuw={ik!(y8eF;4VYa1XIlTS3;dUZ<$u0v{6Er#{}?s?ml_6Gxce+btNuDe
z|6do=r9pNbk&Q20wl>wk9K7x-_cX90cX;*uUmyAS2AqD5nX|Cjt}V^at5hxOHQR%Q
zz3TNA2LA(Q9~6gM<^T0*-JTWy0$lhIHk%bdT0smnDppn%@`QJja$rOL{PGe``ri-j
zzw9$o7Ip7o2H5F?dK$c1U=Bb2-wX<9aB#xZVvoCWJ*R0z|Cit9lfnvXxc)!4;lG!r
zRY-mA|Nr0YM`68TOFK%ZT?4qZKkP76s^uYis~?y@3lRmM5Dl?caUNVSlCY%JgYPym
z=PS9i2dh7;4c<o~0}0_mM1Z}gN*w+TbCuub%Ibl8MwliMfcC=+o_z&&Lk`wpA`02e
z(8@q)r!q%idv`|^caK@mQx<m6nqRHB;Q1BS=jHtMD|c8vW#u%-gQbTxe$X2`_tE63
znLn+8I)=hCWG<zQ0(^iZw05qtUp2Ao{BuXIB`#RVUvo$bXleP0t|~1Wu0SOi@O~J)
zSG1R6L&l(*5^VpGPr=>oFrupz6|yx}?2wKF&BrsFfVY9wzKugc{$Irfej&2q$kz;^
z9E<e8|0_du#ylHMoao!zr?M}deKpd@Avsbr13RKSyk52!aN8Q6X_aDkEP=cIS#@PR
z;`#V+KeuM+`&i#)M^Fh0A^L%Ogm=I`1xF7tQpnq$^+Xw1oH1s_vp6xVnR<QoavqA9
zpAU+5`4vaTBV+s-8C7YsuRc<#)2dxqr@R#2Wdn{4IY#tHI6y_+`3O#Zy{@S@XG1M%
z{}#1|a+7!Iv(4|{TI<xKy!gScS5v$q&g%H!$|syrkAiE6hlYya4k(f$<&w{HI_p(T
zI#H4;j^9FYZNp+1$#zq2*ms*(*F-v)59<XCgG;LL?Eg0PFh69ICI_q4Hf{HQW{j$3
zwZn#K1>qqRI)0C>6crjZ+fARsCGl%!13drTgU{@7%69EpTl@@83xQUD{@cyG!pKtV
zX^>lERx8BdoF1;wg9uyDLl(;W;#n7Bxx!QKC-ra(|J;NfpL(k)l3MpB<(r>1-sj^@
zww)QB_Avf*qW;}9da%J#G=phW+9&?Y>hrx{N#sE|WgEW_sL;y7q)Q0R9M*ay68H7>
zp754P?om)``ojm(2d3h4w-HxUfzM1~hB8ExKby_)y0!Q7@<RYWSX3eWGTUd9LF;PX
z)hd`^IjY+wqFC<L9slkd{5V{hA&%^L<;61NM}mr9>$GLcja*K@UX$U+;VPojzrm@Y
z(ZR&mn_j`3S=?Mg%qpXw@FwQdrJ_M${9*hj#7fV??hi&4=86%>*Qg^CoFVyZYNqQe
zc8zQo3+(hmQGYEAgm%={x!$lWw{l|d$K+_p$3HTiZz2#L#wNtm__BQbmRGJjGN9|U
z(M6n`#@ZQ}LbfRf_fSSGY3XT+{ne@q=SNV%Ww$sUlSQogF5xFHf?>QPM|;vRF%ZYw
z)xg@_Jh03rRw2Q@_euT$AL(l6d@f=N|0^jKaZg@m6yec?5bx#VWSr{1DbK8j8UZWY
zv1VPf)%{Jy9%GiJUuN1M?0uC>yShzX*^@h#4GLQe6OtG@;8Zs@wEqXk{g319f9iwG
zTH#K@Um$xt9-KZ1urEn_C=S**%!9g%5&=uHvTX@tockl<M&~w7j}7aMqAE1ZGPPx)
zhM-_|BVyozVdF(bDoiLJ5DRx`qVLd&=3evMh_;4>=IdSN3QaR4;q-}yhh7M7`_nu^
z>L<2zcs<C)_9Hcgo1gUA;3u&&Z$C|vylybhTeV{#<s40Y$m5hgb~x4;y);>mVR?VB
zh-rL*xoR24E(>^&7#{DhW`zT>C}ce1r*>1D>5f;VDAjN!{`j4j%tf$H-2g(XMn>j)
zRY%*h1sVBp5De%*XmYh)@YO>oao;6!`wm$XR_$2|o*!Hu(V3PwE|-n98Ud$1<(94Z
z{xC-SkG1ZmPAR0sECI##1)2Bf?<ad2gV^9(jvanYVzxm7Ew!shL>hNIl}OUBSoVF6
z&r2qcOGm%->^Ll@l9SBu*P=|wDxe2S*(Y3_Wmgi6S7aE!O312kyiAPq+{*lZkVhv|
zLniO2tezuUGCHbbP!$-o&)6Vo)Jh=y?yK%W)1f$f1}l0k>vWdTXQlZgSGVFz_}&<t
ztvU6Dl{t}L9pJa&p#G9mn~&LgQ$rM1Oh-fK#Cp^8r5JTeH#VitfD&~e^mc(Xs<>+H
z4hcRA`T^>ESVB%#bd5T_Uo|?;{`Q77PTxuJ^R~hf{R;}OC6M`4r`|Rmg^^tc(oBb~
zV!u%BL*9lU-LNAORwmx~Y9fX*d+2nS)tcsfG|~&yB%_~}9i&2CQ}0CI@W5|0sJYUe
zJ}$&d<k<N5343kNY~M$0;4Ld1I2ag5h?fX~ZW;ZfV1i(L9gHKlbnF#M1#L4<zM*~D
zr9?T@@K=)sQ=|oT{qaZEpS129Sl<Xb&m-PvzIuS1g7i%>DT-{<O%q{MP|u8o?s8bu
zMW?Yh&qh*PfRDEi*kLnZEImhMgu*L(o9LGN>V(M1M)KvxiD_x2?@zah<Lmv6PvtW@
zS(0S1qc#1Iw^pv7^;dBRT|P2pI$~?SkzWL1ur&}HNL@gCeu$D0Us#~gF2F&BtybIS
z@B`Zi0}}DFaj@d^$sVYK$Y6O?T+WauE_OQRTYAcPVxZUIAtaJc!s&OQKNI)6WVgNi
zZ)H7H5#0R{rJp95Wddt{VS9Os4coNiv%r3zz|jbkCa)_+w3-E<GK<_DjI0oPqG8;L
z{qb-93hFV$Nu@eWSW^Y+>0mbosVdv$mt&g?8c|YaLw_1rP~eDz=hp=^1KiCKlC6rs
zRmksgsz-l}+QcIyNR)`?dTZ=_>}g+lhQ{Ul9--)+`oD?=6{hB*&V*ln(-y)Gt*o0L
zaKj(TF)&9xOcdcZJ884~bY^6V<%Wq0e$|**S9eV7&ARzG=?FML7A$snp~bK~Jd<i}
zad-KO%23+=Onr$LTX-W{B2R73N&#*6z*9yZ78tOsdDnjic8$icSQfmTPR*l*d_hL%
zv5-b^H|sl7`9*r)CYXbVLB0nLPIk!Vd<PvXq@(sWZHM!6BIom6E^e(CDx=LZN5(|n
zy^~nQmWDD41^sOKHK8K41#9y=i7?0499An#o&`c)Pw*xgcXxN-6ySKa7(XYYD)-F3
z3wK1SqC}c_m(Mp2nmEA_Gf>s+?;exI{!OM@95&+=6+3&=e;iDU`@otpboi%ayzzfY
zYCReh1ti_v+@d0+$j0C7#%t9$UL6zHZ=N%c*(G`W)*2^DpAL2~R!<wP5BF&?4u&8o
z!mwJvoa*{Y$lO3jr4HZtwfQ>O*})?0Kk^k|##KBHJD;xC_7r@iayHgIcSH+wUW#R`
z+|D>BN;*gb+ndw62Gt&NBrjL0Zs&74wYqMrqg4ik!9hN7RaUu~F;&^>UDt!(#N?9H
zuTo3otK0m+%_EqQ&Oa<pqjMP6C2wH<+}W$<!+TtGcPi73Ci7{xJjhFTtXNWI-#)#h
z&s#-nH`6G!t+%>Qv9^k2aK-UNebb!~jF>pzh_hXY<z(;ra2>A@TQ>MPpScGv@>8EG
z(U^a&`QlaY5#Kveg#Z(yBHnS<|BqR;uCL|^8O{66?Y@~EnHPkZJ133%houwAj@iz5
zTaztS+zYq|2Uvk*tM?mdygv4d5ypR?x5H)c?*8{xSY4a%P%%&7yY_`1pYy%JA2`*<
zgH^j2z0Ok%y!|2tPy!Tz^FVwg;X?UJ&1H}v*{F{<T^2m{QUeu#aYW`yo6&5t4F$tm
zw+aCeN=B*C>UAgw8Jv>S#w<VVl@gQHnS_giPb)CJwwDnatp`(qGKkK%TyO9mt@lub
zq0!shyN4=mUl}sNg2lJ?F)EQmRE2NV^?d(?(ezuK-|c?6BV*BeEn5}T*DrDf;NJ@g
zZL5veA1;p{z+38}A@gAH{Ua)WtiNmP^$zcqyka-B!rsbPflgf;V`^?*1s_cj{9LZb
z{sR<4lf5{WEiS&FMTKjYad`&;cZ82w504JK9d4s9bYAz(PR^<P12b#Zl;PR@)i&oL
zbWJ%2p~C%Kqub!3$2YzkwFbA*dI>WTLZta~jsZrG(CjG@Co`&*tD7!QVP`b2YE_%*
znL6J!I$FOLPhKp0u*XEg-0s55;`w>r-qn;*{jAyMkh)dca`zbM9fz6#4;J}Hw(yPr
zoE7=sOd`!_m+mX&BJy_>L@s;B!xg(lJFnC<rPPFpp>@&#pFAT5f@hEM7a8_=rU24i
z7RiikV{#oGK<%+z=f=YWJi2!Eu##^bEJ*YO?QbPZFpE_$u1RXrylNmvZ^DvOIf}`3
zBJFp<cive7-A~(VPy)MR9aHwf9_D<N7I1_$9^-s7L^N4mNHa*!<1nw!z2JL4S|cS(
z00y>Ui}wfobymIkJoH}6^^E@ST=>mh0sD+qU(glWYG#q5Vr+xM@))mKf}>OR-=ZQm
ztF^0{4?3KiBhi}5Q&n$|7teS%{nX+J*pQo*nm{$hkzJB+QcAYxD{gcgGdAltb}m6y
z?y>BaRPQFMf1@&*uxc;Nr+X8Q52ylLYbV#vyC<%p7Nd2<M{bqkHmhE2FXL|OS7=DO
z6COK>3D;Yjp9kr@kO*j4b`|1?b9u`7%w{J#DnEKCn#x;}Uhej4dfOiHM~BAfr;@e8
zYbQ6oQPFV0R1uFzw9-2b28lmQ)SEqM2xPFWD3=;7-jj1&H@y_`bnww*UZE4Nw?<lB
za3Aow;tGuN^LvZlimQdXtmnAI9<5flF7`>yE(=A)LJG7ebIttL;{;0A6A$*4Hh4WL
zeln1f-CAe_nl{*Fz3f|tv$65SzWN4`m?6F0^&Z$zOy~(ET^RUptdV}5wpne}IlxVJ
zw;nu+;;tJtZ^pm+46us<HnQ^2v(iBF+0thq+3GVCdrdE@4A-4@^HJUM?n_=FMv8@~
z?5q88sM9KYMQ?0jR&B&VE%bDFwTHK(E!eN+VjYI-w~Gu2N%UjBgO0fK05fUtSA|ZP
zC78$Q=YFe3c}U$o==f)%>p#f^a|H<O8PJiq8027a8}FVNf7hE$L?kbBaM>Ns3aRP{
zO_EG_Ik?NsQnIiJZZTUk$J*L}C>FEJL(S3IP25?x1GCkZWjgfbHc#D6hfDIq#Pm@|
z{v2k5zB7h$O7=q+=f#tp2Ygn|(o-?FJHns)4sj4Ysd{RDyykOzCQ=7gPu@x}QoLLp
z9adF&ScE30u!?HFOowBEs4ayzr63PTqM>9mLikJmt6Lkf3e4SuD$Ki#r_KcsDtNN<
zcJT!-BtcuYpi;6AF5fw;GiVkSbw+Qk=I`KdgHbgfJ!_&#YrPG#sUc_5fNS)bg@nwU
zR`1D2LOQLM1UCsYcJFK3Nr6jr+?F#a-zUrC5gjI~&bKUw)fk@N%x12Bj|*42b(o*>
zhD>@(9eGk!KVxoPel15RRw5m3*qlz|Vk$jHyKGi2J17(+-{!Ew!)=~?PVBIfL0WCh
zuA+tBe>(T#2=Bbis==jHEDtt~HE$=BzEia8<?j2Qt=1b}zZ9U>8qb9}yfRRvjlfmv
zwWX<9SM$EB%ZfTJ6io|-%KG>zsFv;@<VC%|Am}_?x8H|WYSy<9%HVT7j_PQ;CGDL*
z`HrV)4XZ|c44Pa<=iK6qj?)^sMVFs0*gY-xu}Eo5Ea-Si-9bi`9egw>N%8B&6*uVe
zR{z!Oid%dpgL`G8(|Njw<e-$3$z*k!39C`E;~AnJZe_R7Z?f}k`I3llGG2xmon7M|
z6=%qBuEp-Y)hx{%j$OBr&1kUeFGcRNoRz^o>p1d{rwJxgr_Ol$g1HI1%=W$Z(GxKX
z!I8J~?R3wAF!8z)3)=9-^SYf7QHQJ<MtS1%n<K`LY+Pn10n;=HVi(+G-zl4^Fumx^
zpGTu=6F{2a1y*c#Asy9XhIv_ObM=z`&VcP~Xu^i>Rn$WG8sCRem487_a$GKj8j{au
z-DVg~%uSSu#wK0*!r#N+vrS6G*Zc3MAqaT)!?kk!de<I~l@G&FyHbmvn*W%KH~9eq
zP5?`>99#-BB~gh*LswH<IX^hVaz3=KbHxShhOg7r*?Mw<Ik{3|oWaZa_}8R=pxnk}
zKMY7Qo~PVxabGK13+Lpl(yrC{^nPMy{0+Rt2FO~DD<U)bA#&2NPgZ1t9x#+RffQr=
z?s&g|T5$aIP~{1aoAcE&(y$GPp|am+(B@y`WHMdizQvN&YIp8Grg=o}<0|!Q5;=WL
zr+gWks7kimFf$>GMuOe&-sQSF+h9c_kIsDGsEtH5`k2KvdU1JwP`l6)a5yPIuv%D?
z8D>q|_u+E73#jtlVZ!21=Wtzmg~OV7bzi<PI%I+yk%(tHk&KXxO8pqVYZA@z{U`Fo
zKz`^}<^5TAFWsNwdSPQroylo>6!J|iR|6|1dvx9rk+HbRcjI)t$@VX%(m{L!;UqSn
zhX56s^x3Mn(Zq%B{l<*l7S#`0zon<?v&%;vA^ZCJ^2i@~ej~6_^@`xj4F|m<Wo|cm
z@AWyd-&xKJ?4;n60}{Ct#Nf4SKZw}>7>sAIx~x^lB|PYPo6}F~a=0w5Vepf-cg2bm
z2#1w~gFvA8_;>_dHXy60puYYNIC0l$bv_14CaO|$%_g(2uqq$VW<Li5n{H+Z%QZVL
zEL0y37_ewRukBBExlg<FQZkeLOjj3yFI>(R$MBBAfnm4+wT(A>!|lxU{lH05DDhZ0
zP#|=BI7tZ9Dh!P}0RGehv6#O_f0;0zswDfld2so1n0>dFp8HiV3g;yiy|cJGHI|AV
zn+vr&c=w)fA>=d3#x^)>@=T>0q+%KZK3jFHbxzWdyQYLVttZkd!05B3nsSh9$Io=D
z-eX1Vua3@QEQK4LUnRERTJUqk`sUgbEe&rc#a>=~oQ^u}`Dm_%t#cn+NhR#HQ*(^!
zuiT10bl0cC_Pcb0d*wE*k8u`v#@40lHq0p}PiA>c??N+z+vVs#c6KYD?Qa!08r20f
z2P_Y2CyzInXg{L%1i#^>Y<w)sp?RM<P)T7u+A0_womJVK)5u+@GFaYG@PoD&(gNE-
zr#W(T`xB?xY_K!5%f7gX<EC)kmJR7LqE8;jgTeFZNWTke3!Uo7;T>;FJf2)J@2;Lc
zbPme7pkZFff@sw}AQ9OZaQ2U}9Cu_fH;<_rgw`>w+rEUtiFHhuUn=MM8eIgM3fO+z
z_&|+j_^6(usQp;iF0eoD`}^4OzN@71aQEnR;_@AKe8|h)WMB(2o7D@iH5uM9>U7?8
zx^ne-uuBPoeWZ?ez`U-XI+DBBL$+?ki#zab?a+>ERFBRQ4If#)SS<U`YmM3ST<m~O
z#CB>UCI&jpGhvn{;R%{oUfAhdNSpw3=Q2Yklq9$xk{`F`iO%`dIZtN<Q%3)*?5imf
zo-bRS*sH;8b4{CDV@S+k;-s}uows9C(1KBJ$Q<)22`L)={*9t$gctjtthW1q&kwd(
zpC>6y@PdX3!-~Y5!ya6RnSYR`?^0hHg1aOS^rEgG)ZK^&6FoX~E7JLOr2P{-V(9Dt
z>D;Q<rqLwjd)Rrg-S;JTx7u9ztIn=8r4N$bVdo5DIUHV{40R7FNoc!>b)}_E-SXyb
zMBZwFNKUn77hz%ft3CG0Rf^T6WCtPVDd;wS6nfa3ma(67I({N>Y&`B$j`3Qq4r`ej
zwe%Q6glLwa85@T>m+-lNXm%D)D#O`+47sM`Eavr8%ei(>H}Gz@l4Rq?Y@%{C==Co3
zTvmn@+~0<XvY+UXul@ep-bv*8n6}noN`^CmwK3uXow4!PvmmF+3^v&Jc0#^L?3`ve
zc&)@tr}P5%<v#n=zTI4X^1%qx>D_*ho6s%hSkIP$fhO4Z)8lzB%u}b<#ap7>*Lo5B
zl8rQ&JvRyJsCl^0Vjy{PpzS4up!r6)#C#Nl;_vbbVh&)zi3pbpPI&E1$5d?-qQ}F~
zez>#0<aCgzk=3g_eDTvRp2BFe_MmVn<9*q+0bLIvA{_YmC0-)+aAwoBw27VXxK#ea
z)~Cs&o@`#O_dI$nLxRzejF(-AhSsV*=fR7)T&zDVXK3!!WNFpNi6e)dOST#vlZ~RF
zU+s50+$A4hxo9D~LuxQLe5JSZffieAVz_~;aN?9=Nc8Z0-RbUr8qEbsTaKr0JrwZ&
zygfwnVeRdB!R=2T32gz^Z;r8VtA3-&bgNBvpFU3KAVrMk`TLcdof$_OjqD_EtKF4(
zy?6WE^=cfu#^|-@_Z!wzU++vcUDKc+Ci`69lu)!ZSz?9Xta`*$#TXMcp10dG$aFV-
z+oohdEhWH7;(%AgLk5SRy45G=?4e0=!W&jK*80!4w>Ig&<S1|w4m5lk!cPHXWDUt!
zIPzotIC*2_b$$)LS?Q$E?98f776@y~Lo#Dpk^cVoTyEC=&*>!Mv&lMd>xqxEiaD8_
zW`E52Ym8WvWA4xOI$T1@=VP+@2W4o!M|A4c+Rs(@WVJ@O$EAnd#Ho*rE(eKbr7uFq
zmZG<g^$lwDEe+c_{xm}V(JnjM$|_Xxb|NJ9W!QEp&o3x+Mv|0%-YWQs6L(B{JAu2U
zf9$9Rjo80OUm%kd^3giO`6E7!frhA3Bmo&~#!zI=py4za>u_JFR&J934WB@#PE@*1
zHgJ-ck@allk913%wQ!|gSD5>}r<pUT6pmerS?RVR<S)W^;;`Ty)nUghqo2n{C-t^C
zmvV6|Brp|(7?yM2&83c`ijM<BV-8Fw=psQBe}&pKAp_GgD)>FhWi}O9z0rT=ZJCX3
z>{@#45ppU{<x92g49e9yAB4KuPW$qjIor2*lhxEyvU68e8w957UPoyH?*Z=dYtFkh
zn4^XZQ4Lgz7=LveJFJztrI<n^tY2<0Zglyi_-?#?4IH}SsGB!r$v}~ge}7u>nk7fV
zo$=dxg75_L_XHK?@J5|WS>4uf*Nn-=o6TA5a~HLC|FIvb&*Fl~$a}JvC@7WDU|JHl
z<o#ltDRhB5UoNU(1ZTyacNvg!Cf{2~b0RC>+Z!NbHXD1}>SefzJi5<VG-lQ6R1jiy
z>DyxEMoh^NZ_(ByZpn4e?MNr?eUUJr9LEHe>0YY(V<GCrLj7QgxaRTP`|+d2*E?mS
zN@5inM@AC{O3qUrGDJzcHc^?~YIZo|vH2mQ68HO#vaTZRpk{|ZiHzXOY_Y5c^xf3}
z!)Dq~pB|7L?3lRd!EE^}yQKN>)W>_XgK^waNYsf69POf0Zy^msOsPVXUYRCSaGfH(
zfp~8Z!stL0!F-X>XonipxGFDuZBY@6P!eX+%_G`~8`9^okRB%XVztVx=G&3^cb1Yo
zx^30cY)+Tf#i`Qo=wK(2Lmgi1HsF_1!q|cz_k$*EiRu=bYO2&>Ha|~J>Ms@9L4jHe
z`-I4ZDDtWkD&w*8xa^qvy~wCt(?+k{R@(O9oDGN0#q1PMr9aCcH1keo@`Do@?vKaO
z>{zN)csl{O=56WOs>Ke)Q%7AeLH52kk5+uz&)rX>XLnEpo;Za<mxIG*=ZW~6r|hTm
zx5`9J904BKBx=uS?DM~>oMk_z4#{bZrdERRIE}lH^_sMh3(p?1`y3A|E6|Wb)fLmP
zUVKhMqzR|IW-En6RBg8sDzoNMQH%y$gTx|wK+Oa7Co3dpYa$oS5Ya15FZmoy3eN^n
z=*ekJ{bW<lHX47<y@O>5xExw-FNqP}RP?=iCrx!i7NO^KTM~nEnP?<jeVlS5V?at>
z0{CW`^VjP@;ZzuPw=dTHub+{5W0r1R$>*Eq+QqF4(l1XCp&pd8wwW(az0ZX7ny$<(
z;^#OxJLi^cxTowE^Q9`JY80Fj%&9&G3BW+7N`d1ZBg%U8(m%sl2@a~d1A*t@L?U^w
znSs`Zd)rVW`+d83FHOFE!XU&XD=y5kKe;5Ux-a*X<rpQa$!5zpi_R$#o5l|mqK+7&
zn)6+G5$8k9l_*nlm?4b7iU`R<<`r_-vS}1jLkt>~qmO>sHZ4@dYo-e@ez@4UwM=dq
zyt3f8(U|Wra4wB5kSrIbS6Nm46_1G)KH5_BTNRGQp9BZK_<4zOlGj{5I>p`@(fV7E
zo}oC{aI8dg)txFa6DfTH5l_)hHnTSlWfMnKzPd2^eztO*TDgp@43I-V-M`EIT|@#!
