From 7923bcfd9d23172ba9958d3a0f9ba5783861fc4e Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Tue, 18 Jun 2024 07:59:57 -0400 Subject: [PATCH 01/36] Bitlocker recovery screen --- .../bitlocker/bcd-settings-and-bitlocker.md | 4 +- .../data-protection/bitlocker/configure.md | 2 +- .../bitlocker/countermeasures.md | 4 +- .../data-protection/bitlocker/csv-san.md | 2 +- .../data-protection/bitlocker/faq.yml | 2 +- .../data-protection/bitlocker/index.md | 2 +- .../bitlocker/install-server.md | 2 +- .../bitlocker/network-unlock.md | 6 +- .../bitlocker/operations-guide.md | 4 +- .../bitlocker/planning-guide.md | 2 +- .../bitlocker/preboot-recovery-screen.md | 20 +-- .../bitlocker/recovery-overview.md | 2 +- .../bitlocker/recovery-process.md | 4 +- .../bitlocker/recovery-screen.md | 141 ++++++++++++++++++ .../data-protection/bitlocker/toc.yml | 2 + 15 files changed, 171 insertions(+), 28 deletions(-) create mode 100644 windows/security/operating-system-security/data-protection/bitlocker/recovery-screen.md diff --git a/windows/security/operating-system-security/data-protection/bitlocker/bcd-settings-and-bitlocker.md b/windows/security/operating-system-security/data-protection/bitlocker/bcd-settings-and-bitlocker.md index 22f80cb481..3e29796ff1 100644 --- a/windows/security/operating-system-security/data-protection/bitlocker/bcd-settings-and-bitlocker.md +++ b/windows/security/operating-system-security/data-protection/bitlocker/bcd-settings-and-bitlocker.md @@ -1,8 +1,8 @@ --- -title: BCD settings and BitLocker +title: BCD settings and BitLocker description: Learn how BCD settings are used by BitLocker. ms.topic: reference -ms.date: 10/30/2023 +ms.date: 06/18/2024 --- # Boot Configuration Data settings and BitLocker diff --git a/windows/security/operating-system-security/data-protection/bitlocker/configure.md b/windows/security/operating-system-security/data-protection/bitlocker/configure.md index 12bf6e3613..7fbff47e8c 100644 --- a/windows/security/operating-system-security/data-protection/bitlocker/configure.md +++ b/windows/security/operating-system-security/data-protection/bitlocker/configure.md @@ -2,7 +2,7 @@ title: Configure BitLocker description: Learn about the available options to configure BitLocker and how to configure them via Configuration Service Providers (CSP) or group policy (GPO). ms.topic: how-to -ms.date: 10/30/2023 +ms.date: 06/18/2024 --- # Configure BitLocker diff --git a/windows/security/operating-system-security/data-protection/bitlocker/countermeasures.md b/windows/security/operating-system-security/data-protection/bitlocker/countermeasures.md index 62dbc91a63..13b8fb7c50 100644 --- a/windows/security/operating-system-security/data-protection/bitlocker/countermeasures.md +++ b/windows/security/operating-system-security/data-protection/bitlocker/countermeasures.md @@ -1,8 +1,8 @@ --- title: BitLocker countermeasures -description: Learn about technologies and features to protect against attacks on the BitLocker encryption key. +description: Learn about technologies and features to protect against attacks on the BitLocker encryption key. ms.topic: concept-article -ms.date: 10/30/2023 +ms.date: 06/18/2024 --- # BitLocker countermeasures diff --git a/windows/security/operating-system-security/data-protection/bitlocker/csv-san.md b/windows/security/operating-system-security/data-protection/bitlocker/csv-san.md index 6eac3ac628..15db660036 100644 --- a/windows/security/operating-system-security/data-protection/bitlocker/csv-san.md +++ b/windows/security/operating-system-security/data-protection/bitlocker/csv-san.md @@ -2,7 +2,7 @@ title: Protect cluster shared volumes and storage area networks with BitLocker description: Learn how to protect cluster shared volumes (CSV) and storage area networks (SAN) with BitLocker. ms.topic: how-to -ms.date: 10/30/2023 +ms.date: 06/18/2024 appliesto: - ✅ Windows Server 2022 - ✅ Windows Server 2019 diff --git a/windows/security/operating-system-security/data-protection/bitlocker/faq.yml b/windows/security/operating-system-security/data-protection/bitlocker/faq.yml index d82b8f6355..b2642afed9 100644 --- a/windows/security/operating-system-security/data-protection/bitlocker/faq.yml +++ b/windows/security/operating-system-security/data-protection/bitlocker/faq.yml @@ -3,7 +3,7 @@ metadata: title: BitLocker FAQ description: Learn more about BitLocker by reviewing the frequently asked questions. ms.topic: faq - ms.date: 10/30/2023 + ms.date: 06/18/2024 title: BitLocker FAQ summary: Learn more about BitLocker by reviewing the frequently asked questions. diff --git a/windows/security/operating-system-security/data-protection/bitlocker/index.md b/windows/security/operating-system-security/data-protection/bitlocker/index.md index 9d9ff5daed..e9e9e7bdb7 100644 --- a/windows/security/operating-system-security/data-protection/bitlocker/index.md +++ b/windows/security/operating-system-security/data-protection/bitlocker/index.md @@ -2,7 +2,7 @@ title: BitLocker overview description: Learn about BitLocker practical applications and requirements. ms.topic: overview -ms.date: 10/30/2023 +ms.date: 06/18/2024 --- # BitLocker overview diff --git a/windows/security/operating-system-security/data-protection/bitlocker/install-server.md b/windows/security/operating-system-security/data-protection/bitlocker/install-server.md index c79ab3d0aa..a1b63ed90b 100644 --- a/windows/security/operating-system-security/data-protection/bitlocker/install-server.md +++ b/windows/security/operating-system-security/data-protection/bitlocker/install-server.md @@ -2,7 +2,7 @@ title: Install BitLocker on Windows Server description: Learn how to install BitLocker on Windows Server. ms.topic: how-to -ms.date: 10/30/2023 +ms.date: 06/18/2024 appliesto: - ✅ Windows Server 2022 - ✅ Windows Server 2019 diff --git a/windows/security/operating-system-security/data-protection/bitlocker/network-unlock.md b/windows/security/operating-system-security/data-protection/bitlocker/network-unlock.md index f0745f7122..39be442f55 100644 --- a/windows/security/operating-system-security/data-protection/bitlocker/network-unlock.md +++ b/windows/security/operating-system-security/data-protection/bitlocker/network-unlock.md @@ -1,8 +1,8 @@ --- -title: Network Unlock +title: Network Unlock description: Learn how BitLocker Network Unlock works and how to configure it. ms.topic: how-to -ms.date: 10/30/2023 +ms.date: 06/18/2024 --- # Network Unlock @@ -255,7 +255,7 @@ The subnet policy configuration file must use a `[SUBNETS]` section to identify ```ini [SUBNETS] SUBNET1=10.185.250.0/24 ; a comment about this subrange could be here, after the semicolon -SUBNET2=10.185.252.200/28 +SUBNET2=10.185.252.200/28 SUBNET3= 2001:4898:a:2::/64 ; an IPv6 subnet SUBNET4=2001:4898:a:3::/64; in production, the admin would likely give more useful names, like BUILDING9-EXCEPT-RECEP. ``` diff --git a/windows/security/operating-system-security/data-protection/bitlocker/operations-guide.md b/windows/security/operating-system-security/data-protection/bitlocker/operations-guide.md index 1eaff6b4ec..29452a46ea 100644 --- a/windows/security/operating-system-security/data-protection/bitlocker/operations-guide.md +++ b/windows/security/operating-system-security/data-protection/bitlocker/operations-guide.md @@ -2,7 +2,7 @@ title: BitLocker operations guide description: Learn how to use different tools to manage and operate BitLocker. ms.topic: how-to -ms.date: 10/30/2023 +ms.date: 06/18/2024 --- # BitLocker operations guide @@ -239,7 +239,7 @@ Add-BitLockerKeyProtector E: -PasswordProtector -Password $pw **Example**: Use PowerShell to enable BitLocker with a TPM protector ```powershell -Enable-BitLocker D: -EncryptionMethod XtsAes256 -UsedSpaceOnly -TpmProtector +Enable-BitLocker D: -EncryptionMethod XtsAes256 -UsedSpaceOnly -TpmProtector ``` **Example**: Use PowerShell to enable BitLocker with a TPM+PIN protector, in this case with a PIN set to *123456*: diff --git a/windows/security/operating-system-security/data-protection/bitlocker/planning-guide.md b/windows/security/operating-system-security/data-protection/bitlocker/planning-guide.md index 5fb64c8c85..c54ad2e21e 100644 --- a/windows/security/operating-system-security/data-protection/bitlocker/planning-guide.md +++ b/windows/security/operating-system-security/data-protection/bitlocker/planning-guide.md @@ -2,7 +2,7 @@ title: BitLocker planning guide description: Learn how to plan for a BitLocker deployment in your organization. ms.topic: concept-article -ms.date: 10/30/2023 +ms.date: 06/18/2024 --- # BitLocker planning guide diff --git a/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md b/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md index 78ab928ae2..ce03b1fa0b 100644 --- a/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md +++ b/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md @@ -2,7 +2,7 @@ title: BitLocker preboot recovery screen description: Learn about the information displayed in the BitLocker preboot recovery screen, depending on configured policy settings and recovery keys status. ms.topic: concept-article -ms.date: 10/30/2023 +ms.date: 06/18/2024 --- # BitLocker preboot recovery screen @@ -72,10 +72,10 @@ There are rules governing which hint is shown during the recovery (in the order :::row::: :::column span="2"::: In this scenario, the recovery password is saved to a file - + > [!IMPORTANT] > It's not recommend to print recovery keys or saving them to a file. Instead, use Microsoft account, Microsoft Entra ID or Active Directory backup. - + :::column-end::: :::column span="2"::: :::image type="content" source="images/preboot-recovery-hint.png" alt-text="Screenshot of the BitLocker recovery screen showing a hint where the BitLocker recovery key was saved." lightbox="images/preboot-recovery-hint.png" border="false"::: @@ -92,7 +92,7 @@ There are rules governing which hint is shown during the recovery (in the order - saved to Microsoft account - not printed - not saved to a file - + **Result:** the hints for the custom URL and the Microsoft account (**https://aka.ms/myrecoverykey**) are displayed. :::column-end::: :::column span="2"::: @@ -110,7 +110,7 @@ There are rules governing which hint is shown during the recovery (in the order - saved to Active Directory - not printed - not saved to a file - + **Result:** only the custom URL is displayed. :::column-end::: :::column span="2"::: @@ -129,7 +129,7 @@ There are rules governing which hint is shown during the recovery (in the order - saved to Microsoft Entra ID - printed - saved to file - + **Result:** only the Microsoft account hint (**https://aka.ms/myrecoverykey**) is displayed. :::column-end::: :::column span="2"::: @@ -149,12 +149,12 @@ There are rules governing which hint is shown during the recovery (in the order - saved to file - creation time: **1PM** - key ID: **4290B6C0-B17A-497A-8552-272CC30E80D4** - + The recovery password #2 is: - not backed up - creation time: **3PM** - key ID: **045219EC-A53B-41AE-B310-08EC883AAEDD** - + **Result:** only the hint for the successfully backed up key is displayed, even if it isn't the most recent key. :::column-end::: :::column span="2"::: @@ -175,12 +175,12 @@ There are rules governing which hint is shown during the recovery (in the order - Saved to Microsoft Entra ID - creation time: **1PM** - key ID: **4290B6C0-B17A-497A-8552-272CC30E80D4** - + The recovery password #2 is: - Saved to Microsoft Entra ID - creation time: **3PM** - key ID: **045219EC-A53B-41AE-B310-08EC883AAEDD** - + **Result:** the Microsoft Entra ID hint (**https://aka.ms/aadrecoverykey**), which is the most recent key saved, is displayed. :::column-end::: :::column span="2"::: diff --git a/windows/security/operating-system-security/data-protection/bitlocker/recovery-overview.md