zrenb&UCAqkoR=;hYL0NRuD?MFi*T*W(wH}6!O<Ub+x2DW**%wh!p5Kb8`;-7a4>O9
zrK_?Z9$@9z5p@AD!ZVV=>1M-ggMQ&jLqD1&^a9+Q{_PiVdmc&d>~iZywcgt(>^^j8
zJx&tRs4ZIU#}H*VxL$5<7Gysb+aVpZT%Fe|(yvLHNLxjB?5>UIE64gLmsyuVLa6TU
z{QxA!N;zO?HNQ2LO#PZ|UcdV#z$6iQW(goHGTLI0vM*aX&HonYcTe%aJ3_rwyFcs2
ztCaYGJ_z?5M<Rg0QDs~={m*fMgQ^g=2$nP~nKxAC3=uQ>U{L3k{Qh6lcEWH)8)92R
z(SFLwO0Nkh3{^6%8ZUu)nB(>9uDkkWr44}&e@X!>A*XjIyWJ-vHgO->zn6<{7-9wr
zc=L#@-LdD-E!W#_^Sq>q?@7}6&NKS7%gwh_KYdnC;kins>GxTBK+h)XRDgDD2Z2~M
zKc33~^deh(mbJ~>$s4~?bosk#@$&n68No0e=wR)%<?b!tU~n~D3-eDcW*H-6WKx86
z;I+^sM@xyj=;+mW4<1RI^3uc_FWf)SQUu7MZ>);-FeyUomv+DT;7_-r$c%&o_0C`w
zs(ldMuv!o7sV6Dw3Lcl+q3=#saSYm`FH1;SX!kxfMq&QbuYZ_<X~tyPl}p)|8-$!j
z8uEgt&r)jTde>lDmAkvm)u>;c9OAFbT5S|p&?5yb-3YeqI^F0KxE!za<;MqDh1PRT
z+YSl--f47QUKQG2mto3UtlEf2L!`q@g5eO~L0=+~CJaFY7BfvDfao?uGD0J=dZWmQ
zoxeA6WW-D>&wDma$vTo1e|dWsWh#jz61PPJ!&vI*7T@X=Mw!k5AR+#-l@|OPMrE_Y
z@6JcO7HdZaLXfVNSPsuK7<JONGZ<w2zVSCKMSc27lFnER8|G6M@;SbCvguqELcQu`
z(?fO}lryd<pSmLxV!z@Vj;BUOHOOh(8!yE{ZGY?FBN}WsR~A)lklf$a-b3TiN$*R4
zdi<JYFqLb$Ql?O&{DE4kO+4A<W;qg%FZ6d3oQqVrWP8)o8z?eD3y-H!DUGo;Il%k|
z_O0=0YhbvY>7S>uvbi9D;0u}6Q3eargFWaEarkl8I2BjMAe~92^jqt8)LWH-v-*>*
z%c+#Q=h#I?^qFPk-y#g&9b?h+i561Bgk#s*>9xoGi$$AMa2?yW0y8UCuSm3$FHEH6
zaDMw5AfA=QQMbJ`EM<UjLfInWh*@RLhi3qiYByA);v0jV6bF>vPrd(CmW!4Va2MPv
zHY3HkI!}jKFN2~dFfd^Hp*#Ml+JkXO{j8VXKarghqu2IlmWBOl&;W&~=is`dE>e)r
zig>;bV=Y)3D`0l8#_QNM)uB;m-aOYN)vLpA*Xc)BVKTc^EgA)fcKPYOWj{W#zNP3;
zs=9;9;W1I{7GIU9yVSA21(BVmGEhHYE!6W#Se7}oRe&d1SpE!})_c>8d2=5q32HVM
z8X1?)%#{(phin+N&Ea>a2!-<^Ns@eSrgB9Pph-7-)%dyQ&5XkRj3WEB2`(n4&-{6>
zl$rm<eESW8(EIJ9yi&&M^iEXyn9~@PDdm<B7;aa!)SN<b<Q)8)BRmO@cd`Om{-1K#
z!$S{EOO)2Ue@>Lwox*oVS36AysY~`|FPq$mAfYw@GlDKJkSsvtH!p)QvN?%E#x<>{
zHtXaz+lGR}^sc_@g}BvRguT1DTf{Qf_IXQmBBF@RzZ*2WB;&kxH8qif$uFmTzDWY@
z<91%I<mr@jQD0A>&0$W*o2n-yWN;G_CBh{s<)JM(p*lE1J+)@?cp@XBJ5ITpK9<%+
z3OQLrWj199?4Q}%k!cQ_v^d7WR-n1p$)lLHTwQYtk@8Lu@O7`p!^$p4=XB`T&NQ|+
z>+}X6vGf(3syUWJ6DI{acx)|ph|7C_spM^cyuwA}OJl3GGnSWMc$e}lg)dvO7<G76
zpb;5X(Z<Lep$vq)v*@zj#&fr2u~}9%g}bxUx|T?H4qJ0MnuEX+0Aq@#d)fAOkMjJR
zsa0IL2dX$POeC_tIJPQ9IGNiIfkzP}C*F{?^*C-RM^6Yu5j0to_7bMHhD5R<ny0sY
zphtOWmpETaXmi6w7OqhK^$`$yNN8*rmEK2M9*0C|(G+2gnFSO8We?f`sB9eMh@taC
z)k3}K)XU^ymXA6r>Q>gr5dqcXG5<fiSx*Pl0q66vY2d}syUXeT1^YK80=`I~bp2Pa
zDVSO1euf2Abghah9q_K$E!WY>j@}+ub$_24&uEBQEyw754d(0aL5b+ZJ2|tPc}{YJ
zR=o`t{#J6r$I;RsDf~@M7CZ1mM1K(Ota0t-xr7FtsV~!pWl@p%F@@9LHS73XmP6kr
zSFISgu8Q+OBEI!a+{QA$+Z7<1;UNhK{Mk60wLI$<y$}}-aC?r|4Wwu+MN9U4)Q*NJ
zc*bEZ!x`D-)77F&Ot5=Pq~iUHWRbyYla8e8`@Dk>8eX?<B%1VPs7{r^+^`XSs<dTG
zi}Iw)N6cY&nknJ@R!bOZg}3Xnvq+eu-pek7Gcb9fKpw$+#BErEUGd|+oebPhvt#=B
zqdBHSu-F?NiiN&jH}|+LN46Zu4BB$UOb{4?&eCT>bM>bsiUk|`_S5Gk=z{bw0+r7S
z<J$d4)@X3aTnbj_V5$Z`{;5itLrRU1r}|C2@0y4HRr@}S?%HEO<$4>E)?AJ`|Gzk>
zAJ*7a;_FXV6VYk>pqMf!_VVX@!`TI!k;@zt@80k8;TV)zHn;d8OxRJbB-X4M<%KpE
zX?fy-0(Js>_vuX;-0s_VG3X!aJ*A^qCh$gV-={6J_|s+_ycd%XMI*x<YViCF)nAvr
zzZL;Z=yje5W+zKolG6v)(!Xi*d>Tp$nK<nxt=JczP0Q9wBjNRj-B4!=sag6>Sr5B)
zdX=3IkI^RbdUFOU?^wyQ7q&99T}_ZT)!_*-@AEE*>bSz{iE6>8j;DEdNq~+-z*-t-
zx=rFr435wIePi+iH7KI>kIKYAEsM#Xa@?g8aN04gn+$=^2&07#ROKeO-qqnat+%?K
zt~gHJRj#H7&0DY^j8`f;ZI{-inE5reSvcRq_;5|&--xc%Q_)Kw_r9v3TN0)}YUk&o
zjVt<#a<>H!h@cw1B4y5XT>}V44kmWl^*#05?%Lk6QfMUJT)}%-&o|11iM}!tA&n^V
zx~#Ya%!uHf3AxmFhf`b9)+pMG6{53)q)`t|=@VIHHkja5xE_^l;*TMUSqk*dWsfs0
zI|thX%r<T)IGNo}BM0`d<sfyB*U+Gvt$#aSW@lc6wicUZy+lHnra%9<p<Wgx=4~+e
zqI`=`n=wIyM6z9OE&4caNm`wtUulLC$i!_hXS6w9-LR(CjQ4(f!sk4n^x-oy=!*h{
z!D-P3y*yXya^Wu`S#17Okq*;K0Sm-bvBG3^KdGOP;moR!Vo0gq`snd>YH~ZC!dxWd
z|N9oA^5_-=pT$;rTHZ-#8<T~+?|=5P4MkFUyGLvjTym%CJJTT(<1ee{>|HRKx)DXH
z6h2#bBR&7@QmX#juQ|bWd(5rY^DdpGg#n>g*y(-BV(#ui?1gOZlF?U~(CVXLoEz~j
zyR)!{As`i}c~IhY5gD>|bS$h20f_Dk+9Y_6%V7VlCT?yWb+OKcS-jR3_XLD_P6crx
z5pdVIu#PW8;a2jD*=?H1=g!2Zy0cSsrS_0Dd~dQ{WqbkkOF@u9mV*0j;}v2*EA;sp
z*}gV}znSM?_n*yHASN7}_bXTL&SNS1iG$4%B>mHLJzdQ=HJ3H@6p$z#;CDR;=ug-@
z6Q4qF|AR9lNu#aBYLOf7P_rx%p|FdqQsr7cUpV_T|DCN|?c%+xlx!}{jW3O<nsop|
zl>EEfks?jszVA-QSKf7tt)NHKNJT^VJQ(Z6cGZCbD6&Gssjxg&(m;~kQxVAK4EUGs
zB~6#IVEdk9`*PJ;M8KAaYPZ?5P8t&ZU4?gy_n+qa(JzK%w?Gu~)NxN8d+&A4pI~3l
zr%%&fWYV8nsD-T9&Zjuo&K(pzWgWD4+4<h|T}!yxLnSpL=>?``&<ul0rSzBL=5d7~
zyof+*eqMI@CBo<1BsFa2?A5A;{Fx4JZb@E22n0(4{`RY!I4%QAp5yre>lLPfWqQ(q
zt=HK66gD%bBv$h=2-go$rHicw&Lh2jf_3$uTLv~K{jE>~3l%8Q)N8GGM+f02m+OAQ
zBWnZW-hR%H<ldCn$|uKVOq!Z^_zJv{5yi*H#7eK^@aL=A0Yn>o8zK3bdlVLqn@bwE
z2W%AwlY`HqHeSnLJq)rknyf419P%>|UUHjX=6iiOC1o_#8@y&;VDjcq7XMteyPY;F
znO7)~LcR{qxoELJDsH=II$LY5e_p@$eZ`-xeaA&86Vr_JEK)O`g}e^PPnAB1UD9L)
zeWNAsP!reg)pY1i9Z${ID1aoGfc4)R(Rn{zC@qLBZF9an7)##tdkRW!bG?}Ea)?5f
zLqd|&1DHBA)qQ@41+Vq*gG7zc`z6R`@>UM%j4nJ1>7MVpnydb3eA&DLB3Bzs94NWe
zpSFWha(r6oXVi6aWw#S(nQ4GdIyYRFY0SJ@bg>i{>x8u0BcAMJ&g$%(`VpoK1(&GH
zm7>D6cc7bz+xhrF;^>lBI*-w$jo_QsTvYOoxnLRMymz6S?WV|DJ_W-0!`4bvx2Vl`
z6}b9z`0t;o<o8zgc?(4+rZ!q}!Ey;s@L4bLcJqwXl<l5^(v&0)RvXm=2~dxP7sN6r
z{kSeGSDFY`A}<1=;+fvK>}6#;n^O7%&q4iU%1CZ7VaIE&0u#NfI7M@~@1i17QuHa}
zgZEaG=RbbK%^vA1jApQus>MGSW;$4|=Kl=aMuGJq=uhdxzE^Gt@<jQtH7)32|K}O_
z1RYW@?>LER^PT!9J!;|zX`$BOLh$e(i~a*sJNT2;JpTwe`O(&Slu&FY_+E&ZE{}s0
z782|2Ah5?OJ^J4EjaPe#sso2u+D?I6eXP5S^}?_ho6x)CgPpyNLXB?}K{J|RrgWMf
zWiSS9B`XN&T8@MmQ?fGO=bRLVGtt9u2Opl;@L9@jcr1$SwSKr(aup3kOkw;eDy&tk
zD!pVlS|dWGpR?F#@hyDZ4SjTsKo|$6PDZPCnoBa1pI`_jN)%k``PZjwc^<xwhLwot
ztlrWE)mvLjPnHIqlox9y0^>Vl6kKB+HW6I8348_(CyQai#+7!?m)lgV8yz{qsI~>B
zV?JeaQd=jK11I;!@8onsJjwwmR>azxETv^7Pvt*4r-k1}x3Qm5=xAw!+S~w|PqL^M
zz*4EGsNgVZV~33ywD@5k)y1{fQF=pXaEke#tP8ZPM>&mNY_;BxkJ~gjj4C%gx8`&a
zx}I-l#Y~=-+^_~lBRV&$j|D6VUQiGEIs|0Mt1&xYPG}4U6Bcd4>kZwGBvT--iEm!y
ztb4I>q6V~@Y%LmA)F_h}%N63{1bTWtRTe%dWS3Vrj+UIF44)Ts0^b6@Mf1M=+XDNo
zI^1i+qp@uH7i1Q#C9K=P{Iu2%9^E85Pq2%|k?poLEV8uI-x*k2T~&0YT%+K<y?l4J
z9?H}7>}Ya|*QK_EFZ!?0WvyZP0`+&hJ2%V%rfu}5wDJ*g4+1_)G8*8RhxTgYdiw|M
ztW`rgIocReslKR=gR$rksmpTm*3C7f=5ZBos&?!L)o=P->Dy@Wpootfx}-YIRj)1&
z-^XT*v9YSf|GkBN_<d@@M8)-}WXAXo0>s1qH%Z4VWxNq3hBxZ|IPFA-!nfsl3)dy!
zDJq%KfM{vN)_Z{BWjQB${o(7MY_&fU>y{Y(a%&%cXF5>&=<^GmvrQBk8$yD1d5`q!
z$bB1ae6MwnW@0`stMX^~xcT||Sl}qJ04e+<cB4t|b24jr-5NHG@7KtC<mlNtchlsU
z+eD_<gwkT#&%Cjjbhb8!JLjNu`XSX5rY!OdC1m`ugD6Bh{e6DVgY-vLX1Fd-_D0MK
zg$|5k*|Q{^jwwwbv*5fdhWB#fGo!}XSStdhIoy)(`%kHShpfJO`iGmy4(p6f(ucNK
zEp1gg`uT6PNM8fcFioA~N|lP4;BT>LjU%fk>#0N7s$PslauO!a(hJLK={7LnpGIg-
zGB1P$O3NrWiiy?_wpfv}664!#F2+o7U01AKqkEeEk@o%>lUl#SHWB?(oPGm;yC8%w
zj2voC@Q;<m@PdrQI(uuVL-5z%FT=uQ!$+hGj9H%vWHS9cZV2&&rq8C}o-2&}?4$Wn
z|MKN7D6=dFUVE7;45&74@;=P6@(NU@oYmR>MwT7x(~|{$hDJq@z=V{b5aZB=$)BpZ
zC4RFICG0JpP2}V|KoptHgT*Lik~Hs4hTi^8sw(F^M&%dm!Gb?lov4qfT%V;3XL_ra
z5?d3Tud$d8{$P1#eK&!FVnQOy9MW7wg|Sc8#x~|>aB`!i_Zl8kPI*#Acl1}`^jeL1
zqH&pxbc}lc_2bk|swjvU;@STn=#%eG-?i$x*J~eJ^u&3#g{7RYM3i&z$K7<?TLPKE
zU6cEL3;_5bo#^Nr&2!F@Pp(P(J-h`&uQsw6r2ULZ>S}k0k4AQLVvGt}sM6Lz{U$(N
zNCG#@!77u@QIqUiu|_l2Q`oMu@AY_|{q{s^LCVmZsFUn)wZho4Xk_Yds~X{vkOxX2
zkd5S%%X^P{ObAOvrfO)RwbWL<^QEUT<dXVjU#<T+a-JP8@{_n=970WZkxC)sVf^cW
zA;WrSR;xZ}NeQa!ZDWjUz~SCyx8awNgavOIw3Df?)5g<n&WP>p!r<ndrx2}EP`Mr`
zV~2Ed;wXyT(~Kpl3hI`H^%gv^=ccx{{q60jgQ*cVA8Dy7cJZ!M8uDa{_TsN)ySbxt
zkP&KJsirL_%CwUqM*@LNOsyZasDE>pBWNz~{y4g*j<TF1ra3w6dn*eYHnU{Myr3pM
z@%mar$XzPE{Ip4^W+pa@R(j&5_BQ^y-|u~>wH4D8Z|TabE72}tmd=`j)x9WTBle7F
zvpNrJys?3hhIpBnW8CmFLUWVk3^jqY#8Qhz(94`@76KNkl19B#vqNO3$2QiZ^vm|!
zYj&%nvsqBRdRbMn&VrVOv~!|i@t4EMc=2*<gEK{;V>6|{Z|U*qcdUg7o!&Qo7tV^}
zDsg!U7OjlwY^-m-7W}7mCJ|fm)zuN5pVk*Kn+}w@u)}u$hpD%WigVezwgUtRPH=(;
zcXx*X!QBImTjTC-!QCYgv~hP2?%KEncXxaHoU`}yef7Hs<F2A))talW>3!E99>XMV
zl7BORNl=wa<ut9fyKbd7UR6FMz^%K!Cu-#yMl3XoN6hIJaTu?VchH!gMo<4$ck>hl
zt8d}_$Mcv|;-4KdJ3${@lVWWyZ$?RGO3*DVdYj`x5k2n{artF~_wP?N?_Of`sp^Sd
zVxuk!IbS}0^owmEz$vY@kRHRI`8}SgxXNqnV5p;#rKb8YT@O+7PEGA@h{>-VF0C*6
zxQo>u)Kil8<-F=d3#ixat^R^HH0CT9*>68zel^zLhZG)ER#qN?tNfChGrK^b*8jXy
zKV6}wpm-@=7-0Z4H$U8h^|N1&fYbcn7Y8g}JvD#)u(f5HZaCL;SX`#}3KSPz)77@C
zDB|9Rs>rGBszbd>f-#9~wf~7tQL-Q-F7K$sh-8_PZl&Q|hx{xUZ`G0Y%H1h3L1oTS
z^||3>Ja=rgr+#0gn7iV>8?*IYrbL5(<%o0}h+oIvxnT+RcAL3Pr?uT47fI9<WNeco
zGBM8ZHFj8(KU)P73moTX-X&@9W6Y|qE#7F)-&EU-`GUmd_n#+myver}P92ZH!dbO;
zleXzKd!__!sQIou&&SKYVA6)JN5PBaklV`v;6>s@n~VSIL)=^4go@f|Rw%8W*}37Q
z+*wX~wzPy?=GP+iimD?RX2^8B&Se6>>P^5qDUvFpKnHe>FJIELm8~^8^({XFBPC<-
z_eZKmhQ8}Q^l9p9jAb|5>84ideJnKW3mwO9a4CK4m?T;8J6>2@gS*uid`}hZ#|~s%
zckd64NedYZguU*1_#4@@;Y-cWze2H8wDtn2CLwv63}SA7z^Ha*ufxwuk61#&BS=8O
zFqH<Cmvi6?vk@X^!usC7y5S!lY66^Wl5!+%%<>W6EO@7{jA=U`%hDO2RM;Bh76<;M
zSnt_sIM$1>JI#G|tPfsn`lxK22a_a6AR#pwZPVpJ7qLY2DQLD9Qr6K7Or1PurlDaO
z%$;(B4m1W>{Aq%c@~-V`rq9r9d*hChcso%*g=KrdsbFn<XgvKJzqOLXMo2z@Cq*;@
z4}Ui&&8ls46~7fGHH|*Vb`UN_z-pJ{su|efKvB}AhswBES9`iBogC9NmypQ<)$_A^
zxu!o);W|*I;UHFm`-j6D>Hfek`uza{BFtRRN>I7G!X>JFF@r$ya-D7GDV6LR&VINm
zU-5yRPt!~!1Cxwq1G#6h0e)jq>(h#z`P=hGQ%3MiII!<U=)5T*0YmiDAotG%V=UG>
zb`SFt97%Vo^p!lGn8@`FC^W$v7Avb!0^Ov~28B!OM2w)aaL3(6OnLnkYi|9y0_w&c
zGk%8OjCN+~gtwp89i@t-r{3#LoY212!Rr=eM^k5riPh1KLGO=cZ`<?uH(-t^h}aX7
z4n%!tXIMRy)Xfkd`_bo|95YSCve>$9f2knYu85#JN6^M^5hLh-`d|na#9zTzGRYj?
zICR8x`Vyh!3OTF88@9blKy)~5PWutOZVWG-WWS=?F97>4b#q|Y3L8E>pPr9oN>8s*
z_$wp8*PhK0ZGa!AUE91ZuKR@TmP1+xxmU3PZ=>e<dYkJh9X-9QqGGBkKF>YG;?G1I
zpTk0l28(U!I)-QkT%}u8BGXiP0cbjqoR{!>sd3xTCoQMW=J;ak#8uW%S$PKr_=Nz%
zkns^=dk-POVS^Tf4J1Xv$cXY08b?&C#xdk8J%nE&qoBZ5TCs7S$$jpoC@#Lwqz8Eo
zKR<Ro&}gHpopSBb0pUFz>rZt+T!%wKLLf*Hr<T7EgbgIrB&DwRh5%S3ydoGhMmKxJ
zRa8_+VKazual72?E+?|v_*_q>ssMg<5NZJ*Pe*4Z#DC3qPMZ2sz)s~c+8>1=i%Ang
zfiRIC8G)SJ)^UEA2HTQDT+WNt1qBpC$dA8v5)ynMcekUJDgXopL2CN?bX!_#*%yWu
z#>&z1)>xqn0qW!9MbFKt9Uytj%gWL-(k?Yy8tdz?LohSQ_?GKO>Se#k<BFwXbIh=J
z(nUq=PreQm1sdtF>+|iXHz4!5@_-^war+7PMo=qR)uL2Ox+;KDjAB3HIprX~{k!?v
z@ca7#=L?!i^<vik4`-K9rRUcd7jr$Y<M2CMa|O}X`8L~?oOnzo3%k@et){-O7s~fe
zbG|YHJ8#SK`pu60h;D%^wsp8TkUli!ma@MYE$`!}<74G-vQtyzmYm!i0-#K*K;;>H
zw{`7Y9@^U48AY8pGqT6vsvt-IONhlV?@0`;YSB={-%EE_+_N0^eXx+v(;`t!Dj-Kq
zTN@#SS-W=Uus9b~4hj~k)Nb304M7q$u;<I><m6-)co!qxOf|7wU>2T5h7h^Jh6X$Y
zi0!&w7x?YE){5ly9UP{6VUZdk`6shms}i@q&|6Zj56@vxkFI-T*rTc9+oBX{{N|_>
zy_ZPL?H3S8!AJrjGHh3lklyT#?OJu)2KR<H%rY|3%hT~8<Z0_GJhFd;*<=o<&y#Zi
zu9X$2*zb0Jrcf3h<qPt7=KJ$G!1ob0Nkd)z@wACO;A!Rbt~e*_q3?d9Z`1!<jmfYP
zUOvRso1BPIyZsYtC^9}YtQbPB&l7??dqYD5ySevlojG&r=<NtSvtlL}N-$+E`2KoQ
zSW_*jZ%8CF;0oB9l8}{<n2D53jKAPp{|KZe{a<?^2)_kSymfqK!PYDUbme~LHk>Q7
z>&P{|-te3Bc`N8t6mYy>2^vUEv3Yp|Q-&%>yeYb<%&X<>hoKNa>|Mi9P*5Bk9K7yv
z>{dEokARgvZ!Pb}QG$G>rKQ}f_Qo=ZF)3GPZRa0?&cR*pZW}(D_2!e2%<>V-eJ9H;
z?0Cqi!~!3O_`I_p{%mjf-k-XF_0B&m62(EAsHGIlDiEwRF{3`bocnFCxt(Q2GI#Fu
zp$Q+%wOkjb>LdOvq@=vx@Y`6dDIPqV!1|bHJQ%Z|<;7Gmmcx0x6-M%8KO&{q<{ENT
z*>whhtnpLGcu(qgOb8q^%)aehjWX%hnT=27iF2xtj}5hNPw<mDEY%iPDdc#cwe0sg
zEASYLwcYWE3|JZ~dOhTYc?*%;yv`~Lc^Liu(=K3L%Ih=`Rn_@~v5bQJmZ&K7*0rAl
zKY@5y)%CWlDE#KWtFEcduyD49G$FK4`0%_LbT6F2wj0UZB_}J(Oh@OrvlT{1N9VuP
zb$`~TWMD=W1H69oI)8oWLj!Nv!&JW){P~8b`29zn*)2g;7wXsX$9=#DM^fas5M2G>
zw|sLE=zm%u%^Mpq*1@pSPM3E-WL%aH>!xY6@cGNPrKYnAZvC1NI<Pe@a<ECj{?{7j
zH>g+2>b}<H<-kB_o;2b2dj!mh7oYWWk=gC-?GF81>A=LqL~IG|4o_@v99-PY_-?<)
z-BiEVW4>P}2^7;<{f<9qu&g#Z1(jT9$Kb*rCW!ds46mb`n8>hLTy^h`=10e-8f3wA
z#`i~okJp2-!rPFQ5$YVUpGO!+SX<}x<+pW-RcwynIGnkeDGDCT2bwm^ptS5nRaI4(
z!^g)*`)ZGCvl!!7-_0%k@AW!1;-Sc_9xPLre+nozXCaI-k)?YGNyFxN;VIO!YoiJ@
z60r+0bz~<)^M>t3F&e(w9TmyYX|ffpH$Thb)vv-0hA%O)bEu(>zdZ$mtuZ)UAXTO!
zOIwRZpA%G7y!DyGIRgCsdIDj4MEtiOBSs>QKy)T}ySW^m^&WBA$=Nya%IfN{81dk3
zR>FQVC;RXaWC)1pKdmR;;I!sXHs(iOtRGD~+!=;E8k=$LzK75!iIKYu(B^c@@3f(C
za?0%GPLi?29VVB5^Tfj{el%Q3ierwk)VBm+;GM46b-}*W{_=tvt!<58R05zeEDQ~#
zDH!LUnaEc%LsQT;GOaDv(2ZhDBAG=9qqER9jPA<FC<GFUT%NZ+pCu)!&Hcf|VU(@)
zKt^7lJIm~X9^{<e@H$^Bluhwpoa*@1%|SmnJHQ4aV==(xt}P#8<G|K>_(PrZL1t~@
z0{F8jnvQ4MwoW24q$=sN9|ayVVjv|g?eM9qIJ~I8Wn!v14vmB-JR8Er)ldy;L-#lM
zKv8}41Psj50*V878ArBHc+JwtFg_eo2$IA+9o9)fuP?LDF0PUy|1|q%EiZBh_z1Wc
z)`3qsyYAPriOrbrpMcy^=UWCRi?inA8MnjKB!ewKvfG?lEh&K)+vlCncO&#wU%0$^
z2>ot%Q@bYLiBKVh$F)|wBWG)E>~Lc<M%!Ej{J|HRd`3CM9+^|kYlCth?y^#IxedCz
zsj!3xe&R9xjJa$hG`$`umOvjFk<qNuxt(Y`Pj7vM{PhWw)9`$wGMJQ;>XkfxNN?R%
zACV~*=H|w-ScA4(#>&TXecupNtl`}3EJ`*yjrrrwV~F@=5-h9+GouLBqhzHhbG6{R
zS*%IPoX=LZG5Qk~c?);_Rpll9xh6wXuHkN}g-kyE(_%P)QY9Ykf3*hHlv6|A4F>%I
zlJkp@Dreureq2EM3uvi2j)o5LZP=*c?PYZGEI7EgS1(uowOrnoi2^z{m*)~8BQL<l
zZnZkkyeel3Y`}uYs2vc9qWeWTK`y!(M3WzHBo??K{_r0JBURVch-vEl-p*d7ZW9+4
zvYyjvL(LfW$j_s>fSAZoa{?2ZbIS6mR0xnpfcQKW;0*=c4FT$DRBAau{Dw)zH>$ow
z*f`a1eWRh~q`Xbd^-G5wZ-Wk96ORq~`C=G_Wa6O{4||z|Bwjb|*UU6bbWgY7rBYhj
zJf&*LCJQ;9V+EfMnlHD1#X-<RV#5#yXJCFlB|Qkkr|d(+hf(-~qM}A1_$}{Ufafg=
zL1Zwm+hKda<y_w&%1SQrPaNoP)l^7-Bo5ja4jNY0;V5f~aQ^=-HK-myKj4b24sf=9
zbHH4(h!%#1U#FG3k-O>IWVb=Q$Z`|8{RrW>rq_P+(ersmJ;lVpfLK3|$c%E?EoFhJ
z>_pz7P{ZmV7S0ZrmynsJ-(aO~Xh;@P5=boQp9%eX3a-i>=6Qwc8nw?mu(TK&nV1+K
zNBK#Xv)$%=Y6Zu2<>B*F`X>Y_1Hrq%$F!M^X9#+^LJsIR7&r<_%6`=N!Q)}bn>a{r
z1dClwo{{FjuvWhcoVn3x<LN1><GDN_PcS+v69xfm<;1Ty+O*x=+=PZcwYLk*{#~t)
zKAbCcf`pa+<}fW`OlU-W9F&yUGr!hzIy}`i)$JCWMK?o;1-;ZX)o;(%1`nOZVy%Ec
zZoBm#dV1Lqc#{wA$GpzYPMfwyOH0d7y3@fB`sw~e_PCCSb3lAR=lv-dEu+bDb^rp$
zSzYB4^tubSM!7|4u~|;jRdd)AsTLoMxxBn2C74@SI9cy#6Az0)4GVgRBl{;h;Q9XN
zDJ~BL0{H`dpHG{(GEb9K6`(**i^j1~UbC^^Ie18=yI}*=6>|iZZg}3hQkNLyER(1t
zgA&9fs1n&{VFLUu1&utzqHM8mAHBQTl;uS77wwCS=J~NPp(u3BZpySfhd}{?zthri
zr<ICmFpOxqPU1ZX8PUJMg`_Rq?a@e-#f%d+{D5cei-ILsk>9LR>Ww*F0r+~%j8@6T
zcn+~LtkKq8SXj?pm@R!*)a4o$_`IbDN=cz^OyI@CVo2%3B`(~B_P2!f7~Z}lG*C{T
zoy+riCfw#kGCYL<HUHD3u;pC&T#nSNH+^1Qn7L#u*i)>Dr7W|C83JlEgNg0FM_)L8
zk5zGH=d-LYu^3k7BPbh>9!E#1vr=)bTeRS<@g@pE8BAZ?rg=3*`DUCtps~i_lq4wy
z`=M(CZHJSdo}Q8t_FL`y+x;P#co?*4s_Bw9JNh^YL70o*xOnJoOgirfShtbvu51Yq
zIUj-kb&vIb9|lQ?pbe4%V+;G0M{Ip<?o@Ah?*1G&lp{~omZZQlUUSpa$(-qe-gO0S
zA5}+#QsiwGbkx;TnRV|*Cxsz&6mIt~p(rH2<DB4(1QF}&{AYC3BIzVDuam0yXP}C8
z*-(hozdLn)-Cc=J$9xr|-!cH<d359I2Ikv}t#<#LuVC7CSH_aFpa*!(Ej2Y&Q(XhH
z!wmHIOW0`YP)@;XUy%vK`~TB6znPqVq>|GmdQem69RI*}*Pfx{ntx68?`*o$YO`!L
zI1`Hc8y+vqh7ty&?1V*lH<YGLh&LLpAVc$i3!Zg&IbZ-Pw@#-bkaP+zCJhaLGbwCj
zi(GVcOM;c_xaQ}-1N3na4+tMPQETnt@d(K($jZnB_Wa7HkqT{q0ib>1QG*?@#gmYH
zP|6?vH{d1ZA=YXGffS0bA(3Pjn<=8wdPYVDc~MNiXyl78``=fxc+3nB+G&)(3ie`o
z>1ZVXhFROe4ViCU0p$?HEx108*JwVo)m0e_jm#Lyi-2R4y7dk-vkepde~nPMT+sVZ
zEkr5b_fS`lr2xjl-3m~|sb`y)Mi!qw8)>g~-`!Din|i{~$znDf|Lg~gBBF$dnanc&
zZ_Dd(7+RJmVe==Kt44JQ7${bpQBt}M2PwlUx8;QY$wr3$=VzD0%dutp%2@fds{N>8
z-?sk0A%rqKl_Iet$CSN5LqM)!iu(6RLX9%ZQB&YqfL!O30Pg<|<3Uw$8FhKK|0X)X
zolm*(pKcI-q{#;g)94q5p;%fVN>qF?3L6_MwR(V05&FnCXE7fE2m4ii(2r33^ZVaH
z{J`2Xlu`<f5C41`)CU2UrJmZco;~3jEw6IAx!#bbGU&mXuTcUi8JWD<(9sq<NR~J6
zW1w;9Je9U+)DR8=ab?0?q!Ny;<3U_3`9b~v`{+9<q|YjxNfz%&I-QUtf)p*kxGJGM
zBLgB1CyhM|132N#<eNmS84}5dI`dLX0&hy<-55~^DD7hMGm8vuk$O4n7RqV0m1~BE
zCQ%RLnElEg2YT5*k6vQTIVlIJ9J6`t#2(5sR@i?Gp75aK|NJvnZ^4XHey9BcK7Wy;
zrM&|bJS0v*_{mK#N*yIMH~o?u(j+NN42asi0+8y%T;9+?82Q0aR$b6e;q$l9ypK4D
zzmUD~UnF5-0s`wKxz>UmzP_Yq5zragztBXOUlivXT0$WPESsNx>Nbza9**ui@>Rw2
zZx3{+G{Z7mu+13_*3-iH>K-Ni(**sW54uyte$#owlm%BF4cX?|z1Fl=Yvg#ThpKjS
zJdH-b0nIhWTfYj<_CI}NT$j;&QX^30cbA!uOa6^f&hbgiiy+BbuD0}7`HIIEE%#EX
z5P_era1+q3HoK*WRUj+Rh#+MS3c6-K0x9)}IUc0b+8Iuvd1|9qA5c&{CkN@u3}px!
zE#HeMm-cKKv`%YK0Dh91b-F5%l6Y;-iGlxLU6k~Ia=U+53nnHt22d*8yu|1BDlmU)
z?pkFgOHO2g5?gPk@A8oE{JE^7>Bg<2wVX`h*S$v)U6<?m)B_YRG|R3J@of#SOFv3&
zw~`xj#Bti6Dmv`q@=NF@IDH`ou%m<`WHspPEmqfvLDvegtT?W8H#eyNl>&BXGvSoH
zcfq%s*`akdjU-waf5e#&<M?&x<O*wcirnceIZ`GI{6&czt&tM$!w$=X%kzXw;7zJf
zz>m+bnCw1xKPdyp8-VWi|La0rNK}!r;QgM=@UZHztE5I>C}VB@y$r4uG#&ccB=}h%
z-&NjDQ)GeowPJyTOGlH6O6ySfX%L&6X7Y7<iqvY7p#(n1#|Hr3v_>MFT*m)kwT>Q$
znazFUB)_t$tA+JZ?EO+Fw><B<ZArG{h)7uTeiEbdY!`XN)1kv?|6t8!BtIWrt|x;H
zL4o%BE;Frt`-K!t_{Rp((*OWa(Z;T$xf_bD4{Ze+S$=`;-)QM)B<2)=A670Szxqgz
zn;}AO)R8C?^qT|T%ebq#9c%P7Xs&o441QGS$@8M~d$#9RxusT+X+BQ<VlZE*zuV_D
zqo+}1S83{my|-%I#xr?jom<o2)uzByo*3X-%%AQIe?4{KKG7?{-sEbKvYTUg8J<T7
z-O#FrNZZ=2#Dyvg%Md-_Rxf{WB*O7JFDaY^&?>_!xCEm`NJZdKPtnVKOKzt4zX&71
z0lL&aAOlA8ENhH2xW2&@!!9p?o1c+GUU|a~DQk7&DABno*%m#Zw5&E_Qxls%OZ1Ql
z=X*!dU!wf(n;LFg>1})&xTmTkLUe~5eLbw^%QjGq^s4;p-`1jwjG7M839+(J6Qw<M
zLV-dWK9zVAp0Ye8Eo+eh>ZDBsk&eY~q73CdRh1KDZ*}#ZL=Fk^=PwBVZk9k{Wi5Wn
zQqRWBw(_v;&~uRQ>JIZ|NhW<kre8^;;~a1HsjoB=9iOQ?V9r^v!~*NCBYN)~)s_L9
z{`F{uUZ8uZt?+^=z}H7x+(t=PhcFN@d1#cYiWk*1WxTSY_2m?lEGqV)2t^E<kS4*^
zR`a>m=kJw|QHa!|caR;h;ZL3WbLpY2ipFKATAv?sAe_iN`HI&5DQYDxYO-gtBKQ$H
zL4o1_ZW{_FSz1CS{`k-0N5;QbaZ)^84SmACRgRUhaB$wXW5x8pnJoXQ6Npg?>G-oV
z;AEe)XHffh5i%7VIAH(0KB{7_P*mTe{`B)zehoz&W<EA|X^gc6$~UrhoguE@I-#IH
z32>Y5*ANVPb7uv+Tn9NZ1l5N8>;hA+;QzX%-qlu@hfm2RK-;b|=UFoGN=r6xUE~QM
z&Omx(ynj(i#Eg}-N5q=`_iRB&U+{$vVB<K8jgo%QBr%nW-f3i8V~3TVgHAxTevbcq
zh6PU^S|6zPHXU!fc}d;W5Mzl%L4Z9!>ch_1eb_;Edct%U@3A1Ctdfv@m^9$^VkP?J
z{n3MV1-O&tp2BwXM2aWiW))a&G)gEv4G<Evlu!SJ!txCkd+0TsYaz!nkZ$Cic$2N8
zU6$;20g5T^E0+BGPX5g}rD$r1zAjZdHAa?2_y8=qxI@w^-}eIc|LzLC%dxBCxcFSV
zC_<b)GH7-|hdhMri)8$@wQ4z;>Kp}lXEWQ3_2qdK1jbpBj@#PSV&vQ3<@A+dRD?Ld
z&^KQc;3rUMU2}-Dj6Wx{3<vrxQ#)SFm*cYCe8(geqycuH<l&$rU{p9OP1pU^8Y(|p
zRD+Ar&Y-)e1<P0P{QfOJJ1rY|bWVb!hzYWXp8XbTNRuJy$u6TPd0_uj7LL=-ao92g
zku)j$zwuc09l3mvmQE_C9tP{B;i3JavOHK~zS^poMtv50yM<AzIliZh)s*{h4)ieG
z*Gg4M0X1tcan&uX?HXI575NCeg-=;X--X$@`eo>ZK3lY6)HHG{vTne9$aA~kP`c~o
zTN;?QQ}|At0*qIy)ld|;3fDxf7@B$E?K)X+iN<AUtxP`*B<0CgFcu{5r9eAPt0M&H
zsTb1Jdg!tgkatL(zjZvJBv8Z`4dY<`JGxj7+`_bTa+#q<zhfn13F?&OWi8^NU)r<-
z_TXkMqLJsz3of9D#M>;yD-A4<T7{VAH<9ddhA?*KUw$G)6k$oEb3YFP{GJvLBUIHH
zWUVsx99!7f+3_<L5Nw3&%k^f<T?hB%34(e)$QuhQT;vu3H8<R)-g|;1;@da>7p9hH
zcT=EzR^5xk*n@Zc#zOk%HTVa5=)+(w;iMCxl(BGO5(s2JR?9HXqJ>>9l^u@pQYDs9
z31nGhStezWm_H(=Vnr4YP5b9x(06gcS*{W*5ka6nc79GBh^d+uxm?3tW6u5i*^%py
zy<}GPwzg+pw3fwUI)+O#TzUdbYmwopXA~(GvArI3D#?F$b;HvzVxENf0{kN@!O#nI
zbiyzUtCBt~-rwAmu;>ybT^--B_0<h%o1!%u#3xo<vbPRIqKzLj&1_7xKmRu(UGV*w
zbN28vbIT}Qt;fDuVYXfY6ODlyLryh+NTYXK-{7~iZ2QsJFNzI^@#WGhIOYUrsoLx6
za{N&K7^&EQ`ttj;Ku}*sr<*O+3)wbh)2xEoBP8HooS#JadnT?*qaG;yjdgI#`V0F=
zHAnGiez^*$|NC62c<JZC^KBY+DlqCleUVD4nZ}|zD*~cqSkLkYv^*mi<4fR2X7dSU
z594XF`8tWs5-Lt}+>LmKH&tw2(PW<x{O`CZe+|D%#ZkZ;{{8TA=hy^2rns~q>Y$fQ
zTT@*^!-XAAOg2>pK2hwymm2$%z%)k;$WWb%xr;3LB%EE!*5*&M8loE^v_2-ttJTNl
z4@;8PS@4+rckTslfA|A{+&_BAB)>^1NOZjkX1gUhm1S&QD}znd#luBe+i=Gcv_lcU
zXJi-8X4`-FpsX0EazsXO{@)c!>pypwo;SnAnoXM=E!dbhA(tX#6i;~(Rcso$vJy1D
zimc)O-*@a6c0Nj@PEOp&_PKKlaGYnL_@avYm)1U9vU>`DhJOZV5G$Wf<oZ{-<dhtk
z0|nJ0BNS#9O?obI^S!d3UDiJ#ek+m9bE=&3<Hx}>O1M!xnl{B528Mq2B+a>U!dGsl
z+>(5vH}!gZ<Wj9j+`9U>@_ya)mycU9WC&}s4EEEYjCHPfKMS=4zzohAsy*`hni$8~
zf3E_;4J5|lrfB2qn_&p>n7;4Cw*+{%FRxv~x5k1P1H|Y;qV}udf4VaT$!xsM_m}jt
z1Y~{MmiU2flZ&KpxZz$m3E#AA6bUpV9L8rBqmfY!tUi2t^0z+jdTN=?wr)>ei277i
zl#3rnIC1nht8EkwqUofK{O`)N;44=XageC1J|BXFla!J&gDeP1=s~h1-yw85ZSBVc
zax`GZ9VCw@|9(_Pt19%Le7$C+7O!D%Fa)zs7Xj^&QF<g_gkgH8e1_rklf?As0)f(=
z@cwixowI=x{KJVciCOl_1q@&wWgD%n+2^8X)HqhuVC<QuMeCbEru7^&@paEZ!K+(|
zfZb%G6|)g}btxw4Bo=Uq*_%^y0Yo>oDtt=_<!EW0pjOgxjfl**__YTuyT;4G3O}d{
zyrLRkt;sMk_bkvZCv0d@fyBmT;+3TT?rSI-hC+2fAP|x~ix(kfvETgF`qau?B;R(s
zu%hrq@XM8)@9r){E3kdM?{Yg?yo6{s9Z$>0EiEko@5>P3&B37lT9LB=L4tM?Ja6|K
zxdF5v8!xmO7`q!q>d14bNkpBH6sDSndavk)kdHh${`XkW`Z(5{*oNXK_#R~+A2JF$
zPg{ZKgM$JAZnROoY3CrV*&xUAX91Z8l4lzMcfB_4qt211-h7Nc20bY(B1BLdOqTj)
z!r#-37?l$SCD)Rn3p`A(uR`Bls;hF-2UzDKk$^>Z7g`<>?tzs5-8jo%@jeLj2gt!(
z``)FS|8Q{V9vXKhJ-A=>(NwUtRZy6Kc)>u-IM9|BssQkhl*&mI!)A57gbKNnn(FGw
zsj21|z+WeMN+ks*03DsyHQQK>`+PyKgoMOw1?nu+zyL#B5%BzinaN+R3W)9*96_ic
z<s&ZWZL?CDEzJfh18tUHT{-?bgcKDj7wPNhAm&;gT5`^FN=r)zH)9g^tFR_;2=@0t
z$b5@><adihUu4dmT3a^JO0K~Kf;cIB-vLp`^7C->9knnm?4QR;<t57fcYY1<yFO}{
z={41SV#AsrZn3SLm+hO#BuiIX`L@1FB>T_Wf3AU$X=}lAb6B{z@}7^_CKi9T>L3M<
z9iF#OcPr@-Cyzylk4demEUc(j{Q;W67>VD@bVbwJM9m3ADWZum5*PPzbR5ZcTZ8@R
zv%uWNpv3}_%{>HiAUW3<0&dhrh(6e{@7i{seA0F^GYW@F*lfGDoa_69pyjThaF)gc
z&a`XS1^`G%NV>}GHH%}ie;wg(cw=ISL+1TyqN2jdY?Ga-=`KXAnM|`EXm;4f*7m*c
zaLbd6qqG8*<?Y4_z6H~|#Hq{LtLXzi;XUT?c}yt0{~|2wNpYbgbjN}<tzas7laS#5
zk=NSjNN@$OoR2i`j^0N~ANvK`DnVAT6sE6EU)jsha6DTaW9CP>mBngilCif{Yon2!
z66=^HhuG@>qH3Tpl@`A@4h|0VJe+<E@;>99;-k$9L~4ShJ{kD=y*9f=arL}w=B;4)
zeCO3QAu2Cqc8I<a*tR2lzs8Ie?)01oon&RDvzuo*3<N`57Z?GZC%<V``J4|7YP1wc
zxGVj-d}lk;?#8(RLC7B{832tZ>E`cM5PUPh=hjrhwBM#_eW3aT@~8H$pMR}iU0oTl
ze1a$7wmn%aot@VNK+-}Riq9|C5bd$eda0H&5?A<fPL*)5<7$LHq|J>S<2G@VCKOJk
zCXdL^(oo)v5ce4~&Qf~b4J=I<UH3}shPD!fkLYDJN~}gAa#}Zart*i4h7}b%MWu!I
zX2?~ENj8tOFz?x~RIZ-2)+`63Y!n>*NnWQ^ij|h%Ls#OzGfL~36(*AOgEALUe_G=n
z!>CNY1)F=>cuG=|$(O<pNbp=}yjupV59|<=E7HCL*543!5EVT=qH|XmsjwtgV+H+o
z_e+Q{#@uqFLVEN5dOpkVdh-3d9G1lAk#mSq3&bIWbY+#-$+qqFE^GA%4>7N!n)I*`
z&!+pt+&zExM2+zv6%|#E&mAw)-egsI`Hx2LrSN!iC#RL}s{L%YH;5jofJ5Iijhtu&
z<8Uv#9D1b`35XBj4A~J*6&M#O_SI$vDkb^qDOpmgaF}4Di<1Y4lY2=!+(r1?HXQN<
z<d3w=7-pNKkf?Cv*ct`H%;lQX)M6+9C(78=g7<-TnZM|nX^~C!-{>;Aggh9QwEdDb
z25}9DCzt$!<}Ra*%@aq7&+f1EDUEyb8a1qs;m`SfA8kZ_FfvgKf_B0x!dWVHN4>}B
zo)n4K%N_q&wGM;iW4WMXK85sjwmosxAjR=G9@+$zY!Qi@yt)ln<|9yEzM&FmQiDN=
z`6s)GmOzpFxvtibx){ENBuUaU+{lXiM53^PravT**gL<d$24jN<HpA8803xk7TE9r
zs?1$jXMK#C!&OuyiZg9+tXKVI^P}0y;M#<p``;rSukZsKa@KPO@SW3gMi#;epkY{r
zkmN?Z&Rg2VAr?Jh$gC|5AOj&3-hf(y&fLQh5Qw?RrxU{3Nv4PJ`FB&HVBqf{BIfa}
z@7-ZB#F=ViB1>Ccozror1Oij1YF@j&z3rOJ1W!$Un5T^(L<~)iF;)<I47%S~(bM|G
zIg!b&sDV|-CylX1iiZpW^^CggTt5d?K@@`bOuNn{i1E;#e5Tn%nzS;9b~!a00ayEH
zWtsuj1LYO9pzNlH$j4iQUzuBSTUVtv-6ljKRjA_78cL=_fyYS$Z_9}`V{77=@9cD?