b/windows/security/operating-system-security/data-protection/bitlocker/recovery-overview.md index c7613a0f46..4625b2f5e0 100644 --- a/windows/security/operating-system-security/data-protection/bitlocker/recovery-overview.md +++ b/windows/security/operating-system-security/data-protection/bitlocker/recovery-overview.md @@ -2,7 +2,7 @@ title: BitLocker recovery overview description: Learn about BitLocker recovery scenarios, recovery options, and how to determine root cause of failed automatic unlocks. ms.topic: how-to -ms.date: 10/30/2023 +ms.date: 06/18/2024 --- # BitLocker recovery overview diff --git a/windows/security/operating-system-security/data-protection/bitlocker/recovery-process.md b/windows/security/operating-system-security/data-protection/bitlocker/recovery-process.md index b002833d87..ea2fd91338 100644 --- a/windows/security/operating-system-security/data-protection/bitlocker/recovery-process.md +++ b/windows/security/operating-system-security/data-protection/bitlocker/recovery-process.md @@ -2,7 +2,7 @@ title: BitLocker recovery process description: Learn how to obtain BitLocker recovery information for Microsoft Entra joined, Microsoft Entra hybrid joined, and Active Directory joined devices, and how to restore access to a locked drive. ms.topic: how-to -ms.date: 10/30/2023 +ms.date: 06/18/2024 --- # BitLocker recovery process @@ -83,7 +83,7 @@ function Get-EntraBitLockerKeys{ foreach ($keyId in $keyIds) { $recoveryKey = (Get-MgInformationProtectionBitlockerRecoveryKey -BitlockerRecoveryKeyId $keyId -Select "key").key Write-Host -ForegroundColor White " Key id: $keyid" - Write-Host -ForegroundColor Cyan " BitLocker recovery key: $recoveryKey" + Write-Host -ForegroundColor Cyan " BitLocker recovery key: $recoveryKey" } } else { Write-Host -ForegroundColor Red "No BitLocker recovery keys found for device $DeviceName" diff --git a/windows/security/operating-system-security/data-protection/bitlocker/recovery-screen.md b/windows/security/operating-system-security/data-protection/bitlocker/recovery-screen.md new file mode 100644 index 0000000000..a296e03847 --- /dev/null +++ b/windows/security/operating-system-security/data-protection/bitlocker/recovery-screen.md @@ -0,0 +1,141 @@ +--- +title: BitLocker recovery screen +description: +ms.topic: how-to +ms.date: 06/18/2024 +--- + +# BitLocker recovery screen + +[!INCLUDE [insider-note](../../../../../includes/insider/insider-note.md)] + +BitLocker recovery errors and their causes + +BitLocker recovery is the process by which access to a BitLocker-protected drive can be restored if the drive doesn't unlock using its default unlock mechanism. + +Prompting for the recovery password or other recovery method defends against suspected unauthorized access to user data by an attacker. Providing the recovery password allows BitLocker to confirm that the owner of the device is in posession of the device in recovery and that the device and stored data should become accessible. + +For mroe information about BitLocker recovery, see this page. + +## Initiated by user + +E_FVE_USER_REQUESTED_RECOVERY + +BitLocker entered recovery mode because of a transition from a screen with the option to ESC to recovery mode. + +E_FVE_BOOT_DEBUG_ENABLED + +BitLocker entered recovery mode because boot debugging mode has been enabled. To remediate this issue, remove the boot debugging option from the boot configuration database. + +## Code integrity + +Driver signature enforcement is used to ensure code integrity of the operating system. + +E_FVE_CI_DISABLED + +BitLocker entered recovery mode because driver signature enforcement has been disabled. + +## Device lockout + +Device lockout threshold functionality allows an administrator to configure Windows logon with BitLocker protection. After the configured number of failed Windows logon attempts, the device will be rebooted and can only be recovered by providing a BitLocker recovery method. + +This feature is configurable with the "Interactive logon: Machine account lockout threshold" policy. + +E_FVE_DEVICE_LOCKEDOUT + +BitLocker entered recovery mode because device lockout has been triggered due to too many incorrect sign in attempts. A BitLocker recovery method is required to return to the logon screen. + +E_FVE_DEVICE_LOCKOUT_MISMATCH + +BitLocker entered recovery mode because the device lockout counter is out of sync. A BitLocker recovery method is required to return to the logon screen. + + + +## Boot configuration + +The Boot Configuration Database (BCD) contains critical information for the Windows boot environment. More information about how BitLocker uses the BCD is available here. + + + +E_FVE_BAD_CODE_ID, E_FVE_BAD_CODE_OPTION + +BitLocker entered recovery mode because a boot application has changed. + +BitLocker tracks the data inside the BCD. BitLocker recovery can occur when this data changes without warning. Refer to the recovery screen to find the boot application that changed. + +To remediate this issue, restore the BCD configuration. A BitLocker recovery method is required to unlock the device if the BCD configuration cannot be restored before booting. + + + +## TPM + +The Trusted Platform Module (TPM) is cryptographic hardware or firmware used to secure a computer. More information about the TPM is available at Trusted Platform Module Technology Overview - Windows Security | Microsoft Learn. + +BitLocker creates a TPM protector to manage protection of the encryption keys used to encrypt your data. At boot, BitLocker attempts to communicate with the TPM to unlock the device and access your data. More information about how BitLocker uses the TPM is available at BitLocker overview - Windows Security | Microsoft Learn. + + + +E_FVE_TPM_FAILURE, E_FVE_TPM_DISABLED, E_FVE_TPM_INVALIDATED, E_FVE_BAD_SRK, E_FVE_TPM_NOT_DETECTED, E_MATCHING_PCRS_TPM_FAILURE + +BitLocker entered recovery mode because of a failure with the Trusted Platform Module. + +E_FVE_TPM_FAILURE is a catch-all for other TPM errors not detailed below. + +E_FVE_TPM_DISABLED is displayed when the TPM is present but has been disabled for use before or during boot. + +E_FVE_TPM_INVALIDATED is displayed when a present TPM has been invalidated. + +E_FVE_BAD_SRK indicates that the TPM's internal Storage Root Key has been corrupted. + +E_FVE_TPM_NOT_DETECTED is displayed when the booting system does not have a TPM or does not recognize a TPM that may exist + +E_MATCHING_PCRS_TPM_FAILURE means that the TPM unexpectedly failed when unsealing the encryption key. + +## Protector + +### TPM protectors + +The TPM contains multiple Platform Configuration Registers (PCRs) that can be used in the validation profile of the BitLocker TPM protector. The PCRs are used to validate the integrity of the boot process, that is, that the boot configuration and boot flow hasn't been tampered with. + +BitLocker recovery can be the result of unexpected changes in the PCRs used in the TPM protector validation profile. Changes to PCRs not used in the TPM protector profile do not influence BitLocker. + +### `E_FVE_PCR_MISMATCH` + +BitLocker entered recovery mode because your device's configuration has changed. + +This may have happened because: + +- A disc or USB device was inserted. Removing it and restarting your device may fix this problem +- A firmware update was applied without updating the TPM protector +- Any example at https://learn.microsoft.com/en-us/windows/security/operating-system-security/data-protection/bitlocker/recovery-overview#bitlocker-recovery-scenarios + +A recovery method is required to unlock the device. + +#### Special cases for PCR 7 + +If the TPM protector uses PCR 7 in the validation profile, BitLocker expects PCR 7 to measure a specific set of events for Secure Boot. These measurements are defined in the UEFI spec. More information is also available at Trusted Execution Environment EFI Protocol - Windows 8.1 HCK | Microsoft Learn. + +### `E_FVE_SECUREBOOT_DISABLED` + +BitLocker entered recovery mode because Secure Boot has been disabled. + +To access the encryption key and unlock your device, BitLocker expects Secure Boot to be on. Re-enabling Secure Boot and rebooting the system may fix the recovery issue. Otherwise, a recovery method is required to access the device. + + +### `E_FVE_SECUREBOOT_CHANGED` + +BitLocker entered recovery mode because the Secure Boot configuration unexpectedly changed. + +The boot configuration measured in PCR 7 changed. This may be either because of: + +- An additional measurement currently present that was not present when BitLocker updated the TPM protector +- A missing measurement that was present when BitLocker last updated the TPM protector but now is not present +- An expected event has a different measurement + +A recovery method is required to unlock the device. + +## Unknown + +### `E_FVE_RECOVERY_ERROR_UNKNOWN` + +BitLocker entered recovery mode because of an unknown error. A recovery method is required to unlock the device. \ No newline at end of file diff --git a/windows/security/operating-system-security/data-protection/bitlocker/toc.yml b/windows/security/operating-system-security/data-protection/bitlocker/toc.yml index ba7f125549..cda7e92884 100644 --- a/windows/security/operating-system-security/data-protection/bitlocker/toc.yml +++ b/windows/security/operating-system-security/data-protection/bitlocker/toc.yml @@ -17,6 +17,8 @@ items: href: recovery-process.md - name: Preboot recovery screen href: preboot-recovery-screen.md + - name: Preboot recovery screen refresh + href: recovery-screen.md - name: How-to guides items: - name: Install BitLocker on Windows Server From 510cf0c756ad9249e5ef0a6b6640c1776e704937 Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Tue, 18 Jun 2024 11:25:17 -0400 Subject: [PATCH 02/36] updates --- .../bitlocker/recovery-screen.md | 83 ++++++++----------- 1 file changed, 33 insertions(+), 50 deletions(-) diff --git a/windows/security/operating-system-security/data-protection/bitlocker/recovery-screen.md b/windows/security/operating-system-security/data-protection/bitlocker/recovery-screen.md index a296e03847..275fea360c 100644 --- a/windows/security/operating-system-security/data-protection/bitlocker/recovery-screen.md +++ b/windows/security/operating-system-security/data-protection/bitlocker/recovery-screen.md @@ -1,55 +1,47 @@ --- -title: BitLocker recovery screen +title: BitLocker recovery errors and their causes description: ms.topic: how-to ms.date: 06/18/2024 --- -# BitLocker recovery screen +# BitLocker recovery errors and their causes [!INCLUDE [insider-note](../../../../../includes/insider/insider-note.md)] -BitLocker recovery errors and their causes - BitLocker recovery is the process by which access to a BitLocker-protected drive can be restored if the drive doesn't unlock using its default unlock mechanism. -Prompting for the recovery password or other recovery method defends against suspected unauthorized access to user data by an attacker. Providing the recovery password allows BitLocker to confirm that the owner of the device is in posession of the device in recovery and that the device and stored data should become accessible. +Prompting for the recovery password or other recovery method defends against suspected unauthorized access to user data by an attacker. Providing the recovery password allows BitLocker to confirm that the owner of the device is in possession of the device in recovery, and that the device and stored data should become accessible. -For mroe information about BitLocker recovery, see this page. +For more information about BitLocker recovery, see [BitLocker recovery overview](recovery-overview.md). -## Initiated by user +This article is divided in different sections, each section represents a BitLocker error category. Within each section there's a table with the error message displayed on the recovery screen and the cause of the error. -E_FVE_USER_REQUESTED_RECOVERY +## Originated by user -BitLocker entered recovery mode because of a transition from a screen with the option to ESC to recovery mode. - -E_FVE_BOOT_DEBUG_ENABLED - -BitLocker entered recovery mode because boot debugging mode has been enabled. To remediate this issue, remove the boot debugging option from the boot configuration database. +| Error code | Error cause | Resolution| +|-|-|-| +|`E_FVE_USER_REQUESTED_RECOVERY`|The user explicitly entered recovery mode from a screen with the option to `ESC` to recovery mode.