zibXC4F}D+WKT*gyNe>6q%eTRnel<sFpNoyq!d<@nXEb_*BQZxS*PO4}d|%v)XL-#h
zs*btKQ@@qUXSN?#LJ)$p4Z2M`NhUnuZf%e{9~pM!tobTCK+JyE)6wV=2t;4i4zgKk
zjN8fpR=qwJ=iZ$xjXSQ6H@&P_HHeLH1N;Pc`_Qaiy*7MbH~&CT{t&;QG`8-R{TxkY
zW!Bx_v~fJ{7n|kf*54<`hp{EbmLc9qrghr!ThO(T8UcG2hyxPD;RtGaa$@3eweY$q
znqb&S&=4YmFa-Ug&aASC;$}T^@XqFnhdRLXNY1N{M-F)%O{37CoyO13-gj|>^3mk5
z&Q1JlKoza{Y#Zq|o#UTe{JyS$4m+TeV!4ck?Tiv8r|~oY%|e%QS~F=+hF3<v_z&DC
z{x5(l4wBaQhWMJ-R}xvE&Kz0htoWiBG&JPaNtj;~;eQ#$qNJm9#9_cj_HekMYq#xj
z(o_lYzJciGdqwJ`yIh$Sjg6ss>CF%B><`nBnj^?T@$s7gFYi))dH@#bMtAR;ZPUhi
zm=naGZmj~yU1wFY`}R!Y{{^DH=jDr#emLA7h~>7UM0?v8F8YjW(stUoA`15b3I_G)
z=;#L%*gV(Asx^p$I|K7GmW+b5%}VF*wKFBo`D&KwXp0Xw4!#W_(C0RPHh3s@XM#wR
zt~>|3cJ#Zs(QXhvUlxYBVd(zS9p?~|D||^1YrY*+Mv<fAwTX5_6id;m!=<gfRM^f_
zr2VIHo?n@)0&!?Gt=dM3Svyqzy)i#&u0xQqDf6XfgF+2?5iKL~iEXa2WtWUwPBxfh
zBitkM$A<jPYW&QFdM7R5_@mU-DcL&0%p^B!d#(7@r|YS3m6K)(#6M%>l?-jhA;tJt
z-}!wJ$p|oknV%RM5((8G4^NA!SeJ*h3l(Q0{|e<_D=s4@_LZ$Z$INV2)XUSeRU0}9
z4!O_lgUX33zxNefFBx(4qO@7G8QgbxS6dB;nNHYO!{jk8>$TQfh_cIbSdb{fqE+Ml
zIQ#AchadW2GMr=a5-e8jt|ozl9Rfzi=J!o=U<mBmW;H|a)Urpj)I&Vz(J7!`6dQ0}
z3is)SkJAcK3+YY8zB_#L%Jb7rK4@eE;Si%L&zHSKL_d4^60-`2ZfThO<f`!5oMdU>
ztuK$+X0#9b3^S#bxDosqG2as|s;%4*UJ*ZFAK0y`@?B-FOLB?4K!dw+O|^cjRw(6@
z#AAe6I3maV$^CCVSaIcnj<nuTl?T%y;pvMsR<&p{R9OvQ#R^FW*UVcB%=-LV5(X}r
z!H*j1N$+_fh9NwCQ#>Vs5fTSoYsQJXkx;QE2dHh^=MYLk+2ReC;Zu4yz;qgnzGI`1
z6CKTFdsg3*+YZab;Y}l}^F7I^;EUJ_LJSq0m)I?rXCHKejZj&XyL6QF(r;+D8&X6Q
zn(g1yisN1Z+JT25RCkZylU0ki1D^tI#_1ai1SN>vd|KK0Wc9FIC<|^{_brys<oY)5
z+6%2a^j+lvO<X0)=ks83n$d%I@Z>Ks%XG^UalQzrud2bJ^wYcF5Ny@rsC5`>^E1EP
zb)bwqIXb8oHcvmSD3g0gFiQH}r3RcD_lgq<O>x|!yP|(mz3t3C)~vXrFAANJGx-J>
z2Njk9JD^hXq8s~A!mia$SE?N)Dire$yNd8pfJiQXbjw}a`U@-|W~DUu4g3|*xSc<h
z2Zz40N`U2&x^iwt2-I^(C)t*TxA3_02TiR}GrQUL%C*a1_+#}PH)fevPTPwtrB<dy
z%eG22+szi}nLC=D0MXs7@8aYx^79__UFPF<RYI@d3=3m>P>J7)-~g(onUR^-)5hS{
z8#{bEVDZ~oRxqq_SYJdeXY$_T@_5&(>*FG9CcR<l!8kR#Z*kfEsZOW;^i?5!q->c-
z4s})Ir%ym(9mw^qdoClBc6xF#NQ+~XP~Mu85~n6)@a>DPo;7cgz=wox$ezN~vNNNq
zz}p{H?@6<6hC!GaxuAvnP<8mk>nV+mIBPn)Bd&?9r!Fu2{Yg~Ga%9o_=oX5#PQ{fV
z!Yz*nSEETBK^y;jor-On+A&gi#-qVLK4>YoRO4+0X8!6*IQWTc6Fn<rspaCj&92#G
zYd|L8_c%%$wBosz!0C)b@%WoDqun-XCa6RMx9*@U_1$NjlTtq<?{EMr3SZ*&L-#!<
z$mDq01;`C77hN?TSTD$I#n9?-zg&;7O4-g2X=I?yPqUVWQU+?@uME9%@??}YAa8*(
zQxLenwbZ(g)~W+v0!SBb&#D$*QI&(=&x^Z?IOeSawp99BU3D-!2vQhnD(?)(E8}4^
zjlacY&V#KI@5HN=kH@Wi#?Tg(3%J)<^T8?BdL5qfE;cZcA<?hVt)01`jPkE3QuBpv
zU`8FKZ3Jbkx~`O8IL@8gBz-pQa@rZ+EyhQu(W+0z0eC5;OKmofwVWVJG~={Z7Gwh7
ziGeIsl`sSIw}-#c)Mst4^ZU8pcRjkq&9_hIxaC~yf8+3IKL$5o5=K?B<~wVm%<79R
z4d;iy5RoJC<evp9N><n2xi6gM^O9M~N1}dT>r1CVc&#BE&w{)Z|6N^y$mJ#h<j$+|
zmDF`pVF*ICS0=0oL}`TjbmSuyE3YWCRBeSYS(j0XAK`jl)Ns5yoFWKuDtkglN{Zb}
zi!&cQ^GWZRJV-LsL<zAdpTcSDVbWL+$A<}>-X&T0^<2II#9`C3%d2L6BAC(2v7uSv
zI;?qKIHRl6vYbVyX<RIF>0b}Ip}H^BGGw#Po3aS>H@f<B#H=ewYsPM5jc<6IJ%AZs
zL~1z1+thVC;>2qyO{Q$?f}S5G%ttpK(eF3@BrBnrxh@kB{c({rs8!M-tIB;B`0iuy
zngdt)lbE}xCi?zv;3shXwJ6Ki&p7ffmG~{*Y6;gQ!$WC0$B3-;nU-75b9dKwZ3Q;)
z>-dy>WE3jYJVi%xvj2D>G;srXI91^OP_tu&3RGL)1zRe0VySaz{D5WU$K8VC)Vg7c
z)&+{NjWpi#yBx^0^92QdQdAv>g~eJSFnB=eH|?pxU3<GZR@L`7-xfV(JQuj$=s+P$
zA*U++C`F{j_EBn0Jlkrmhr~l&%AR2uKSS~wNBu^#B7K)pN3pKGZ5G`v)i49=1xbZw
z^lQMNLxPd|8eya{Bded|IiFP(j)7t;6@n$~=}hon6#Ao^Yy3We0f1(Usgy&Qf}U%o
zjy}MzlU~$7yR*^4c>1ija+}GRmXJ2WFz!$&+>E!pUbC0~t~vtjjte8r(#){#Qk-!&
zA~FT7&z#&{*X@)U9T6iRU#LV%5kW{DEI|~MSVJgfXp38kWG0eQaPcQZJvkbVOH10$
z0<StIsmMf|3tzBLtksBbqrfty$OZO!zOc7wK#6<Zp}bEKIod><HTw5Oy_0vdYs6nX
zI6i2M$VaBc{L4qfL7|9V?Q9MB=oK@L2s14jBs3(ZV0OvxoPbums?v)xd>R}-V;byK
zD;<@*i=SGuMml2K%X#Pr&{-u$K^%CP0}L#DGHLbO(dge1JYe$Sptaaz5bOT1q%k?M
zVC{LQi$O~`5k}f<UH;k{PmTDRsq#~Llwc4i6OdsXNsZn#G87Q@DYwE9#w9d#c3eJX
zy3hdbGe?vmI<cv^!4ygY%9^SHx|R?xr#yy4cJH?I7L~))*LIJA`hAYOAhAP+zFwnV
zuTE_X7`A=x5zpwN5iE0gY3J{?<stV3X|{=w#656;;*0#;?<B$YMJ+9Yp~V&?o9;~Y
zn*+{rasl?{paCocQN85LtfRe5VEdOS-hN}TzT|?8g&>xr^(VLpnLc{9ffslj%1Krw
zXkyM)DXloqZu%^bKB7xV;U&7wPs?qptTy|t0-35ss-Dm|8QZ=8YzUC#=cEz!0sw(a
zaqEbYWObK$&5UmF&YPRo=OE;i*(bxyzo!I#7e-2|!eW-(ZYWmWV}O(#G=X-ad2v^M
zy5jomRahs&Vb#dU7(X+R#d|gAwm}C1jY<z=Xw^GS-udkQ4HjBsgkElaxwq?lFmk&T
z$`#&`1G){nG@+f%;y;9aq4B*K$ZXB_k)3=9y)Tw4yMC%`i*0`j&E(%LKGAu2tV>+4
zDlL`rD%SH^23Ml?<$An85lk922vXh8jqRVmdEc=~gN1yrib}IsUS7Pa+Dz*6EhLWj
z<#X>IW3v16iw2ALay^!A``~V&_bR#PGmJ5Ye$99JUO}ATMt}l=<d$P0;Aml&q(n{M
z*N1d&GuxbpnKC^`OpXjjJ?`hru$&D04WK#7`OQl-u2uE~5Aa9WBp^dgOMg@gQ=x5h
zfPEm^B);4Vi}}Kfn<?vV+Dq3pnQUO@x&R^dhpR^*iWfr0_1kNgwK)^d``G!0cm7c3
z^RnBy?X&mH@rJdR;|vn7bYOW+&(Ye3_sbs1C|LH($RXQKEzr&?H}Qj9h3EANJc-YF
zzV5k7#NPPB*1dnh4WZ9vvL+zMqL5PESX&gd@qBtidyT_zA120^%X3zn$;<-`CR7tN
zT@muTZ<r@&8Vw&m7kY^}wzEn+ibI)Xc~FNnI&n5QD#I)uPeYn}PNc4Mm)e<VKda2F
z6o3t9iyE8Qz20ztz3nJW&f>q%Kei<iEWoWc!DB}qmhE~!7_I6mv;4HUc4*Apd3iG(
z<V<=-V?Fk{QK<MfxlTBn_d0B5gpaiSH&e@TFS}x>GW4V2O1_<N?vu8%HW4{bSdPQ6
z$9|5f>E{X=RcigFm4)ZI9@yOWyQrMiCfVN3HJv7Sl1D{CY%Ehjrs>Ab>*2)WF~6<f
zic=~0ZXGwLuZmsERX$mY-=Gm0A03XO(l^w>9$3kToPV>9ZQIuKhg)|Z-|D#i(wl~G
z<F;p4^xR)hVZ5Bx#*z&_vMFIN;g|!sk7xI({5;O-&+iV?TJ8E~sL#Fs-oO)Yje@=3
zZ_(8CYx?|axL2LUW!lH%LgXs=OvCkgL>@ZFk%ZqbUKv9uMV1v?cZm54Soh4(<c)cl
zwA%JZ(bj*|8fBN~MNI@TcbyfXreBt;FE(x-4+4DO-=yBEoOcyB-mfybOH5os0Cr3V
zX`SYMwNmf5=YpK=m3Hso^ghfhuhqMqW7{w6K9oxAuN7#%k2cC3)N?Ke_~2D{RS={C
zW1&}BU-3gFVq16$^HVlZH!k;JN=<AD;nROA_IYB|Pxi|EG7#oZ^qyx5Bf3!W$-+4G
zCgtR59=DO!lau_`#ajywK8vSyN&Cd^iuS$(J$tHI^GYL|%2!xe{C*M6ftlaM?ai}&
zM-J2hU5&15l~CD^dhM;|qpeC};FzW1daT73hZe;lf&CG7UJAyn%d>*wTzh%XGB<ti
z3QhH(hOWtnW{~mzrRIh-7}xh{ZwHL^I$WIledOG2H#&x7-D@~?ZvQ26!U#XW^x&XU
zUVZjC%a<}c>3TRU7n%1O)Ty`3gR#tl++f+0swnSGTYPSb`@=0pWS9Wwo#Qazn4Z}4
zHDUJY=OQ|#z+@<x!Ek-<z4PkrzK`k$Z>O&B;ey0$PS;A6T<hM8@~dLY=3siN_f!9U
ztgw59MEUDpANQi`Z%Jetr9hVmIy)T}cCB2n>ySsWNxz-;-F4XHI?)WZp63LO&U^&;
zh2t_W4AU#e;}PQ1-q6<hbZ{!I-Wf*RIvXI?{TRW`kS={p6spHEwFkGQi1;XYOZ;ny
zVe(O?N%+0HLc(g`QFCq2M9itv^L$w9PVn;YXg2$4L_VBVgqio1#vs!gbJuOah)ra1
z`~6p-!^?9~<Wd|3_ld_=kDnc=G0W)^o453m67oJMshpKYsnPeZUK4yG;zY-uE7H~5
z%aWI(fZE+EK_Uj8Neo#uhxGPSw)fBZqlc^GbNE~r@usZcxz)S;U<M7@$CQ3mA-Z#i
zk=<hcom?T0*IRQES?}9KeO|6?v98W{KRdZ>uVqS2xADo<I@k52_jPQwjb>+WyIeGa
zGCXgM1|FL-v-Y>YKvj78W~(3fuBN)U;E2w+0;;wLbzz^2lR7(RBCkWvecU<RitMNL
z#9N`$1p;P~T9Ta_c_crzR}`25Kyq@9!ZUa>jRSa}Ll5sNjS17L18A^bw{|OzKSXHE
z_iyU#3F^R}=9mob^f;Z4HD}^I%?C~#B$1Rb0xzt{@Okk!ycE}jyo~#TWh=*|T`S*D
zN8j7dQ^KhH7OISE8R%I9`BZic#C<yQo~0rvMr!w;(ey1>8qT%fTUP*$zDJOUJ0mS5
z9mii{dYO^rMhOVrR?XI$%<i_)1a=O1{w5GG*Oc7)jXgWghVH8E859gB86;b|y=`=G
zpUu`yc3x?4Q@`@Pt_{AczN{9c^6elb;9+#^ssjAT7`v_^<&PDQBYrt|>)U8&UXR&L
z+X>f|&HF#k*M0nSgN~1Y%=Jsz!(3Rs%qdCQxe60wr}l^P_ZrrES4-3+A6*7jV}DdV
z2O_Tj?OA3#L4$;Wuf0TI!CQ@d@wk5UuT{<eEbtucQ&8{nUsvC^PemsW4V)DvN6qm*
zp|__`-AE*wFA$n~7eZxwj@3|@4TZuVGBLQ_c|Dt_9sWN=y5Pt$5y=WbgRPrn)n}rW
zy`6^RYO`VQ)4;@?rz0DJh5B=Lp>@;y$hSQ64NuA1?83NY(cfYBeCIdpV7o<@>SO!X
znD`D9F^v^J!50&dzXd8~?Jb&oPLs{bx?#r(iuA~j$KA~N(noRy0?@p4!m>ryufr1g
zSm=N|`Rpt0XMJ&nFZ1iFv4Qh##T~C^j$N`jo^J|eF{JO7=21<nZnsfQ0A7zj=9g*J
z8C9xS3r1!1Kkk;yH)1<>AD=7nj?nTR*cEFm-zJ4}JqKum*jAi7U!F3F{oa0~;O1;I
zJUMKoOubgU^DhMmxI{^OT99qL#1$4O*USgUN@lZ#VpgR+&eya44mDc|0<=HN{Mew^
z_k2{)mxOk6+;9K0LgER0O>r8$8Q$V;%-3(ZNkU>4ZnF~)vMr{~HquIw;258NA^~*O
zjb}bx6_dCsh<4M2p`EyFQ{pl`7+W@#Njed(DCw@9mT$QU*fUa+y%i`s?(W&)ygN*^
z>^CYJnzi$LsIy+*c#)tUY+gOO*m4vOeJRd6FK*YdJAWF{tukGXm;7z$v$Ezse%kfc
zxdoa<Y8M@@=9tFL9zNID)VQBWdlY|OCs#bngdWpP{!AG*=P$IEQY_^XgG5*I%jYFo
zQ>fZ%sWwkfkx^gpKJl=Q$#*k5bCUidV#r~^GU|M!g<Y7KyD`?kABylJ{$iDZ1pWI%
zko@WWCJcDkw;-EC207R{^j7Wc?c~+XOaEpw@ji!Ic4#<uI9y!O?`AjMJZGI&0-dLb
zt$W>L%jGw`NhBg@HD@mL*<ieg(Wli+r=rC9dV!N*bi((cfQNs`I-H$BUn^y)=HOY;
zd@P7c&r9^(U+VW|5#l!oi}5DFm`>e&C)g}!hJBs-H~S<{;Z_6!z=z#ws*hWyR%|dl
zFNyVY{KGg-D9Au%vg<U5pMlSjXHe;FM6>Im=;#TlZrcV_p7u<K-p6jV7OT3UF%v5I
z*o!o*K|#)8G`IP)Nx$t668U$2n}gA&jg2$;^q0f1)5LhOyw5PLtB&*P!puK5Sp9g$
zSJFnrMrrTYec$`bOKMzO6^qN;Y}>Bev_~t2%@^b1i>sdRj=yr6KF}6BfDrfLKEuv@
z%$<4N`q?xrv?g>`(7kTcRi04?_VS^EQJ-z^eigcHxi5bAT}!l!I!Y%&?8QeWJN+l%
z2DiFq#JA65ANz54!I+-UFdgRrshSBJ&!1fN+8tG^O`LxC+67PjJkpA08+%iai9H5)
z%~q{&r7V!S^&bgx{?!)rg8jT!2yEIA2B=Vzmo_@iHv070G1@OHPxUqbNa@h!vRkXI
z0D)>v?#*)L!o<j6pRYAdCgv+P;uxsu=<l0XE0bJdU3Y<Y-7xKRc*ryvm8EQP=oB(o
zqY~SgqN@IPAyF4&wOEJ`oN+ZWZgwlRRa-@EljzPnmk%{qMf{Rc_>U_`_uSa?G1ljZ
zv>Bq0pR2n$2{bi5lv_D@%<rHrknP;yu_eoBK^L@_S<BB!k&17pO|bxvnZqTalZ4D?
zH-$UTZ@*ljau*uzFKh)dfOG<M5>A1?2RBuVU+-L_i^)XGw7P0)&m|my`^=SP*E%N-
zoif5C){C0Tl}HfqbMAblY*Qd{j#U>RzZ@sil38Ll3h#nZubrdrRN8b!<4j*g{8B^V
zlA<~7ub_l4Lg@D$Oh?aq0ty-(Q*jp7^^A?e+-CPuJV>Tk$ZkC!YTNc~c3NF~%aB(e
zx%3Mo4~*A>?Mmj<-p<<S`yy5#gnKLWXIgDK1_c?cigpk`rO*m(jEAum$p9B5s;!|G
zAeJCm=z1nxqWVL<Ar_m#TL$dhq_STD{}Xtczk$8HTl?hu=1>`7)8Mgedks#-Nu}3I
zwD|Q9O4-g7S>m%FBh2)ASvWj9A$S~BPtjIH)+3gTW3#AVl)Ige^WIq9gIV2zLFb*M
z0#H%bo#mwGKe%@}nQpRaJ9)B-EzwP=TSg^Z^cijs+0WwQV<)x&2y!RQRQ%F4XAHg>
zlEsY6#(jNqGJ1=fRX7I#w&pEjFgUd(hJU8Gl!3nji&R=J_j65tb>b9fZaqfyGD6LU
zQ#;;Dy0vF8J6K4fz!7aL;7_m*>FQS1T&CMBx9*s7<|oK=+m7viEHbkj&S(hvZQCNa
z9wX2oq&|x=Q-_4uTCT4aq9t0s-sI7jQSj2!4@^CYf31~lW5lp?!?s<`KkT#ALtU;N
z%;Aetjbp}}dvW%>e<QlSZmQ4*<+5{_EKc{eqQU;6XJcI4OfdE^{IkezT7`v$jlIN&
z>-=ImilG>kmHllR>zH2eeVBS9y5q5M7QUgZ>~fn&8}ix<2BL`kM@@dKWYV544OFm+
z1Zz?hQ{-~CZY+N8&_kscm;tn(NBm^=sfJv9A_#kh;1vy;zNd-*KLF`K7Qa}8o<m1{
zGI3gINp0<>bu!~F=-JlmMO}OLbWHnU<IeK7zRgu~O6PWMSPgim{QbMnO`Y*uVn%Ly
zW)`O*mf@lfS{N2@8P!!dFtmdd&GN|9+R~Ki_S)FPNjLi3h^R=Bx%txAu1Ql2@_VZk
zA;IksXw8hBgWYgC;^TCNsj8@=JH_j=X6&dmGkY~}-B<6u$Y8}i-e{{xLB<k?6sSp(
zSm#AoU48S-cT{H#z5U_|iq}uE7Nm;0&a;e_<$z4#eW*Z2IjdD*P*752Z>=b)%V$qr
zKbO|S%~k@Ejir%_4V`sCV68Szr(_%+xKYtdDT)%1y}Q@Vf1_}zYS>;u+iNTQgKey;
z;34Ai2`v1CcOhc8A{1wA&Qz5$Pd(c)EsGY-eYX_ej>@wB>S{?>idX#j^0v7sY}BDP
zh^Q@4QN3{t&4{_?{#s+7ZP<q|-q0yn7zG)-9%)VE7>lv(6`@+MC*-gEV)EmZ5t#r+
zUi8&jGrDN17<nS&J)=RNGUS3=J)$=4vzHeCG_~)@GcUUIqAZ&ps;l+O!MR_(JukdT
zo2Imo&L-eBWrXFj3W8Mt2@UW5MK)KjA)~*4{_~RBx)gy~_}h{mgD=g?vIas*)Ehc9
zskFMnlG-taLmuckL*e)$Fn)o0Pe87(*!s?kPnm98VSfESPkh@hGD5<E%+xfbTVY5T
z27ADSY8V;@mNgpK2#^-UfTu>MQWN4V2nFy~W~3+}$Kapfbf4ENiSoW3v)|gY#0Z#x
zWhB3+p=%EwuQo`rJ2^^Y46zMrQ5dV!O7D|>;T_MBbx-S!yqo7}ykCIUaPzRkAKLU=
z1G%KyeYJ``J1Ykk9JGK?b^^lM2?z*|b6{s98lC41-1_*x#PU%)_m&Uq(?yi!%{%ud
zC&VSiJ10MR>o=8|KY7jP;)yHR03%Rzl-jOel0K=ha7$qGwz$0RZQXn*BxiT&lbRI2
z`u90Hx60MFduDbvQ2c%Ce|qQRUoN@t`3a+XBG#h$O13XQD-uD~^ei3?^4P?`o=NNs
zIRSW%X41>%Z#l3R5hIM84#d@}g}kDIeL&*fcm}nULLnfY@d<7msVUqATs{lZLUOx@
zUVJypZ3#(==^upS1VLaVMFUA~<)VeQ<Q&Dfch#z`<A!vU0<tmdDs}~f%U4X7Eg@fh
zP-9#`-6@vlo#)^3-w7i+*VYGF9L5qmauF;R$%~!%?QckdlFO>lfBZG~-Ev87WesZt
zjRG>qTdbUlG|F&_-_#wbW+;a#O2FnUK_5H}RYjq(YZnz6p{aCLA9~6CH=j2&7!t$5
zcvxQGd9U9zk7*oV6mcPGdTR*_6IzVV9?CFCGLkupu_bn%_~H95(WhhY=4K=;3&*jN
zW;jeTs65`W&ALv%`k@hLT|57~sb78Z%I?zIXC~e&SXhfA<GP1m@82oW;|J*lk2wns
zvs%TVXb5K!oi{}V0;pT>L2VO1Sh{j+MuE1YT)py^5xk<w23rjakQ9hCtQzzM@XRPG
z7H6=x7bI9&UCAyO_rkOHP^x5lLWj$ihcOT({XkbQp4&!|Jgn2#n%ju$*rN-lDUzz;
zZ7znJW9;!p*0G?4ki}wA<lw+_?)>-V6O>Rr<Tj=N<O)_dIXrd+!(wkjc-$FAYN+>0
z){I2ce<WpwMAfj$oo<|TJ=zF8eAytQ--<P-=QY<{nPQV=?8ZhTl%3!xeaMm_ARr((
zWPB932E!)Ql*g+ftKDi51f62BGL^yFSW#6uS?`J@&d^bwu%l#hW?9w}64QGZ<gc6e
z&8kgh1^q{1WvnJ^j*Nm%x!afjwrJIsj$OKEBvZ1a?Af@~meXnYm?7~_d%T<Rl&;^s
zFTk;M?CXja0~(=^x<a!w$0NJlidsZ`#1o+?m>Aoz#xf<dU8Y@Guy74+qZ~FXC)g9>
z(YocUBs#TgeyZs{#oWIji6|qtEhCleDEFslx|5TWlTwnhbCMi(E6{PP!&<cR$B)0B
zcfsA0&m5Nh*&CDgc~lEeDJtRxxuke|O$~~7J1usHmDbiR{5?LqSEAd^IkVH^16y|#
zx{{pf=_v`xNtroGiHUK4!VonLNNd-;>>V37g*YxZH_e@xl%AcOnwG%Pk#V7#kB{NM
zQe}no&K(ohEL~b9A$OdU<t+}UgF~_{IX^w#wQKDPOQI`1JvlKsDLpGWEjf-cqXaY#
zpy|s|!^&ZXv)MVG=Od2bo4M{a-U%SosdFdUTfB3(H#aXOAu%yIH7P4M$!6hc!v|%|
z)MyM31qyM=IalBH;9a+0zkc4#(t3YlUYB@z-_CudDQWSksmX~cNm<!R@o`QR!;-^2
zrfF3S#^rYF*`vprxj!$R^OG&FXP;iVet(c|lz)KNqMki^R&HIjal0=u$;q*t&0%v0
zbda~^<z?0HS>@4f+1W{nNlD4+$yr$mAh#Su7~N*SQ^vg^_B*90$Q75=#x1N^wnk=<
z!)CF&U9`7s)B5cp-3DvYo{*ZA*KYI5rHn(!%t}p2N=nOu(Q@+~4hy9-99y?<OHl>y
zprJ|bWJ|@CwOfiyy7U_u@pOa~UANjm{<5)5W3ytL7`{M^_^F&N{giXh$<Ijxp}}wx
zN+>%4VeJG21jjWrgjhx|Zg6a=v)gQzf{xj>o?5@?ZwEvw&hBv7=gwXH;a4kk3fqhx
z$P)~;Uovn!$TkL3&}7--PVPQ%*p@}J_Et*+26i*NPy<Itef#zEm26&DsdnmCU{R5Z
znDqRvwY%2-GUKN`dyAL;^5Z*ie#9muQW28_!%sRDONwZQF=Dx6ch@PI?#=6#uUol$
z)8;LTti*)xF{})%4!0mKUHHe=Eqk_XDon}me)ffD&inY8ci#SH*Y4e=#XG<K;FXWR
zS#a`YH)Yy&!*3s!18}S;zudOx@DY95zVp=GUwyl1&+fv)t((7j|BbJIUPM{!RIvKv
zS0^R)Is4>c9migJi=}e;v}xbd77n`2SzIMsmVfZ-%WF69EHB>q`D;&oGjGFLmtK-+
zN31pFtn<!ZIQ50eZ_U`Tb60WUuHUAA`tc`IYeOJ+=!Uri6DyP$zQC~?b&3_nTyS~A
z=AZuWiAk$BY~NQ@xa#*`-+k@v9mTa4-Y_CEZC9diAZX)6JV4x;SKR2`^5cJ>cwzmP
z?Uj3X&H8@&tlt*WcKi5q&nRE<<^MhZ-iA#(iVAlvoAb-tFT7YD2*=EfvQJe(ami_#
zD6Lp9d&`DxMa9L4Lv+L~edDthd$VU`1+^P8p=aB;Hy^v>yIISN_7v{exbBO0-uYqn
zVvB`0Lh9j?RTWw7+QOOBe*XTq;^I9UHf&qAWN}KHP6Exk)4QHNcF^=!9((`u-(bj#
zcI^26qc^{r@k0oKgrb?2PEmP+rgXoAhKv~I+q>$=MeBMF8=E2kmo+0GU^nWJTai)!
z@mI7<2)_8x?Z5r8w!Ex(&4M}Kd^WvKL4!{@H%q8|=Ar-mzGy?y?!v8WR(v?=zst9k
z8D8XL0&W=-VXVPOXJd|y7aCOf*GAETQY6ull6}(n)0chy>Id)7*t55!aQ(8$&%L(0
zqB`Df(PT+vZKF>=SK9W&bI(j#wRT(a?!vVT=e_dW%X{m*EXe(eW_58tO?hehS942B
zOE)cD_}r6E(W(8%jq0VUqNXw~x3juv)rwUcc5UBO?a^3<rkliDGJ}xOrt}6!il=ze
zy|+x8{)5U3P&$cfNN{w5SjZ3%5F9!!GDWkpRF<9ptr~xi`WvHL(&KZGtoW2#S@on^
zgdf*z{KiL(;W<i{_5G0Z@NP|A4V!$#K0X!Eu$pbAx<1x+wHo||LaKy>y!Ks%V1+Mz
zRNFKsW}g(L%36Nkfo$MO$=<tD*Md+mq-adL0cT%v_QtQ@et6cWajDrI2A_2Po}Ev7
z1G2#&HJ`U3B*{@qqN}pc(;zE&pftuZ@`9TdJ^aw4H=UP1_}r%+z6;os8jj6L%cA7Y
z?sVQ2m%aAZqz!YYo_^(jI(Nw*asC}T=lp8=<k_F=JkPO~__J<){Je8c5+xah<168F
zv4M+_c-fu*<=%Pzy=U*i#v@jM`^@Wy*%)ocs}mROq5kjTD;QaGWENa`)%lOTG_hx|
z9%Fi^`#f^bL8G(W{{OrCUows@>N@}47tR>fM-2rvnj3ol?S6@w{`rf)e#Tg=7KXJB
z9)FqB&Z(*_hx|UD6j?S#cq1w3_4r@`NRpb_<FrQ}^S=M?M~^I=ZnN20hRyFYdQ^NI
zHn&h^ug4R4QDE3sNFlGst7%A)wX9y_9(i1x^1(-s-#*hKaGEvoj4N(agQ)Y!OYRY=
zk3an6;h#Pd1YWQ@@(V_}EZBCX(J+RhHAS>#^*!&LGd`O7+{z!bF1-1kf*$#PZ-Y+@
zQc+tCgdim-%0Q@PCh5k9pZ)0dmtK49R^DRccs?#U`^>9{>Db`OQ~+ZWewwq?@7?g_
zcXN=<!7;QuqvP%O-k$1ULK-^r#wQf!#cy7FXgVucEfz*_o_fhmHlUiKE(W}Q6pUDb
zVBty*$n6J=$q-)OP~x~_%!q(5WQr52BEksZfJK_Z#I?KU=@&nG^R<^Ax=FBD5#qZK
zJAa&pgsdL7Kk>qpS6_Pez8iP}ezC=;we3FE9yKh9E@xGS(mbkW#B$OUzo$Wx!`E-@
zuP7!$Ev;)InHh2Jzx@IE^ADe%J=JNm+J>He%TQGH^~zF^rbNHgrq5{)J|1}gop&Fb
z|FwYoDx`HDX#-ZRBXc+E#itHl_2YX}UoVp+DZ9(y2X4DJ$%1b!0WTVU_T_6fKK#Tj
zmv!hn;*KXLJ8*v+WHoHIgj)q`!0R=_0UPtE`qwO+o9*m^7<7#LmL)izK~+^%X_~ft
z`SQmed#tpyls8^}9l?he<@fsw3JQMv?KeeHun#W+g8z{?8XPVV2&`GN#^doY40C{-
z@Br)3zI{$^ZgfHZ?^Sz3YK>q0->Ib8yihRs_RG&K`u$hC!>L6A&ck);a5xMzVk*${
z3NdFeE&0&V;7HNzHa3f;FHG8W3cE8dt3Soi<vSK5E1I=v!$Z%0kTl}*b{9`X*m75E
zIp$`7OnBgL-dI>Odkt0X)ra*#4L-D`965Q^&V_1x)UI;9L)&hbj7YO+vi3hu91aS_
z(f&%;{Qv5T=y16!%1T8sOm1`o=U#I41y@`X3<T*zG{|NIdf*DG6s)N#*Lhb;QbO1s
z9d|~n+*_n^mZa277VpEvdQl){<)tNlf5@4bk&))!Te#B_pOO&oROL`bNvRN*lnBSz
zaviw1ucEvvJ|)9x<yCCEL3wM-s;V1o@yRL435}J6U5K!n9IPrY@rTr;^c<&^MGVhU
zT77j{bxplSG4Y8hsi{e_D8|G?r6TjJae@&6x4hKr58?>8N$Cl0rzVTlWqU=|m6n`<
z6~HtDEV;CJk1H)V!A?K(uXE&1=Rf|;b$gbr3n3;hAq`rEG)2M2)VMtijjGG`)i-!y
z6*=OQlamsGVnOZxx^hoQPfp8V4YOm0ru_}owH`4gJ)OgQL~+1TZ*6&XbuCCN7Drr4
zS{l#L&`4-uc|}cpa+<@&o6%2$-rDNA0Gue`vM5gA{dE<UmDQ4>yWB}hFc*e9Btc+m
ztIBJuYZQ&Lx!fsfsVv?dpf`ztipPSXv|vSPsbAES(=+0ow#w2yGG$9oO^$?L)hbJi
zID1lZLYxdwI^Lp%Je3vYK7WYeEr}^<aW01<%h7<N=1{}T)>c(|{Q-uvB&KG@J1y{(
zg!bdewVF~{w$J19L#N{t(-Pb+XcwH;P*oB_mXwrK3h$c;zgD3crnam&q_An(8OV%x
zOVg6SzP!epoSJUs85QP{x2Pdcd3l*XAX@CM<g_$_p&?zcSOT8fs*3WEq;M8{Qd*`%
zU~y<wii){SF(F@FRZT;3dM1cHO2}VXR^doacR4JYs?szIzgAZ_BxPm^*rqES1J-yK
zq%j<?t5R)6X}!nCT3tDLZGyF>RSjZRW~TA3h=x<V_0^S?RUlx%oTjFwGrA(UtefXf
zyJzCd&%XP8r$n@KPYGvrq@-s%EI96|QNG5qoTsh|&SdTJ=^2@Nu)d<ICN4S4Zeh*P
zs-ma5#uH3T%MutfA}y@>O3LDjciD|QEwPayI1+&SNsb!_Rz3h{FzNBssZ)W^5SC0p
zKyV-i{#TUQdRV(g>oihk)U>DLgCjT13hF$QXelfze|XZzAss1o#kw4z1Sit>Yw&{o
za&U%63A+tBtf;|j*bP$%yP1$N=e1kI8!L@ncgLQ-#OOSbIYzK%=63-8E6Q?&Ok*OH
z*{&nVWJbVw$}rsqF2ZN$cQCf=X`&?OwCe~&7weB{A*WpjO;LdknoOD%ocSHxvLpkE
zH_p}LQgV_r@jgEZN3}$;)2gWo#RysX9bsrC5l4$hsw5*iJ|#OTBOANsP&6qRipE0?
ztE(eYr3~T?BV^{aXAFC9MOI~5Mii6UrUN91c-tb4$r*2L*R8v%=&I<!3SbGlO3dq6
zK=Z&qp*s>bS}`o<@fKB;PR?wTmV*aMQ=rYVxwp}ooa2T@!nsB(fK%GtY4ORFBud6s
zPYn(n?sRuby3uQ7i~uI7j3s73j3KhcCAUqaB}p;`VJQ@{#-+4RO2rbRszXjgC98!(
zT3k{_Qd)+wcNW3unUuZJvOUZ}RYY5|+Ztmi!4p<Z&29($6#5kzG&(!KqlVuXC@^Rs
z!_b^P%a~1F3lEy<L?4B>4dCHr1$$;*J1El_SVfX#Yyg98T4WG}(sJ8o;jO0#223^<
z51f~fnGb2QB<bOmWbDXP)#U7annGeIWW*#kA{;pq+qsh=r;5cGN;aC5+pZ&xU!oX8
zr-1}W!6|}0KCfef5&Q|KE2@f`T8C>mCRAeEgk(IPs>%rV+>RYooD*B@7{4auCnifF
zNsHb|j1FSUdl_#`Psz^DFxF2f7_!Buw@ac#SosE%hPk!Jr*ue8HRlwnP-HDqwGR1R
z$=O}vk}2%H6t@nWq~qUc7;0BSYGP^{jIbCIku|<eyF^8b%%G-O;#1os!2%Y|Hw17>
za%K*8l4@9yk^4Wv(FwxZ2?z-Gqksl}VE7E7DC!`HyXl3HVz9pnUes;%x?^5_eGlt$
zKf|~r$>SG;AskP!eBGv;kP>G@lGdoNY)08-MGrKn$nMZ(g#007wIjO+u`FWk$flx1
zoam|XC1yA%>=xn}^!pxFS_5APPHaYpk0b(zFcOhLK^ns%g~Exrvv5p>nY0#jY?i48
z14=l>m=&OjvKR>^A1RTF5ck-UjbyA41sW%bk@pyp!kbKz@fHGz9rlVHRH7Wtq-4P6
zCEeVUXtFOg=vQclHB6jYY#5Dw$@?jpjkGFUzTrLv(`Y@mK;u)DLxuvGj(X)&72t4s
zq}jMbiW~wS7}FS|1+fESbXf%!968Zs%0M3jk{(;59(Ko$hpw@}a621)Xtp|r(0#+K
zyz$k97$f=MbWI5b<=8=sxf1jU+g3tKV;-}Y;W5{-C?z%<B4eUWFG5kD{6+(iY>X$S
z>|sCi6n5dSL`J~us-^@3O{z1~&9Q1azs*JZCZ%C7=}kr(IszqAO$5L20s`WW`x0vG
zOJq*z$jrc;icRJ;++UhyIR?ucy5Aq7DJph|%qu5+qHzu~2E0kD@LCC1WbP@3X2dLY
zLfr`nYbPKeICdy|K-LnhOi<RfgP`oDM>U#K{hBkIE9`AqWJf_tX(w15Naw7)H80(A
z_j$C<DwJ1Lm)87R;kw?5sx`bZ4xX4zh&zyykgWN)Rin~sWU-(+KeE`6$B+F#HzcAO
zNf#-!rKGw;Ze~^-uWH({Iml76)rwyWii&xG(8$VK$r&Co+O*_}O^GP=QB-}~vKA_a
zqP1vS^Eq!VPnf{BTprDeY^+MxJvCMSL?30c%a{#<CR+-7u#CE@iE-ExGb)WeXfY<O
zEY;X-Er&faL@hel+R!1?(m714^GH)ICa)RsZFSHN(7UG9?eBc5`5c?y8rKumxRo|$
z$0*h62vE^spc;jV$V!W@x2U)kCgKMkZHj88x6M4x#Ds5ZWljw_L=gj3RTYw=8QYAT
z?EQ^d-py9W{#q3o)0T}SARw%rfPmnrCF|xB3!a1ZL3LOg+o-noR~FSC#EJM}P9ZI*
z*+<%bxFzAqEN-_brfvw{!C4%Prpt=nDQU$E_vlDhkRKISKl;61|7pX&t+Zcn>B&kr
zyjELSOfURCBzlk<KooYnjZ_86G7=@EYRoa~@I9)3ZMlVr{_DYAqPjyGzjrutdvl`(
z$`L<@2k}A%@3`bId+0^gma2L+ie*}%okl5)!7a6e>r3o-Hgf&LM!lk!N$d>9)cenI
zzD8Od4n9S-X5JRNVE)D+YlgT5B$<wg2(ap~pL*0dEQfUrXoisjdS<s#&%Kn}F2fy+
zi5NvdKv+8g0l^6bY&EOmfG`&nxNaMqP*^LgF>y)uPaN?+LZIw@tba^QzL94nc!F1`
zISOsjG+^w4lP*l4ewS--+;^Ixa*_kLC{NX?N#FV|kE81poox|-#f*Z3!dq-r35C4K
z;Xndo#-c<qs=i|mVcJAfb~fx6+6({$)W<Jrf0ge<Hvo&8&M}Qv8AqTOrrora#cM{^
z{-n}~;+*L=XeiQ9Fc6|>dVjPt2x|hzFl}9iiD9QrXsDH=R8^PM!`}S}Wv8q>CD0U}
zI9ZGG+Lj!@wZ{G#?>>m!Xg@*^&*JD!Aw_GIK1bUbQgkLV$Oo<>ma<z|8sur81aqXR
zSiq(%9OdAl6coS~=g~o+4%^_<sv<g*az<t61_N^J)>r}p!rBQ42##&E42hz*rhzk4
zL|J!P=*xP=UD`7a;RpZ0GGkR|Y_xxz;|rkdvc|DURx~@$Xd2=LswSKJf~GVotXkD2
ziRBsPRL9r9`p?#o>1w>ib5~XHUwFs7p+*h_P<<&v3U<wAM4pd?5u%R88Bs-bc{#S!
zHiuZ%kjuh!N##wa=m*~=7#N$tY~NLP_w2ey&&nE<#&{&e9Fbm_@hP{|s_}L<L7)$;
zwT+tR2fRVUG=^@Kk%QFY2#6PcR(i?l8JFZ)yke_DW5oBjvANQ$S68*|HL}&lrrH=)
zJDlp?$omi*t?w)k75TI{8`C9OU?|g;thL6PES5GL&K#H_M};^l9Afk@bi-&COX;O`
zQb4D3Tx@g?L-PkeOV!kfcYa-R&Zw+QI|?-+kekt;PMn4)Cr|CG3jMUP{<orFu~!S|
zh^JA8gXx#&JiD8#OCsl&OzGt?zVk76_X2TmXu$iSsUsz(5)cs9PC!6#BnYCZBx@uF
zt?BSEkJR*>c<%0D34ODynz3h&KIliGir56Yy1(Ujpd2hEW0%u9M>8DK<!t^-3teug
z>`kHt_Z{p?Je}R!hTFbV?kZ40y$R3Mu{K>*u@4!R3#UW_8A>4}iio9oMWT(k<HzE>
za12#j>Y4CaMNYCH7`yHQA+1Ln$7|=MBft7LNVj3?5T4v4C&+*(<_TQ(VaZje=iJ)e
z9+33|($R>?e#9B;0hpF{;22z{w?&##6)mJ8frBzB(I?;fQDNUfna`i(uJbGOVH*MS
z%Hfgz)#9oTH~Z~YropH5>KOOPuq3V}agREYLAokx3d?Zx0Z3*zGmCUl)-;9|XzDK!
zcUecty#DAfCCg;XcbBH~_`+<hnu8eRCbAj!QBOG-ea`Bd#}?E&+}3fO;%`b7Qh8J#
z(zaFxf8Of(dR_fZ!&9#A;S9+dg~E}j4#y-!tkR?Fh?t=h5Y|pWKyaJ@KhFf<xJ=`N
zO;j~W(Od4llT`iUo-Uy5s<BHnLd?vNKw&btzX!d+o>eOyXcP>vaSN5hO?5F_BkswK
z05Va^hct%54|vlcJK7GzY8IFaZ5YoY(~AwZey5F3hBn;rg`71ttdfVACP6{}<_J*~
zeZ*%)K`1NL_R;xSnSv^7hU*rF(t(81QL~CLMU0%GAGpM*T!X0A&4-MkZRIDbaf4!W
zwi&g$Xg!mrGfwM&$7keZ@YpWpV9l0d!m~E|s5h*!^(M43hB>y77l5V*q<0tAbnTch
zt}Wjn>5PSaaC~Nbf;Av%G}ZcPjk_xMPX}B4+FZibaR6Xy$Bx=(*7#mLC+mzHVP|o}
znO|1+$#tBcF9em?#)nPJZ4BDDqv7-2%3Y&UdEE$qr8gVoaJBGh6{u~y8@|{qUNJH`
zhel$=XUqPY9QzZjAdgC4Fev#Hp!`Ox;sf?~zhm5FhIAe77IB<DV@bsWOML$xm3DnE
zmy4%-lCB!#GPI-Xn*Isjud2O&c3E{mdvI{PS5%|cP2?6#KtNbK0Rh3EBW(1dXyZD%
z&g<?n-8cfF`OmDXqIy|io4&<1Sec!p4W=GtWqMH7B9Xwux>AN}POGrjIGu6|2BD5<
z*j#K$0{fwxSsi)$8<d?g9L6Bc@K~;e6g?n=hyaiO#+LysjRGN6_XKe?c7;L#8PPiO
zN!VFC90OT^^pNE9ia}Y&TKoUaz}<NFuQ7`5IMUODNtMOQSu8XY*^{ej*wh$CKvcrs
z=wO0C;*yQPlGug4hQ*fXd`Nf`g5F$8GkBn3<KDOuB-J30_%#NeK`4$jepXcAWVlj}
zrkZ4qT4_hAyRq%T%!WlYUB{aqc<$`pZkR9A@gHuXZnV(I19PijYkN8(Gvbm>M<aMA
zs*bSfb;KGQ8mwuW++v)J0cl)sP$>)s$5KH>TTtjv&rfjhv{zDrN}tx#Ez6o0vv%Ba
zhM{6MOh9W5gA=1SFv8FfCh|53d%BD+By;E*tJ9iU>_aY?kw13&J7u}Xx3Ls?)OKwh
zLlbJY){0bHOH<*>aHxnV2S?Y`hGy^69^q(SM<JDBjNP2Fsz<ks!hleQO`2Vxs=VUD
zBJpaDvapmSn<n&l8BnOngqmdATo2I+h3ma<`#28i^+DB~I*w`d$pQl|YkG^7*f_|B
z(G#Avu;)h|TWmQk)T+&Ok1p{&G9l}_uJ$UwQX%2?bB0w=wO6JY`kX;2X-?*fA1m{c
z`Aged>qL#EsbkN4jevl#b^-!|e*~t{OB*-eC)3i#%|+9DWmw>eTk2KtLpSmShZL4+
zuD0%;W_kadRG-g>y=Wtyr>SzE`std6kfJqu%rJ5)ls2xNU<p}t(QopABz|Lz!Y=&2
z9P8>SPDLD&1IZ5OYiDMtjtsonG)CENnDZj(vI{93uLn2FWKUs6Z~93Aj>2<{l{+M|
zjlgqd<^01dZL%CXk|YCqA<CM_XtK%LDas|F#akP8OU$`l9ne$k*3K`!yUBM_S9da!
zzTO@j*1^e(;x9V_<&xel-8!nRoo>n#%>n0Gs<a}oU{9b#L~#~+WIJcO1XfZI&!M7n
z|FSY|bVuv5&7NH%b#_5qmYtSmb-{M;s#?V=FekNhwoio2jV9RUG~!r1A$k5z-}-u0
z;31o%eIn0>q*qt^`n8SglE?%aLZ9vmj_c^GuMYgQTa1t6$9Ht3Ihc~F;BPzp#UdKg
z#x^M13Y~Q_`s~dOyc50(szHk_y!z7`uQS;?Fw+vtCZT#!R@WB$S5(S=6?IRyjBIO%
zb-Sy`Gku%CMniMA)mK+D?Xw*xr?Q_ct4&RHjLHx^lE!m%5V&ule@lY~3%hT&t$((K
zHf%S7LFL!&zFzHJf+zU>?x0_zhU7c?X9#$SVZlQ$+~=QP6sl8E$7Er2dk5QMPb?7G
zc8T2k>w~2sJ;ly!-&VJzL3=XO20c+V?C(CZCm6qj;uvMxQt#{{NfGtQe^kOu|Eq6Y
z>E6I5kvgxdLkwYp?4tGGws{&@VQjv2#<J?4c8WeleSc9+B1@fB;7+q)US3q{TTm3L
zkWrGI8P(3wCXNlsx>cYy7x^|fpi%k4ZyP)nI&($8_{E#*_UX*ncCa?EP*+?QSh_b@
z6w;F&9L!Dv41?Z;vID&i_@(*VeOvr`f<T|#*_Gj7G|dzn5yR55S9)bp?a6(UuIXYg
z_bN1vFGLvCErnidqODy#>zB34fHts8!XssYR~Ocd%*l!e_K#&GiqLif0>at}2nhZh
z428V1c3yWEa647gqc#@zjYyobs(#{c)d^Nw(HdF1Pr{Znv2>PasC<Vqd&xqc=XEoT
zBtjR(w=N?js|kg{ac!uN4Ik{N8D%#Z4DfHYioJNRzfaI#EoezSEUCN|vT&`a<Qzxz
z?xZ={BWxXugJ05AhKtLwQaFMrOjbw@>NK#{yJlBpCJ94QI2W%^o?SVsfw^KZTT$$v
zzNWsYDzvLsOm+(itoDDu)PJ2H_rl3Z_89XSY;w)$zbvVEW|g;7rmef1*;X8Qdu83N
zBT_Hx>=0OePgUUS6@fMTxN5HovRs{v(gV^x-<EC`>9Kj%;(fl$S2s*NJ^i#cmY|`3
z4zDGK4tRnOe^*|F*pqYk^+mz$KJ~4!sak_PWkqdVg0n{&7xIRttf?(84^)Own>gm%
z<yAlK3_jAw_Ts{t)MTq0ssEl{d-JIo*K~0>SZ(gcdPgQVw2ei@DsW`sv>#U0W)&n2
z&9OGR0S68(%WwZyF{4aBxs8Qalt+K8JEd3BlcN%VkMf45nMJyQuoEIiRcEfR?NPv=
zk!$g(RN?OW`+u#`?fmczzQLp1zox!_hq#F+B?1Sp3aT?#*Q_WDR@KXGQY~_Wc+JZC
zdrwQhuB#n{sJW}ECoc1jXm59E>eLnftRzQ|M3^8w5(^a@k4dsNu$#N<*0R@DG>lKy
zADvx2vS;G(G!_Js1UnOwG*Q)QDmp6^N9i0U&`2=EWDuG+7J9$*GMDytg#xO|P)-Id
z+)}^W8aKYZ9dfb;+vX{qHv|_BX;bG_ytXCSE8E)9$*kJpe`7`6Lu1m;$g^5_w6(<d
z^;T)=PNqTB+PH-vrLW!Duv8Pqw6!PNsCg@^o}BM(-^SX>$^5vgX4)p-TW6(rh-V|j
z9lvI2sP^6QT?LA_3`u5}?({XV%pJX5=GCqn7vj<)?;eT0vxh4rV&NGi6Aiy`&}OZ#
zn^s!$(Iwg4+^kp9VAxOTmH64_lAj6#H+QvF1T~H(w_yST!rBQ42v8&2W@r=+4cYRi
zh&ghMjSEKSWZ|mbaW;<DVtmYriWaMq533a^h7)X}EKw2D>J|nvVT<?bx&RZfW!VtN
zH5%eJhG~!JPD8STMi#qZrx-z2Dc&#(X-SxMbiiGeht6Ww2sTMe$`SP=Y1l^7bpd(O
z!YUW1nfn6!X4?m4@Of?HZ|~xJ=C`V!uFl@RwRU>3^7vV4@hqyK>0ltZs7`qI%xvJq
zzzT2e=N<P^$<!R%-TmUivIn+tqE>IMe{z}k;d8PtY-jPwx>KNjTV8qN@0A^sg;R4m
zyFhQ;8|+;W|H7GWY;vtB|Cv!<NDDKs$Z#;o$y4vo-uLPsHGR@D5;;mTggq5e@vJ^?
zYyB3D|LK|>o35%l3I*gkQA;!|E5ephG{ptw9a`L!bCX$)zNg-I<|ifp`pN&&IoYS?
z3M@<Yo>TI~(%K6;J5mghGIqnLX{6D_@itz)$fHstx+PqBiao(XyR7us)m69r*08p_
zb4c6x)Hq?y?%>H?60YxVDfMe=Ks0Sd7={Wqg#PnORmXzlmq)rKRp(jyu2S#W(@H-~
zvD`Pn#j{jxomA_xeRy6@uALDmE&qqTpRcSx1DLw3eY~pSUnghX)58v=lh@Qb30rkj
zjdFxxQAJVlHok8nGx6KKUuW6x9+iG+XS=BBQc(VWTc|^(t&Nij8N?ljiB*~N2PMTJ
zWwof?JS>ez5~qjz+w^J;TP{r)nC#%So%Q0?LzCMuI7-2sm6ek>g<iZc=hQ6TE2B6b
zeLcVIfjJeOFV5}fpzIcU)$ZVk^RjO5?E<O8ZpAxCIb$!ms%Qy`wl^+xcgo;Zn!ayH
zaNPSvGj;|Z9~>VEW{fxn{j#Q3Omxh<EThV=+E~5Lrz)x*4ROV&+Q#BQT&lGok@E!<
zo~PXw+O)=h_QG7t4<&cZD1GgmjIIf6gQTZ8_+F{(vVEZ&yE|yZdW%@L6A%#APC!5q
zW;;Py3y2ymX)Pa*z~;T8CdassiSD->kYk0v{ju2CZFwBaIvn<znvmhLAriwpVm=+-
zRA>AnD>4uT87KpTsX%lGW0QT1_^aX68R-_DW9Vp5!WMBJ(E&|j4>c7y^4tQ)nOC)a
zRen2WH+W#$CRkwHydnMk!O3&KEPZ29P32zC=pKo~(>TAZvovZ@=(`5G^W&IGKQ?<$
zPIX+_#rD&7|E+!E!VX#tTj?LyH+1gezPN*RU%d<?TrW~%dd3f4=bg1PIHnCxX&UPg
zMz^=?isnaDNqKNlx$@}wSsmjUAZ;?u{HtHWhdau5_>|NnP6|tPI#5uTm8<i3)|7=t
zW^l0NG(5*mCIZ{pBl_~baWvAZ8<aG+WoQ~dU*v~p@zs8XVwr)tHngs$B&4?&{@i;B
zHmA~b#>(|>YvCzf4#|aeT18Mts#@z;fl+!T>@PedYu=EG&DtZ9A;^qtch;9%EFTYZ
z*9TM($5dU*$aLIL;F!L{TiMGAf+-OBD|#igvr|P4a)OKP+txXAPu)JR+RsJB^VG7v
zf!dB%cshd2AaIRhXV^_UMO!54p<l|k$;=~TQ@+{kqgiaG#Ikf*t@zCBiU-fh?d)cQ
zieVLQ3=0fbK*1c=C#pQs;!G9ve)eMoB{hHp5+gsH#Z$Dbe7o5@vQN_39ARIB4Bhld
z^f?3EA8qu_DGCk9v>{cq#97AVTSZB&59t<5_}YZE5R|CSSxyT_>5A&97fU>{&BBz|
zYatbxf|lv(CCSc|7K^LPrA`TKeMn=Bt?N<yH(Ak(14??lEsoU#6sjuoy|Ts6nKtV*
z#j{LZt?$w=OW!;rt$Qk5(o~j%-PE9ZWo)~zlRGp40b%U~1O%qBF~bRCIwfRvi<g32
z%a}FrU=AsI$0R<Mk)w#cyQ;UMF=y#Wc+M#GXBdmc(incSX(*YdVP$AVXLSuJD#bB+
zOIi}EcQbd=ov;se%Ggzz?BM@9K0Di@$U3&`4{0bUW3M^7Rd{Sn;@FQ$2KG#Rsh<lt
zA1g45swFx21ddj*OF%r5L7B>QGIiyVNLYA#CGyK!X+ZCh4~1f@c)Te<)k8ef(ao-}
z4~4WiSwU?Q*mx@gr&$GhXGpL2$@hG_?@1P$YvZSarf;Z{fplt-w$eKC%6jik@wZfp
zw|!aMFVAsR@A$rHykBc(QxBpT<79LO;d)h_5m+k6%7l!NNmzGoxaJqdgOZVSWW@BL
z^bOnV-dyF`=~Y}T<)-x-&E%WmjilJI5FI1*83)Dnaz>Jn#Gnde=P0e}L5)g{=jGl0
zh7jI%4BdBG=%9>uwNl0oRT^uib%tke9hLmp-0G7*^q*T0cS(VZG3>L$<r-Tv69nz`
z-zr!7m{-n9>y^Z|v*>qyw>Nlt)?Ixa%ROR3oX|Fr4Tbgd=5AD@k!EXYijMAW-OnHx
zTJrG8(D*8^Rwq%T6L{H}P)vnYT@=_(aqR9|STZ(I(c33;Hl8-NGB=j08+&$Z>w}*!