|| +|`E_FVE_BOOT_DEBUG_ENABLED`|Boot debugging mode is enabled. |Remove the boot debugging option from the boot configuration database.| ## Code integrity Driver signature enforcement is used to ensure code integrity of the operating system. -E_FVE_CI_DISABLED +| Error code | Error cause | Resolution| +|-|-|-| +|`E_FVE_CI_DISABLED`|Driver signature enforcement is disabled.|| -BitLocker entered recovery mode because driver signature enforcement has been disabled. +## Device lockout threshold -## Device lockout - -Device lockout threshold functionality allows an administrator to configure Windows logon with BitLocker protection. After the configured number of failed Windows logon attempts, the device will be rebooted and can only be recovered by providing a BitLocker recovery method. - -This feature is configurable with the "Interactive logon: Machine account lockout threshold" policy. - -E_FVE_DEVICE_LOCKEDOUT - -BitLocker entered recovery mode because device lockout has been triggered due to too many incorrect sign in attempts. A BitLocker recovery method is required to return to the logon screen. - -E_FVE_DEVICE_LOCKOUT_MISMATCH - -BitLocker entered recovery mode because the device lockout counter is out of sync. A BitLocker recovery method is required to return to the logon screen. +Device lockout threshold functionality allows an administrator to configure Windows logon with BitLocker protection. After the configured number of failed Windows logon attempts, the device reboots and can only be recovered by providing a BitLocker recovery method. +To take advantage of this functionality, you must configure the policy setting **Interactive logon: Machine account lockout threshold** located in **Computer Configuration** > **Windows Settings** > **Security Settings** > **Local Policies** > **Security Options**. Alternatively, use the [Exchange ActiveSync](/Exchange/clients/exchange-activesync/exchange-activesync) **MaxFailedPasswordAttempts** policy setting, or the [DeviceLock Configuration Service Provider (CSP)](/windows/client-management/mdm/policy-csp-devicelock#accountlockoutpolicy). +| Error code | Error cause | Resolution| +|-|-|-| +|`E_FVE_DEVICE_LOCKEDOUT`|Device lockout triggered due to too many incorrect sign in attempts.|A BitLocker recovery method is required to return to the logon screen.| +|`E_FVE_DEVICE_LOCKOUT_MISMATCH`|The device lockout counter is out of sync. |A BitLocker recovery method is required to return to the logon screen.| ## Boot configuration @@ -65,31 +57,22 @@ BitLocker tracks the data inside the BCD. BitLocker recovery can occur when this To remediate this issue, restore the BCD configuration. A BitLocker recovery method is required to unlock the device if the BCD configuration cannot be restored before booting. - - ## TPM -The Trusted Platform Module (TPM) is cryptographic hardware or firmware used to secure a computer. More information about the TPM is available at Trusted Platform Module Technology Overview - Windows Security | Microsoft Learn. +The Trusted Platform Module (TPM) is cryptographic hardware or firmware used to secure a device. More information about the TPM is available at Trusted Platform Module Technology Overview - Windows Security | Microsoft Learn. BitLocker creates a TPM protector to manage protection of the encryption keys used to encrypt your data. At boot, BitLocker attempts to communicate with the TPM to unlock the device and access your data. More information about how BitLocker uses the TPM is available at BitLocker overview - Windows Security | Microsoft Learn. +BitLocker entered recovery mode because of a failure with the TPM. - -E_FVE_TPM_FAILURE, E_FVE_TPM_DISABLED, E_FVE_TPM_INVALIDATED, E_FVE_BAD_SRK, E_FVE_TPM_NOT_DETECTED, E_MATCHING_PCRS_TPM_FAILURE - -BitLocker entered recovery mode because of a failure with the Trusted Platform Module. - -E_FVE_TPM_FAILURE is a catch-all for other TPM errors not detailed below. - -E_FVE_TPM_DISABLED is displayed when the TPM is present but has been disabled for use before or during boot. - -E_FVE_TPM_INVALIDATED is displayed when a present TPM has been invalidated. - -E_FVE_BAD_SRK indicates that the TPM's internal Storage Root Key has been corrupted. - -E_FVE_TPM_NOT_DETECTED is displayed when the booting system does not have a TPM or does not recognize a TPM that may exist - -E_MATCHING_PCRS_TPM_FAILURE means that the TPM unexpectedly failed when unsealing the encryption key. +| Error code | Error cause | +|-|-| +|`E_FVE_TPM_DISABLED` | A TPM is present but has been disabled for use before or during boot| +|`E_FVE_TPM_INVALIDATED` | A TPM is present but invalidated| +|`E_FVE_BAD_SRK` | The TPM's internal Storage Root Key is corrupted| +|`E_FVE_TPM_NOT_DETECTED` | The booting system doesn't have or doesn't detect a TPM| +|`E_MATCHING_PCRS_TPM_FAILURE`| The TPM unexpectedly failed when unsealing the encryption key| +|`E_FVE_TPM_FAILURE` | Catch-all for other TPM errors.| ## Protector @@ -136,6 +119,6 @@ A recovery method is required to unlock the device. ## Unknown -### `E_FVE_RECOVERY_ERROR_UNKNOWN` - -BitLocker entered recovery mode because of an unknown error. A recovery method is required to unlock the device. \ No newline at end of file +| Error code | Error cause | Resolution| +|-|-|-| +|`E_FVE_RECOVERY_ERROR_UNKNOWN`| BitLocker entered recovery mode because of an unknown error. | A recovery method is required to unlock the device.| \ No newline at end of file From 4a1e0643cf18f5f7a4a5b74c8a11d4e3e22f5f80 Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Tue, 18 Jun 2024 14:55:09 -0400 Subject: [PATCH 03/36] updates --- .../bitlocker/recovery-screen.md | 60 +++++++------------ 1 file changed, 20 insertions(+), 40 deletions(-) diff --git a/windows/security/operating-system-security/data-protection/bitlocker/recovery-screen.md b/windows/security/operating-system-security/data-protection/bitlocker/recovery-screen.md index 275fea360c..d8011c5ef4 100644 --- a/windows/security/operating-system-security/data-protection/bitlocker/recovery-screen.md +++ b/windows/security/operating-system-security/data-protection/bitlocker/recovery-screen.md @@ -5,7 +5,7 @@ ms.topic: how-to ms.date: 06/18/2024 --- -# BitLocker recovery errors and their causes +## Recovery error details and their causes [!INCLUDE [insider-note](../../../../../includes/insider/insider-note.md)] @@ -17,14 +17,14 @@ For more information about BitLocker recovery, see [BitLocker recovery overview] This article is divided in different sections, each section represents a BitLocker error category. Within each section there's a table with the error message displayed on the recovery screen and the cause of the error. -## Originated by user +### Originated by user | Error code | Error cause | Resolution| |-|-|-| |`E_FVE_USER_REQUESTED_RECOVERY`|The user explicitly entered recovery mode from a screen with the option to `ESC` to recovery mode.|| |`E_FVE_BOOT_DEBUG_ENABLED`|Boot debugging mode is enabled. |Remove the boot debugging option from the boot configuration database.| -## Code integrity +### Code integrity Driver signature enforcement is used to ensure code integrity of the operating system. @@ -32,7 +32,7 @@ Driver signature enforcement is used to ensure code integrity of the operating s |-|-|-| |`E_FVE_CI_DISABLED`|Driver signature enforcement is disabled.|| -## Device lockout threshold +### Device lockout threshold Device lockout threshold functionality allows an administrator to configure Windows logon with BitLocker protection. After the configured number of failed Windows logon attempts, the device reboots and can only be recovered by providing a BitLocker recovery method. @@ -43,21 +43,15 @@ To take advantage of this functionality, you must configure the policy setting * |`E_FVE_DEVICE_LOCKEDOUT`|Device lockout triggered due to too many incorrect sign in attempts.|A BitLocker recovery method is required to return to the logon screen.| |`E_FVE_DEVICE_LOCKOUT_MISMATCH`|The device lockout counter is out of sync. |A BitLocker recovery method is required to return to the logon screen.| -## Boot configuration +### Boot configuration -The Boot Configuration Database (BCD) contains critical information for the Windows boot environment. More information about how BitLocker uses the BCD is available here. +The *Boot Configuration Database (BCD)* contains critical information for the Windows boot environment. More information about how BitLocker uses the BCD is available here. +| Error code | Error cause | Resolution| +|-|-|-| +|`E_FVE_BAD_CODE_ID, E_FVE_BAD_CODE_OPTION`|BitLocker entered recovery mode because a boot application has changed.|BitLocker tracks the data inside the BCD. BitLocker recovery can occur when this data changes without warning. Refer to the recovery screen to find the boot application that changed.
To remediate this issue, restore the BCD configuration. A BitLocker recovery method is required to unlock the device if the BCD configuration cannot be restored before booting.| - -E_FVE_BAD_CODE_ID, E_FVE_BAD_CODE_OPTION - -BitLocker entered recovery mode because a boot application has changed. - -BitLocker tracks the data inside the BCD. BitLocker recovery can occur when this data changes without warning. Refer to the recovery screen to find the boot application that changed. - -To remediate this issue, restore the BCD configuration. A BitLocker recovery method is required to unlock the device if the BCD configuration cannot be restored before booting. - -## TPM +### TPM The Trusted Platform Module (TPM) is cryptographic hardware or firmware used to secure a device. More information about the TPM is available at Trusted Platform Module Technology Overview - Windows Security | Microsoft Learn. @@ -74,17 +68,17 @@ BitLocker entered recovery mode because of a failure with the TPM. |`E_MATCHING_PCRS_TPM_FAILURE`| The TPM unexpectedly failed when unsealing the encryption key| |`E_FVE_TPM_FAILURE` | Catch-all for other TPM errors.| -## Protector +### Protector -### TPM protectors +#### TPM protectors The TPM contains multiple Platform Configuration Registers (PCRs) that can be used in the validation profile of the BitLocker TPM protector. The PCRs are used to validate the integrity of the boot process, that is, that the boot configuration and boot flow hasn't been tampered with. BitLocker recovery can be the result of unexpected changes in the PCRs used in the TPM protector validation profile. Changes to PCRs not used in the TPM protector profile do not influence BitLocker. -### `E_FVE_PCR_MISMATCH` - -BitLocker entered recovery mode because your device's configuration has changed. +| Error code | Error cause | +|-|-| +|`E_FVE_PCR_MISMATCH`|BitLocker entered recovery mode because your device's configuration has changed.| This may have happened because: @@ -98,26 +92,12 @@ A recovery method is required to unlock the device. If the TPM protector uses PCR 7 in the validation profile, BitLocker expects PCR 7 to measure a specific set of events for Secure Boot. These measurements are defined in the UEFI spec. More information is also available at Trusted Execution Environment EFI Protocol - Windows 8.1 HCK | Microsoft Learn. -### `E_FVE_SECUREBOOT_DISABLED` +| Error code | Error cause |Resolution| +|-|-|-| +|`E_FVE_SECUREBOOT_DISABLED`|BitLocker entered recovery mode because Secure Boot has been disabled.|To access the encryption key and unlock your device, BitLocker expects Secure Boot to be on. Re-enabling Secure Boot and rebooting the system may fix the recovery issue. Otherwise, a recovery method is required to access the device.| +|`E_FVE_SECUREBOOT_CHANGED`|BitLocker entered recovery mode because the Secure Boot configuration unexpectedly changed.|The boot configuration measured in PCR 7 changed. This may be either because of:
- An additional measurement currently present that was not present when BitLocker updated the TPM protector
- A missing measurement that was present when BitLocker last updated the TPM protector but now is not present
- An expected event has a different measurement - A recovery method is required to unlock the device.| -BitLocker entered recovery mode because Secure Boot has been disabled. - -To access the encryption key and unlock your device, BitLocker expects Secure Boot to be on. Re-enabling Secure Boot and rebooting the system may fix the recovery issue. Otherwise, a recovery method is required to access the device. - - -### `E_FVE_SECUREBOOT_CHANGED` - -BitLocker entered recovery mode because the Secure Boot configuration unexpectedly changed. - -The boot configuration measured in PCR 7 changed. This may be either because of: - -- An additional measurement currently present that was not present when BitLocker updated the TPM protector -- A missing measurement that was present when BitLocker last updated the TPM protector but now is not present -- An expected event has a different measurement - -A recovery method is required to unlock the device. - -## Unknown +### Unknown | Error code | Error cause | Resolution| |-|-|-| From faabe67879cb7030d5d153bd52e230254e3c0b38 Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Tue, 18 Jun 2024 16:06:15 -0400 Subject: [PATCH 04/36] updates --- ...r-recovery-screen-24h2-additional-info.png | Bin 0 -> 109835 bytes .../images/bitlocker-recovery-screen-24h2.png | Bin 0 -> 98162 bytes .../bitlocker/recovery-screen-error-codes.md | 128 ++++++++++++++++++ .../bitlocker/recovery-screen.md | 5 + 4 files changed, 133 insertions(+) create mode 100644 windows/security/operating-system-security/data-protection/bitlocker/images/bitlocker-recovery-screen-24h2-additional-info.png create mode 100644 windows/security/operating-system-security/data-protection/bitlocker/images/bitlocker-recovery-screen-24h2.png create mode 100644 windows/security/operating-system-security/data-protection/bitlocker/recovery-screen-error-codes.md diff --git a/windows/security/operating-system-security/data-protection/bitlocker/images/bitlocker-recovery-screen-24h2-additional-info.png b/windows/security/operating-system-security/data-protection/bitlocker/images/bitlocker-recovery-screen-24h2-additional-info.png new file mode 100644 index 0000000000000000000000000000000000000000..113770d1138447b281b551e9cd22e00215567f0e GIT binary patch literal 109835 zcmeFZX;_lm_cv~3nVr&xQ)Z=BR%)4=vp5|av@*4_Qd6`tXK@AuMJp>iN7GDmMk?od z21l^0ECCP^Zh-~oBxad^}KoBeDCY>Qns6Y@4fcgYp?ZLpS}OS zZfmt`$Dth(5)!+vT)ucyLPF}1goI?(_H97PAuR_k@Jl-AvQwyp#2@>_Kbs^nvkwA= zn?i3|otLN}9+?9^NP1b=SV%}zC;qX1f2+i%vbR?*THFfXw6Nh;c5?9XDdaX?Y>Lxy zpG~hJM*Z3W`(5@{T((X-UOmPAdT_v@!L#YogEwvqn|*eyOF}YK4ks39*&Y32B5$(S zX&~)ZHryi+nR#K* z1UI#~?oe)mLiK~s|1de9?=rG|H)C4Z<{OOp=*om!qWO_%^Hn;%ghyI?2({%@o&owV zeh#oU<_WUe!*r==#5<%YdR-)(6Nn~6df%u-c}^E-6~!7c-lo}XKmNzRU#M~(6BSyh zt{V(CiY9xbk+bIO_Ow#umT^1bV02S$iEvP4v-Cf8Pj9nW60ItUc+vc5VJu;e5Al*% z|3($kM2W}&&3_w|D5Y=k2m(8rh_K$lO~h?&!?ZA239>?V+W!Bku@ESnn-HZz2Y5WBRC!nd_$ibQazM45=fUFN|Id5Z;vn zn%*!+)gVP~8_{gCc>00oQR^fi0|$X9(ONjyESew$UfYCPbT~8dpANQ-g#rRA_<{N^mtN$}@xW}JMB3A_?9Ed(5vfuh|-L^4q zC2@mCmw7*4diviY2`-jbN(-M1ZNB?tf}TP>%{sahw1Bbnoo;NBc3RD`X!f8Vrv>vLb0LY*ZyhR(y+Q< zfazW9y6X6uvGtxND7+UxkFQjemn6sq3PvAqD3!>t2ya1=OHbyPz3hf$sp2-P45S}D zZp_nJOVD(^BQnUSlL3lW6Uh@ zlfA=>=JaQYh_eOP{1EGfmA56dikk^xm!J%~dHovea6)7mKTayDnr`(8_Kc7*H(4wf z<$y*qTKN;jF>;HnBMLi9AA&1y0Pk`5GH;$--lu|li6`<2wFzxsi*mOJyt2~YGIVOAfe}k$ zR6vU=cIyvVV|Eovk#@cb!X6Z5MScO>C97EES)D*u1sYV3QF}YQPdg-k7?JV4TJjm^ zZe=R@1NQGE-`{W=3=2xw^t@DT71>(_5sG zmEk}$`<@4*6~E=Y4UqH4T~=n;Y1&+i35+RaZ|;Tk&UJ!y#1)PeUl?~9TbII5$(rHrnB*o)HVr2YJJ+BaC$rkCH6&z&=Toy;5L3?vwufN*5({< zFq&oqT20}CBp%g{K1L}~R#;>j$X;BxYD}`Nti_lRKAak@6g^XqoX2qw!7Mjz0sbc; z5ro|*QQKFe??1HjjP?e*7&lfb5?=HxC%0ftdyf6CB9Uzav{08-VOlp$1N^%A8Jb<# zwJoUr-V6V67PHHN3T2W_K-a6!np@9O2X;Q4e6Fli{_pq4{XOt5cZN6)sE1uCL={&= zXeggPLs~4-7+vS}T5DFwD4ASu4WAFI_aDY}$+}h<*>FCHjfMtB^z$3Mgud-Drx-`P zWqeW)wsBjjTt=zsEvSlhAxn^=mu%OHD$uA*oA;@M2VjOi>&39MoAlJF?0Km_|H)?A z2jU$>yvCsmJGzEU=u(;^xJEZ4`Y^^sx4IkE6nXs=M=xku2*E^S2OB*V{;qS-%t00+ z`D-+Xe&2x7VQk)!e(Y2WzHSTCg|_z6V?b~d6APIig4GYqrOY*vi*Fl=Jlr}_i@!3= z7w$Ua0$|Nd*SZz7_W(*8YG936xHSq{bZC|_-}rbqwEoy|fG65V$uEIjOsA#uN8Vtu zs2*9y#}HQT;-vHRhzxc7k9knP385K$Y8bQ5%7wL3Uq*=Msg#v%H^zmt9IBo~EpbQ# z3O7H46V2RA$L{iQ3@B}5xoa@SJSzWgYS_-vl{LHDI2oa?v4J2jSyeE$aH5G-YE|O? za;}`PJX=|!l4E+i=d{9Yc+_$qNCI=QbNPdXksfc3&U3|iv`&+v*cp(=5ouQvr~k)9 z4YpXKX-_DObe)os@A8(W4uR|5qS_-!*bah}5(29f)!5yz~2#WXhb*I`7!QFSAHqc#`-$b_}6d%Y3JJd$|h*YZk>7x2r zVI-Sn6kS|sGn{C=jrXPkWp>G$823iNYnjBgCU#uf zZFc6&m=ivFD$2+v;vCCV%_F-eARsgoGy=D!di)R)lh|pDNEc_lxpTJc4M>i_n@rbW zn~mXJy#^iR=#7?wYXUInK(JEIlw-j#ZlNC>&0bG1*$EiGHea31>2FeGu$~<^avE5S zSrmWG0NbLk5Y@Hgkrnh5_lj2!iM8?Z=94+eZSb9-)3t8>s^}=%D%Gt=7Zg02@4~{b zb)K~#=Jlze*-6BWr`BCXas5N>3-%v*M@SIajgT(NaR24YaK_Pw%T}Vgp?c!9%ZYWg z0|?Gidb*=$+&eovHpG=Go6-FsbsYCKN~swp3MzQ62Kwk_w0IoiCp=NMwsO=zduo-+ zi*qTI*7a;Xl^H_w#mOgcODPQ!W>GA-hSDN-p%d2W_5B;0f&|7EYu&A$ILe|&y6$#n z6lCOy#Jfptg$#r?b*A2AYZ{2 zEd26T!Szegh7aQkckWvtDqv3b6R^2d@d4YB7oXtM`J&S-5o6eR^3jzJ7f|SdVd-Sz zr`SM36E0L0T~jy~RVh>AZn)QzF@4)IMZHAl6uMIW+;_Qy4?kV3jj3w2Q!8ZAgkIJP zm+Iv_bm{GG%}qELDjhT(zVvZ}N`yz{gys+_mtZ4aS#ysRadt)t*a6x=#$f`RH(2*& z>-ouf=i$nM#!HDiN6yY&cDuMrh1$kl>8#HtBhEjrQz_=5-nHdH{SQro>Zu)Lyo~mw zM{Y$zz7?S&LG-KMH)TX~<@+_Yc7L7zc8&LDuKhbyYgx(u@cqPSdt#UR2PcOHd{OTp zlO@^c)uYqg9`K_a8zFzwd=c3kjkw6U<{ay z9}&Ohs^xuX|Mh|`d8R9>b}J;~{VwN9w#=;BxiOh9Y`v~0C@YXXOmSgfQe?6azn&51 z@;V3FrHz`*R62sXplSYd64z7$hITn)(`@n1@c4QUx6F=n74Fd)3JHK0cNr>rJJ~Q= zj1ECPsB+8Yp5?F#K2+BkJ7i6Cw;T(SN8L(MgX{FT2_j{!9x76X?xR7kLd_sv5zQ6T zjycE)IJ7Yg6}46dL&dRVL3ndPIi_sD8|yQDXr0^R5Fj+B|6KNpHZH;h1_~FJ-fiI= z!sPyXcHYNX`$8$}RJTLn+KiUP^NlL>EJ}<|BTz;fb^Tom2h00`4%3zkh z_MzKpwIVyh zl3+}5ooKztVum<9oXwPy&lFK}2d44JJ}AT^noB|c1ZH170dNqKZR0&v22bP`^*N30 z+|t><6t_KH`{h03b(HV-ZwNBY%)Dlc-s3AEtTxg};aa}^DfBsZS=XSPFm>*^71O>| z^e;TL zk*C#sDyG0cYRw)RdJ`YA0FvV%zms?**YAUCCf}eg^AzhC*a>L)S7=zr%QTz)i)l#& zCih`qs0%m$>7C@+L-#ZFmvfXhkPCHq52Hux^3NZpL5iu#VKDl!49~X>F9e^}?f>Zb4dY-KL`_!p%Z>;c|&bzqhwx*GSF zrE|Z&=Wc(ZG55m3i}30^S8UYk;y%h_T6{nZVq!#LDJDv7$at8#WaekrS3PE;7dvk zCN#J!8$uSTMUNnW^`z<@w(u+7Qd?F{RpewxjJEJnVa}ZK6v#?|^D}J3o~C*Kiq^=q z^b_l&e0(|0;-9CkY~R(I2kod9BRMP&!l1equkU5dOl!bK*yF-)Az;RG|_DH zy*pPy)(H^Cf`U2dt>S*zPn>g!v`Ti@f+TN32M){qc_sY-<$iuo{saK|_X2lI)ZU~hToK1F!B&I)kBMc-CE0c1kJ!)9a0Ge#IV3uVj2uc-%oF-Rx75eg{Lkj-Ywq`=q=a?^aF0>v}g8 zJ?8dGZ2W5Txu-9J`|D{8sXY# zRkvmI2(?Ii_RujsM!S5!?TwZlbi!FdvX+`an-z04ZYQ~NZu^j&!UFT@sDHEEG3dNw z$K?eC=@J?K%8AgNFGIKUeChP-P;afPoYUsKV#(QBS9UuTiHj<1XsN&W?dwLc5^YHM z#Y9&7Peiohig(jHJiSMMhoNWdm*@RH@{$FHu>U1h2AM@e>CxZU{71^rRH439*gMeS=$B#x0JzeSpQChjbPh9x5u7h zHMr`rC2xoW_|#|;6+6}1<7fD;jpIJ=6w&!}K;UGhV^=a-V7AgP!d7VoHl$8ZDcglY zu+&y3C1N`4pP#o4MW_SkT33#@bGYy)m!u+$Jt}ddVCzuzd6zJhl#zaiE|~`Ym{|ji zSNd9W1v7g~ zVxJSpUoIGr0h|G6;i%%)TK~D7f#TS1&{dBC9pN19IIh^{O?sqNVsEzTzVW@aFR#5e zd*h1F1+P>FjBjz-X0&1~tgrOb)iW zG(i*e5JH2q-wvqLMpJKFQKrpbRxkvsI<@Bh{WAAtT^G#Eit7kW5qf$22_vNWY!2uC za|9s{W@;F+^buWt1{mmq88DZ*qZTICg>#b%_9tz1OkI2RC>}RLuGNNZ!(E8E^jwA1 zx&njhU-i1ztc>c-eb@Z)l~VyO8$SQVo7{|+dE^#Y&S`M4%ALw49@4HOp@@v*ic{XP zo2^8@evXk{qX(_9>k%qX>S0+;MUw%(xcf#5Rr?jo zTE*UI>&GE*Vcj3A<-~*ZOO3yTlLPx%kyb__NwmRCYPQ#00=MyS!cS9h&pgM#nb)fz zbC0)zT7OHTtr|5RR7|Fk1ILo4g`UcQ@45 z;~6Jpa0L#L$W00jHvKT+F7kR-VAwC!h+vz~m(sm@=6uv2bbdmB;^S&LCYlrz#?)BQ z!w9Kg$FqH*or!nhTJ|gYJvvR0n^ekx+yQEVrNawd-%s|YKRKUfbjBKa; zR#f?%deUcgMw5nn-mick3rw7B!phO9WU@{n(0f1_Ya z)$o0%A*F0jNh@Q2@I|X@_6dQ9m~3eLcCfQ#s2OQ@anT zlCKDknq3D)cKu2L-~@*>PSZdof)WGM!WCijM-@-3FZ9c}WA2{!u3_p>A@iFp4WQp% z6t)Y@SIf%YfJ)*+3EmYp*&bUK*Lnj>uGAHV<~)2jCDz-x7SfxbRwt}l=@qL4EMcE| z2%3n-rco9(jA2YHk)Do!7IglGOD39SIL=P=KGKENfJzv+w z8OZ7~B5Bq?dE;bBFMmIg(kLfm{EVzVrQnf+?5hZ^?Y^#6oE=wzEp3(6MBlZ2+dqSGKE1Tw8?6HCbSuxnS{n0RVZmM~rq`W_X*gtHX4Pv6t zD%aL*Trtj}GK$e=wF0~ExIzf^jPhk}rU#nAon?!={f~)blGN!0aKvmG*e+n`ZCPmx zrT?6!Guf=W7C-$E)2R1#_?wjPsm7rkKgqVF>s&D;z(p|yLw{H2M#Dwxi8ZTw8D4*o zz2t$O)-jmP#=0d-ZFpHb4l-9k1+G8V0bjAmgQrE>0olbzSEPY{f*G5IOAJi$0X5}A zrxXUEQD?LqpZTcBmW`X0$1p#n+(V@pZ~NeAxomUjo{FOhha189S}`!(QfYKNs1oV5 zRdGkgV8HWg(ww(jPw5 zGp7H_n11Tal=73g*62ES+N2C8*N~{`7C~V_GdSX&wE}Zr(JTfzj3)pT4y`I-Ru#z6 zh`Vxrr(!C>LL9H9;@u$56EdyRKpm~M@ zU;=M5Z`|q%^Z))1lXS7)77k+SJ~h6tX?LvUDne>qP5lXBuR)x z0!A(i87kuzH7>V5PKV(y-Dq$G(ruC?^_;(XJn~DmrGyFT&(EbH!Zd>o0KYGET^;pA znL4$1fXDXZ23@I%V!hWb z%sE0{cIh_WHKExMsOi{DQ}LVM(I@8ZYm6U_skuxAXjn=e-;PZ!}g;uO{=ekE>jD znbS=fa5$_&jj(T|1CHD1x$FxF=*KRgM}xZ@Q2t#67GiDjChQ(4^+0(xL%PEXl0jp4|5!~WMf>hv#MdyP|9TE~px>)zld2(b2>Uc=!I~1OKwS%iyKIa$;>F)Q5#20rlwDRXx6o7J-@P55CS4SYwtR4M^FC+Q8 z`Sph_nsYu52`&wlLaeEy>+wE?s$)zx!8rj(d0AFHlA1KwBVgw#mpWC*QF-6)G}Nmy z_muRTv{;z)mSyX_4&EJt5qSrrhdq2q!>Rokk z?9EvTRh&DRsee5H{xo$@SX{{3hguzp0QffBl}Byrly?K6nyi;MAj}Qo-JH0QvEibP zSJv|*39NQ=eB(5&YeyJ1(v#7Uwwyt2r|H;3TL|GR=(B(I&Az7InswDbLVC?2#tXmn`LE~z*t3l;~1wDF9!qcJ7 z>c;2(@?M9yS6aByzatsx5{49((?gYBJ)N+eldl32DSmcy28rUV5$N!n;wxEAmIXaP z#;Ho7t-ORAMKXRlQS&6GHBZ4e?-~q=UgmDu-mwiDH7xipla#ug!Q{BxwPdlQ4Oc_kDGLnk^72NT%b}P1Np;*9Zzu{r+qYE!gP|H>jWg>b zD{Iyzmu7d6c{i(i7gf!)IvSnokyz*Xq*vv8#^-36IgxU{pyAL47tyyVgnMm+>lH?C@?o-tGxhZ)9%e5IeWwMHK8(v`z^be3d zK*DZ6swKe;*m4G2Lb~B~mM4hXAe^`PpEoIA4_EN-m8>KF)idWz-r(K}uM{G+j(l*MpKo^)xMA1T8JDtz5y5xn%*LRu@TS(Q8@}e_YfI#coCxzK{G?wO zFx(#yz__|Z{5fbF&-H=N7EU5Y?pA`)7i(eRGp6DUt-f)iU3Yj3lbGkPNk!*Rp58>q z8EnR6$BbsCHjExiPwFvd=5$2Wnx-EL+fM9nMDfxpe)RQbGU=h**IZYIg&hwDmf zPec6dJ7GDo|Aa(kLiKX@?Tge+gp4s++%?)+W)j^;8Asaw;1}z36QkD+vIbuho@1c2 z$@c7s8&l0+#VMW#!FQNuV^JboyT=$Q6Q#%y27E65JciR8R!5kO?Ii#rDBHYA%lI_< z1anWJUF%Y_?{JePDdF(e-oY!kKqiHACTGwq`R=pLF}vYIGIbT>M-?3GqS&GK(2t%c zI+AJpk(t>6$*w}ux^?|w3OZSO%K<$FT3(3RBCu6CN2RjggrH%d+51-G_09zbFQw>) ztmb^b)4zNapQv)w`{eoH-23{|_aAXzG{q}631-d|EIw7lo+IBe_lN$KnEdvn{S=OO zjGDWcYh~|Oi?|pzX zIr@r=M+g&zbDy0p_Y-w$GN(Hces0dw#=Ui2H&VDigGyT)05GnM5K(Pd3R7bFir^Gw zQcKe-R$s3$K}oGp(|jpTOhAKWNu(%ONSS@99jryhAD86{9v{@B5DI7$;< zb83B5G-yYLRZAWx1s!+Kn=!-F~J#?;Y>!t$VR&(^`vvq2K)H8auUq&&Gn#lG1%=(T&ZfqYs<{8xa9l zzq)o}oeH{+T;h)+PyAAvzY%VeA7fl&-m~W_ir(A+B>skzCjygVk5ZRN;AKEl_+9S=c(R4JtHc|!R_74)oQ?q0jq7RaD>Ui%KCd(Aq!(%Ub!m=jT87pkh zr|V`qA<^l-bo%icHT|Z79}Zq}djGmbORIk;$8e(re2#JT5lOanM9%K24b*81SH$l7 znSzH3>88JA3xuxkZ#N~T$s;nU#f49l*3|^P{*0{JbLy0rv^6J%Ae@)K&sZ!4iWoqt zLL3(_C_V(FcJDUe6rYC{)A~nB?*s*-fdT zco~Jq^3}uphdvjre6Kcl)sb8%2~2j~qQ)?}+*=P@GxV`D6ZBvP?01tWU*4d?;UDLm z8GEW?kZ)q21jyI5gLA=!=8KRJlQ13d=_vO_-->+ktJVSt8T>I{+%L#GSu^ zwU$hLgGI|c@3R=&Dc|3iGamfO7IF zohqN&edgF@^5yt~1(EGFWf!RhK)R@$z(ea9o}aq3NoxUW_raaHmC0cYh666A{5^u< zTrkj6)QRXqrs`|#l{DR0XL*5W(~slIHc(wqOlJ7TXLOOf8a2{3G;dxT*md5p3CT4i zCUz|5c!YHYb^S_fPkluAr?6$4#scjob8=-UJ`~t&Ts?EX-s;MwG%vK?wGyZ3DJONB9JtmEF=gox&~x(M-qy;>0~~#hR|I(eS5Ld*$8POouM| zy8*77zf;t^YvzZg-8w`5Sg0@125o4!w%#|kf7+N4 zP|r>tiyiO~&l(zFx;|21PvL~jRH-+@pO4)fMZfvK2WCeA6AEkVeR(4mK#Pdmqs6fJ zy$@ovbKynSU52$+PZ&@laj#ljq&^BTIc|5{-LwR%r0*1$H(!$2Dbdykj-JYO7H$A6 znNs_}RtIq-5^*Obwn^NZ1K3uD*mdLIL54(C_~v^O5~=fIGJ=#Qg|Nl~%#M?(7vD?# z4aXhgTGq++(X92K9?ntRQ6<97-)(gr6St)%vtV9{T=jDZl;6lI#=I1YdBKmS_egA! zs0xx_6U0(KJs2?$Z7{}Cv>B+-b`uSBsO`w2U_NOcNIVV}8_-H^F>CG{JkKR( zlhw(z|I_C#W$}9gq$8Wp(|$I`Eb)>s_`Co1;P+^Jw3%#hw4ihz;CvK`yZmT+AMkdq zv@~0EMaC7pj^|LnKi8~^J_=(&HIOk@E* zQg!nI=*za@@irm5M9lZ&up=r@>Z7A*?8!4rc{qrn6Rg=X$Ps6-G0iYXCu8Z2I|y6TlnzK~9z1Qy?IS>fuN zf1(iK<3Q-9zoKU(`8nZ58Lq!herrXbqmD!ps`EOmwu50bs z2Jr;qA-l7B62!