ztDRLU!6o0p!ECLQGulw9);L_S3`X=$-cVP5*{4N=+Bt6M>u&32CAHC;58kSa-$&uC
zE$~&6G$=$cw!}bJEHp~7QR_TXoviVO97of-q9dIUb^-#z+6f2<VpNg3Mlqw>#|`aa
zQB{s%TKDoDOSPly2FFA^K-m#pJGQ-MS-ah?nMUp5Fq|5sa2)6Hc%n7~CJ{HSc_kSM
zEOxnW$_NIf)QqSxicv_T8l5_!ClH%M)JwXZMzUcoZFu;hG;IE_`$bjMQ6Q)W6kVVj
z2g?jeWy(A-;SHkh;8;4w`z2+#=QO;B82&VMq#4d6W#DieZEiV0;qbCXKvqRdb@Nvb
zPi$+Uu-i!rpKIml%y?E*^oX!!2y8Tc*{Jm4odPq~*WWmO-xWiXZ|xhW`VQ1VfTS5)
zGm+k8(sk3rjAn#G!tJCrTyOO4jVbckd3y1-x(DXeo!Z;|?>07@ja6#>cl=T%MO^Ms
zjpAQZr$(>{jb3ZI=}^*Gf|^b-rUxWsh#L|2reQ*ExKGja+-%o77g`r>_q@Nl`ui=u
zx6V#a5h&BeAs$qQmg|Gx7K&G%mf1O;DQZwp8<+z8`1YSm<LR{Bh5n>;2k>ccKxtJn
zF(p-#(ZakairIeDdUz&1@-oA8#&2F{#xZ`UqUi!lhhIuXCbWr&%+jhi^wiH~^;XN1
zr=;>g^sV|MKbAJgT8wdy@j8HK?;4vqt~Bt)%DRg_EB?>8jI;ABCUM6*2N*hCV0Zgq
zs^Qv4X_?N+nGUlCJBxl?Qa-zoo_tQmX}K1UtXmmW?bj0>w2jw2GBJ-KAUMPzTSW*6
zj&1yDq!h}){}MhB=u%WkZ!!--5P-NhZwR7w#$xycq$QQn%@C#()Qc&*qT7R7W{uJ>
zpd<sQ(xWyuC%W`SnGWL(vK@{d<f{)p_FMh)=VoWgp;wkQSa@t|0F=AJCzb>i2hU)O
z8k&ix)ukn&cIg5~hh6jl(XtCn+XQ;?K0nJd78Z#r;;f9tuPm=nx~AFe45dYU!DDKx
zq6{aaYslraoYc|TJ<C>*Z6Dg+**^yuawMv5!~qb?(Ke3G&9px_A^VLXj;YJ)_5>*0
zG`*=u5)}0tzaPO2cqdDNU{L0lI0ox|c`KvTDBJM9%otTMMG2}lXQMZzP29sLCAUf7
zx}^#ng?4*2A?oaiLWZeEOgJ#(hxSR9(z4KQ5hYr%?U=?g37odEG!P#zq}XZGwR|k2
zjF_$C^=jp5hl3x}JL#LNa*{%!4>$U392FZ+0LLuTv9B0tJdAw3h$f6k|McXzyQlA+
zSw-E_FJ6_fF1wkNC1VD$5?wbKwoO1DpC%e+BrJ=Yw7W*+89F+aEQ4R3LF1F`Ou7Rt
zDG6Ey21XkuRIsv4y|l7M?VV<2sn(U+IAShGZ7C1z_E8U<oHiiK+A&o~u+mi?8M}&#
zISKD=;Aw$pI%GSZzc}|l-7K#ztWhF1Ylcrsx@(4|q&&2<Ud5{d;f^pA<>1h)CFTEF
z?tf%_#w8u>K1t&lsv#h+t(Ll`@fQ3_fcSkRARw%rfPkPGTQ&%Xen24fCmC8hCH!=^
zTCK5)e0ZJ*0)d8xhGy;1DPZkZ>=7I(ilkDyO5vzMsr71)68Ws%(ly(qJNC%eh7{}+
z4ihco??j$D;CyyUb0Xu9(i~U?Ou1?8l{uA`bmv9A<8B-f|Ht~8U-wB)o{}|`$e<4v
z*M7SrkYu6aDD}-*<qI09i@Q5%L)UEXJXUD>>|P1AMGbe)tyNS#-Ad7Z@xGtR{Wjr@
z_7+*e`yUuOOjSdYmXmH9mC641*Ya6=MHh<%O<TFW;j@jNfNBJ=ioB`eD1A?f|F`0h
zjYbwlEe~oImbNjN9Wr#I$p;&?(1^SlV47?&rHq$6x=&|@<ye>R@XRR+rP?Uu2~ApA
zS0B_IEM?kmm?l6vjglP9j`HC48Y!8lHtwo_eQ}MKW`H_EKO8L0B5iBE6vyb2VSsP?
zUl%o0&>^nBRk>+q*=~=TVxio+I_3AOuZoq6dc`{_)1!RTho7;f8@slY<+&RgYJzG4
zqu2TrpQ0z(m?nM_6^)OxoSq}R{#(`TJs}5;;-L+D0~>sLUL2>2%BC8LhlWwH!4Pzf
zrtEg6zFw>rWrwPHHPkJ~=CAU-ztNLqVQi8#eRb`!N)={V#UcS^<JcOn<PB<0RSnS0
zrM=?UZLEECVLcQF6Dl_ZZ~L*rkzyZ}!^;YOmBG+WY|qRc>Oh)Z0^<+LD@uYeQ>rKQ
z*5c~<<#IevoAxi}Sqz0>BGy%kP8tVbs|l$t8xxJN3u%50_0Dr9NTF|b1gtz`c(=r6
z_nM~Fs`SIBr(e;@UKfOm9a&gv<@WkLDmT8Zy&<H6)IkxsoPgkvf>_895FG2u+K9&X
zu)K}NW%4|4u~>l6nCe5CrbD5SN#70sj$tLdVM2gC$_1&8B9&J!vocBw>1iP?O+x~W
zBpS&q<pDCIsk$nKIGc;N$Hj^V|BTcV_DXrAMJ*t9MdiUOr|q#Cq+3xmmy3UVT>63)
zmD4Nq=~uezJW8i_@t5RzANjGY$2Dzeq&b|HVd>n=#TAq1BU;fUih2CB^lovCs3I8B
z`k<<6I6PBky7T!{)yd0hFWy>bx6rz%+FioLvB?=0O4M{k)o@N@zJNeCX!O5Er26Mp
zKJ@ion~mj=4lH#<L4x7DKk9=KGrX$m;A4N(Pj>Mf(tzULJ1RMe*EK(`7yARGuyPgn
zu59`#H}uv4QT4DfyP<*S1yqeffuJ_1oBNUq@riHuy&cbTDjMC}-pLm51~k+3t3IGg
zs_xgQ(|aeZsV=|dqdjSM#%^J|CR*Cn`s*ZIl*Pea*xfO4arw$E-1+^JFVAHgf=WQa
z79_O5KQ=Dyh2N`h{G!-tV<|<W8TyvdX(wg!UJ2X9H$a;;b2EV9BuB+Hs@SMT`*~&c
z^Gj;uEEFwk`EBFR?_dooVOyH$h+RD*)%$zpGe4Bj95w_KFe&GsI48?n(s0j=;<{5a
zukUWxG*jNe%+;@;j=9cZah^**-qSvTe_~vEyKL7T{e!R1EBkdd$5ZIk9P5xAVV?(w
zQ1FXdrwqryq=p+lEAE`g-G6Fk_jd08o}|CCy6X4!H8z3PLaIB_`qaoIr$Nm{S*s6e
z(NTt`1|-d^Ye7kClWxDNhyBA}%f4HV-xrL@vGmR4OS}q>f21RrxR9!2=l6TPQ|DG$
zY@8K@CYF6@WMcS&H0B>9qQpeYl|39!ET|ZhYw6`?Ja`OspyihhPlY@{*@5N@JkwC&
zed-U-=>t-`#xu1zk<y8~b^?M!`$(>;ssf35`SRtDJ@!~>X({%~d;}k#a1-?V{RIUD
zzy0=`q9`nTR7(+2<6syuhGAlD1_+L}X$k}aYu2pscs%>F_C^txe;wMl&&kb=F3A7A
zYEMY5@vHxfMM`Y*Lc!qMFF&*B_h0P}XVkbHu2YB8N$DEm?f2Y!?~s1IbWNpb=J3!<
zN(u#+EL~PpTgS3Ylb8NYb83jQp~@_@T0!Y5<%H%N+and@FYLG)H{K#x<5KMIjD(zS
zK-`h8AL<7?^*3g%s=DUp+wYdVHO{z%^0HD<4AF+Au&HZ4_mZnGxZ;{%AV?pIK{jht
zC1qWe?8mM}OdEG>ciuBysIQkp4Bf%a;kcnRt%T&w)pECNdrg_==I?7BIV-D^O<i0r
zb1dB{na_0Ky`D5pg+gkvN6B>a4i?EeW#^~{kF=pi_R6}`!W5(lPL2u~n=d_nx!kAc
zByoc2%}3K&pq`4lwL;t%#1_w)aa?;hr(@&z#+}Ew!HQN?EA92eN~78(@_BI_P-Nik
zo2#YNIKge96iMAtFXy-g2M0V^2i{*%D+MSjH!kdlMU&NSbxNB=!HSm#O~cnJabG}l
z+1LRYd~vme1QvRP6m3V1oEXo!c_7<J3@Ym@rFvO!lOVK@XSP>~NpXAvPpcH7Rc%{^
zxHqJCP8Bk(^sZXbX63SsF%dXgmy`_^Ql+S|EZsSY&vddu8Ak^L0jao7N{r*7d^0X=
zFr)%w&T#WEN;O`2N3HBt^+X%nEmhzRWA~_SSXgjnXin3%SBk}kn2}^<IwlKo796Z<
zQ)x)y*-i<Zx%Zn2yJ^AESbYI`ZH0t5rcb(HVJHyR_Ed?xd@9c~{n7=mU#{2a{CHN?
zaGV5RKv`QM!hG~ex4>5rJ*w)(O|?ou)#I&fk2JwTBM>LB7fY{H9YVQ@AWdPT6ky@y
zby5IP*)9&hK+yD^m7zU;&2DA-r3rOj*`w3>ZcdU^7zDSAPqNS<NiD3F%0e2P&@q|M
za4_bUhG>W_7&V8kJ~p%Dms<4dIq3sZc*A8oe&b;pDZyM9@AcgAeL0=(`e=MAw%Ipj
zVe)(=AUGi4de3q5JbNH3R+Ao2ojMix%yFn|4?hucz`aHt4{hLowC;_bZc=u_*9rd7
zg>IU(Q}_H-UB9@5QG<uY;0-HHDV|a<O;fu&Q9#9Y&>*)0<)G;%j{mSj30>0TJz9a4
z^3b~9I9p|Cjio~zs<qR*txTmwUdwd-fXY6Pj>-gw>pJ>tMzzp089I7IbnfPzgb~=`
zd4`X@uul|hZQ>I(cd7*>1HY_c8)!}AE$pB+oJOH4Y<i@7WIZ#<az;F`J_H;zD4Y9(
zbqi2)2P?|J+jP8{Rnn~vew15)Y(TJ}G@$H2PgPZS+4*D_3Sr-ZSQ82qTmddi)7^9I
zeT+D(lBx$4)6+H;>jo6aeb-D|F9zocDH`N4WHP#Erd3ja!08On^v=KmJ5^%`D%6#c
zh<DP446__4g65e%nUFzK@zT&>arDTs_oMN1%OmP-QY<h8qKXN9_e_hd=(48ED&j2M
zh<13OfJ%a#&^5y<8`VKGRGKcx#U%tJP1I25RI6%~0Blu)0c4qeZS1UJ^p72+O5uRM
zK;pYZ3ZaeBvs#$$#^^yyK_tjd#N!6P`X%f*H4^C5wD8wW0S2b0Q>LwlF&dB)CZay5
zLQWV)=tV%*!b>}{UmHrc+xb&F3Gk~|!b7AWs$GVyD}&`-ucRf%3+YHV^!gM`fz8I9
z(gAya@`_k%@00cTIN{_(9M#xpm>$C2q!d+8a0;n$*aN0!*!M$9MuK2iyWnRa^tns6
zy_Ye_P;ZJ`$iTH|<{&7>AcNS@E7v~2h&v1e6~Zo!sEG4N+<Xu)f;98!giPU=(rc#{
zpWQwF+^)_P8+H*1#n$=cIqPbtYzY)}h<owmWESbNq4GcU@;Cv(36JBDwTGXG2AVvT
zRTbZTX!>sxZu7*3hKAze;_ltM|FgPwvoRonnF0xsB2GZkZpM2ltO-^6Lr4?RVX+a%
zWSn7?x<od_ID;C+P?{`QX+>s&p+>u1)A@%+^A;&3)50j6t_HAQ3zoHezOyy_NMlQ6
zV8$Ge^l58r7Ott|HJ_n~q@oMDk!1h<g&c`SNi%<;6kwAqCwgjB=+qH0#0{%#HN7FE
zHobS@Mq?8b!$lAZd+gCYAxtabm}MvyhpE!)Lb^%!jZ+LYw!!2gc1oDvtE$$Zgx3jW
z_#BLAG&H}8sOWY{-SqZ@z1H~ju$z1;W;12<MrTyfB#&+wNHx~0>AvW(QI~|tHD<l0
zu01A$c`Ei_Zdxc|BYW8l2Zl38%cP8Vn+?Injszk<nQb$hZF=AV$;9--V@5EA>b#Ni
z!^2C3&9MSa+Zi)@*gd%<$BbJOT~E}Tj#-H6*Bd9!FgwxxAw0NI(%Z=NjTxy6M7JN~
zbh89AMT2@{8V{N4mBzV%TfD4j^)U^LHeOLR93&xJ6N(OdRLls^tZ|kUQ%iIZp!?y8
zK+#1NwaX8e34<vy%tL2okK9=Q*6N1qHaBG2=@cvN38=dRda7G^U~I;j9k5-HY<dkM
zk0b&D!rBl1iMV<5rup;d2mAp@al73;diLzorw@vG#d%<Ddh|inWUsyP)0WMfpMCb3
zncsfbvZ&bDG|h_LUwTWw*DcFz^+eMFpJ`JRs}CbL$`kGyHX@+XrlXd_p=`(6HtyT9
zgvGU*Z1}%O-n~6@>spJ?8-A)Iok0wXSW2fEMvt3NKJ=8TP!NY%q8OW^?U6*FqE<{x
zG{(lu^EdB)t8g2l<bx*G2S=nqGQf<3Ml6SD&X8dant@X+QtQU++L5siq{7~~!(Iqm
zAN0t-n6Xi&>RPMvDx$GT6z&Q%O*OwKpeCoGmZ75}^-@h+66KxECZyTTBz$6vGU-;^
z(5$W&RktjVYOT!3mWh^w(@F_+v)cC)tLs4R43ql<i~|*oxYX*1#d@ZR=8XQsPzM@M
zs!5ZY_WGbEv}xN8ILHUc)3nzy#2ut9on=^5-4=l94k@L(Ly#6pi2>=7?vU<~?v$1u
zx;qAt4r!!YV(1hGX^_0f&%1x{hdDg#eOB)^>t#pBK1k()*gh;kHWq}IUTGk+rRDbD
zC=l_6`VQv63*l>|tY!fnZnk3D3th%f!R!0u@Ak7?MJVH$!%KW`zrQk4@Yx7L#mC1F
zI+po8S0+tAtbM&2BNQPieeP>&YHDXtKT&Pg{Y}AfPn7f9;3Hol16_REZJzaAVSGuJ
z?>P$z2}%F(Q)n0f1%a)zX7|R`2xvOXyzpT3fBcct(1k@?8?HS|M}6wf2H}<=CLvNC
zz(mZaU>nNPf;UPCrf4oCB=03MnYAZHXI?6%CL7|90!PlDGjG{UoElY!25hpUP>5;6
zBOb-pGkL=}xjc$03C*<93q7K-k?VeW=uwG?G^ry{sJMmeA0UAo{zy|PXa{0N*}&yj
z@#?iJ9Jix5;3O5ye@U+eJ8VRqM*<xc*WFm)aenWybWF~+;RjtUt#{5_{Ufy<=eGm|
zX03eD)3rmS&Y8JAzsD)8_kyfl5WNTouwE8|)OC}tQZ>Lfnz*x<l#5j|goXL>_FUXp
z{?vWIC~_!(Wd}gf6f~om8&e|n^<gm*6=yD<a~fE=7sw&>Delx}1Pmd>WRPh=Z=g`D
zd_===_SmdkSpjvswjg7Fjn2}>sy1lrNg*gwy)j&lMs}4+$wucqU&x#NW^QLX{Y{%m
z8ihse>5)I*<z|Aota@JtuG;1&V#TuM>7&94F578){_D${n!KVYOLjJdV7f6VwlsnL
z!Hk6t!ET*~W0z#4UsBR0Ezk@5SPQRRJG3qF(>4WZbs47Aa<g`S(z$<vO}60q+Ys(h
zK9zl`(VFhXdLkWYcW=-C@oMq$?rL;&l;`k#Yv7Al&hM4x+Qp;C?f9^EOwZEd(pXaW
zq!n1)jMXs8rQg%Ty64I22)Et->ugjkVl;P64UH<@rV4<PakNm)!ND;;GV*peS>2A`
z$ItK4v3ndgmEQ-DmjULk@;iIGj~^F~ml`lIG2b=*hT}%b!nBAkXtA260w%UADky}K
zs;jBxVPEV$E_C@t*y}aFBqDPEz4ll%U6{{XCiDVrEd5MTb()eHn^fWDCHhFEd!J8s
z36-c{`yp1&?s@8iQaMcq{wbs2w%0ff&S-)xANlH`Y@wj;N4{SxwL;YfIo>BkNB1~u
zqk=RP*0c<4?4{*GeRON#e|(PFg6rZ*$bBI!^A5{w2Ja3&9>wOOQi@A<DpL&L<raKf
zyb9N{Gv!q{oqTh1+D$nBW6u-9h>nIM5V!w=sYD2)tj>!~4xpoqjjc9SzK9e1v$I{U
zE*4S?Ow$g!|BZ-apr?MZ`^qR?zXMXRwH;p~NG@n~p{}f?-|k@#!0Z=l^`3XW63~R1
z>4>;Q+;u<uc<jYw0Py9BiIE&`iyu2$hCyx{v$LYPLSE-=J!alFCp`O$MofyCp;+r8
zRKBNAf6*dtLe(FSpq|h_$2`x-DC^D2Mhzk*N8ndE0Vg+J-8To*4J|FV^&lz$;yYCY
zU~7D~uNDKRn(Y^_vpv`0OK{F5(<Tg%zA%W1b*q;uu{VBTg6B}`M=h6ejojmlj+pGb
zDdj;>yWD}UV1pRF`;F60@yMbiYr)|yKfAGJbc%?G7!<r+`gfQjs-HL-TuMVy-N6P@
zFGGvvCu$n_ZzZcl9)?H)oZyJ~%5|;oJc-*Z2`i^oRh3ei>C$m1E?EB~RBeRzqT^YN
z`1YF23nrLqq9Z+gdBx#<QQbUl1i<YB9yTLP`oa}6&hrlmUFUyk3Qr;u`QJc2+dPgu
z28guYfBPPSy6${$f3#Q~lB<xL1jzeq4i-Py)#CU$D307~U^gu-C1ts40VRIFru_t^
z2KVss{-%95RSytLK>o6D_EWSB0EJhUU2n8jw>N;&#fyfQ23asE=U@@RQ+N&xK)sLb
z69mnN6PTEkvH*xP$)_wlj4-9QyK_8@3W1k`TB}UC{w@HG+wEj#;Lu6D58&k}yE!sZ
zDi}caUa%bxPaJNUxHW_eWX*hA)-}Z7CoO~9M#f>0v9qGhG3Tlj;17lndX&^VIY0Fd
zcx52x+@5`FbW;Y6o^+=0`#9msvw$X5Y(B44y#fOevH#Y>lQIMxiRxK8n~|FO%>mlh
zd4DZ(+w)lRM#0^kkKW_hjiZkXU<{B5x%~u?B1{T`1WK!2_IhV)oh#q$zcP&2G{Jt>
z_wC=jCC7mp!vfeJ%x+INEk|TF$ny1WP6h^i0Js3~NpMycmKQ=$;J9T2TJX@e9Jk4_
zd6;^eJM3kXezSJ9zu2{7r|bU2z?WBAA2p&)hb^0HbvoPR7hgL$$jHbnIv9+f6cv@+
z`H5a=Yc>HKbQmM;hZX{q@WGT4je5!5W8dg^9VnC~H(e-U)AS<8naZUX)`PuyO|h*-
zCrK|$N!HE_!a0PbQJHnur7wuc2<BtU<@CAbQ?MkcC^cWQgiCbE*urNQyrBJE^^g8&
zD~9InhbGSh^9`Z`pWu1ImYbSeT0DP?etEj3V`DoqS~Q@-K%t2kFqM;alFR{4j?)0r
zn3o5#*7*xdaYoM+1xONS+k^L5slKqLMSz-IquZJk{c|l{V+BhOyC<K3PEVTTrK1L)
zS1bD{V{R(Z!0Jf!HZP6HARff>&N(FO@$R~F>jzsWCFg?&z{2_T>5~BOTxDj-unCl&
zm*__#QHEJ-s`K&lAaRm?73i%<X-xH$8~sz@rf4KE2XFH#51F|rzmIgXKjxr_hGno?
z2v%Yp7xxf15A!amX?LG1t1DrDS-E+r<4Py;r5p$4LE<<jOB5q56Hh68Iwq+2%$O(E
zr{A62ExbzV{~#;y)R3g~<L1bbOWQ`zYN3w4{zJf|D3A9TapnASzGTE*Tie6KgOz&$
zb1xIumFJrOQA!#UHknY&c3q<FWR3{%&GqG--HfI8`3XAQpOW92?nDZ#`(7l;b0V+d
z8j+EbdYr6Ix7w!ts`!<Zl+@b`wYEMyoh?xWf0lqd=a9oElm}&*aizP5#XD!n#6sKL
z^*U|b9URDbC}canQ(C2(6f)8Feak87t+71z7<%S*Q!V`(+Co)4<^F=R6C1m&ge<W)
z;mkCmG{JIkRszKML|u1IJ#a`)<jh8(fk^%KJW?PaRI2-6-saLOot8Wy>AJ6X@F|YC
zZ9?0+q9U)5&zKfx6!Dy=@2-RL4PkT_2BK_%Y~$(w;b{U)s}V>+;>LipgQB0PaA|02
zwt9`GP8Sa8`~M+|F4)=GixWC5YCq{HbX@ljmj2n~x=%vD=ytM-9LcB112CeVHivS@
z-cJbK9}fYjun{IE57-PJeK>$`KWW)klGe1fvDsK$>%4~>@&8rM1bme^Z<kEKuI04%
z3%LhKM-FJ*c)l%+zlN=#X8D|~zNG`jDJUo)jpWySTbOG?^c4-z2x1ylv$y9U&+=IQ
z$ycc*b~zOQ_yp{?Hz!aZzzk}$FJxxg=p>GhB^YXITHqf8)UK|pJ#Z;Nn@Y%+1P=s1
z$|tEcP)CM-r;^r4vJ`SVsbGZ|H)WRSaLKa|>DH5yQPfim6G}#<d^ccgu80m^$2rv9
z56)?nO{-?-hKkN0%oaY2-wHdG6%=ONsfB;?uAEQJUi_H2J6s$j264U6AWH1{2S5*P
zieR~?F^5S;;Am<TJ1xGB+unwrpq>Qe8Qfp@cm^%oWP0>r3rqkosEa*C^3ki4S%Eh2
zMKoJ2IlpiEp$H1(ZT19HuDADI3`zUVaa?>n)w^pqK@m2di?*X09$R?)=UHVj*lKHt
z#S%Kf#PMQx_ejO;EYBb?JK`v{`n&OIMP<#2W053!nvt_~u*o9MJT{3?Xf!hg4^M+b
z+aF88I^F7c(d*l0o=+!B4XBxKEXPJhMp#saiL~@Hl9FsJm6Vja4)^pF!gjF*)&%|T
zE@vP!+RJ{Y<`hkPvRyiE+AfI?uJrhm2t&@FjNEox(+oo{i5Z&W;^^-O^3erL++5Ev
z)qmeaQOXn|gRf@54p*?sfbFkLpMMk_+PHY!U3or4c%o%iP>g;-8C;F*T^Ku6n59>Z
z@mv1~l5*ODTuTn)1vz;htx-Ig5?JW)W3MKfc!~~+Cnu*z*<)LwjM<m)gJFOI#=b;g
zIV2(ZWUjyk9q!pbEX}2S)J&q!*|!cy4-ckz=Rqp!D|N}vJihCa?fuJoPv=xeWs2@j
z-NxpZ&Zlg9N<<#Pn~n?9djxyItHwbB0(|@l(R({99$)0M9ydV(GJ`8>ub)99rgr=V
ze$S;l+ODUX9c1sHP_gCfYCW<CR(R^nK7WvGGbZ9S2uVikocC&{X2WMt1vZy93;&9-
z72`j<{3N$f19B3+!pNx-cU6cZ^V^bPY5%i|+>2)+y$6i3L+l`#h<1?rQX*x)yUE1E
zpsU+Rz6`gwP{A5yO8r7Se4vBm-N>p-v}d^tM!bVO-+|!kd3N<7ll{!(rDLfJHgo=6
zjIT#S4mt0JX>4T1&1S*nYa{OGxHaZbv{Sjq*>4;5oaSytORG3*tfAO$Sn57LNu#Sl
zil6_H+rOIt+;vS`92$ujmxD*5wJ{9g)bB%<aV1g>87$LS<NjgFmE+6b?DZ<=qp<=w
z>%+I}!$3D}8CS=(V?UFBVojrfb|bolyg8~(bvfvNY)2KG4HN7Zh9MorGC~RCLMwE#
z_?0#af<Cwx>21RZCBflGLq|e1N4ft;baFWhFU+@<oVNokrS{*gucWJt;wF>^_}MFD
z>_?#J7ED&H9=t_MTd=CIS;gfzgQbIOdZw3BBVdw$6wH9oCMt(PuPnUpWqutb-RKn1
zJ%)PzqxxAq`6)e0f;%O+Drn-tR&{U<sr+zVhI2{(G?rfn>EBuNz#=cM>deT$NTg33
zLXGn`BB(EfDhyDLLiK)apgW6wH)*k4{M;V4sV#!<DhF!YXr#`ZAu9Mg*!u4XDmCEQ
z(eAzvCE&N1Ok`Bg68P(C-IPZN5E3v`|D)9IadPX;+*V_~aBMa`sT8GlJHwjNZ1RV2
zAbI->4&$o7P8Bu3Ze}~<N*u6)m9R;2Gk_8TRjV1l&9#8`nY|U5@6j12z7Les8Wghh
zPbJr|)+7rWip$PhN%3IC5)!5*iu3df(Ei8k`fg$ds}?N<Q;?Hvl`&&XH&Mw!DER`T
zM66y`vv>%w(w?j+%l>fqVVxCL`Wc|vqH2nSGOszH&b+p6q(Zh(#idScawd$mw<y31
z_&cc(SU7aHV!f8EmIft~ZaS$^HIHZnp0kM^hYYjAkx927Z}Mrk9!`+-n79sk$9tX`
zj?xbJq+hK;RW*47B>g^+xi2mkqkmJ}Uxy}c3QqraFFuV9<*<sB0{w%XYHPQzA%N8O
zv6VeX#Cyc$#deV*qH4i&t2;+k@LwSygZ2KI%Q8(YFA|sc@ai7niIPFfiVcF34wNj9
zL-f5EOAWX*&LYd>3_s^Coimi$VSk!Six)JCcbXGT(D8l%EqTCl64ds&Jj2TE$pOOM
zHUE2i^0EiCwm5i*p|-Xx@ut}OEltfPZFXyGYvD<O?Ol%M0)DVyftpAc%R8KdN}F6|
zFQ0*`$zz<fio>>&G_85$V6}UG7NG)Oio=SJA7MHW%h}T}MB$8yZvV~<hs@UT8yOJ}
z1Oic0S06`{0L4%-N55y>9u6rv6sK0v)5AmnlMM3lQ|><z6HmA23Yr4&Hj-9Yc(x~-
z1!*;iUeFaR=|+^zBH!xu=X-+3<-PDfR;A!a9UplY#!+sk7P^sT^d}ann{*jE$tGSC
zvA_n80tc}i^mjS7u_o!xpK_ov(Gl5=0*|CvtUvI4LH|E+T8PJ-DFG`HJW1Ym4x})0
zQqfh}smg5Vr?`9>9~}wgecbO|6AWwkfK%hOigdEfDC++|*rI(8pEa0n9%qu?eM9e{
zY5OHph=3PXfje>``pwBr{C8;m)3NTI{2x%u^s^w^xHn<(9IBBnyM>szcCmJWGV}6T
ztW0fQfJMBZ4(@+(2T}yO+bFYqedE}!%fJlZhKDL5AYtG?*A6M5%n7+MR$@feicgk-
ztT;r^JfqehN8urF$>Yit(W0Ft(aA|E$_3Re&9apC*HhyP!koxIHLq+E<2<QZ?;ZE!