~2rv!xK)R%~8{q2uM*Q>*EI~ViY*-Zo>P$X>Tz@OlJ4q?im93F+a4jrPXOhO{CHOYW4VIld__^M#PKRAH851?2_o4Q30&+Pqt`RY^Rb~J0nfxfwS<;DfQBD?cNg^CZhg{OjNa5W z&Dd$q@0z$XI!VeY6aD%&+b5ZXuyJe1ssY%i(KpYbpAt|L{+8Rl%8Bc|zb%Gwh2gdh zS|#24j)=sNp__`t^T9XrCtwc_{B7d0R}+mae4r1fMS7S%Fh0f)HLd*CerqxI_q)-d zXMT8OSn5pNwG1@ltprJ4mv`D4w=(*rXeCR(;KkN-vMaj$x6N>L1HvEhQ1{FD&dBvo z-~mk zG!F;3v9o_|@ceOs;19uj|MKejO~^%?v18}+0mRqlaLegT#ttj4PXB8nNV`1ceu6PI zyxgsg!QjG!GMcqRcp+*!mWZt{ikDPebvC=pFLzF9Z*l z;uU|o<5JzR9>_I&0MpTBa&X(@427Ofm7N?~Ap$^8DBk2a#NwH0O87=O&oUqv5t&PQ zg{T}J81>U=trA9z83YhgJ(9@Rn*+*Lc)y3|y;q{Pv~T!`Q*(XzQirC46+xJR1h@HY z9(R^{96S_m6B}+ngH!8F#y zp;&2yarRHa#kIq@%V@*i9e4Jor$9}qH#=C!Uu(n-+s1;jSif`T_GD%(0mkthPQ%#w zx{PX=2X==2LfAz-UDbtLHdDq7;-7cI#LO7iyj1Ne0kZvgY$%<3!Q;!Sq$Rx&3fLhB0^P)!Tdt2aBM^g1>>^;F9WT=^79>Qhhbnr>HDJ9p6 zX>k9w>BUrdIKpxFDNv4O3pmd8oo zaKgr>d$d>vN`9NJ934w+aq-#)!=No#qA&YKMXz!oOBtm^LYz2Mmf^OHJPD}aq2V? zWNT}F@OImsfwEOi+wc#ZjF}|OcFG3+@zxSu*d?n_6rDyQtz8|~qhbC!BS4em{muaP zSott!c?P=#ADh&?`qjC!2{9JpvNl?s8#^xn8M(|2Y3(V#3UQ0Cx%bxrNsYE~?<}r#UyEgRb@4*=D5+T4Fqn1S*C3Ijmm|v>FE~14Y#&e4( zx9!;sgyDHY^Vq|~!*tIe0Wx=&t$a$-w;s?MKV`y~{Vt}$PgRiYP87yRq^n)cFwy&A z>jZj>xF-L36n{YMEZutp#7BB_CU*2d@}Iehm{rJVMpm13c<5nPOc_ACCqR*wB2 z=E9;b{;Uef>UoFOpHZa&0-f^3BCIKMs>+0xJ&!~WXr+(1VM?Dy+8E(O%&69TQn*Ju zztZsHDc))IQRwO18eWC;n0%LbhQWR%AQ$Pc;Q3?AmUL|9-s`8z0REL4uTEz==LZy( zw==<8 zkgpRzEFGFBB;l8Ss(APO z%0Tsf$QeKWJa-3eE)u-C7{63_xdZ98>ikfE1LAJ9J$NxsvbcBuUj1puy#WuS0~;6Z zTPuNyCc_|Sjqf0fsBpd_q^I zz8U=t)5{^^yUEzht)c$Y6lm^`*R|-$ z!w_~&g0y%t4p;!m!pj|@mMWJVq(njU)PDC1FO3h`Urzj^#`5KW&vWHT%U>xs{G0RR zN|emQ)|-SjH`)0kY;ABs&z-R(59Lo8MI} z!vI>>79|f|Uuw`iSONA*SV&bl7-`~kP?lBFo09erz7>q=2@xbn5^6DPh>o}w_fKh7?Y zPUOl6EDy1sN@^{C)e%A7lj#k$gxn|3u54y%Z_vv&EgrWFO-N3H(ZYW@I15kI9kDfz z2sY)wEG3m(J{&cC?2y7a)o}%p%0~XO(;QnzB%J;5>G;Q5ZXFTzxNrLK#P<^)n1G)P z7V(x|AnU$<*X*xMq!a>sy7Y5PHTq1ZwdTnBu-;+&Vbb2aX)v$Xqy+r<9B?YfpnVvB zy?&q)_QQa+Y+%!upv!>J+D*y+73BiYdi7)%ufj1Q9XPjRV%TT${0ifeyn^X`j>FIo z1+Nj)dGyQTuN`0|6`G~;6 z0oiuzWIVb~gU2G_kvo`pJyh1!?a8}C1_nxQ6xb=A z*?@^#EIC_LWAtaopB)x~A2id-2+3G^wRV>+2sh8#@a0zKw9ys$G{})3yotv7-|JL8 z4#3eI3Y-(-UmwzI@;wO4c8I;o)O!1LcU<~utiN9-kw1Eq3(ZWrT}ayLM#aIFk8fro zM~4|^^^mX!#QU3PB=Fik2m09BQjyYAKgr#^9J0-s^Tam&f+-5Xz$YB#%e{s8lRpzcCVeS2w50P;zLiKD&c#Z=Cam5sC+X_+*? z`emmqGd6<%alZDOtNaZl5ar+EMNju1X21xy&7Z!~Cm5B7ZQkf^sJa^eLkug8`yT~T zZExyTt*;vrae+b%LuSUasJHH`#HrkjoKo)d`0Sjpsebj`-cxTRR4ndqE{LxJb8bZB z@4N$17~dP|SvO)r=ZwA#avv*puvSeA&64m64`{wHUc*A!2URxJY1S_CmR!KPP~%&j zArziR=Wuwj`@_)94Fi~`-28HNMtS0n8M=|s>5ZDuo^TbMb)szS%$J^~@A*&plLa2G z`+>ueo&42BAeaD~y7gnBwcS{;v?U^XfDQSrcB>a?l?Bj}=D*(`!NmWFkEi(iR>m6r zjVHfpV~XA6D+`~HSX8I(VE?sJCs0e;xzA81k`V)$utNi0+uc+~QLT#4j0MDY1>{P%T^0ZDy92Y%D%!h<3HTHhB$RvptjnybrnXwBgs?Y0pN z-;Ul_@})XgDZWlL&X3H8D?KQzB$?E`x{=$i*B)!VIi(8JZ_a{FPZao2=4y05x;p+d z4&;kQvr8gwtu}Z2q-Jq&1Mh|a|sDg;3T5en>o|Mxp7hv_A)*E1kr+!oU)NoS1X)-itg!J8tH0JLM2z!XUec7L#1CfSzafVK7FEM^_(Dp)puuh z-hESgK>N)`Mp)(op3NWm!Y`5jqtfZG3>8TY3ozgW&%MuO90EguJfw}( zT?M9GA4+9IWG-sHwE5(%vpT0z7y$#wCbpu;Bq308DF5u?{dZV;9>}!`P)Bl){&mle zaNo%sT&F(ykdlsGq)~x~nle?Tm5`zzteJ97JfiLk65R<`RKlfkfNwVciDg{9$NS_! z!`$pp(8Av@ldR+wOf(`J0saq1sDb9J#fJ?6=OBZr!#%xa;sZ8~mAFXZ>*`8^`(%Ss zG#59h4c2;an!0yk0XvYq_s?t1!oZ9^s1qGO@WDSihn=~*>gjRuVKLu50f4W{@ovQL zHk^1Mt;lLvuBoOv=f7&GyHtEQSrW=bk%H|)7i{G9%;&u5y!>5<_rFSo3^5GcIMsYs zZUH=pw@SZ3;l?}W0Geq%&-r4oXy+t~%)YSH-u82XTB*3s%pSXU49%I= zSrl~^Mi{^D|CS9s)A15{XgdF;JI3SFyo^ZV4G-VeF?+zOT-(2jsH2^WWEI!q3Fj@)fnu~Bv1OPG!fk3aO z4G_96Y?j9G=f(SLja^Nk)0PJL%{W}6yr-*y2@SQ9Ax^IjmUwS#$Sr8pAorgwFP?Sp za}P9kc}=o8tiM>xW&`0o6wIBR50JjykAIjs7R;E___^wJJ2p=x$~l@lYT)K1^4F|5 zHmU*%KseHYG|X(POz7D(WHQ5FQ#F?y>JR314df0K1~a2F&ZGL|&r)hOo;DU=X!m=# zu9re)J$t1f7U4`aZf5?WowecKL=!fx#OGw&Whn$GYu`~l<;y%LY?eSN&jJwZP!|FJ==kX%+#jJpFRQ{LH*!`dasd%p+$_2 zuj46Bp6zdg8~guK@efEe?20<_!!cI-{DXgSOKedC zLfwNF3YiL}3Uc16Vj6uJn)D+nlYAhr`vb=GqQ%PkM;5s@x0GjhJY`NMY`mt5*r~iz zWhDB{k?C3tQV4I~4R`;97_&Dsre^28RORSWkL(v}%&*du)P$jme7S(dQ_ znH-W(%>s4nC9$gNU^h&b|%ceA{vnQT5iO>@_4$QAVi~33-oF zgKBe%7>9hZS;GJY{r+!tzXYiJ#UW*zzYh1?wjTEQXIS!(mGh>cxrcV+NyJ%q@*-{T z=F}k1*9n}KMUKVxVEb0|2mM1-HHBX%<8!Q}>3!!mm>1;y7wB1oG4}q-?|erQQ2GeAdds*Jwr7O}5NMN3Ce1?fr8daef? zQ0wZFf*Rd-G$P)(Khw}#4@^eeb;!^B`6gahtMZ}PO+TF7NzTslVACU8k;6xKuRCrO zs?k?g-79U5Bou&EAp<8KFCR~czT+Vok|9Kl#y88jXGRR1{${4~@T}~ZZsHj-Vt%Z_ zCnL0bdgAXH{eoRSY<~PHMd&Wm*0rTlLo`Z>MPEfI zs?WEa`qOT=J(kV?qPx%)sr43d_KRz=Y@BLog}XVx?c4{+MeG919`RsR=!fxufj99f zb{Qyc7OCtrpMaux7_&@$Z|hQvof3`VhIU}WP``aAi7(>( zlJOz{FBXdgr?^+3eF2k4_qk?>tz!Kqp6=!_=ugRq996>PG}+u(nXqd5vd`7 zKtM`B1;GZWG$|n>y(Q9nqM{%rL24u+M5F`~LXZ#wgpmKl_x=6$TKizHwGZ~u&Kbj? zlgwo1{$BTWeeO(A{=0fvT>4rZN_I#+2s*%KZEy2Y4*9WD>|=}2Bw;tDbsobZx+jp% z6h_BFC~&{mM1uLz$qa*sXp`4K<-FV0&4voJv$TNg$FY6F3@33QL`bl0aHD*Q-c zbRf&#kkl2Z!3kae^_U9y!JRG6q4fFj6Mnp&#{t&O6-!&ci#t$pfW}A#d|@_NYRc!v zR3W`-;Hv|~Qdgtn$|N=xDv7GR!WO@)Bo>qU(DRm1 zoLEcpNc>1sx_hHT`$H;xv+a9m{HD4IF^!?xtar~b1(h5kCk0vI*r|!6sxr+hP_QOqDKQ_Nh#_0 zD}U`;E5-bn(xyolpe-?49UqcA)65rW`7%+8Y3V~dxJ`s*L?ru_WsUXF#`@Cxoe?>> zyLX`bdWSqF15O-~E2`6pLu>E7<-PBy&zk{@_i3;1m(Fg+!fpw{9+Lx`fvWV-lj_t% zU(($J_@Ukd)X>cL)qOOTJ!`TYlSa=XuagLKY0K)tmwzd#`xCrdt?OHk;YBf^u^EVax4|gq`Sr>nTfm-5G zOKFH=+}hJT*lbp4MwDIS10p+CYb7=pa^KmNXtI&@NbBsqI-y23_zqjq>84gjtskP& zV`IyNMVFGSM01NT)3^)!OAB45AuZvzyM+&?pkVDlW*X=_ewvMXmGFIHHR?=|DM?-{l1*m@BPJ2qn~>dXPClSP;;hvU-w%DchMmy7!St z_*S@-lE5nt%0(7>)ogxVx!&Cy^1Ubxa2K;Z`A@_Y3tg_R1r zfa4QNTDXka(&^8p6Uf!J&bFE*3gg61?HR!iq5&g6o)rtY#znP5^nvh?04{J$V9(tP8UH@K;-6!g zDYe7tNdfxbmbPMZ&*;VZf*SCo^s^pSr1qa5=0@k|3=+{vg0262@l!JIcv1FV~q9%b5-d_vFi`Wv5ZV!yEEc`=Lijn(%Py%)C~XSVcMUl>$K)le&b z9F@S?S49JbOaqPt}Vbdatx)iseeVTaIgy zL$!{!TGyW>hE+(4+X(eFuNi00=499FzMHEn9k+}mpJ(*U4<;;Sp9?>B;cBm*o12xx z1l<>gW;=AtoXl?CyHVwZbkKDHuf0t!kB;y*T{W2nVG*4N+Se$95fZm!H%RAav!+c* zCa>{mT+*-}&*MXR3=Pkn$3tNqUY;+0*}V>Dt#|oSs-9|Fmb^}JEWN3S_oOnWWh}>} zJSmZP?`D+r2AO@zf3HzENTfpuBavT%fDhx5Nj8AXStA(6xkVHe*Xa*m%w)|fv~czD zJnlvZeiRIGRT13Uj=$hC1_>&;q^xS%kaK&O1fWml(K2I5dNqRs`bw#2DLfk z;&a~J$T>L;a1;}0|Atrh;U}8rHWY3jhrzcBd!vuTpyzg6i#`p+t{n9AyT>(>=c_n* z?0R-3EhcM4PHOsiLH;!+H?(mpz=e32k70045^lQo1&1= z?Ujq?=mulDL2hLIfGyqO4vnU9JaV;q))5&$LO0KFN-6IkDd62%Z<43ov3{l^XS@DxTJ?MW=mmsXO()dhW>nQx;L19iw;h&(J-W{#bY=6Z}dP z2I{+tEfmPd5^0~@Y~3T$5?^~k$Ww;LDn%xGQv57@$g4t{6BEc%aoS_*h=(*2n zsK*)fEcD0k4p6J9g7N*2XrP;CG^qC{dm{jl=ctBy=1PQFsZ_$lX^cYM2w z9$Bk#4)pxgpOK|{#%0DUB{NumbV>FTHCFh^gt+EO_U(vTtS4d|#C_1az-e-Kg-3Dv zy&Wlaw=Ea?tpsv6hxBlcY%M4Vtl^DWnOt$yB1gJY?X?iaDNUVOk@qDTICcFx$t77KBzEg_&ZDMCXCwq@4 z`wRE7BKYwjz~!C+llQ{6C${2TQ+(EceDR8ZUl1oh(5}Inil;4c{qqto%QEf6y&SA| z>h67=vb_*|J=8%|7jjbrRi%>0goDr7oKuWaT|Q)-NGnC&^G$EmrA#fHm@Er-rbavb za7JsJGp}Cl`9wIO_>X%xI>@GCRr=Ptoh^r&GYU)!-ZIVmxBoef;0(4rU^ zbe|~YQr98YIe=k4HTcdhm*3(4WoFmW&Rg^Gu#1mP@U4$#LtBjueGnl!`^IYNuRsBP z&$2v}Y8&KwebMNDuXxS;un|c(ux~2SgDr@#Hu9a@no()}=hrSbEYo^2tu+TX=iQQW ziIHyhWwE{Va{Xf3^gvV^9VVG#OFmsPslPYdQus^fTFYhH0X?0v;e7`AKi_$W=ED@A zt-JEE0~NHf_sGeiiwKt>*TOD9cgoWJe4CJ%P%!HRcH>--gN$vY+pQ@AOZps7g+k-p z?o4{v)9bSA@aVVrlC2QfBrn6t!9kbj-nbautAL8D`1d&A6`AwldI#$f@KG5>gzs%OeKaEBaYD8(FRc{8i1R&f z6B5_%X}avlj$1$cW%===dPJJ#s7uLQV04oZ#ZtqqDX2i$Ue0ulOJo@umPX@WE@^k+ zY2}4J!o9gtfBNE&B?)iSu!4~U&Mm=K8@nW%5gv0%! zuo=xRiyHUzwfcHUp|_szC6)a%Ir1T~A#ksp832IvWkLA{lu$R(8Jbe3_|gdxGYBy# zLe6%$_6f~IPgGx471!inSouJ`HS*G(=Oc_Gk| z(=f*@MRAs^)U94s*znC#-!;~oePelx#BfKm8eQ0*i~EE*V`^1~A4D+KrA~72Ca+8V z7~kE`ZtOckgn#LLT}wTrR$JXB!5#f*u5H9Dk?No|_xYmd^o}p+$ctmsPKLLJr?y)> z${Uzh&Pxp8aFly1UtLw;#CCVx{Ebdwqz}{-BFd!gQXXi^|Ct9lJgG*9I>c?Kp$>w2 zc=XJ>0b?*rxI%%S^FC8rl4`}b-YeesLqI)}<0t>^AZfwzPFiCLovw+PXy{BCv+?#4 zZ1|9m{)$phFm-%57bw2oQDS7Rsf;SAHip3$=*!@?Y*V|}O{C3J5>RHM0 z{&c5avfkvddXQ_5!&+UW`*$^KZ~2o@a$D&1b>O9$^EBOVEMRL2W zNx$lC@x3GTUnzRl;PLC($t84FGAuCmuMPK(Dv+&FfY-U&Y^*`Iy^6kGgbk;c)U_)H zZ~f}%Oz9}ha&4Cv$PbU|K5``G^aFL%$>@y&CT-B5GmeqF-jSWp1{jWb4kvx;v4ISD zA)p_fl546uOAvaLRQQjv)d6SF!_@Fy;KCoS?9| zWsed>fcaVdgFVW(S-@hM6p84I)f=oq(eHwfl^n91&*qwvBoZ-{L&yPMb*TN*lDVPX z7R9Y2=&)D57&+1bRooI3EjX`jlXCRZupmy^D@^5`*pgL5sYh13;*>G@Vy(hP zyCcY4<CH$+CbP_|> zDAYpvNKnp?vjtN{HfbeDOXWk0N<|yL&OUKmYsu^6cONzflxN@dZg*(^Oa(mtP1Z8o zN-Mgq(pqD;$I=odW!VWrutJ-*wX<#rm3J2@zeaKkX+|yi13;zHs0R^H_XEswDOR32 zNxHy2Q;hB=ar%@-t?KZyqDqWk;(gZqqJg--qVZvvO-j=R0fe{rGp~o#4KhR)uXFuP z<5@g7noBD|79Yqw3%RyE^Z41TFM)er&Q6v3;eT0VYhcXU+x|=@kcZdTzjdyy7az;* zYD1Ui<;l;>Nln%*cEY{po{n`2c+I_zF}`G@r7_!{4jq#D^I0nv+`P*G9Qo2wu2B9v zR|87_W>cv`(g1Fa!Qp_XZ)`4m=@03Y@rL>7^WGh}S6lsi8^hkI8=u&I@8dsey=nAD z4NLqSd6#$JqN@l6?o<81?^IFqlZ7^wLoU+xSXCs*FNkf^x?^1<7E2_GJVE-5+!tX@ z^7s6QyiB^cRB5LM&avY1%kM^9BQNfDc2`+k)Q{uc3qsY6r8*)v9E~-X5|v$Hp{M7o zWI=%?PvGgVAGHG}dGPyb-RquXdkamUS_s zovo;?92I0O?P#c780py>S|3yamYakBuG@vl#zl{O{~4dFa=0HO;SFSrzg#l)O%L~c zh$EwDv3M3HcO}^JpI;`WVhp0ul4xN`AKixf?L0+wHcK!~I)gP#EQB~17@2EG8b!q% zHuwG-;+-__+}9>AWnY&(w>pX)za*_Yd8FR5HIr*8TNp~w4PtGsU`}QRW!3=x2M?wE z*E)DFas>Q4Yy+^ax^fS9*W-5PPRWw7fh9}^B_SuN*N++r)2 zZb?FyOgrLQ|IHhy9oVNZ{MilH?PiTH_*|1xQJNK$Fi&s5aAtB$TC9$sjg9iV2hF;h z1Pjx_zvmGtlQ;{}VT_`G)Hvum=3zvsXuhqZq?U*4zIty*_QTOb_y#>2!Jgr&ePdf)>+lcgc&p{rj^NF@Rftt)}?&+uh7;KG;jl5>4xI6)OM-dE|CXMrVObOE=YAI z7P@n^3yD$%=cEc+4;oiMgr!7m=R%i&#_;68Nj0k1kp(3SLD-kPu=kdrO$}3@IQ;xT zK+vQT@}$FLgt-Qps?Q;z(w+WcgIm|^*mOp=6)6yp_?H|MQKCrbEk&7=%(*>_l4+OD(k?xvZcMK711DKQj*=~APyRUK zUHKaPyL8$2;|~NCH`73`Xe*oVnZedJ*pfp2)6<3o7@J2s<8hO_H1}N?ew_U#bKei4 zMNTjjki;sFUqED~0D2>ZJS-}XSSaeh!VjB)1a3ad5~6apS8lSBF_Gw~g^}Pe574b) z>j}F(Uc2x$17fEGHEf2wE53b>9`1Sf=q!A2;kw1g49MIalw_D{iAZ>}(elSaRR9YJ zGXoshb$xpG^+m4fqpy&BZPqH=6%jU*c)8&O5m)iKwBA1>J1AI(F^-Z&Qlv^)A33yr zyvf`m=S`4nx9ZFANPTMtB^z|BY$xU=+sZXnWU**cX9GI`sdClH^IpwKUigyq`CBxr zrOjuVlh*|FgI!t4#t7cs)s0^b`&c$f1j^kp7!I1oz5rmmGT6n)`}GlH&X6TT>HycB z8^*%xZ?ficsI@RMpqUvx6bnrRi)tqem&uL5(Q!RJf4WN^mbp zRQQI@_Tv3v{nABci(tx{^xkShY%JphH8f)|rF2rqrXzYTm38#jw2_mvD)n+-Ueesf z&#z`Mw4gY(vLuJVShwwV^dEuG8ysAv;quU=+JIq8=J1}G$4}-s$d=VF*i9(WFb&n> z7Lf9f#0Yts^&k-bLI-jiF;vq3p@Ssm@TEb_7}*jYNdYO)Mz@2POKCCUBwvwGi(%QXAwz!4Omsa= zYXI9C3RI>V5@F+*V(#S~ob$pW>3$8l;K)?%lsu00S(++Yr4(`?2W6!V=lDpx>(QHS zn8rn{#VN}3n@|Fa7W_rD(bMy1sBg=ot<0O%$>)!x7lo>LfI-nsv187o$z;y>HRGB4 z&I>M<%OiSSVf%sXGN3|ng>&KSJOn_1?bDm(?yG7$zkXSq$HEB0UtJKp=@X`>0bh?$ zHyRNkP0T-6;LPaTnf~=M>aYFXhn|O8n@Qxm8 zz_vH}*+#$qL~Eq*JeXvb;VCP$3jz@WqZB+k^2#et#HAjE&x^0ZgDhUFJYRWj>X_PQ z=B_QFEiRD7wFuT*Sln4?G#Cf;hRwwVC?HdkA3piP<6GBI=<;lvRO0a0xgCgI$>k0( zL>3KWZn*tg;gXl^fSAuDq7@I-O^^Ql@<2`w>@+>fu2&i#O8s3=zd`jN z6rx+xT1VxWItP^&0?q&ed*r^ixwDfIV)OxU?p*X-J;Z>+8YjD?wd_f(3tP>CWcq%; zV!8RApQ-;;h1-~c#Ia*{+eFcW0w>q%%(ho*{4><>NbwY9SC>0O7o-Auk5(+~qSJ0F z3?H#-weo5!76}`ntaX$GN#<~}2g6S7iyXxRb`wsfU5Qt3f7sAK#UioDOQ|w!CbRs` z3A;Vm5P(}vKl^*xfVDf9$CVn{VjFXMw$kAeK@2rl+iiyv;*( z>b^tY!M0cak?hqHH4o(~Y%-;*MX+G4@Zb5(6@*z08uvqFvLc5t0nz5d{NZxHIfts! zI@U3=KxMH8#7kBF=#Sya!qhj#493ItG@;d3kNWo_9gPHbzI=1_^6)F(s3Gqb5H^kh zy1C!!vF>=1-I(=2)P$D>)$cxtId^eb zFPqw`i~Vz{d6th_-~8JO7+Ggl#wI8CMeh9;e^FZs{5^+NkX!30Z1gwgqirE@(5D<|j?@|K-5QJv zBLm#}invT%k2$M#7>-qhi>17e{(YjfqT4F3O1qt3=mF2me1Vg=d;Ab3*Qd#=_iqRo z@HIsQ@`XL%^~vcl;C}e~s@nHocY?sDoc}i)I~^B+&?i;@WmxwK#cH>QzsPnd-Brpc z%w6|394q8jkNH5BM_`Khv0{fsG{CVU@YBhbto%+v#WHdPzm*)IWOl0h$&IEz+7{ZM z-9i9{NEx5>`~u$KO#fPsphcer4pG}Lh`qm-a{jOmFrQ+QtPj)}qx?AIJ)a3Spr>hw zZTPZI0J9CEmNJ?uB8#V)V*_y&QOn&ZTN&~uh57_0iNx9C0b!Oe2kWj3J5)x;uI9d= z19I}Os(r!^BtBc;(tLc+`8)j_9GO?}_psz|KS`{|LrNz>HoDu3JvjBPDFabeh$!MN zZ%I+yEt^vl{-onP-pa1S9bS#pUwN|`{R?1@*Mhi{l9ljU;P_P$xq|2UdFxRP39cP~ zq5|Jua7SJ0(YQ4bc=bIjz%wCvkXRIwiZn6D8>@5)Y$n_X@ zw;~?yyiXrbQi}(XMmN|?KqsBHy6`#9F>aqB`}h2<#?}(FF}>2>`blEK4{Wrz9oz=! zr*~IK#&T7l%|FKQU8xnQ3qSRPGk0+obzyARaB@=+I%K*nmBEB;kTqpb@SK5RA&=nq zb}4BujX3jM{(4#36s6i%eEv1{U0G!Y+4{URpUwJpp-{_B2O8DKP`2ogL;pJW_ZAkC{^&f?}b5`K2c0y4*P}ifaxf@a;5$m4^)p zd|?e)R>hAOb%P+;{r&`SaK5rwXVjjksU7SJ+hsR+<%$ze{Yh`|<_}#VPBQs$>qEso z=MQ};C*x&MebFjh%5DHxjVisPr^4v-nN=C?;rmENz~|N36#l%By3i|9wfqqT&Tj6L zHeuzwy*p73;v9mOwNRuFNuXOT#spXlvCao9~R`=RfPjYT+Eg zZl~Ulv^#y<$N8PL?pq*QYcIrB>nm888`&YrM`6SnrKq6>TI4VT(JJ(?lBI?4PQ zRN**t+5{GOiSp6RjkvvaGLzir{7=o__-E7zd&`%DJ~S}RaYj~~#NuNtsD^KtN3l_- z>qdCiA&UzEL1P;y?YvzfT{iJx3SZG_u>dvT6Ao~3)DAh?CB?=IRZqt+ON*;5JiF;*_@pjutGKQx zsNP^QS19KQAzzQFC<0qjvfW6d0!|&rh^w>Ap`JIEX>37W)&PKTAB-d#@*0+0`e-6^ zvuwIhRv0xV?yz2d6vv$O_^nW7y9``$;g-4atrAO1iVG1?CN8{crv(WbOyv4dEx(@= z5A9Bg{h*Mw%h@ZJeW)>O8Vxu>vD~Avy=z1b-T;*Hb6O@*JZc}8(4FJiTLWNEKmB4k zjGc7`ITpSWyGW_6z>VJ)k|l=4l!