z-&jIaE-z$dHh>Djzhz|(D=YU>sLCN4KI#p_EPTM#rkK2NXkIDuL`O$QHC|D*)HgEX
zj4sHpGxHTSqJF^@#U1@QK8RHu|90I|K*sjcyR*Kj@q-!-cxYRv)y0B~IA)JmzD}FH
zCqF*@<<e<{Vy$+4@9!I`yzu~Cw9B%J3Y)86^IY$o;3VypR==kOW-gDBn@m3b+dJ?R
z)f9GbX4yj>WWVn7yOVtsp%Mj!6Rmfx)2CE9*P%&wvr1X?Pk+&Ni5#yv7eyynk8E7I
z9s0Bfc63;R3~V~})B*wKN}UN}*6UG-4IJ~i-whO%euaH#?lx0Q+RNOopw*f?^Ly2R
zLQH0+FEFwiC_02Cja!1pL(F(WzaG|xZ?}l}Tnpc<y3WtfPvam29=^BTpUkCN;UpMV
z=>w@}Hu3ONNMCyn<`Cc8+SS8ZjWtY)>H&ySu_kt|<ylLL_(zOwbPl5i%kd()uf}TP
zFP2+fnIg5P{hRDkmg=+@)+%Z!9y2T-%Pg)nuy7J0RuTT$6tp<>I;-b1m7rMwa|fq`
zYKTdXt4+-{I`Wk%*K^G);e6+-GJtVh5`U=}AJoF0ij5K?{uEf~(`lG@Y`a)<^;tM7
zDk{Nb_eTnt-@ff~MxI7eU!PnS*>bO_h+gnjnXoT{pFm~EL%z!J+;>SK6{oUc^O*!R
zuZ<p!GD!o=GRE6q9_;~7fA#?)mw_kLJz@RO?Y-(LfjOcj7ODzeQM>+Y*@(%|P$Ztg
z1nWEm-&d>%KlJqUd}idB{`iXCVl?$Bt7NbLj{i1Zg%`KUWW|(Vd5c~Vi4q&^b|6ZK
zvyFlsvX;U0emfs~+J&0TH|%>v>WUrz0VX+WJrB+*Xf~*AN!>M4VZ~E@ILK%`T%uu9
zzX8Nm=L8okKm;qfN?ej{&{PRy!B5}KOQ-%YJ{2=Zxl#OMx)q{`$G|H0ZQ12Q8r7@#
zKidXaw`9c6m@8w<w5gYHBZyCT0nax9Kt@WzZ9ZJxymt4~EWTR19^uwoM`sDRaNz7X
z?cL7}cuF(!53&=V)vDILI&PRm;Pl-LdzIsVXKkF&lke*4`p)wNtIGNQ8U_Fh0Vwp{
zQ7xx#Big}StiT%D1HLR%-98|j=HG*nIXf?B0O>_V?J0HuxO<|0cj-mfA-JMHJG@*0
zgl(x(b~p~j-T5eIv+W`dDdLsr#TXC3H0`|I`oh_M%xydg2qloBvJv_ZQFy`$Afp5T
z^|_G7)1%sML)URWYM$h@w7=?+l9F<Ec9sBN#y@o#FM3y&pAR4ULeTR^G7EK<_#F`R
z;TVKmx*sjLAOFN-z1xhS;s>(WPm`2oXwktYK}kTt==)}0L;&!~DV@A1mC^J!W_jgY
z4pX~80xV&>?zK<BjDeIstMm?*<8$%{(6NuThS*-wU%oiDY=&dLZh`x+@F9sSf~0Vl
z2%<b(Y3AH{ez=&-4}q;T=L$O0#?1WHffs@8eLvr;P7%L|HWtng1yT7Cei)vZ2#*TM
zG6Hs%ClO*?Vw@$9)w7!IJV-Ki9zo?#Y>Cl^{?@Vk(StbjrzdGOX;bsgNxkI>2o|o9
z{{7*>mpE2zclYx}c*%6YK;FNo0f-x95h_W8`rwg~AU|XLGjt7&_e--}Fu1I#6MH<L
zFLIwRPoQM!R8vxU8{!J>Zifiw6hG-tuk;*RcgF?Rks$sHI-lSP5aP5|Ri|r>#F(qg
z%B+?k7N2sw7*7v_gAq2qIMH&se>G6d6{Qe703N}Lp_&O=w6wJJ2P_F=6d}@I^#iho
z9#a7I`S^IVKAFj9I}}Hu!pUVIh^z$E1Ha~fPe8*WJ2>p}yAP~e3wVCiGV<e_x|uEn
zbpx-zw(E{{n1-4dFahG5Q?<Rl?^7){*|_e{wub`lVa-aVvxIObK)%z~CNzw~5b$s|
z#Pz|*?<(cb;0COD9c2?9BO<A`?H6kTbKtA@7=+xW{b<xTDvW3-Q+RpjKz)qL$tpoI
z&?dyL&UstrfR7h36V>hs_<JEAOdcdEf^vc6oZn$p@PN?`Nf%RNrHW7{W#20STR{~`
zwtK)dh#)94<N#q;oUZ%fT%On~;Z5EfYAo@PqobpsmcG`hY#@1ij}fU&jXRe9hVIQ9
zynd96D`|EKN1!ub27VikZRq+LmaQkN34J+qGwt`|8!((^?4FN@tx2OpD%v9mgNhb|
ztt|4j%9P{_Lbv>+;K(x6_2?>U??`X%vNAMGs)DJhDg$y3jwZFGt@^y*56j!OIae@)
zcSjoQsXR}^rYB8%7Gte1&&gb4-=_7wInlejG<^R|Ql`P0@}c-#OYT@EFy1`^&eYde
z_;Lgf&ZSkKfJrG?@I_SrhAjVUO)V`+v9PePEO?SM4n3I(R9wm_aiGHlgqFi7uBURl
zHx8y|)M8NRXm0lW4V2899Z{L(fa#qS8Uxq~E%v9EeG#~C-n`M#(Mezvl~h&5iw(YV
zT<;3&aK^H+wRJ`rURqcP*VKN;%gbxK!2UrR1PVC@%t28|NXQ{Vq`tns!rtYj+i`vc
zU<(Xdobmy6t|?ZH&@=C`TaAy2iHVGiJU%`i9F$4#%F7FspZln$_FmH2+4*No*e&kV
z+hhf7PNS~=w7{YfWu@En8VgHHQ=WlMe|8p5&QDbbgxhld;g|;zP!geVv<P|{nxHdt
zBx1eN*(E46))m3&tCy40DNqEREmf{9E6eMSrxG&+oY?6pmsnqKFMXR#BstjurUO0{
z_#e!DhviUol@%0<@Nw0im%nn6(yW;+h2S0%wtpyAE7xFsPOF`a5Ai!?kYzm#41^2B
zb>r6xTizT<O?`=f%GOUpMs~k5@--(XXK!y00^uHkD{)-w$hd5>UCbLR1jPfs99b4Q
zeYhJa@@8g|GLx7`e26E13-P|P`4BWsK|#TP<J<8^O-Pm%9ZOzLF395k{$4pt@N93K
zETe8;m|dRVDYj86VpKGxhc~0Wt&JI{OR|p~Xnt^ixOFBiZa{FFK}r$!zLd2rH0tzD
z$;^!Yjvv5zq$B6V$jyEJYrb+v*z0^}p<3?^nc63EC)TnAVc>0W8g{$@A5uIbr^R~V
zYb&$JW<Mw@Dw0chJdmIB^x{&977g!?rX3CgHdVqaXgVR`g<S%gJGZ=!H^~0mqzMNh
zO@q|+=*ukST+x9eD|`EamBdQ^T5R*Kw7JI&@6K-g-K&e*^*;~gibv0{0D%P#(nvb&
z_n702ABn@uTexymRMgp-nY>Pb5qz@VEd~&_N0Jztnwq$FtM!_nb{BvOGyGBrDz3xI
zH*72@5O!#<LZR5bdpkQV`ZY@ppK{-MIt)Y;iF;^k6HlRUI4n1!C!u(;xbKZ+XjXny
zosS{mAtfUVa<L*VBic8yvKpr6ItFfo=1}A&v){d{E2#kVJDP`Do+Do`Dkkl<3hqQ7
zV8(tO9l;#nyIl9iblTilnx=K&1Ox<{D=MOCFZL%(2@QH~<-Rfk?(7J-^nn<3vfB|E
z7ej-CgMr_wM|C9TRY-q%30rCat%+6XHRGh^6%+tXa}Pj`!k9liBc+7=a1QV$&ej|E
z(00%L{ry)&L>z`4g2KXC@~AlEpPwH70HsPN%N~bt0}K~*vCwI~Ru_go`QPT}>7nfX
zyx@n(CbysyWibEvrc>atB^ilr*_|x&DqR-z`AkD!^vr3jw8`8k+o&jBD4_PQ?56x+
zg0xHQ#3#<)i&2VrBdtNZ1D*lWHXwF@c5Bt>N5#dZav;MyX!CG!y~s@VQ`)fZA@oJv
zq8Uy~!f)~THCH|`Fpx)sJ|Q_N;IO*EM2JHMpWVYtjd_d!fnz2o-}-1}W%cP3Q|!z~
zA0HnV7w)T@tE&+P<1f61@E~S__XCtR>0BlV$?<RCgo=$VUUZj~prqwNAm<@^pE0Sq
z`HeYFf-V_YSy=@ITdJ$E5#hD~_b`irBIa`)vn=Zx9-avXvwX?M#>U2c^}6UdnMIu#
zP&LZ%80Q|!JK8ICO*J)qNf1a-5(TRya`vzv8!#++>YbgPyb|MpIcXeK=AObVYwPaL
z#dzDBcp1jqw6yAoudAm=B4VBC6Dp!1OW;Ps%pA#ENM9?etE*cUofSjObodUMXirsL
zt&;G;DssgSFk#d=Pu!xPO=D>K<n7OOCFwb}pYCH7M)iSdSda&d)d9-3Nmu6I+U95V
zG3Yg<IJlk(5fU#egvbGKG43CuE|=Zu%Wg4Wa^GjwXR5#N1u)^#uz;V8LI{Y6zWK>{
z@&*Rb($M%{#+kRbpVQ-gft2NaP<eUzDfTL&UvQBIQb=$}Mn*=TgT(xc8Nl2CAsoEv
zEjQqoT2RF;nnC^ukK80!8fWVKcf-TO8#W(4MBDMQ_*_q8SSd;3?<qBr(^!fdC1_yL
zF`)~iW{8DLjL7keV{@e(dT|e<Bpx0fx=FP4;f-;yvnPu%6jyX~2%C5wml~P(a4qSm
zg)0kV*c5tdj4~YO({U4U8aV)k-!0kM2l@cOHSo=<|6#c@W<nkbvF#^GH#Efgxq9{%
zfIsu!baW|XY~z`HvvZGc5-)WN0+`QlA%{iBGPp~l`dvMhjlCH_B<fUD4cz36g9YNJ
z3x|i_y7T&zX^N7J+HW~*EpKKxH8_>EAg`Kw9#2hP3OqfiEQ%rC&OU?w9->;g%!Jl@
zGSri!_Y1$LU0YW26d~A$TYDk!{Z4&-eK6RmqTh^NyG~rx4#`zZOG|z%d<>ejSCmnH
z6}gpg`_in_Zpp#)$O69jMZ-7+oLP(d`%MOn;KHnCe<j(r9=WKDdVUjxAgP|V@y-pR
zp%8ELl#0NvIb(eMINIy<`Xmzl29EeD)I5B!g;yZUYl_6ea*5YEUxr0bJ~lA)NODc@
zx-79LvU2N((+$X?_lx=6@eTn;2bfkL^NYMmPTF$Na;~R8uSYbQWLtST%iFiDm6e$0
z0$m07<H`TrPfGXbiQ=zsllP9k&ZhIxRvzt-fblq5tbNtUhbdDHXXA>RJj$S+G87&n
znptOfrKHV6=DGD{$rrBdM){AvhKGlTp&=!bBeZBWLS(I-Sr>NJ^~*j7lvAsDAR;K*
zvSbctC@(J$+?Ve@^z;OFJk|}i`8s#*DPQ6}zjhiTiiwV<g}Dhi4+0HMW1=Twi%#(%
z>Hi#K$}eypf?y1i?C~0d$w!@vTSdYUrD60%1aS!o2{8pn2urk4Y+ipskH>=IIH;Ze
z$NHW>nRvHdF4Ot=*^u|I=WRNph}f8zWDyYy^=zZ>3zQD=|MonOc55QF)FloxFff3@
zVBN98J9JeW$rCD1mO~RlPnM43s*OBjo+4)WnG9qOy83#4JOAmFS}cMcqV6$wAFFz`
z*<j4!(NSeZMN<0VdJiwYMNVq!M=h<z^>t2yo(iK6zxLu#+mLHr*T;v!jvONx@N_Fi
zh0Yzb{sRa2<D3vu>jWr%sX5QmgYX>azwORHgR#B_U_`tjW&$^+i|?;Xa?ON79dL1R
zUq#NXT#%I+Wbw-Ab#+O-_oz+NGd8u9asT8jJs3w}>rr!=pI0vd(a`#LZa>yP%czii
zcqW)LzI5Iml$Mf8;5W+svl(yU{|Y2Tj+5yjl>Iu*w(;whRldg&=F1E>0g!D>`_SE7
z;xW&*n8@xXB{4Dah&TF1PJ~LX$Upb`#3;+i%X<kR;#E~uuQxY0mES3#A_Hj^{A<Xo
zmf`EShFgoO?P!KowY7`X+udQ%Y9z-2xApsx+W`8gt7(dnbSt}<f5+cVOG5CKTTqY~
bAOD;xH}w`1In!wh4p?&1N>VlNjf4LOQ!xIY

literal 0
HcmV?d00001


From 2cf0d68232c1d4a73475a349c741b5cd469e7652 Mon Sep 17 00:00:00 2001
From: jcaparas <macapara@microsoft.com>
Date: Wed, 22 May 2019 16:45:47 -0700
Subject: [PATCH 156/157] update image

---
 .../microsoft-defender-atp-mac-install-manually.md            | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-manually.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-manually.md
index f297a4328b..9d43f6c99c 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-manually.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-manually.md
@@ -39,7 +39,7 @@ Download the installation and onboarding packages from Windows Defender Security
 3. In Section 2 of the page, select **Download installation package**. Save it as wdav.pkg to a local directory.
 4. In Section 2 of the page, select **Download onboarding package**. Save it as WindowsDefenderATPOnboardingPackage.zip to the same directory.
 
-    ![Windows Defender Security Center screenshot](images/MDATP_2_IntuneAppUtil.png)
+    ![Windows Defender Security Center screenshot](images/ATP_Portal_Onboarding_page.png)
 
 5. From a command prompt, verify that you have the two files.
     Extract the contents of the .zip files:
@@ -114,4 +114,4 @@ See [Logging installation issues](microsoft-defender-atp-mac-resources.md#loggin
 
 ## Uninstallation
 
-See [Uninstalling](microsoft-defender-atp-mac-resources.md#uninstalling) for details on how to remove Microsoft Defender ATP for Mac from client devices.
\ No newline at end of file
+See [Uninstalling](microsoft-defender-atp-mac-resources.md#uninstalling) for details on how to remove Microsoft Defender ATP for Mac from client devices.