&cFx_aD3BbpdTKp_Rke3D}i0X5~a#O1cl55{4fg8mmWrYecJS z3QNTB*7S)X+r8)+3XtF#4^NNE2_-Gc4XiPjdp;WS#<37@NwTiWW{xIoPPhXfiZ}nq z6@QoNI!Q$DF*}tnv1r(mzoJ!$8?9eCHE!Ri8yM!IcUkz&{feXZxY`wple+7&$7u=5-Nb%f0&TXV*#8pVPb*W5CnDQuGn_=tMc@Ob`6whK<~!7|{0>8TjLcW%DE(?K7r=7ImHvb5iIDm`>b#wz|F|Z+jyGeJjGY z#Is22ZScv!Majf_@j_kRcQa)+%}RYh;1^*zGgjBK!&-H$BZ{^k5dUbf3vbHY0%1kW z)r_6eaky7`H=A`B-)k2g+7@%Wb3UqymtDAfIacK&D!kiY<&z(xPs|wSrKd>r!$kc2 zv$--?)7U2^UX11TZ_jKMsa$#-*2`;5+D5aoF%@iC@iuHLbK-JP&@Rom`53N+vG6Fo zX7-(#01FtY)R^2(OB2G6_x=9S$aDiyTT@D{Kn&Av?>Yrab3S4Ij75?=NVLu9&3#qN zy1d?t$f>f*zLNd*w-fipnFY5x9*^T}{R&0jk_=_OyUk+iS{Sk~YZ+MZ88})i zGyHol7xri7V`!UeI6h!k=QIwC;|61dMkz=di#ftmh~$1$S&N5cguY%e>5gTJr6U^p zOdD6&zoO*w{)BMF8Ixs3P90O&qdhX0((Mm32mr^W$JZZ%d%5fF$-4dg5|d z_FPo{+Ua(bgh>o8Gy3YOjEL>`deZ3&{ygKJ4Y`#wM&5GYVWp9WSh6hW(57w=x=7wn z(3wuF;Xbl$NoBcq7mgH)2(q`s#b0=zaZU$I&5|N87LkDZ@q7+S3Ovvav&Y#n^@h{e z)TG3S>{e~{C({W~Y?LcC5(il;Ptc@8)ce4hAN3Ik!4(2zpn2_mUfNPL?IX7jx*R5s zToWv(Gfs~uiHJ)j+i2uhNdEX4rJK$_XKmv}!saZP;&-iHc6B|s5FM1E^bu^kUe>6? zI!}(17J4KIv8t;MoHS;V)TV-%Q6{HmCv&4cH}p&?RI8m%Ig-s@iK7${;Rb^71&I)>3f3io>HyEi|? zy$d%TJtrt7}0Jvo;vE+JSoOc$Id8}L%Dma=N zOZt=FL>(}DIFwEggIA*QR+kH<5(|~Ovu-$aSl$`8JDw|*Cq04D?wzmqY1Ot$!bCTq z?NJM5X5&0$i0O|UlGI zct<1i49mVX+pGoi0ZKpUQth4V+#s{@RY>KlE&tPreL-uPjt(2C;CM6fg<qN1TR~YNO@{{28mOdB~k^@$v=*4X!vqHERRP&9pKY-$TRlfiORmDaWQglCvIuGgiR$)A>yafL0B^@7nwL&}-gwfB9!L$@qN@#VrVCtwzlPnm zgzm);UeTw*1~q0wPA!bFIbklzv|E+Ni4wpxqCUzAm2YlZ=-MDSr(w{8c`5rMiB0I5w45>EQL^50VprXSalK%?X*AKtB`q>|UNVzNfs27x@7O znD=rsTkG9l`XWkn$!|i;Hc~G$7Ol3~mX4w^Z&qA=ZMChm4n8+iSS`3IXYz-HH2*JYwc@&I7D&WW<8@|xN0ZPu3iqD&o2ZPcaiED;`BJoz3V11GhN zcl(1@dkW;|Y%H0?pnE%Gr%V|O+ zUiq{o0yaKkV>(bFMh3huf-mWz%YTyD@Vs-c%}>p)*H)v0i*>e?kbzLfbl8-y*4hKa z=qZ6zKOUK0<|#>DPf-fg?=#fgC!GtuI~o16if+JZb429f{RkMIel%Os^IJA~W833i zo+>&}I?-kN2VGp})L#9-Pq`kxa^quaiRKCNB-hxBmPLO)A^+L-++CZ9l{|U$6w~Ue z3ujI^zWBiBp)M&=Fv{Ef?QYK=Z$nYaDmA;w7e(*nrON|$8|pWYl{>WmX=ZosIl+i&C)RTICtbwA>p^!V&D?isJcpv^=SrTo zQz2m8_^PB}_t^;Qp+eE@|QK8Sv5{Zo#VvrNJn)uaR2P64eF1GvBO%{|VDO+JSaR zT0kD8ac}g1Uw%3EG-0zxZ2YW~PhrbzXFD>TU_ZH2{e~o378DlcnC9^vZ?D_#t*T#@ zh{P*3_b_%lGE2Kzs>Lfx)(+m<)BJe5t3Aw?t27?z`$A~e5Sj$L}p*2y~Zy`)-X@*vHGH~A( z5aro<-HT#4Fpv?0AkNut|8h>7_`qrF1@bY8sGwK7o@bA5U?sYhhcAi1u zjRy0t(LYEOPDb9H(JPdN2Db$fS%Jniav5ce zl;LJOWq4FQ=&ssK^7aVUw(wIw`Fprj=h3Do1k54$&t|TM(93!SK0K=@mOfgqu&%6 z7^PMeY@f9MWA_K+rHm^}FfWLi;T_8E!{PEZE8~c5ki+uX0}xudsiF_JYLXjB+W1Z5 zIIDEc)D7ZjHK4}hTU6~Eg#$vTw%QvgLC~^a*9U%|W6(JE(*^M8(=qtVm$oNIAI{&` zSMCg+PCCEp_+HR5%)&&p3xr1EH1lLmS@cRWm^$!oQtIS#3s-3w{Sq+_(!FBy{?el+cqT zu+g_4kvSJOB7;~(FyFb*@!l%t`Tsq6p#q-QhT2nyd@VIuzb`BIuRPR*P32%@Yvp_- zN3_2V&>TKCWd=6R&w=Yg@yUX;@^(3j^hfMjjeK2&%FvXO1dMtB-Ph51H27_D?+`AW zZ}@JnMSRYXApPYu?Q z-3R3MySgU`e)d=42lZ`*w{vRN^|Eeg{7GAsen?=viaMK7+*r!Rf}@kmvfdaO+|1>X z%HS7&u|qGX4zq>`Bk(i^gF8uC(GIPLu7l=^xO4h-$B9yCzk6f2YvFA75?3BdK>pi z(TC_KT(ah1r018(y1s^J(ju$<{epR>3Y-*qOS&_*{LoQD`8U}D-1EZ+7{#J2JdI-= zP{|q;1GkRbN(X>!_vzIJmQlMXzF#uzX{dhd60MhYDYJxGHb-9=ev;!B)s=X_va(HH z{&eDCRNzblm~_joEzn1J{~;zN`YqCute9aj`{U5c^RYI!4v($i_)}Aby%NIzZkdo6 zVTG;?yIXG-7w#2|WSXLKhvlg^eCh5T_M#2EbKN?q6ZK!RXAD&cCl0w*99E@w1x0vS zem?*7Cc4^a)>2!hUU5I6?{;t|el38M{K|WBLT;?E;h1pr_wNls9&>6fTYueIfJqGwx|nM{ZPl*TERGkU6%=*Q4RAfPpg#Dm;qj&nZ-r@b>9VcIUUcN!? z$Hl>nFW#Gd8_iwrx^c&OY^~2lILv$%-7y$mOO-{>O=^%Y*edAwEj>#SKYAyLJG>L>tw=o zUM!jww$%J>LH#|AnTf~h^7UH%JT$I_F|TQass`m?4b=W!F#3Vi&|A?JQ;iFFsA3cs zM<1WnOCJwkH*`phLNAmMF6U<12hM%f@Y?$LU=S;MNK4bcWX0O&DNP3Titn0 z>cfie&WDM~W1QPwdG0L>r67{^zUARwZ{1q?iQ!naR+CITvRc7yH8i&or4X=wHN#n> z6B1{a*$nY_>y#AjmTZq2Sm?QocNyp)oU1>OX zh*K}rfy$2b7H#U7RTFmcb@uC9&=f!TM1hW>>bY1#D``Q4NeREzm1csrz`9Px;{s<) z@DUkjs|+3IC@T56T1mbVqtCg%2s?cz3~n5fG;rK0>8ZP@MD%;7(w>iJWAA*BVRdKP z5eHKVo-3NNt2JPgm6#FCs5CuquYUL99q*p~qhVWaps3GT&h(1`b(?Ly4ywxm*NKER ze{Rj8rqTWy>~I+_9O*nW@caY$`RXr|>_?`MmPOVl;ioPw+Y7M$@Xi6=&O!D`c+e)& zc1~pgIoiVefZZcWs zIlci~Z87#IxHyRpVn&UmsfI25TS;)+J)yhicfv(3pikKoa}70gj-Hf|`#J2@eh2kL ze9$68QaW%C&AX3!V)C-?2#Tfjz2XGvy|#Xep={}(oiG9#UbJD3M#t9h$XTaq?0C#$BUbTi2Uf<|fuAT9|5WXSzLRXxS zn?nsQ9+7WZlZ(mQI&=aPZbGS@yW^k)d5ga->Q{JE6u*J`SM&=wxdC7AQS2v>hVQN{U{f#d!Ms2;QAGC*A{)}?!Ks5^AUL_0#+Lzd8lxBlX+K>Rj*j1F~ zsZD5{bXee)oxx;pTDD321UX=q1Lq7ys<*fB>dZAvMtAWd`-yU|i+jW3oftt}n>x*) zu-a-Xd?a>Kp|!O{KibK!9uM4^*v5m9^bY&P?vK7Lxw3t}G_NXN?h*bQ50u&U$#*}m z24E&AZG1KC4{s}7gNIaqfL0j)%ERi1&j;j;6^VCDJc$1N*YhFp9`wpvIFyv z|1+}v+QqJ~Mfn&mXEK6+Bm#GT^I_ov0(=!SKRa&WwEMp{saAfv2J$Q9h*8c7+P-gr$++U*d#uEWvcaQq%(gH@jt(QB=nzu z`oBAi|1ZmdzX7!CfBY5vpTeGLi~Ts4#k&Xpul)kprW8BBB z);get*rgauXD4bBp zB2XJUeUzI#W-r;ee~60pV%~0AAICf>^uX^SqB9Jjb+qJE68$S7@U3{7hSi}~%Mai+ zppqSNk-0$`D#?nY5;^qiXYZbNwGp~OflY2`I?k&&b$7hkeu;P5)H>tuU`3CPvn2}> zrW$-CUu?&{h~7?4-NK;4K0Q#F{xlb4+@^m4MA5&=g{dIm^r989hu-BpIb5qWMZS>x zvnJMHZnH^TPumX#^CLU1k`ycRS6y!~WI0?Zvvv|nxv9b9Tb}=qi88()L*Nn4K;YGt z(G#S1BUruNDt_pb`FAvAoDDQop@tf%fu|Qr+*HEq*hzyHwh+(ZZQ(78B0ICCP|?C* z4}+kH;ey)vxqt!Ph#LjO3vvBnJ8z#QUe3i#=f`miTa^@+up;CiqlW@WVPl76c7K5l z;FdMsr)e~X?KGzy=)*|w|7I%_h5D!cJn1I>kUXTbx51Ni4wJ7x$xCbf*kIja&xmbW z>U!wb(%M#1vL~$7y7H=GwM*P#I%gq0{QYzjUjO73Y*wYCz1wbSd$(#EB0e&!F_my) z_n3cl4=la@@VROWUr}R3v?^4xdMW8csI$ffR4-jNtM~3Kp(XYW+3iip_#fR?t~Gh- zEsz^1CLfB`TZ|1}H*`nt?ieNk!qz2<1?qNqIhvcEe4ZO&*N#-=t_hfD;9 z>4Zsb{miy1Yz!I3lrRGf78T?N6gje1gWw_kG~n5l>oN z^u$}XA?I65z;nH2LNcdy1q%NUd+!<5)c$n~qaNfOis(^PK;YPss!~EnML?zZ-lP+X z0-+=XLsalfN=F4DK_1>K1R8EX-Z47jm7F|oR_YTs185S?1zyLe%^ z1-^C*JGhqaf4gV5zn-zgwSP-5(o?xMyrL%V@_zpI00*;uK`d`dqgQOwl5@{xA~Aoz zxzv|CA)qM^dl(--LbTZN0XRRslJ`4cqw9_Tmj%vGD3@zk`nE|}IZd*byQw1kjnD~0 za==1t{Y+W5mWri|QuQ+(z*Ugh5|$O6CH&4V;)znppIZb2Y}kR(s^e^wm?+yQY!rL1 z+U$s%b!5yP)J~0GTtQ(^2|g6fs-wQXkfwL>*9?1&inecu6a?l9pMNv6`HCOex!V-z zJ?Rn-n}5>*qK!UC(*sbG=Z7KYPAZ1{0h%UI===wpp~$}1%iHAkuDE-YA>(jR=gku` z0hSCCCX7->De~v8tda-{6az)j7{4?s+2P@mJw_BLt;E}GL?3I7c4)Lm-M!E*nnuPh zHopYuR^zekqMPU57Lav5H)8gwQO@`D&<8q!Hj;HecnK42H;6>bcT@C)#a++4UF>kaKeUeewY=NIN1yuQ-U%rBS z(SuyEljBa+b1CqT{MvaOpDszcR+1`dQ)4r4`l%?;8``^&n4))=wiKV=8kY}I1v&K? zCs|Y<{CJIl@uaLAdFdA3WDedDRe7om64M3*YmHeZ^UHf>3zb@^+jc-#U}JMJeSue# zsAr?h_B?#7AI}dDwp`5RlCY}hLdxP*v8j?(HGHWT>jlPfGj9VD$Et%Q$;~9%pKT%& zPx<2zxmBYlKndVmB^1HLgWol;Ko73BTkYM?9|(~THmHxgm*tKp8FJ%QQq@yJR#pZ~ zqiP0%k*^U{X&ZLZ{TSp=K8>MZVB)p#wcvleualGj`SQ)l?Wr zEqY_c|7x6WtG|jN{av7`@USsiKF;7x2x{Lbt&M2MaV`!rv3au0576!%r90iIBe}Y- zTCybExV{$MnW^p-JZE3KJ#EN#g8AJCL<^(}e#hQ`Ef2lc2N;0!?MFwQk>A25{GXd)3 z4LvwUb*4fuDGgRnd9rGd+Pgr&N~DjmmqpEpTMcPwaaG8H-^c+H+%AAVK7ky8M^TKo z2$Q@blE^q6eBBdOcX+tVG-B5_)6K7PqQ#K1S*~xBU7cR<{>U!WdggY1Yr!S__u7Q? z9bbPs2@@jYNN{y!I@(or?5G^uq@2Uh6IdOWJC z{-0+frgg{lUTfRI!zi-1$=YoW~waD``tCj+B~*ik8<$_!3WJRg3h9K0gpiT z$eEqg7Lx}54@^oFD?aPllZiIL_9l1BmQmnU8yRGDn`29v?3YwGX=^@KBo|b8^_C3d|*`lk39I0yJg=f1l6F8;@Tj zz@VdR*jc0%W`u29Tf0?xJ@s<6pWawovSRTQOA(k%GUzgDj0&DBS_Ta)fA?Dbf{qNc zwAz*Xv~2Azv#Ei*Ydvr+fEn2wf#u9!G&tMdrJ>bO>Rvl{;e>7_&F27A1%g_tKiU@b z-gNKEzj&FJT{U?rcy;-FsRN{bxx_?OauaIENXqW8=!s>5`eQ?(^6nSe|K9`cr z$K183_k16F+_EM{#H9Am88%vaB}TeiIAa-?VU^}1ZvMwl^J}S5Yd&;?L2~Mx(j=EV zz&_yW9rgSMk!g9p$yYt@l#4a?>T+cky#h5PaAzPW^lQ2?IYw@KCn1NzYZcIp%<@0m z9=!E@vL5U|-G)X*&rE|nu?eP<0gg;`paLs*21eI}ct97OtP*Fl74E+7{~DwWI7ex# z7p=2|xA|GONJUt+AP&L-sWjs|<2*f#O9P8GS3|V6RuyTt>$xnqPV?WG-c~7$)AsH6 z$jv_6NZn!miOCDo`23#c6-5I_tjKPQ5-P8wJt%fNDhJ0s%&T39sQ6 ztzsY&GwF9{3kZ+ix0r(x#!WJbDt^s@uyYPfVim6uJbP}vQ+4w;**Yi+CKK#9esWJD zA1*@3>&JyfF50!LFH?QWz$YJeeFEpC^O^6djSTHJTE_B8-!7{Y(aUbIrCQl+?Ud3M zsogGHo#3I`jzjQ8+#MQQU9sh+pBFVo-(v46c%&du|AeojZCIoprD o~jJT=sPZ z(Ic1G8;yF}QKYJ^d}kQXMabuNLYVAPoT*WPdYx2#)egzp*^zbhGtrN;!e<$4JV@Ga&%kk&-oc^T8^LQ?NP{uOA^n$Vl zSs2= zH_qP5YKi*lzc)`aL=@1o{;2=y_?*gAG36KMEJVF7$-ChKO-d<)&9;yJ_AT}HJResE zuehJ)n<;tTUJ(2)KUej@y$3wpnC}y@spQp1vb^Mk_g3%_{-!c|In+4p6u*=D$^aiv z!f+y%mV+{iow5y`n^U!yyW;LxgALmWgIY#~8UfYhH)!`WoZKEf6iKf&*yiHr&IzSt z1)1Z;I73hxZ1gp(r0nM%j|WAHY?(~As1dg#$k(WStr@c}7VD$f<#vIWSROvGS>qI1 z{Sg?=`SwqLT|iDU-f`d2C2QGYw*RMGlvz`MYCHB@mo!8JW+Ph6*xvJ*6%w#wj;WpxoY1-(JYIUXKUBzVFejYP0=O~%Uy1XC}| zew>_x2pd)WRt=;)=*Q?^8d? z3D04i>P`%bq~HD6n<@H@PmyvC=giaA3NmzvJeHU>xKj;*)Ol`>${A8Mx4U2IuJt*- zow!Kir#n2s4%0?NOY7f#PqIJhz@&ip_Q+xa;PJlwIv;?>H9Yo7q`QDJtW~6>@5hR5k&X z7?W5e%InoAf_M&%LpTx(sgmo*)M$6%%YW?%dgNc`Mjvfiwy6}@I@6*qJsSVYdFuYfBB|lO_R!Da{efHlZzd+V9OiDk67Y2 z9{{d0N|FBJCDR;)+DoFhWhUf$7GuZZi>2jhHuUPCj zjtd*;ys~Y~3_6WS3{o`(Lhc*t^Le*M; z$8F=9gJeQMQxUMr|1D4+u^x^_z0OsLnrBZbVOmm2yv!Yo!A4!*@IZeL z^eei9de<4Hm!!O&GUF>inWsFN9R=U)Zip_^{hU_w1VeX(H@PcD;1w!q>srQ3n?T!} zsB7mRo2x(CTrROdh}qmVAL}%rw+Nj$;)}=+SrJGiH!l&?Fiot@Zwst`;M~)&D4548 zC`KooJ&0jAto2s$F5C$?M|+Mt_NYwvln+6{nCY!v5Arj~sMfR~RStN7`w1<3d%_1T zvq(3a`HaOQaYJfr#dH`=|JM@Pru~OcLvx1WH(}erZzXZ?(<#J9PoUh zyk2$vA+arUb$fy^`yeU5d$mQ$7WFyPV%2h4^y|sS5IKnn<|Dw=Xs@SK+-Zb!%L?C6 z;pn7?6oMQ^RCoEZ0;;_@_28vV$h`%+7 z7Py3iHWjHVix85oO9|gC@6Q%9H}Tc)Ku|w`?yjd<@{NNy8qC}2LGbUODGr=J*(H^DC`z*9s|m^Bq!n*e^d!5S`?)pxdr6+c_5AoFNxN*B$Q1Qk&y1QoP0Y%?fhan%9c7utlv{P z6$8RlA?GBX4LuF87_9iD7S7rR>IbV2i66<@Y+f9koK>+%(vAh<8CjNnT2)+W-+nSp zV2hifboG%4I|H5xzu*1TSIidVn)^BpwBf++rCZ;$>KTo!YHGTWqXW?*cq*CrRg2Ko zS~O_E1dhDc4^hNMiyC$dQSLCa8OD_kXELcJ0|g8*|r!Di#?>k(7|PGAB)c zjP$s);MluTIr^nMYu4QtDS`7;l5|Mp-|HQu1@mk^N7??a_3$kZY#yzhfx7 z5N(DvWO0dA&@Y=0%kqH)hDX12wH*;Q%z|jSG>o+dP2Xz*Ga!H4We;Zl{%mMSXT%lJ zcN5{hSn49_ziUZS$;%X}wRvY5;uM>NKbwtp3S6Fi^+J#b2LEj{)H8doS(jmJv$G3FaIqYEKa`52jwzN+TT3pbRRz>%u;!Wdo}PCLB7t=y{=7XfI%=H~mdt$qWu5NldkR?HGk`T2-fF%RuG zf6{|fYl`PMM8aCR)X^O|gM0%;#*BjI(5M`;uM z{_E$-w^{XH&@RKr?n#!VmZ$`K8-|t51aK?*LPK25$UP{V`G7`xl<9sGe~) zt+pQvx*ZVq*?rR^MJ7E_yA`ak^Q6U@>NQjcl>br@%i@LfOhjUnmI2bw8nP2~XT<)v zv9EOmJwXWyahUF+NY~hR-^9o2SWcHAgG8K=-B}FY1^$@Kh&5*^o52c|T8?po%@8@3 zaBpHw0tN_^>-^q@kAkW8CQe(YZC{#g87>-b|oXQ>y?xvoOPN;zWqepLt8H@}63 zoDj$**>zQ>-YtXr6SVGC+flJuj!E<%x<#VZPmN~n6sVHB=#K)kzGsE&8QYmZ(f1n0 zTa4WnckB5tDu8PxTUPU)Q)H5;Na(7q)ay~|Dj*GhPvSl&r>{cxe>7dV)g5I*f!whig~-XfHEU(ST|LS{Gjs$dWK;!)0V zZqImL9>-q|GVNy*BOE6{>eSX*S`Y2x^ks*`C&%$^0DobyK;ARgzkY%9{Mn--z_|#_ z#p%Hf0Mstn)do;L=dwP`sGF#rh}Fclu4i9(G_s(dm;W@#q4Nyc!{)rG#7ga;QbMB9 z?dFk$o1C>ay+DWAb@P^B*9aS(AL&+bsmk>F`3Lz+rv1?bX; zI=)x^Fju$iod2~I18hfo;-G zKXv`bCqdl{NBzHuI@=(Nts(39#GE+!H!n*rN(PJ}Yi(FZl2Qh;75GF~D_RpR+Ry#s zObtmG0Tnu|gvGiGC+OtcbjPK=kqD9j>}r^%XdGKBlh%eCpL`1N-ZSXbUd-HS-Nh`Wlvg0$x1MLp~p43 zl)i=gSZ<_mSa_4#<1oOa-?g|x`p~u z>_WkPruj6v)Qyl3kg7-K>72SWKaBjV+FmG8z1rRf7DrIxa(CQz1FR)?Nx;-gtIcRd z^hP zcKOakb^+E~f%G9bOf@jkJuo+cF6(y0iBNAtG8a`9Yk!!`aI=^&pxe8kQ_cT#Jjm=&6!Pv?iQgjMg* z-GZYyp6feuP{L?d3-6rqlC8&+QkwS;LKKM#-}<^Hjd|PAlh40D%n%*ntGyZ&IlaGw zVL32_ryW+ESQAlInWv2b9>GBdn+fh%fpX_9;z4&O>v(Tw@4=5Zgxz0lUfGys*2;l0 z)z)Q@I$(}TDlFTM0xjdGF7rfnQdpf|SBbfMHLJ2jW(~Z`X=d*_W4<~nFly^NV2|&T zA1S_ECbEc$-)ko~??o)?HBoSKkv2i|o5HJ^L}pqIRWAKthM%i4+o49SL4KE#f|^G< z;uzn0+PKOh&#fTrZ#1q23Z4;?RN+d7pxFQydrlq#MY zP>#SlBrMx>?Z#;Ci7>D>p{>+|ouw=&BE*ei)=7;8)hGk=nY{<*4GCdk3z@9rH9aND z^x%HhWcf_~>mK?>)b?aw;L-vkj(xed@B^~bK~NNWXzjiC{P6B@PswdB!*(f^>*n7I z(V-vMW+)gjVq4xuDify~`E{Q#>a?!jWo{&qd@p^ijc>AOaob1CLUz4{rOHxq_S0pS zg}@bSg6=VkHmz!a>=BnmjpcPhJLfqU2QT#c&6yGC`4EjoK45PdAEbgZj>IpVMQqq+ zzm01aRZc{)V0=I)j51l~AOP3UUx6kBJA{b4kO=jrT zD~TBT(ooC+aC#lj9AzPinyjTLm}0TInhE;E((1 zP6^8n^Z2?EErr&D#n8QXwJ6b;d0d^j1ECJ#IH;ndazYg^yOD2|KsN#vQ`FAm*gl=! zHV(%`6A16CCztP%QWg|(>%2(~BCx7~2S}~fv&#%C3G&(z_pP0E(!p}*{%!}O(%@UC zZj{Bo#>Y*YBi4KG450zas?>b@-E4))p%#p?&uPNJFOYukgu)F9Bs$Sx;BBjE4IU%l zFlT;^Ib}uNfL%?5KA0R*rpLMrWdMV<4PX2Z+&SvLt7$)XI|srGgYy`8C$a75LJi7f)rE+@?!R#=`>{b1ao}j=lAS@3T=O zB+T5I3YZSjhP6V>52fZYsknJiAF@rOcbKL6J;nc3hI})J6$#ye56~+tRgnw6T$qz2*0nLsnBP;Nc&75G~jt_(bk&KP2b;)TU_L<>WpX4z75 z`ddpqokAf7e|*IknSq!~lXaTc&z6Yx{!-|p%aXyh6dXS}&7kpgwN(wZ;w8>~e5ago zO_MyQ7(+bnmG-w>;W?--1@1WsubX}wmG&^WXP`MkPCoN<6?sm|&$qvzZecZ=eTbD8UH@2+) z66z115$0r>ZZUI~Z7#Z45A5a;L$*6Rf&$JxtsT}f2i4v>Uww((AlC*j$qhxp6L4Mt z?_jkC4Mx4jU6t+tDUdg`_6REn~x0cH!VL$2Pl6M%W)?8vRuWB$ix zr-IjOKNUfKI*?TX(F@pNgA&fq5$Q$Kn0L5bf3FH%>-V6^gox?$(t$4?0;Yp6!}}CF z0tM91o<`bN|JnHBH6jU%7#K={Ew(ppws~J^yQW|^Q%GZz8}V>dZ4kWgsjrS4zQS#% z2QfdCL&RRty}?vYn=*6^?;X=R6>>svNO9(^2OKio$2gh|Y{>Nsm+w#sz=uX(BKzaQ zi7Q}per}P@dFaXWF_>=pbRVN-ZL?xJf76o7T~oCrm*gOqwKFBjY{|O@Q@`TWKv4+N z&t~J2mJRtMSjWr%z~sXJgO>Mu?6c$7PSQlf*yJp}^j=|Q#445RG1P(MF-n^Rm09)nvHA&^wfNY(Lb8cmw=L zNckmvRhT$q%%J;k`4z`EQT1ohe_XjxC~YLCbs|>l=z<{G<;i=Q93DBN1Ev0@IP0OH zc$agkr%B5c;9Y7kej2xJ(^H=hqqLO{I+_&oz3n=4_V2v$5&1vKi4oYpf7RdTI8=`Q z&);^``JcZZe*XWA!2c#*{-3ir|3Aukyw=99fVcCzeFsMLrqZr2sBmB>>mmy#>--BO z$w<%iR)t=Ok0Wpab$bG?%>yoFLY)Rj9JbZf$*(KXJ97?qsnHAvF)vJ>U&d@{)^wFt-jQ^ z$W4ujKba2M_C@py`?s-a8cUc(jKL zz0R3PV6>JQNF&-rO(%B0s4-r2ilGk4f#`i?Z zW}bBoL@aQ8WM@UmZn9;Wa@fxg2i^j-@yPXRp4E_z&cz^oW)&CjJuQGgDy|80Xq8l1aqpbpWoTDm>1@qOn$6y3Wh+}p|^4hjzOGwe+&1UR{nkSey{$;ohSDUTfi|)NM`nipd zthg+2#gC`m&;xt}sL`M0$B+BB3uEnC*vwJWfNc^wfW|`| z<2#mxpuG!x~|E@q54XWEkExex+ri3=<6ELKrz$PAR8uTUi{Ko0Pan3^3&UFYd?c~-RMcH2`LFLq1ig3;Wjg; zMVh$wH)bO}hU^Pe$7HJ}qR>X2YocIMAhte4lr6x7tJa2l)6_MU_6qWyESTl=V%IW| z59X?`or_8=qAGuk}7YiyRq6PO~g8poLFJ;pOpyu?bI2viw@^q;W^WwS+ zL#ipo4;`%#0lQ6Xp}`g6NcohD;D-Xcu(sizytZrSk+-m^j-`h2!|f%=^|iL&Yi@l| zOCQxhv<+!2UvDw8!T0O<-6HReGV9qrevl8l@?v7*NO68c){ z3-}qDJE6b$7WUUKKE^pyf>-t&-_eWQK0^t7S`fd_AH4sN23_ z7vY{@%&5u&x4;P9>2pTn!}C8=q%lL(GnGCLgtCHJ*`mOiwJxXV(&sDkz;vRRbSU!4 zHjFaPA{&YDq=u4qwIeg#ewR||m)Lv&*{fV&5IiZa^=L&EMR0y&zQTZCz2TcdE#BGn z1adikfF|AT7t=+?GPw32RT11Z$2Bpty*b63+GOO(fy7O=oOh4<##pJGi#MwUZrvg+ zj@OXn~0YY1DV`(oyk&z5y-fKJJNcWSPaM>{-uZclz*@U{{jM;w&3 z`=T@|)t6~(;@~76H@JrNv97^a8-Af{`o?zy%f@UPrB84c=^j!dMZ(xK-u?0%m;G{I z6&Y?lN=^egn$Ug6Ja&yxNc4+X$p+=~ghXsbN;|pbH~fMoZeg=$n*^d*IXzYJuAZ7S zJQQt&A5b^aT%<=*?>2!y(s$1uKp&aUj4>Sl(Q9zrtUJl!+P8EZ-Jvq{Bn2f{BR0Kf zd7khfYW_Gn#%aIk!gG1vz7CL$QD4w8{Jud5ZIHV&RXUYX9XX2@f7Rj$b%^3W$VFli zYgR6?{@cu%h*XZAv5IF8<{$9+T zQ{{Ipp_see=YKlWbg&RM^BRneTz#8{{7bSJzgvVy)Kv1&7IAf!&J~m!e?8)PCeSYN zqn4;(7Fox2YDIlEvOK{*%r}wW@5AShjb*4l?&=S0=G!P0mIxba+=`6R_qp7?W<-kb z_zT%0#eI4N-0Q!t{%1o{f@4EtdX-ZQjC;^R*0TSSB3t`~3c5=g-Rn6f*7_XWr|Kv{ zv>G}%^XrB)zfF=g5-ORGHUd@53~Mi{rPt$Ax1(cr1MR2=)w;9Dqu&rG0}RaR?AL+A zeiPM182LK6RV<0DK6HF|*?e;BDKVp22l;_6XVbMjU9~^jf-04jfw6Mi60ea1^{)Of zpr~O^q)q4Ww7X< z>DVlMBN}|IGHH8zo1^)YhNt(Iav`XK50-E>sagY&OzDSLEc>;UZWzDx9*r0MC%fMv zZD$?(mf=4L%&^}tFDvp#!MM^FWTglVwW(+RvN2Bn#`R&yNXf0dry`0BP3V}pLQY6i z{6en$%GeS0vALKC{=8for6i9?B@MpTgDaaY$7%?0p5`_m>G|1N%`%EO?|SCsl67UM zchNIr7Yj#z%^|S)Iqo#y?ENSRj$b<0ZI-O}`Pgsny#WZU+oIc<2Qlv46ZGNb+YkK= znE_hE*KV{8hn(FC#-~!)4MD#HBm2gr)xLO@O2~p|W|z+AD%ul6)3po7eYD+kg)Nho zkN7m2gWEiC=tS4$cSDjtjg?>#aWmfZHgOLv#C}!CwaS3hi1S!#Li&S6P6DU zemSBMtp7(skH)WeI(JLKEQ!6wokyJ^Re9LT$to2SVX?ivbFV>$w0VmMY3_*2zsV1? z>9c%Et+}Ur7iP>Dt($@%VAn0)?&J;?gS^w#X-!G9C;JlmYH|h=L{kQz>h%Zt&VO(9 zcSBkT|EUS9UbIc-olFj{9vr06IdqHWg@+Wh$Vz!5k=o3hMs(X|{dd-X?%bmNl*pIn zh5}QCq=MLai#u5gL>Jh!2jVM@hZnrmy?yV zAClF%d((*WSq&o#mm2p4Vu-s8y#N7V)3OO{U&5*Jo0e=Dvb&ICL8iiUP9tm1WgDR) zTOHcts=&5(g1&j<#X5K4=q9@Q(>swR-5UvM)UOwi4LV)!ZW(0nOpN3srZ32+OJas~ z1|WDw-D7N1QEkBO$=f94a}e!~6|<^_S~KM}e(YodA!*-{|JY$m{-68M#DCOT|Gc79 zO$QpGY&lub3LC%iG5j)cCjHM30tIXL3W{T2V!3ah32YyAmigrYVWyQBBTZ_CZg27l zbAI&Jf}MSz6Nd*s6;rm*%n4TQ2?#m`JNJ=uXL(|}-1G5==L`qF*dS5Z+|&cPF6+Db z3$Zv2FP1a0m9Z(zY9?nag(l|`o}TiK4wV~a22&ZLTcF)NVX+qW6xN(GUWh)h$T`5l!}k}#Qo-s1QIe%xKzc8Pt)##d;L|)0sC%D^x+~M2SQ?e zB8_5hXT@0+^ks=hSg2o%(~+@b6|UUnjA`e7h6@=LmJ86BLxJvh*-(XHb9>r@#}sPN zKFt)57dyp=ghXdOirUg@3YU0rn-JDXIF5CBzG2fdqk{Bq8eVDB61F%TkmuTIUUs*z=`Kh4m_Lm1_Gr0i}62D zBU|Gc(0AnRA777_*P)hbI36BJT!_aOU5xazsdGuTl4-}MPC8zg5g#}IeJc5P_?h3A zk*{xt7ST;UdzdUA$yU@15aM*Eb>3kB0K2_+e-+n^a`8gdR7&YCbo=2zI%lKl-kN`(6F> zOXxgaL4iBVo^x-w9&sJ%KB>eD5s;F&KV1)YTwr!d$eW|frG)&I^$aG8oOO?UWwW`2 zkB={#l({RU`=6z?_i|e%%M*YH3Ms*9 zmcQxi%)Sq(Npf$pqQot49KMwVB9dkx%L7J!n$mkC#?#?lk}&wFu$>?KJutXF-6GSP zQ1Y5|S7t^g*ul6Z)Xn#L9#^>G^aULD5!tWGZ*f;yaQxVXaKBruX+*gJFKRuFE?5+F zm3%S!l6r@3nuwsmUt|;&Jjfj&2hwA~)t_1^Z{Nt0H9*imA57Qs;y%Ff}hk}Nu z0)9PZ*zXF^j$3zRdF$)(%~+!=;eIAvjuaE78GRi2f!1$f(?L#VRlATHz)f~ZPmsr? ziREPtNGDkQFH+J1Xw1`Ga{1?CP*QVptCjw%Q`i2JU=Zg*kFat57j^)o*4e_8KW+t^ z*#mwGoL|yKU$9~e@H{ee1=aNh&WmcE=GU&gY3Nb~UYkI@J<7ppBkRF?tBP`C>)~X+ z4jRA3atMg{MGOc!3WPLDQ|!iJMwk(Z?WrpQ^W>|QTC}i9q2E48#Dn1zPvAOC^ll6z z;ygo3ECR=p$?4qq@mi0iwDRiS6v7=zsk-P~P0H!0ZF4U6-RZ4ud4*#(W#;7)q9}3C zXWXa;lmm9l;~@{N44eI{$cVZAfZc8XL)WH!7+pt4GnMidaOtvsMx1t+vBr^kvPjcebu~KKu`Y zl=ecCTVl<_4f}4$2on^8dvE2xBSZfRTOV!wVc``{Ez4C|OzuD7!g1$R zs1nB=whKh-{Ogv~9jmgPmZ(g<)Bm28AYlK0K%dPNT3^P3f2go%_S|8UlhCv-qsu_3dL0_I|9v={ zwssy#es#3NLeHb+91*o>=+tJp4ON#zP34uPHwPWl@@K;bR!&Y0ZCw=T?q@IPxhcIN zl>jRqa9Jy-`m}#rs&rf;kuZ-2)$mU@FD2&gkD|kUYG+l_u(`8}I+V(Q)jn~KJXM(2*S1ZUH^CFhb#nQrg4t{q zk_}LqsP3TbkiXi?bNk{6-OP%DDlk)YyloWYbeH;`btKgP2kKyY3$8l7H?yjACXvNf zsES^B;6Kn)!1YHkFT25uRs|^i%EA$Ud_L}nkyTlkJdqFj_u4of{`M&&<;?RN+fu_k z)&;rX*C$F|wsB9M)nwxR>rGE?6B_tiG}kVYDCanYY0HMI2W-T#S%iFcH;>pI$9aY& z%J$ac4?Prss&4mRwTewMYE+N;WLp+n>xgDfkJ8zc-MmF$C}Vd9)3mw%pU#_uV}kAN zkev8jcHfQfYc?WeXFu}6kDwQL5q~i*Bl``PO3||qPDrBJx?-{M%FrhhYk+vdFTDVV zHL^oXSQ?OvFT9#Y?C(tdH$0z39R3V>M#Xb=+N$6Eg3N^%ez6^jH2JY4aDw7(O>Uuv zG(Nn=%WBx-MncNOx&8LONT8r(z<{s3*xjFOW$bxQs2L11LSC-OY=l>}JVsX0z1c+x7WJVQh><5% z?aVgtyQi7-9%_L-px(Wi?8*(5U@{%+>on{e{uu70VIOty73R;zdnSNe1|ds)FBJh5ljaE@;D39;3fJ3x&T<>0$;Q47`1z{m7N=4gQ-uG0 z{J|&KrOYFt;hlH<(WGsc(1v>ovTgsK;2GYRpPg%nJSm^s@vipEu16w`pWni+Oq)z>LZoRYCrP6ZBow%UNPj} zA=|WWP%+rv_rQGS7wd-j7zE+Z`Nh&{`8|w7UGP=X*vg~7gpUtZ5?wtt{PbjPdD4@a zx8yJ2?>5ZVe4#8!prigBS>2I|efF)mjQzQQQ&!+wMi4E=$ zWE&l1;1mE7woRhRd4a~s7d%4mhC%-X*$evuf3}JWwy({ z#NagTn{K3VqXXKCRzQpCy0$v4))iONy}Q8{`nigUHob{;NPIz_6~BqG3}<^OpmAE7 zla0P!OE-%x(2E(%Wj1~L|8^N1Zwk3?UX$jzEpShC18oF^SXElV!TMZCP^kF5*)iY`V z!gn2C12y9LD*e&&Bhz#q85ZeGlhH_R^u~yCewlXox~#6JCbk~j6tv&rNwHjU%*dK06&6tH9rrDVN{Rl8~shcKa8~}5Vklj!{k9@U^lt~qsQ|kK1`1L>nPb& z-IX65)Uu0uuDkD*F*t?T8 zQ8OjAJ54xqE2$(WS&bTaPl`aAWEd}L8%Gqbc5&RH-TLB_^Bh1K%a~wqw3)EUNfdj?Kb;7QFLYjCUw+bECii^i8(EKE zBrX=C4|V8N>^eg4TV^(-VIO}E%)E1ZWr*i*BDwXv310f*uVt%}^3UE6SooiVd*8I!2h>~gdCA;kSejS4Axb0m(?E)wa z-x~N-%}wQhTg4_$L3g+Y?LP_Kwh7|xLW4A)R&V`e8;aC5?3tEGmkJeWl%x8qK?$GJ;EV#1 zAfA73@U#B=Y`*hHN0i2>-MIl>m}6eGM^Im5@Ao|ft)LjJKtk(&_W1xVmbhb{G#cWC zh@|K?%W^N_IzxMxx1c7nPguZc3USoTH> zaibj0yz>#}zGt)=*|v+K>#@;w)`MwC6@bhZ2EwQl>`pAzdArmO&2%_u&1EAL`A?!6 z(Ypo0eANeRM1=WK-fy4#*TD5ynVFF7w^U@+OuO9+M=T-K&I$(prC8`%amSX{aLWg< z`-it!;#Sn3sf^wZGQ#oG*;+9$sXmIm$uqV=^0VB3*T&Co|69T?Z&}2yTbxv4YhWAs zkNAzcjxKaqY+Jdt(nUEj-s&-(AfG7P=@CWyC`-ZmG+9&<!k_Sc2IR%dT}Xa&aW`#7zKAO7n7{4L}5D_ zVLWoC84gkV&4)65=n&}NI`G-L4#(Sv+DBZ7Q;T+>pK>;=F&HH&m=qXTF=<9tTXbJ$=~zVQ6Zjh{kCVOzRYT*tfy)@A`F~VvqVv zO*8Be=W4<8)ebY{7c<3dpPni9D4!q_LHdyWb~Je-&g8s8c3xca*{&yn>|uVJ_^;g6 z7esdV@T2CUt|8xclq%pW#TqmCZ^YlsW6y_|cpY13qu$VuI$IZmmC!eltEmYjqkE zOt9ZmI@><;VOuBQH%$WDfLIIr&i zNPVQ8MD1|(Y{iE6PM4ExXX6ZI zU6gdbwajIYCP-}qitMjw5Z$-+XTY5^db$0Im8ZK64>tNH|NZsz<>&la9Gz* zb=x?^^o@iYkM9`q^J}d?(5Y};DV&SFaibHm)~e}2*n4hmv^N1zV@QCGu4HYj zNk`U4kEQxL+wOiB42=BUwMK`(>NE0pr)OoJ_BVUAHxiCC4(0`<*?Pn2wS#h z*h7MpoBl=f*odw1@!qT|Ou4(kZ zkk{tS7Gyp}8Q|z(B}D5hS=keD>UV9CDn7rS(sufw`_uJ`6hD26Hm$e}rWA;;P6S5Z zC@ddubc}U|Ra<}QK;yJH3Qm_wJHR?@_;2o4#bK&!ujT$isPIyl$hogqjlci5+Rwh1 z5%ZsFzod*sBM{vt{Fna2_5Eu9k`GYr-<<=h{XP%7>0gA@7;^LG^2Xlf=o2l>NV>(j3(w%}nUjR5RXfCFD7$J3Q^2$sx z=FI%Xfemy$rDq79p9&mRbZ25g?s5W;Liqicljz?9<^6qXM@)&j5JyaLU0E4Q!jMyh zRQ74AfR=ByaEGO|Dt!Z87O|wyI7#&G-db@TBU;${e?TzJMhknyn+#3ijq|xDz`xf$ zcS~>F`XuwuZoonXs-Q=mpf)PWxZjf>zr_gZW}H*|c2rGs zTc0i$6lt~xyzX^4B@WFn?Ctusc0qK<;6kjdk2fzZM_Ughq{JvEFIP`)S1!3^)Ud*A z)9VXwg}CDT8qFa1-CW&EdGB-_v{4~pugcPIEkVr^yFw@2t*hi;1nDw#nWKmgj9kS> z>?Y;pdmx=DSf#K3Paf&$M1u8dLX^501Oer9ops?fGXUZfPPtAf1&Wr#$nZ+Kr?Yby zlVD{Q;|Ts!wIV1C<1!q2YgSdTo7>`^^jg%xiP0wl%qykk44?#vnX~@O!}TRjg}Og- z(;UOGpx}-2$LQ}@!@{3dPDDP!pSuNX)ZtUF($)Emd<$#|oN)1PNAe`BNyi~ODWZ=Z zI@mg4jRsj*D3d&$c;D9jf~trPPG=;b)hmrpSP*Z%)aQL&06Dkp zK>=b_WTCQ2Zzwn#!2TWj>jtB(jRedB-Uzm4YR^_+7hQ^oMvfq3#Mc~ZwE(5!seMr| zS|3i^lC&UItIwP>dWe>b#RVTziLo}8+#pa-#qu6*RDM>Q?Vjt98*qtTSKsYH=G7h&3Z#?n^E$&BAT>C^|KUQI!~GIgvDMy(H^Ojj$#=RykG+0eRTn!Thr^X z?Wv@5hNy^icb-aa0iLYX2Dat4HGhj*#f3f1jcqwak_?dH_Ix9(@8H^G0C%vt6G`kQ zYS*BRV>Q+8P~=a{CY}`xcFSV%mT@a4R4fmNW@io|O)nRbGX=PUU6`o2E|DF<*!=$B zk-mX2ym6v=0AP%7d6DgmVOs%TtP}2+DI61mT00&u+-sk1qjwpJzxjhV6C<#Fc1@`*PU21$A>skX+18nPY(?a}gkuLc7=$6Cfjk~6z_k9d z>%N~*U1bZLuekAwv|`ISr6*nx7YXkGS&}lvFdzH&Uv#y z-Q%?;iUD&k7$DEnW86*VmF0#Po_CY-kC~Fa0uP$9hdDoqcXeWM6R0gHjbWTg7j-Tl zHhe&6D_kzhYoJj`fTJ@n4)7RoVRcfJ6G3t0!aA3L0<-8fdH8TgrZ0e@az@D>uZVsh z_EgcA5Z>|5&^PS0h{o+M&xe>soW2R{vZ)m{ZN}dHeogTiFy%s35-r&1S-w@_`2i@{ zARSN-pfKLvJ{JrdEAjrJ_^OOE6rjpNp`qCI zZJ_8L!aTryum)_v=?N8dH-Jw1SSoN3C{2p@#{UCx)PVPQl&En0-cTbw=vjPKFzf2< zxmHua-sk)ARPv2l**RQcP&GXEB$)dGCFppnDKBe3DSs;kUkeD&Bv1=-UzRmI9D3&q z;i%mY)0Ir6;0^?@l-w9$Sr0tT_DEm0IQvFi>e^}Z;GkN<9 z1!w^G4!WrHk6zdLKXw2svIZE|IP3zX=|gm&If_^X+(PRbYo&t(syaeb=ll0U4A+uc zI)M3#H$XYBbASDzSVo4vYY1Q2Q8oVssua1)&cp7AAbn8>3rz!U^-0}A(jjppADyjp_X01)T z>^kdOfBZ|%d~P?93gh&E`uW8EX`yTH>P08rKOpX*fo}51>TaZQ(1`|MJON&T~ zoW}!mkx7p@fcYM{iK5&eDaU}>f@0i5hNw|3lM&Tvo(DI>=j;sN39YHfds20>IQ(pH zCX4l?|5KB-3_khs{kVfeb%>FJOXzz9SU%h9+?GMA$L}HE+dh%CU*2yXFFT?w>L-t( zId~AgfnbO`|KpV2gw_g8(_T(1x|&#ZU13z$(tL4GsUpD^-iZ$?J9VF2=9UsxxSIsB zvbCIsDJg3YxM8YXLDVyGMO_M>KNCIbUo2U?A$TB&xaB^@@4VXzS|Qn|Wpe$Ef-1_i z4lYQ_2+%se=OQ@28g7PSJ%Q{9LpqXnYHanZ1$c*I!}V+fn6z0TH!g#(&++J)Qm~Z zc%dsdIK}qjub_s>YTcKizm4TW+R&}!?0RUyQbsKuxu?8M2mg+{!|JXyIEwTu> zz*&a_cdjV>wUJW+k~JSV@=%HiXPFQKClB@Kn@P?>6+$8!AMm+|2EEML3f4|Gaqb$% za%mY=GWMjvTW+)@%vSPeO@}HtC3et}BiqROs%8JLHfSfA@K}Y)mC%bWkLGBbx z$n98jm zY#la*`*2c6QnmCcM=p^Y31hYH?}1}z&^6)rktX394a#NI&j-(`wapY+itfl4DJ_sC zPuf;8d5KFxl>hODV`Yi>MOD#f1~yKItR50eZC$9nHC@(*djfBe&$RPTwiM>Bj_Ypb z+N^5{J#1qXg`f)0pC5LUM|4L-OOugmj-{6@8LrRaCdb020S5lMcggvTsZWJGq~xuy zS4ol53oA)tFRFM1Ap+o{*?nrUohzovSiG^9E;nAmz>rr4(jI6>@heeoy28YY7RwRx zPP*fwCI+Cewf<|>;^rc4H%3p>==Sv$Q`xt!ch+7hfP`VaSc0#3gQo6Jx|Z=1jw3zQ z)UvL>FcR>fb>UVPJuR3Z0>PDl5dC+EH$HAj2r5n_J z=;PbFXd(4Gngqx|u{_r=&6U=lZ(2++;3DH(;mt?vZGj#HpiIu=3h!mx5L?jFQ_Y6o z@R32FtAvi_bkCs*A7G*f5qCr^^i7Q=1n1}TgN!ewa({NQbZ|3SQJoH&_bwEv5m!VP z3&g`hR&2>jt)9wXN@PU4j4}N4dtV%H&#z=M^_5Pxl4RH}$y#_DDTzI%=>7}@6rdWg zSu1103uL`L1rx}@E@ zlcTV%y;7o+5sjDv_=psMXe0vCMQ=69!RDOoTIX^Ud^hyLf0c*cplJ^Em9mKg;*Q&E zAb`9YXaePu%73untfs)8QGWQoIhJ;&5^(2mdT}*e`aIP*E9eIAlVY={Y2e}j?*UiK zpx3FSZ9hCedKc8cRF|b{$S8hl7I0d54MvKrUQm&5ZP{+{eX>wPwtdlG5^;K9rZDvt zS6)H&>dr(x%6s+NtO~vs2><;2 z#xWd!W!o`ztYqe@EL-Ft!rOIkeK1e3uKt&XrSjM1i(uu|_VE}73-jupswyM&=cshu zPFlcZRsQLD3!Bj~SkK#P1zqIco4eMuE@OxT(F1h!gPaq(d#!M}dQN3NP%Hcg%^|@| z9_{;n;|q{~ba4IGuI*34IKY8oxe+j>ZyCD59{uWK_hkKyTdsC zM+ntozigf#%g9tM8ZFVgyqL@pZX~!9SmPML+6;_RehQs3sjnXf|8<6wX96);zbMw= zmeo|Yj7Yk$>n}F%4^^=Q`1q|tUTET^E8mGDCLo!NWn-){=lJg((s@DAhejSyumwXY zemoY{iX%Byid#ckt?>;xRsGJl*ZYsHA6#<9xkFNlsWaAwx4)#OAych>0p1$HGvz}L zxqc4EJwdT&XgjL>yB7H`9}j1-6@BP>_S<=I~ysvfWtg||K!HMTYZRE?i`zDOOo8pQU z+a_hTB|;OynJdBCTLpD*d#1iDK5i1^Ef#ocq`8@ZqN|-WvD<8a%^>&qb2YdLQsLeU6V!8yTJv69^lP!evvTCrUs1uQR z#4V`Az@LTJmqRBOrf20(*ibs8ZhxwmEMWZpj2WG-pFGmsfOupcf49*v(y6w;?{lA` zgv;a;QGPHV*iGk)gjj_|?WUDHuUtGWsc~ar(AlNONnowQM$QzH^uYX%7rr-#30~=B z{#?Gew*+XT-jH}IAt`B{Gugw8j;mhvCm&qZQPQc0IsEMfxBp4L^8$B(5GT9?cYmYg z^Q&ynZ>-h(4e?x9lZ%|nhH7Q5$3yguO9rppGGfD%Km&WPLqI5cLFgAL%>kWng_E|Ez9CK0_?~HqlcZN%R~1&QmO^RcC#!Y^?BMugK|ag zI1Q{Ju`iHl3JabEn%8LU|eK(0IE_A|b zYbTt6%eVH{nAxdAPA6vfL#ubB2DVcaytjk^6Sq`qDqzWgqdW7NkpNN9SlS+n6m^%> zOh$6u)_T25*R0^+o1v5YB!kZ6P~G+e9@_H67E%`JrnYfa*;aLCR>Ye1QSi2oF45Sd zO|-x60baUy&so?aE1eP}xTUUT+RD@y$d6bC1|&uiZ+id|#gY?60d=|5@PVRAftqN1 z-s!i|9}&+A+-xzz{*gyI-y`}-)yfLP5$z)J9XzLjymFUBr$&Z2V2JS%H~Ww232B8= z`3|B6LN(Z8Ja#dpRa)5|c!!5RIgLdZBi}?u@EcjC#Sq?*=O1TZue|#>Y{_h?H;X2d zIh|^uNJL8(rTF-b{~^#@BkuZY<+s;Bnc@cEm;y!(!7Was$}8;Rd>bkSIk1KFxuvR9 zF{R8PJFL?HYxnLNi zohJHLZ!?*{%;@rnK4XI3{A3kmwv^!<)J}K)VT;L`XrC-;H3Ql+h-)V=###-sWP$y$ z=X`q%sMu)O!M@6U9uVN*@H=>OK`nn;3m-MXFspDgF@hO`T(}!z1&)~#ha1g*^1E9T z6#-4*B%F$1+R^VDoM(4wh37|ee=2DFDE0{w*F5aBcU=}Boi|0r1eF(0R8l=9Oo+u+ z?88b05GkmsGk(Kf8yaDokeb_%C^QZfq`=4dm;r=u zwhQYWpX(<*f3bN^HTjHiXHZ3d7zY&=ociWA8)+p;0I7Orl=Ke{P_59dRPb(&GgIdw<}~*$q7Hh+B2%8PSnW^(hb-#Z4RMRd z#A4xnpg?`b_q@T(cDI>2wtCVh^3!mfN5yz%Qa<`m3L9kwAO>6R^P3L&PcV1^M<@gj z3gwC23H)ZMkMiD#)6Ged8O$-m2vS3yf(=93rwUVQb6%o@+6U)H zf-nFb7z?r3{Zgn!hAkZ`vT8eciRIyb+R(YrGu}p=`ZHDs04mE5Ai>DyZeL)DoTiua zD9|ng4rIY|zkUby{QH-A@Q5SNPTEjc830FdW^2pzIQqNy5YUs&&%UN&{kwt5%lCta zjpdRMkh$~+P1&-%VHluE_Hh6+Q7IK*P&SR+@%7W9?WusJejk|(o^d#s^RfuPWH}g! z0`IAK^zYE7zu*4Jc=eM+ZNsXdykd28Ye34py@7qYf+>!5IA~$h1>8wohdxg1tH%qjmX8&DD|Zcz z2Uv^awa+i_!xDcd+epkM3NrVMPk#esVWX!uY+3YH#Gp0&+*9qQsjJ5 zqDFWcCZ#)C!l5hxOElcW=!CBnn+4bMsqq@q>bF+LQfmP0a;8P|PqJ+yzVm6O zu7^R`>nx6Et*J$9H!GJA{uv9m)SL6}{?I0aiV#LIOn`u7%;B95k_eP1*!6l!?6i>mA-a!rD@p4ZGDh};Q;;HB<~m1|xfR6zG3|JsSl z7aXD(!Oxw(TD&ZKaW`q-ghy}&6*o3(24wP7bB=v%yEmLIPZC<5^n9A&eXueKQ3j_z zzCj!j83F+l(N+iU7B{7xjHTDrIcRyd$TCvaGk?H?b!WNAI8!ROe=LQ~*RgkQH3Tfg zs?Qc%))jO3Qjzhrg3u|$WT)V(G9q<>f>dH4c-CvGjIioJ&U{tUs7~aoABB&439mNZ zYLjm#*FPK`y2eMtidk1Y~O1n5Z>Ft$us6_QnFk zSnm+)946G=rn~5~dgZHuQ!i9WGLCAmma@)*+ng6XB9#Y|AbSlT=c|<&~xI!dF-ftVr^#uYA#b1c z02-WaKNRB#kc~udo%nbibsRbB@b+-~tqLsfcYk0g5(b$3nx9dwd8a--v{h6a6FCrw zQER2alVsbJUwt;Ldlb8biC9Kt`30wBREdewY<|G-#Tiv zoKHek=T~_+;Ol7hW&6~I-sZw>y^HI)cTK`p5E#vxyk%ns5E9_oy(?