From c3269aee4738023d48fd3a09401372d9c55366a6 Mon Sep 17 00:00:00 2001
From: DocsPreview <49669258+DocsPreview@users.noreply.github.com>
Date: Thu, 23 May 2019 10:47:21 -0700
Subject: [PATCH 157/157] Latest updates for 1903 and 1607 (#288)

---
 .../status-windows-10-1607-and-windows-server-2016.yml        | 4 ++--
 windows/release-information/status-windows-10-1903.yml        | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml b/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml
index b482491798..6ac43dc23c 100644
--- a/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml
+++ b/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml
@@ -60,7 +60,7 @@ sections:
   - type: markdown
     text: "<div>This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.</div><br>
       <table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Last updated</td></tr>
-      <tr><td><div id='441msg'></div><b>Machines running Windows Server 2016 with Hyper-V seeing Bitlocker error 0xC0210000</b><br>Some machines running Windows Server with Hyper-V enabled may boot into Bitlocker recovery <br><br><a href = '#441msgdesc'>See details ></a></td><td>N/A <br><br><a href ='' target='_blank'></a></td><td>Investigating<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>09:21 AM PT</td></tr>
+      <tr><td><div id='451msg'></div><b>Devices running Windows Server 2016 with Hyper-V seeing Bitlocker error 0xC0210000</b><br>Some devices running Windows Server with Hyper-V enabled may start into Bitlocker recovery with error 0xC0210000<br><br><a href = '#451msgdesc'>See details ></a></td><td>OS Build 14393.2969<br><br>May 14, 2019<br><a href ='https://support.microsoft.com/help/4494440' target='_blank'>KB4494440</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 23, 2019 <br>09:57 AM PT</td></tr>
       <tr><td><div id='135msg'></div><b>Cluster service may fail if the minimum password length is set to greater than 14</b><br>The cluster service may fail to start with the error “2245 (NERR_PasswordTooShort)” if the Group Policy “Minimum Password Length” is configured with greater than 14 characters.<br><br><a href = '#135msgdesc'>See details ></a></td><td>OS Build 14393.2639<br><br>November 27, 2018<br><a href ='https://support.microsoft.com/help/4467684' target='_blank'>KB4467684</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>April 25, 2019 <br>02:00 PM PT</td></tr>
       <tr><td><div id='238msg'></div><b>Issue using PXE to start a device from WDS</b><br>There may be issues using the Preboot Execution Environment (PXE) to start a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension.<br><br><a href = '#238msgdesc'>See details ></a></td><td>OS Build 14393.2848<br><br>March 12, 2019<br><a href ='https://support.microsoft.com/help/4489882' target='_blank'>KB4489882</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>April 25, 2019 <br>02:00 PM PT</td></tr>
       <tr><td><div id='149msg'></div><b>SCVMM cannot enumerate and manage logical switches deployed on the host</b><br>For hosts managed by System Center Virtual Machine Manager (VMM), VMM cannot enumerate and manage logical switches deployed on the host.<br><br><a href = '#149msgdesc'>See details ></a></td><td>OS Build 14393.2639<br><br>November 27, 2018<br><a href ='https://support.microsoft.com/help/4467684' target='_blank'>KB4467684</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>April 25, 2019 <br>02:00 PM PT</td></tr>
@@ -85,7 +85,7 @@ sections:
   - type: markdown
     text: "
       <table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='441msgdesc'></div><b>Machines running Windows Server 2016 with Hyper-V seeing Bitlocker error 0xC0210000</b><div>We are investigating reports that some machines running Windows Server 2016 with Hyper-V enabled may enter Bitlocker recovery mode with an error 0xC0210000 after installing KB4494440 and rebooting.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10 Enterprise LTSC 2016; Windows 10, version 1607</li><li>Server: Windows Server 2016</li></ul><div></div><div><strong>Workaround: </strong>You can reboot machines successfully after suspending Bitlocker from Windows Recovery Environment.&nbsp;Below steps can be followed to suspend Bitlocker</div><ul><li>Retrieve the 48 digit Bitlocker recovery password for the OS volume (From organization portal/key storage).</li><li>From the recovery screen, press the enter key to get to the recovery password entry screen and enter the recovery password.</li><li>If machine boots to windows recovery environment and asks for recovery key again, press “skip the drive” to enter Windows Recovery Environment</li><li>Click on “Advanced options”-&gt;”Troubleshoot”-&gt;”Advanced options”-&gt;”Command Prompt”</li><li>Unlock OS drive using the following command</li><li class=\"ql-indent-1\">Mange-bde -unlock c: -rp &lt;48 digit numerical recovery password separated by “-“ in 6 digit group&gt;</li><li>Suspend Bitlocker using the following command</li><li class=\"ql-indent-1\">Manage-bde -protectors -disable c:</li><li>Exit the command Window using the following command</li><li class=\"ql-indent-1\">exit</li><li>Click on “Continue” from recovery environment</li><li>This should boot system to Windows</li><li>Once booted, launch an Administrator command prompt and resume the Bitlocker to ensure the system remains protected.</li><li class=\"ql-indent-1\">Mange-bde -protectors -enable c:</li></ul><div></div><div>The workaround needs to be followed on every system boot.&nbsp;To prevent hitting the issue, execute following command to temporarily suspend Bitlocker just before rebooting the system:</div><ul><li>Manage-bde -protectors -disable c: -rc 1</li><li>This command will suspend Bitlocker until 1 reboot of the machine (-rc 1 option only works inside OS and does not work from recovery environment).</li></ul><div></div><div>&nbsp;<strong>Next steps: </strong>Microsoft is presently investigating this issue and will provide an update when available.</div><br><a href ='#441msg'>Back to top</a></td><td>N/A <br><br><a href ='' target='_blank'></a></td><td>Investigating<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>09:21 AM PT<br><br>Opened:<br>May 21, 2019 <br>08:50 AM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='451msgdesc'></div><b>Devices running Windows Server 2016 with Hyper-V seeing Bitlocker error 0xC0210000</b><div>Some devices running Windows Server 2016 with Hyper-V enabled may enter Bitlocker recovery mode and receive an error, \"0xC0210000\" after installing <a href='https://support.microsoft.com/help/4494440' target='_blank'>KB4494440</a> and restarting.</div><div><br></div><div><strong>Note </strong>Windows 10, version 1607 may also be affected when Bitlocker and Hyper-V are both enabled.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10 Enterprise LTSC 2016; Windows 10, version 1607</li><li>Server: Windows Server 2016</li></ul><div></div><div><strong>Workaround: </strong>If your device is already in this state, you can successfully start Windows after suspending Bitlocker from the Windows Recovery Environment (WinRE) using the following steps:</div><ol><li>Retrieve the 48 digit Bitlocker recovery password for the OS volume from your organization's portal or from wherever the key was stored when Bitlocker was first enabled.</li><li>From the recovery screen, press the enter key and enter the recovery password when prompted.</li><li>If your device starts in the Windows Recovery Environment and asks for recovery key again, select <strong>Skip the drive</strong> to continue to WinRE.</li><li>select <strong>Advanced options</strong> then <strong>Troubleshoot</strong> then <strong>Advanced options</strong> then <strong>Command Prompt.</strong></li><li>Unlock OS drive using the command: <strong>Manage-bde -unlock c: -rp &lt;48 digit numerical recovery password separated by “-“ in 6 digit group&gt;</strong></li><li>Suspend Bitlocker using the command: <strong>Manage-bde -protectors -disable c:</strong></li><li>Exit the command window using the command: <strong>exit</strong></li><li>Select <strong>Continue</strong> from recovery environment.</li><li>The device should now start Windows.</li><li>Once started, launch an Administrator Command Prompt and resume the Bitlocker to ensure the system remains protected, using the command: Manage-bde -protectors -enable c:</li></ol><div><strong>Note</strong> The workaround needs to be followed on every system restart unless Bitlocker is suspended before restarting.</div><div><br></div><div>To prevent this issue, execute the following command to temporarily suspend Bitlocker just before restarting the system: <strong>Manage-bde -protectors -disable c: -rc 1</strong></div><div><strong>Note</strong> This command will suspend Bitlocker for 1 restart of the device (-rc 1 option only works inside OS and does not work from recovery environment).</div><div><br></div><div><strong>Next steps: </strong>Microsoft is presently investigating this issue and will provide an update when available.</div><br><a href ='#451msg'>Back to top</a></td><td>OS Build 14393.2969<br><br>May 14, 2019<br><a href ='https://support.microsoft.com/help/4494440' target='_blank'>KB4494440</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 23, 2019 <br>09:57 AM PT<br><br>Opened:<br>May 21, 2019 <br>08:50 AM PT</td></tr>
       <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='423msgdesc'></div><b>Unable to access some gov.uk websites</b><div>After installing the May 14, 2019 update, some gov.uk websites that don’t support HTTP Strict Transport Security&nbsp;(HSTS)&nbsp;may not be accessible through Internet Explorer 11 or Microsoft Edge.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1809; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10, version 1507; Windows 8.1; Windows 7 SP1&nbsp;</li><li>Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1</li></ul><div></div><div><strong>Resolution: </strong>We have released an \"optional, <a href=\"https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-update-servicing-cadence/ba-p/222376\" target=\"_blank\">out-of-band</a>\" update for Windows 10 (<a href='https://support.microsoft.com/help/4505052' target='_blank'>KB4505052</a>) to resolve this issue. If you are affected, we recommend you apply this update by installing <a href='https://support.microsoft.com/help/4505052' target='_blank'>KB4505052</a> from Windows Update and then restarting your device.</div><div><br></div><div>This update will not be applied automatically. To download and install this update, go to <strong>Settings</strong> &gt; <strong>Update &amp; Security</strong> &gt; <strong>Windows Update</strong> and select <strong>Check for updates</strong>. To get the standalone package for <a href='https://support.microsoft.com/help/4505052' target='_blank'>KB4505052</a>, search for it in the&nbsp;<a href=\"http://www.catalog.update.microsoft.com/home.aspx\" target=\"_blank\">Microsoft Update Catalog</a>.</div><div>&nbsp;</div><br><a href ='#423msg'>Back to top</a></td><td>OS Build 14393.2969<br><br>May 14, 2019<br><a href ='https://support.microsoft.com/help/4494440' target='_blank'>KB4494440</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4505052' target='_blank'>KB4505052</a></td><td>Resolved:<br>May 19, 2019 <br>02:00 PM PT<br><br>Opened:<br>May 16, 2019 <br>01:57 PM PT</td></tr>
       <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='379msgdesc'></div><b>Layout and cell size of Excel sheets may change when using MS UI Gothic </b><div>When using the <strong>MS UI Gothic</strong> or <strong>MS PGothic</strong> fonts, the text, layout, or cell size may become narrower or wider than expected in Microsoft Excel. For example, the layout and cell size of Microsoft Excel sheets may change when using <strong>MS</strong> <strong>UI Gothic</strong>.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1</li><li>Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012</li></ul><div></div><div><strong>Resolution</strong>: This issue has been resolved.</div><br><a href ='#379msg'>Back to top</a></td><td>OS Build 14393.2941<br><br>April 25, 2019<br><a href ='https://support.microsoft.com/help/4493473' target='_blank'>KB4493473</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4494440' target='_blank'>KB4494440</a></td><td>Resolved:<br>May 14, 2019 <br>10:00 AM PT<br><br>Opened:<br>May 10, 2019 <br>10:35 AM PT</td></tr>
       </table>
diff --git a/windows/release-information/status-windows-10-1903.yml b/windows/release-information/status-windows-10-1903.yml
index 0c22040811..d38140c25f 100644
--- a/windows/release-information/status-windows-10-1903.yml
+++ b/windows/release-information/status-windows-10-1903.yml
@@ -68,13 +68,13 @@ sections:
       <tr><td><div id='448msg'></div><b>Display brightness may not respond to adjustments</b><br>Microsoft and Intel have identified a driver compatibility issue on devices configured with certain Intel display drivers.<br><br><a href = '#448msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Investigating<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>04:47 PM PT</td></tr>
       <tr><td><div id='433msg'></div><b>Audio not working with Dolby Atmos headphones and home theater </b><br>Users may experience audio loss with Dolby Atmos headphones or Dolby Atmos home theater.<br><br><a href = '#433msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Investigating<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>07:17 AM PT</td></tr>
       <tr><td><div id='426msg'></div><b>Duplicate folders and documents showing in user profile directory</b><br>If known folders (e.g. Desktop, Documents, or Pictures folders) are redirected, an empty folder with that same name may be created.<br><br><a href = '#426msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Investigating<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>07:16 AM PT</td></tr>
+      <tr><td><div id='452msg'></div><b>AMD RAID driver incompatibility  </b><br>Installation process may stop when trying to install Windows 10, version 1903 update on computers that run certain versions of AMD RAID drivers.<br><br><a href = '#452msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 23, 2019 <br>09:28 AM PT</td></tr>
       <tr><td><div id='442msg'></div><b>Error attempting to update with external USB device or memory card attached </b><br>PCs with an external USB device or SD memory card attached may get error: \"This PC can't be upgraded to Windows 10.\"<br><br><a href = '#442msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>04:49 PM PT</td></tr>
       <tr><td><div id='450msg'></div><b>Unable to discover or connect to Bluetooth devices</b><br>Microsoft has identified compatibility issues with some versions of Realtek and Qualcomm Bluetooth radio drivers.<br><br><a href = '#450msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>04:48 PM PT</td></tr>
       <tr><td><div id='449msg'></div><b>Night light settings do not apply in some cases</b><br>Microsoft has identified some scenarios where night light settings may stop working.<br><br><a href = '#449msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>04:48 PM PT</td></tr>
       <tr><td><div id='447msg'></div><b>Intel Audio displays an intcdaud.sys notification</b><br>Microsoft and Intel have identified an issue with a range of Intel Display Audio device drivers that may result in battery drain.  <br><br><a href = '#447msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>04:47 PM PT</td></tr>
       <tr><td><div id='446msg'></div><b>Cannot launch Camera app </b><br>Microsoft and Intel have identified an issue affecting Intel RealSense SR300 or Intel RealSense S200 camera apps.<br><br><a href = '#446msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>04:47 PM PT</td></tr>
       <tr><td><div id='445msg'></div><b>Intermittent loss of Wi-Fi connectivity</b><br>Some older devices may experience loss of Wi-Fi connectivity due to an outdated Qualcomm driver. <br><br><a href = '#445msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>04:46 PM PT</td></tr>
-      <tr><td><div id='443msg'></div><b>AMD RAID driver incompatibility  </b><br>Installation process may stop when trying to install Windows 10, version 1903 update on computers that run certain versions of AMD RAID drivers.<br><br><a href = '#443msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>04:45 PM PT</td></tr>
       <tr><td><div id='444msg'></div><b>D3D applications and games may fail to enter full-screen mode on rotated displays</b><br>Some Direct3D (D3D) applications and games may fail to enter full-screen mode on rotated displays.<br><br><a href = '#444msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>04:45 PM PT</td></tr>
       <tr><td><div id='427msg'></div><b>Older versions of BattlEye anti-cheat software incompatible</b><br>Microsoft and BattlEye have identified a compatibility issue with some games that use older versions of BattlEye anti-cheat software.<br><br><a href = '#427msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>07:34 AM PT</td></tr>
       </table>
@@ -95,13 +95,13 @@ sections:
       <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='448msgdesc'></div><b>Display brightness may not respond to adjustments</b><div>Microsoft and Intel have identified a driver compatibility issue on devices configured with certain Intel display drivers. After updating to Window 10, version 1903, brightness settings may sometime appear as if changes applied took effect, yet the actual display brightness doesn't change.</div><div><br></div><div>To safeguard your update experience, we have applied a compatibility hold on devices with certain Intel drivers from being offered Windows 10, version 1903, until&nbsp;this issue is resolved.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Workaround: </strong>Restart your device to apply changes to brightness.</div><div><br></div><div><strong>Note</strong> We recommend that you do not attempt to manually update using the <strong>Update now</strong> button or the Media Creation Tool until this issue has been resolved.</div><div><br></div><div><strong>Next steps: </strong>We are working on a resolution that will be made available in upcoming release.</div><br><a href ='#448msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Investigating<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>04:47 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:56 AM PT</td></tr>
       <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='433msgdesc'></div><b>Audio not working with Dolby Atmos headphones and home theater </b><div>After updating to Windows 10, version 1903, you may experience loss of audio with Dolby Atmos for home theater (free extension) or Dolby Atmos for headphones (paid extension) acquired through the Microsoft Store due to a licensing configuration error.</div><div>&nbsp;</div><div>This occurs due to an issue with a Microsoft Store licensing component, where license holders are not able to connect to the Dolby Access app and enable Dolby Atmos extensions.</div><div>&nbsp;</div><div>To safeguard your update experience, we have applied protective hold on devices from being offered Windows 10, version 1903 until&nbsp;this issue is resolved. This configuration error will not result in loss of access for the acquired license once the problem is resolved.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Next steps: </strong>We are working on a resolution for Microsoft Store and estimate a solution will be available in mid-June.</div><div><strong>Note</strong> We recommend you do not attempt to manually update using the <strong>Update now</strong> button or the Media Creation Tool until this issue has been resolved.&nbsp;</div><br><a href ='#433msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Investigating<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>07:17 AM PT<br><br>Opened:<br>May 21, 2019 <br>07:16 AM PT</td></tr>
       <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='426msgdesc'></div><b>Duplicate folders and documents showing in user profile directory</b><div>If you have redirected known folders (e.g. Desktop, Documents, or Pictures folders) you may see an empty folder with the same name in your %userprofile% directories after updating to Windows 10, version 1903. This may occur if known folders were redirected when you chose to back up your content to OneDrive using the OneDrive wizard, or if you chose to back up your content during the Windows Out-of-Box-Experience (OOBE). This may also occur if you redirected your known folders manually through the Properties dialog box in File Explorer. ​This issue does not cause any user files to be deleted and a solution is in progress.</div><div><br></div><div>To safeguard your update experience, we have applied a quality hold on devices with redirected known folders from being offered Windows 10, version 1903, until&nbsp;this issue is resolved.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Next steps: </strong>Microsoft is working on a resolution and estimates a solution will be available in late May.</div><div><strong>Note </strong>We recommend that you do not attempt to manually update to Windows 10, version 1903 using the <strong>Update now</strong> button or the Media Creation Tool until this issue has been resolved.</div><br><a href ='#426msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Investigating<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>07:16 AM PT<br><br>Opened:<br>May 21, 2019 <br>07:16 AM PT</td></tr>
+      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='452msgdesc'></div><b>AMD RAID driver incompatibility  </b><div>Microsoft and AMD have identified an incompatibility with AMD RAID driver versions earlier than 9.2.0.105. When you attempt to install&nbsp;the Windows 10, version 1903 update on a Windows 10-based computer with an affected driver version, the installation process stops and you get a message like the following:</div><p class=\"ql-indent-1\">AMD Ryzen™ or AMD Ryzen™ Threadripper™ configured in SATA or NVMe RAID mode.</div><p class=\"ql-indent-1\">“A driver is installed that causes stability problems on Windows. This driver will be disabled. Check with your software/driver provider for an updated version that runs on this version of Windows.”</div><div><strong>&nbsp;</strong></div><div>To safeguard your update experience, we have applied a compatibility hold on devices with these AMD drivers from being offered Windows 10, version 1903, until&nbsp;this issue is resolved.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Workaround: </strong>To resolve this issue, download the latest AMD RAID drivers directly from AMD at&nbsp;<a href=\"https://www.amd.com/en/support/chipsets/amd-socket-tr4/x399\" target=\"_blank\">https://www.amd.com/en/support/chipsets/amd-socket-tr4/x399</a>. The drivers must be version&nbsp;9.2.0.105 or later. Install the drivers on the affected computer, and then restart the installation process for the Windows 10, version 1903 feature update.</div><div>&nbsp;</div><div><strong>Note</strong> We recommend that you do not attempt to manually update using the <strong>Update now</strong> button or the Media Creation Tool until a new driver has been installed and the Windows 10, version 1903 feature update has been automatically offered to you.</div><div>&nbsp;</div><br><a href ='#452msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 23, 2019 <br>09:28 AM PT<br><br>Opened:<br>May 21, 2019 <br>07:12 AM PT</td></tr>
       <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='442msgdesc'></div><b>Error attempting to update with external USB device or memory card attached </b><div>If you have an external USB device or SD memory card attached when installing Windows 10, version 1903, you may get an error message stating \"This PC can't be upgraded to Windows 10.\" This is caused by inappropriate drive reassignment during installation.</div><div><br></div><div>Sample scenario: An update to Windows 10, version 1903 is attempted on a computer that has a thumb drive inserted into its USB port. Before the update, the thumb drive is mounted in the system as drive G based on the existing drive configuration. After the feature update is installed; however, the device is&nbsp;reassigned a different drive letter (e.g., drive H).</div><div><br></div><div><strong>Note</strong> The drive reassignment is not limited to removable drives. Internal hard drives may also be affected.</div><div><br></div><div>To safeguard your update experience, we have applied a hold on devices with an external USB device or SD memory card attached from being offered Windows 10, version 1903 until&nbsp;this issue is resolved.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Workaround: </strong>To work around this issue, remove&nbsp;all external media, such as USB devices and SD cards, from your computer and restart installation of the Windows 10, version 1903 feature update. The update should then proceed normally.</div><div><strong>Note </strong>If you need to keep your external device, SD memory card, or other devices attached to your computer while updating, we recommend that you do not attempt to manually update to Windows 10, version 1903 using the <strong>Update now </strong>button or the Media Creation Tool until this issue has been resolved.</div><div><br></div><div><strong>Next steps: </strong>Microsoft is working on a resolution and estimate a solution will be available in late May.</div><br><a href ='#442msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>04:49 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:38 AM PT</td></tr>
       <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='450msgdesc'></div><b>Unable to discover or connect to Bluetooth devices</b><div>Microsoft has identified compatibility issues with some driver versions for Bluetooth radios made by Realtek and Qualcomm. To safeguard your update experience, we have applied a compatibility hold on devices with affected driver versions for Realtek or Qualcomm Bluetooth radios from being offered Windows 10, version 1903 or Windows Server, version 1903 until the driver has been updated.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li><li>Server: Windows Server, version 1903</li></ul><div></div><div><strong>Workaround: </strong>Check with your device manufacturer (OEM) to see if an updated driver is available and install it.</div><div><br></div><ul><li>For Qualcomm drivers, you will need to install a driver version greater than 10.0.1.11.</li><li>For Realtek drivers, you will need to install a driver version greater than 1.5.1011.0.</li></ul><div></div><div><strong>Note</strong> Until an updated driver has been installed, we recommend you do not attempt to manually update using the<strong> Update now </strong>button or the Media Creation Tool.&nbsp;</div><div><br></div><div><strong>Next steps:&nbsp;</strong>Microsoft is working with Realtek and Qualcomm to release new drivers for all affected system via Windows Update.<strong>&nbsp;</strong>&nbsp;</div><div><br></div><br><a href ='#450msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>04:48 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:29 AM PT</td></tr>
       <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='449msgdesc'></div><b>Night light settings do not apply in some cases</b><div>Microsoft has identified some scenarios where night light settings may stop working, for example:</div><ul><li>Connecting to (or disconnecting from) an external monitor, dock, or projector</li><li>Rotating the screen</li><li>Updating display drivers or making other display mode changes</li></ul><div></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Workaround: </strong>If you find that your night light settings have stopped working, try turning the night light on and off, or restart your computer.<strong>&nbsp;&nbsp;</strong></div><div><br></div><div><strong>Note </strong>We recommend that you do not attempt to manually update using the <strong>Update now</strong> button or the Media Creation Tool until this issue has been resolved.</div><div><br></div><div><strong>Next steps: </strong>We are working on a resolution and will provide an update in an upcoming release.</div><div><br></div><br><a href ='#449msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>04:48 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:28 AM PT</td></tr>
       <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='447msgdesc'></div><b>Intel Audio displays an intcdaud.sys notification</b><div>Microsoft and Intel have identified an issue with a range of Intel Display Audio device drivers that may result in higher than normal battery drain.&nbsp;If you see an <strong>intcdaud.sys</strong> notification or “What needs your attention” notification when trying to update to Windows 10, version 1903, you have an affected Intel Audio Display device driver installed on your machine (intcdaud.sys, versions 10.25.0.3 through 10.25.0.8).</div><div>&nbsp;&nbsp;</div><div>To safeguard your update experience, we have applied a compatibility hold on devices with drivers from being offered Windows 10, version 1903 until&nbsp;updated device drivers have been installed.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903; Windows 10, version 1809</li></ul><div></div><div><strong>Workaround:</strong></div><div>On the “What needs your attention\" notification, click the <strong>Back </strong>button to remain on your current version of Windows 10. (Do not click <strong>Confirm</strong> as this will proceed with the update and you may experience compatibility issues.)&nbsp;Affected devices will automatically revert to the previous working configuration.</div><div><br></div><div>For more information, see <a href=\"https://www.intel.com/content/www/us/en/support/articles/000030792/graphics-drivers.html\" target=\"_blank\" style=\"\">Intel's customer support guidance</a> and the Microsoft knowledge base article <a href=\"https://support.microsoft.com/help/4465877\" target=\"_blank\" style=\"\">KB4465877</a>.</div><div><br></div><div><strong>Note</strong> We recommend you do not attempt to update your devices until newer device drivers are installed.</div><div><br></div><div><strong>Next steps: </strong>You can opt to wait for newer drivers to be installed automatically through Windows Update or check with the computer manufacturer for the latest device driver software availability and installation procedures.</div><br><a href ='#447msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>04:47 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:22 AM PT</td></tr>
       <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='446msgdesc'></div><b>Cannot launch Camera app </b><div>Microsoft and Intel have identified an issue affecting Intel RealSense SR300 and Intel RealSense S200 cameras when using the Camera app. After updating to the Windows 10 May 2019 Update and launching the Camera app, you may get an error message stating:</div><p class=\"ql-indent-1\">\"Close other apps, error code: 0XA00F4243.”</div><div><br></div><div>To safeguard your update experience, we have applied a protective hold on machines with Intel RealSense SR300 or Intel RealSense S200 cameras installed from being offered Windows 10, version 1903, until&nbsp;this issue is resolved.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Workaround: </strong>To temporarily resolve this issue, perform one of the following:</div><div><br></div><ul><li>Unplug your camera and plug it back in.</li></ul><p class=\"ql-indent-1\">or</div><ul><li>Disable and re-enable the driver in Device Manager. In the Search box, type \"Device Manager\" and press <strong>Enter</strong>. In the Device Manager dialog box, expand <strong>Cameras</strong>, then right-click on any <strong>RealSense</strong> driver listed and select <strong>Disable device</strong>. Right click on the driver again and select <strong>Enable device</strong>.</li></ul><p class=\"ql-indent-1\">or</div><ul><li>Restart the <strong>RealSense </strong>service. In the Search box, type \"Task Manager\" and hit <strong>Enter</strong>. In the Task Manager dialog box, click on the <strong>Services </strong>tab, right-click on <strong>RealSense</strong>, and select <strong>Restart</strong>.&nbsp;</li></ul><div></div><div><strong>Note </strong>This workaround will only resolve the issue until your next system restart.</div><div><br></div><div><strong>Note </strong>We recommend that you do not attempt to manually update using the <strong>Update now</strong> button or the Media Creation Tool until this issue has been resolved.</div><div><br></div><div><strong>Next steps: </strong>We are working on a resolution and will provide an update in an upcoming release.</div><br><a href ='#446msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>04:47 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:20 AM PT</td></tr>
       <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='445msgdesc'></div><b>Intermittent loss of Wi-Fi connectivity</b><div>Some older computers may experience loss of Wi-Fi connectivity due to an outdated Qualcomm driver. An updated Wi-Fi driver should be available from your device manufacturer (OEM).</div><div><br></div><div>To safeguard your upgrade experience, we have applied a hold on devices with this Qualcomm driver from being offered Windows 10, version 1903, until&nbsp;the updated driver is installed.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Workaround: </strong>Download<strong> </strong>and install an updated Wi-Fi driver from your device manufacturer (OEM).</div><div>&nbsp;</div><div><strong>Note</strong> We recommend that you do not attempt to manually update using the <strong>Update now</strong> button or the Media Creation Tool until a new driver has been installed and the Windows 10, version 1903 feature update has been automatically offered to you.</div><br><a href ='#445msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>04:46 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:13 AM PT</td></tr>
-      <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='443msgdesc'></div><b>AMD RAID driver incompatibility  </b><div>Microsoft and AMD have identified an incompatibility with AMD RAID driver versions lower than 9.2.0.105. When you attempt to install&nbsp;the Windows 10, version 1903 update on a Windows 10-based computer with an affected driver version, the installation process stops and you get a message like the following:</div><p class=\"ql-indent-1\">AMD Ryzen™ or AMD Ryzen™ Threadripper™ configured in SATA or NVMe RAID mode.</div><p class=\"ql-indent-1\">“A driver is installed that causes stability problems on Windows. This driver will be disabled. Check with your software/driver provider for an updated version that runs on this version of Windows.”</div><div><strong>&nbsp;</strong></div><div>To safeguard your update experience, we have applied a compatibility hold on devices with these AMD drivers from being offered Windows 10, version 1903, until&nbsp;this issue is resolved.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Workaround: </strong>To resolve this issue, download the latest AMD RAID drivers directly from AMD at&nbsp;<a href=\"https://www.amd.com/en/support/chipsets/amd-socket-tr4/x399\" target=\"_blank\">https://www.amd.com/en/support/chipsets/amd-socket-tr4/x399</a>. The drivers must be version&nbsp;9.2.0.105 or later. Install the drivers on the affected computer, and then restart the installation process for the Windows 10, version 1903 feature update.</div><div>&nbsp;</div><div><strong>Note</strong> We recommend that you do not attempt to manually update using the <strong>Update now</strong> button or the Media Creation Tool until a new driver has been installed and the Windows 10, version 1903 feature update has been automatically offered to you.</div><div>&nbsp;</div><br><a href ='#443msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>04:45 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:12 AM PT</td></tr>
       <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='444msgdesc'></div><b>D3D applications and games may fail to enter full-screen mode on rotated displays</b><div>Some Direct3D&nbsp;(D3D) applications and games (e.g., 3DMark) may fail to enter full-screen mode on displays where the display orientation has been changed from the default (e.g., a landscape display in portrait mode).</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li><li>Server: Windows Server, version 1903</li></ul><div></div><div><strong>Workaround: </strong>To work around this issue, do one of the following:</div><ul><li>Run applications in windowed mode or, if available, on a secondary non-rotated display.&nbsp;</li><li>Change compatibility settings for the applications to “Disable Full Screen Optimizations.”</li></ul><div></div><div><strong>Next steps: </strong>Microsoft is working on a resolution and estimates a solution will be available in late May.</div><br><a href ='#444msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>04:45 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:05 AM PT</td></tr>
       <tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='427msgdesc'></div><b>Older versions of BattlEye anti-cheat software incompatible</b><div>Microsoft and BattlEye have identified a compatibility issue with some games that use older versions of BattlEye anti-cheat software. When launching a game that uses an older, impacted version of BattlEye anti-cheat software on a device running Windows 10, version 1903, the device may experience a system crash.</div><div><br></div><div>To safeguard your gaming experience, we have applied a compatibility hold on devices with the impacted versions of BattlEye software used by games installed on your PC. This will prevent Windows 10, version 1903 from being offered until the incompatible version of BattlEye software is no longer installed on the device.&nbsp;</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Mitigated: </strong>BattlEye has provided an updated patch to known impacted games. For a list of recent games that use BattlEye, go to&nbsp;<a href=\"https://www.battleye.com/\" target=\"_blank\">https://www.battleye.com/</a>.</div><div><br></div><div><strong>Workaround: </strong>Before updating your machine, we recommend you do one or more of the following:</div><div><br></div><ul><li>Verify that your game is up to date with the latest available version of BattlEye software. Some game platforms allow you to validate your game files, which can confirm that your installation is fully up to date.</li><li>Restart your system and open the game again.</li><li>Uninstall BattlEye using <a href=\"https://www.battleye.com/downloads/UninstallBE.exe\" target=\"_blank\">https://www.battleye.com/downloads/UninstallBE.exe</a>, and then reopen your game.</li><li>Uninstall and reinstall your game.</li></ul><div></div><div>For more troubleshooting options, see <a href=\"https://www.battleye.com/support/faq/\" target=\"_blank\">https://www.battleye.com/support/faq/</a>.</div><div><br></div><div><strong>Next steps: </strong>We are working with BattlEye and gaming partners to ensure games are automatically updated with the latest BattlEye software. We have confirmed the latest version of impacted games do not exhibit this issue. To minimize the chance of hitting this upgrade compatibility hold, please make sure you are running the latest version of your games before attempting to update the operating system.&nbsp;&nbsp;</div><div><strong>Note </strong>We recommend that you do not attempt to manually update using the <strong>Update now </strong>button or the Media Creation Tool until you have installed an updated version of BattlEye software that resolves this issue.</div><br><a href ='#427msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>07:34 AM PT<br><br>Opened:<br>May 21, 2019 <br>07:34 AM PT</td></tr>
       </table>