_5?;MXq4Tb`R zPhaVy9?q0P=~&~8ysDePPBAy)yd|p($}g_?Tv`VX-q6QJtsSuwN-YRBJRO#JA0Z9} zbER%e?dRl`7}S&2)?YMA2nH`w^)PAXuwWnee9ZudzS5=qb-epMMoyhVP{!^Zw!NR< zKz>^r=#3}vQak3K)23I|fJYy_KYquE%x*7V=dUyF zbTPkf?LT(Bpk2z?R)1`5^NCjNebAYyiLbQgRF02)J;=ImbiEWkd8fi9aiS~^tpUoU z`XxCTK99wFNzGC7ZlUOCa^@*qa}PW+P`Jo*+$6>lMal%#asnQCY}>!=xHn$Wyj#`p z?3aL##9xFh+l~YFjXA)m((GJ8Z%n8TZVJdNDmvChh^zV|&Kk_N`30Q)plSmGo^tRw zV^pxymZ_>(BwwF*+~=vk3-u#MO5-gyEFbNO`*pC-wr4QsT&CJ5%2T}9{=BrukY)GG_z-P}MtWmpZ=;?&N-290~8+o0) zY^KfGq3Ml}`(~@HFaBBG&!1^7vc{F$O(Y-r2FRR8zNm_PS-vUiR^Ig3`{MN*38&S> zS<}2A6YTkiP+@vN+?;t33}7$>zDwdZ5fHg(FJ7*rm>bMs?~#TcqH8qDI|N~=6+0u;379xfOA0~*__ttpOA?q zh$52sAon9G+zqq^rb_($J_tTr<~(OV6d^eC;}??q0bl|ld}`}GOU~CdRmNpXBu(?6 z0!fdZJM{KuR-bb^ERRb`ZxU14t6G(wn39qFF(4CD+|QkRPbYMpQro;EKxuJKHZFmhL|6-Me`V>o8p@%^_4QSmy%z^-WOf zcJRzp7u=p>7N&+l#Rrb46!kDtiv-jK|GBBpO80%U_uD_Zx~Be@2p7CgPn1btVjv_7 zF04a2jd&q))DUgOs>1eUYBGrufv2qXgC9%8cBv- zI2Ph(jHpN*!?aA-8{P1z-YeHkkvq$2$jpX@m9-&%2U+f7qM~2)uS{%^BXo7@e$W$e zE4beI50mtJS#_Pf1Ey_{T0f&esO~p}$)B@DQ1&d{^~=x2Ci(jm{RR>5%wv`)9N|gY zY!L{E%I7oqfZK1C|9wE8vs|!K$NWJX6l4D-HLQ9rfvep z*AJbxB&#q~8W$j)+g9*dsE}$n;#@p=rE_T<$SiqgmHGvi>iGBg3u1( z47Px>UuC5L!AW^h;0ESB4P;35Kx~KFQBzD4++rwFLE&CGf=NEa0Xq6#7L9&AON|oZ zYA=ZR9XS33M5QwGDbYROR#G1vU_YLWt)wH@PO_$x^Yd(+TJ5~qfXOclw`Web5ULh2 z7%EWeDJ!Y0XYxg`+3Y*w$m2bdRZ((GmEjOkr+L0C&yCDQg0MzB&$4R{=c zeY#QBH+ab+W930T64uPVUu`|Xpp?X}!s6C+1GwYbondhj(e3AiSpibl zB;`Bd-i1}DDd?}2{cHi-O;NeBrm}!hDm3`9dF63&$JtZ5;~y`~2>j25@aXDki-<8` zApKO$CM+13SkN#_GJzg(;;7l|#^Q|F>>ohk1c?ZLFjEgySsysXaNaT+2FsZJnp;qeKONoC1GDo0p`XFLO0zop%^1sWGLYQY-Hx)m`VHxE1`{ZG)fj z=XK0YQVoyYc*;L86U8wLNT3!r^R-OUMabDj+mE1E0^o9S2EDGmY(5{SfmH42b(VV< z%E)7ey-Yx1B3i*AU=6bagh8&zJ}5z3FUvRo7Aokax5UAtBy~P`nnDUDLjF`$Cr0|n zjHzK?4(;oqg`uQrA=6Dhce>DSbO_U@531Wq4w~F3(@gWtWn@L{C6c}az?@c!(&o-j zI95AWYkK=nvzd7Lz4qe`1Uh&NJX4QV-m*q@LNAJ=Y)mQjt6Lm&ls-B1nmKOL4BdW zm^kkkd_&0oSREMd7MNPuPVC3|^fvx3Yqw3Pgo&edBx)OGRs^)rs(=Bs;S#Bksc%yW zh=X?;naiUQp^}K! zM-0I>j+qJVf!e~=>%IE1*0UbuGk9H9{;DaN$x{08r}3q_;Y{!QOXc+MZD7G;$^j{V zRBEIswNu_ro!(|Xy&I*yW=VpDMuh#}j zJMa~i1P@&)?cdbpvU@qUc0t}A}D&V@@)~bZo6KsbXfvAv-361u*}ME z_Wn#7tg@sy`^U;@lD_?xmzZ~FJA|3@j<0ENcp!+wVHUai1-*WA_5xM~0S3D+#fC`=i`@;mu?~Voe>!+f*Gl1ud?;#_H?zAU z-l(#)jFPx8d$9L%!I57c&Ry6CkAP1cyS>jlDc;XJ258~#WeO!*MBPzzt=f`BkEQnW zIe;Qn*9?^(+s_Ksrtgbs0WZICpyTx%j==itYaH5D+wwgYHRa9NP;&dU`wL7TNHW=a zuoUb&qfZAUM1W;s(Ga}|2s#dliM_L=@YMBEL0e>gr>Kc_eM5EKPG3~=;>ai@2*Vkd zx3*8l0R+v9`9Zm3&MqK;PelggsBe`7Quw+h^oIa!?|w5AROSr^!U(2ML4ep^cr8#zLB23S zpTiq|3J7Xu0OTEc0&`Hsh4kjOycAdLn%%+RoVqXWaJaLyF3gg!=&>2$V;2G=F?Yj* zvXU7NF5^HxkGpxvn7p4lmn(^f^~h`iI{)}Qk8VkZj*^T_VCUXn)=T#acyO4zJYn(G ze5??FKX;Z1dlMq1dgxQ(>rg_JXr`y%#9QH4fmn%ky@$1cvc0iKj=I-$+#V5Q6>t9| zcNtRGeEBCy49|#1JA8O zy$g2UbnIRV56AjAY}m>$@}WPhgtWESCf&?nxF-l##p18VHFM+MN#wCzDK-VG^+~lqS)yAa_pKV;kC%&L$lDJ_ z%e~9=ZgbP$HO$4->jv@1SQ&fP=b)>vHR+vjv>gWgo{IxwdicU@w~-@}K9AS2w};q} zIaX_(H=WaORR;UM(L=C)yQq8RxRD#8C*iZI>g~qwVy!1%fJJh9j$3N9(kP(q zK%L~E@{sgvf%w^oU^?K}*sO5#sY+gP3zNOKTt-pIU|4cHwMU-+pYQQ4>kNzf16}lk zFjF?|sYx@Zn%A0>O#qT>hBv>MqGtQPC0lAomTXx-x*m}@p*Md6F?Wxt^XvSxs}VYT z%_yOqWBS1(bHEcN$J?FEOV>&HF#4kERcwDidYQ{B3)VoF)*v3!oV=pgbV!E1(JN#7 z#Ig?z&tMy2cw%MeQm^H;&K~%lIhS(C;ywt{mAZC6u02!7Z0X|35Ifi02yKg1>eYrt zGe|Hkhq*Ue-+D>BK)ILxI;)2ZbiVv9`nG{W6ex=Q?2!qVq!zv^ulpk@s#kn@WC$s* za=hfv2YN|L^e;5%yyAE-f8@@O6rRvO*zF#Sm8wlHs#kY)-L-pJclp~0osEx;2VuTw z@~z69UFp-{5cT^-k6mq*z1$vevb{6KpZ#ErH5 z#kATRcGnx@N;m#ErkkWa+%ox&aK|>;>h^MLmq`=fOzz7tX(eH zW&6*2iM^k)k@u8T^bM6LE;_WA9(F=WZzIogFu)t=_3}TAhQ5+}N;D;^N&Itn%g3Lbg`tcUqd!jXB<3pCJZad~|yxSEXlM zJxdNZyYsGa^MWbg`N~@L+hl&S#%!^n0|1kzC6WoIkb1nV2>x)pFV&i9IS568T`-oV z$Q;&;%d~Se(V``2h1PAe5qY02SE@HAjHxLpKd0DZ2d2~qIX;~szhX3OZ?$`GNlwkF zD4uz16xZ<1lrD_2E@v^ZEz<&b5B2`DvabPt+jVh*i=sXjjXyW+H@}V?@sFwlZGMkv z$AdxC(37m_Q9?8O*b4+ZOx(sWU0BX_fU}3oOqgYGJ&Wx=4EBiX!I&CNN(s1JqUGWW z9_B5Q`_*^1vbFNPvqLK$79*}5KB(%@9*6b09Mh4pbYrgTa2@hP5eeBFs}Jq^PKI%{ zke!n13@C}NA#4wQvoqdx6(kiw}O7DLVku`V{93){O~g`a(zyZHSA z!_4Jy9<|GKiR$8f^($|BbZ>Llv{>Wr44y}I!-}R0F^g~q_F-Sc3prJN@j(-JVJY>F z`VCe)GVC!unx021W38K$z_@bqjr)VF<`0czGKX{5^ks_5wU}M&Rl{xVY4*eI-{js3 zbB?MomwhKbyS?<&C0%UXi42FQk87OF4T)m}P|)4#F;MV*%5&nw=`gl8gVwB#cOo%ut0z0`Y6GR@AaEm_PWHvQu4IRjtqtT^Jo{G4n zfidU}^tRJrS-uc*3Tt!0f@DLz0X@ zFB42+e%e1{Qwt~gtE%y3s+UfkUlm*?I{z$lJGvBYOp4jH$a)K3@LbOqR_${p_@bG7 zL{dic0vJYI60tJwK?I`XgdPIitpd%$a(lL^i=jBU@1lwb z;}JLEhPB{0Lq|ndDI!5yGd9hA>) z3(L8AoaDSGlOq@Ac_Gm8O2tflnaSomRvqaNB4xU1)qeroF=5?1YH#t8k!0;)k-k#m zYUr})olV0F?^tSe0Vt`>9}j@+8@Wd0tRECie6#klP7-v>56WE z?v3QfeDu{97UBz7Quj)G*q2#$#j{nl(i1UzHVfIQbuNWD+vQZbT-%|+8f;V4X!%v^ z9Mfed`1`+mWDXl3TT04u>GQ5QVha&u|J;Mnr;9w)f0pe@sg-$#+b(0{;ZhN{fu8pd zml=RkI+tXbZz0W}THZ9v#q7f5qjufS_r!9Tx{E4+R-MlA-$AV^FL%XQ=%D_{J%1D` zK$J4+Vb_ZiVsrVut&!aL2UR|a&7y6dD>=H>`ChRJSkx8DPH$by*&u9~_*%L#C-TR9 zbuHl>^NM(qns0Z0!;``2w2Qp?To)h){d4dN?V!fdp$;~Ztax2%C46mtx*>1Sa||{7 zy-1wD%x;8t_exN-wT;HKoAr1)zm!D(5Pv28>Wd}mM-af9BbwR(4vz{t{MKHDoJWLA= ztvQt$SB7~C$GLYtfsPY}%s&%76f5z0d1$wXYT228)T+aEnOv^ZS|LTx@SF|zCadt= zMxHn~0>Kni?Z~v!x2DIWJsDMp5VrdsKuBjT{dfmIY9$vltR@J3qn+Y*he}lB&s>ax zxv|k4%a6`Egl4*I!@gEymc6U+y|8PqF2wq64wfRHRq2up1)dB7ivrANp{B|Fr;xBI zsJ(Hh?ycZ=(Peg_@1l8w@j}|0t2ueyS!Y!BKS)TPkpC`ZS0&nNaQdVSLECmJ^9OH% zp{a1btZAh4kmYs!J^YI76XRJILzq2j)XcNewOt^4!5Y z7`CCH5U}{6K6rKUI>9(G{-%$I4hu0^y2X-yVVwA&;YRxStBKEL08@bGxv)MWcHGHz za)t02>iiQry7X$9w=6&Hy7#98$|u)l7IkA?7O&rl$HyPu(_-+kb3eHvS83TVTsczr zF5*~u|2N2RPJProyLy_7*^@A??v`lB!4%)5mh-H?X{CDm$k!+;ZoC?;v8&6-+vUS{ikJLllAEK+@6-$r%brv4-2=ZA=S{Yo2Dn1RX zo&4d)1nk>KG!)rjaL6*Fk?cqZJl#Z4-Ipd~PCJsF{;6a1|Ik;pBlP>U>~3et-382G z$cJ{LjYBMix*gU%CtBE zNUG?HiZ<{p2$IljJwesTXg-J39_mPBO>xLc!{6i<6MT5&dt^NNT2OVbn8lUyaV|$; z{-L3!q`R~dcDTAFqdB)HWS>%4XlvdfNaRn;NHnJV1&V^ba zGwR-L zsB+x%;|;{kt)Xh1F}89xr79-1y0Rz@Nn^^S3m{!o>5??NASQ)}1RpNj?yYL$spWBK zp^RW5j`Z;bt4yf=;58IBT=LSKRR*IL>swugYsAIS^ujl?z;HB9*mpdnl{tqTHTyZr zHS0?i+3Bw5p!s;U+pG7`P7<2B>JgtdD6)tsQ=RUK%o4hw`5$!4M8jzq?ruh|r@gb1s zjv9}ru+C<1opoAAhE#K*xz}*bA5H;WI*TE$rmM5PDs#Kz#qdZ}pHB`OjLUudP;QHQ z)W}+HfOxqib*eq0k#~If`PnNh$+{PYl-BUSv$aUhn~goK-+4mDmO-owP~S$=CHBeL z)@MdA^x7X3d3J_}MhBoVZ8Y~S@M107X6xh`FzDQU^)-qy0iW$AX@iZ^I-s*+V;%JI zc#^-{ut#+}pE|tmnI9JzCx687Drwv6)Ptwr47mzDz zZ3g3RFweES)L`C;j}>VnK2vq_^^B1zx|~IQouH3a+v2yy;K|~QZ&T!4#w%+u#>93u zeH89Gefjr>HNl~C4a*_F1%$Kj_=PGt+;mQUsRJtaXROyYTGzbzEcbSc=KOVu4md$j{Z+M-%0g_&RO9~_ z7AkRv<)9e^*1siy%Kozr0RPk-{a-0NClA~F_qDmRN1OipQ{UD9B`4H4^M8NCrumcr zjn$4g?)HMKet)T=;v^HO+q$HM#FHJP%Y8fcd-|PcFXi~nbT2{+7R-lzMTrLeuC)b8 zZ=b?{jloxU6%C1ABJrpWxs-;~zpL9o<>yTmnd$blf!bOy*yo9`Lg16zciVkwRzaKgWgp@WE!|ohWIkkN5aryJsPri)k8si^sQ_W%8h&7%Rd1jFjwzeo{j#(ndG+`pjLYZ7 zI$>kv*Y6+YoY$bKA>L!PI(=~9wEQ^Pnbq!R9o(DZ#N3@|m`RmMNKPpn-I}Rk%&Ew ziY;7V}eogo_t3GwP;eCpL0986SVMAO3k-?^VWeyx|d>u_5^yj)Cszr)9&bebC$eIXzDJVg8q8wWTmvF=t3%L6ObugOMeVCjEmiGC^ zbW;-_lN+7GvxZG8em>?C{KMr+7+)tmKl^DuCvdJ7>eX`Xx`zaMJ@xm@3zp#8QAr85 z%7TSu#@!gdiSng*;FOx*qr@;9;;{VO}zVSUH@wxw_mMI zFK0+M&^G#AIYB%8Skwp?r*r$lD7|@V^da6;@hPhnufTi+HuD+v=L)CgNdC`3Vf!9+ z?Nk75Rll6r$aR;&b(dUT%Ht)LFqo&AcDTi)mg@LrwT6;g8y+xJB8x8V z6o{|&plLVLDq%GZ53X-p#;*Mz-rhZ)>Hh!YFI^ojDs|;hgt}Btp@Tyat7Iyt#GF|| z4m0E!Yg;LFLK4bp4mr-uX>+!sQp7Mb=CCBknF%vCo8Q~#y83*-fBb%b{BFO)pS#`M z=KbFL@OnKT&->%?9EwL3E&>lG==vj8hsH^T-Qb)5bW%e8+Is4xk@)=bJ~H~f{jv1F zYH3JUala0K_cr@;54A4}DpMkM4PSRiuMnuuy>~1?=_ez}^s*tBKxF|jE`QX&+e|l%rS_KclcD=18HG7Bip)b<^zTwxYo4(kMiMN57 z`ig=!wl)~%?Yvjfb1kwKzyG4luOFauWt#=6xiu_WP=w7j3T@?#%ER~&Bu$bsa+g@3+8UjdwRF^* zpFJpe=jEQdGkQec$lEc}(-nQRtigiqjqETAiQt+;KT(ROxAdQQ@f4?41V2%E;vE^& z+gBJn>Ck=Ju@(pZD9PEA*IaD)m%K@+c%crim(99AlR>8!<{G{u=rd5lv6iKLcON;k z9Kb~1Gsaje6N;o( zW-QIO9?lBSgI$MZ(`}lRV0i&lh1Rf2eh$5N;O=639EW#1 zm|911G4k$-jlDs6x;uGo$*={bwXxF6{v_x5gWD%$>hBYX>`}+e$n+FbMS|da<$(?g@=f1Q+x4?Y&#0BSBu~= znhEu{u88-u>~F$$wMr-sg0dtU&M-4}v%88+21!&E)t#>Hfds#Cj@K=OFfX+8_>+ z5;mUVX#`Dk*0g+Dq4-r!Q>qR!PyXIOk@j}+h%qyrS$NUWbq>>O>*JN2ao@h1Cl|Ua zI18bhiwL~ZZDRfB*W~bqC9km;L>B8>D}R~44Vum}gvRh!n=AJ}2y4(Aoa3 z89)A6egF%)qxhudM(~}*9z!3o?x-+LWl3#Zl^?*KxV9$jp|uF24Kfzf(Tc)bQ~&#?BqUOOzD;{bQhc@DjUn<}ZdaihiH z{`6(#3*d;-FmjQLY`?`IzWT@$^8u>>I+{QLJ!cC@Z=F|R> zp_A1rq6VQXU;Q3o2>zV2*iXqDGgI{mGoDF}h!^G~GOnp5c;4Ijt+qR&4c!I>D`eN@ zgDTXW5JL`pq$6#HWPrHz-S5&%Pfhiwbc?BLQ_S-8l(2U>&A#Gj0~>QPmh5NAAO9@P zz{SQ&c{ixsw@iqu&(JL_M18y9%Qr?=$|J2_3}rYE@q$c7r5&9c8U0j(RTzD6vvrkixxiNp)1`S zN94O)k&)Hr$rrE#$(qjLH}h~zzMLFv{0?l{2hID|oe!-=!>W@=nYf`DOgN^WyW7O( zDPV&bL7)CW@Kiswn_LK>&vqlXr>q}RVs6QOR-Id)&3HU@5gndmFXLSdGGRubNkd&E zjZ(i^nheBGtJea#^!^tnUO&ER{Z>n={JSEC?1+M&ECCCLQF_YcrW5*&E@dmol#GOy zg*C3Asz*k|cDgoT_ zRatKrGiCjZmrWGoXB!p*eGfA+zcKf!Q#}gT%1~@ZKoy2t8#L`TW?=pSFLHtE4oC_O zn$q5d3^C~AuLV0bG-{e|jHPy7em^~>exx*x*xV@_nyGZssLH*sBYDLx?@Y@1o&7{9 z36yQOCX;dp(dJWg#_h*dc*&hSLhgvz74c3y+L9LLr|vc)PBq~)T+5r|FfQT!9L8Mx zdXPuf1CC3_xN6)x`rUVYP1{bii+P z#m=rwmZ}vVvGR18Fn1}cS9{zpc8Q=gaoAIS|k%J%!$dRH% zSOf`cAgT*Tyh(7czJjTEU;3{x$UV83x-FI zGy;h0>n7Yo8JP>xP<9Xa8aCkZRPNxTP$pL8W(*_{}9h3%Hi2FV)#C6bqWoMwndB`wxn{bRLXu9Xl{4rTUxP}XuW*ZL;XrB&vRrr9j4HQ>KGj z>EUO^w>jNONZ-+PU@LCGn_0OvxUgU(tLUjv_a7SlqW&iMyxci+SMl}jy^}BQzo?jr z?C7m7lG(p1h$_Z(CW}&R>8(E+RRZHSj+76|gnABc^Hb3w$4VacI|2U`Smi`wmj0K)JhD=9A3n;){Lr;uX>d z{7NQS37TP0Pc0|SDpj@CL@x!iX9@aYT{x5*+U89$QGTd^gMxToxurA{{8ge4qV}I{(nkEL*u*Xl&|*Hq?eK7?OiAHYWE%?97pxgyWM}FSf}32#sSL*v^W+Ws z&iU}_`5r)qu-b5V%lGqpHhE#?EEXH52l37d$EQKkZ_?%;4L;vREdw=URUF-6h-NrcFQo*ba#6;av%4x}7@shgtA)qHn zm?62tM13U~6(?vmSjEKl6{;;S1d4=rR=|uV?tg!)P}dDXdT@Ds=Us=&EM4*$srktI z#0G!giBjliSF`f+aRx8=%VM>8%&D$MX z@bJ;+(w+`m-USanH9SWg8Az*)00ujm$~lyCj9XFnbq-t^-4zDMOTX5NqKkM_?Q$Hg zj>t9t?DqRudPnI3rT~oUo+s#H(xdd{%B82!47^IUx)^9lFDE&QbR~aqx99` zv~t%vy-RHxj!MIq$zzt!p(mdSxMVtgc`}05fU97oXcQqWX_w!IRZAn=v!JBLFcfx0 zzw=ygsdJb{TUP*|pE+Oi&#z9~gcP!(_R4;(feCKv?%@E6*Aey|@Xn5FxZIr=^0oAoH`MEN4Ms}(-s zOZ`W*JLQX*>#O2z=E*Dg+;3M4BNuL*wy%=@>$c)N{AX^NgSksdkC*s`;9ib!$dB*BmcF>aEc{j9k({k5c>-&~q;0JF|8njuOZ5^y0 zQK+s4nKz8?+d>74hm{~tO1S(7wYajrKDph@lGZPPG;zW+gF&^`2(uosKgXVUiS3at zXnQfz;O7$BS?va7eP9&q>6}}hRqr8iIVbB;;xA}*Wsu6jxag`d@^VM%xP&>ue?rem zKOVq}zfYR`D5PKygv6D(p3&9aO$a>Kzqh_{#;_o`nyGJ^1T^y{L7ykE+uIc2_qKj@ zfhLCbceZ3-@Fe3wvX_+jnJ(^`bKzb?=a~OU4i~Zh*B@vU#NLhES7zlFxvK;ej^;NH zmj}CjXf={m83*-!>wlb)^g4fMAu;Rcl~r+*js=B~NeBB=Ey@MddS!3xbd@Lc^2K>? zWnXb;JIMi)j{xjntc0_BXB{>x>?l4J)-(F>I`{!8Qlzt?`NRR^gA z<=xUQ__QuN@iq9zWDbAgIIRQM(w_hc^wvD_vET}UY%_?D7KtdyFmZy_6d{+|a}cRf zp~)s&Ee=MSfk|n*XLV=YeV01T`;&=QF%f-IsMW%k*J;5@yzGJHUlCm2hN+k;p8=cZ z`Zn*!_^vz=5cDl$+t};RZ5HU8ApaK}BYsB4h48N|CA@+<$t$e2exQ?=>5_m#6UK4v zbyDsWl-fQnTWNgu)x7BxO`Ol-Iu8bgM#Xh?@{t&BP@-_ijJsnAJohIfB4?7u=Hs#XiaglvoiHuc65hkUifI&t)DB8(E)drp$aTT}F z#jChNDIR&J+CZiKMwSNeMqQmObwA@{4W|1f$|E>1;-puRnal0A#YZ{@`{JW>2dk6v z2Di;+@Cd}=8 zJ<@o&!Aa&rhW!@(J288sv=~?DCdg5qn;%GY;WlzfvLwLKj5y^x{Q3Ap?k z+b-Wom(qKuBWm&rR)VGpeH7y4jF2}%muI-wMnm&^R_V~zkh$#>l?dx|Q6$&0*vSO_ zn0eERQ#D1-D?yjk+%R3HrH4J&brq=)Lm4g-ar7cQTa!>n|FprDBs?vWb1y{- z!YaaEz}=^G8z=YDz(?Cq8`JC06ed$YdCVf_OeKwtvbbs}i=CGGGr%L`a>mKV7Z(AeOmCyfahuLTnv(#$uGsNyp zid+!%?*v)u2$C3~)*h~n_qEqJPX52f6 z$^!D-z0tC^T|oa6Dr`ms`VLJWoqw^6w#;uU4?PT$TgyiT7L8AD#c%9e9u+#2bwwU5 zarb#$W{7vczxtI?ANx|T864;1*jgbN9&h&BV`g=0A(pXzy{R-!if)MK)g_)1R1JIA zRJC>%YTCHi>|~v_O&#$WD0+E9Dp&AXoiy2wV}+n@Tfg#^vB*>+p>lT;^z6{fmeMEC zD=SbM2)~3+G${%8Lq~wvmL1<~Dpt@HA9=%zy$+RJBgVl?X~X5$xHUe_2uy96Aj95=xHTA5*q z4ur9hgy!()GY0Bx1mVKx3{zo3jj-NEkj8|u+di4qhiQ0;9QfNN~H68H%lDOhR4(c} z6mP60LN4<(AMxe>F{03?U=xGfm?42X%5-?M!;BCXV6DKxsi@-)yY8ukzh)&75`}x( zD4eDDcCYZGYw0scE~x>HuH({1D$*hrM$vCB)J`j$2q+j5s5VVDN45nNAZJrK7_55p z1tx7oNV>q(4Pu|3HS!Hdf~SUgwVCOK!e8tYn(r>9FfeoBPv}sjDaW^eCpW-xlD9af zmA%LokEl$fht~-PIOE(@rIiftB7A&t{WM?5mZ7qW(d*jM>qAr2@alk#@cvW;x;1ks z6TOO<|9F4O(n6;?RWSdhWz4iJZW*z%bfZ9mq3V%p3`i*Mm845v=f=QGolE!#1z|#DU05B%pavMv3!kV=&0G&E zhGPBe=Uap7m}3tahwL=uoVdy5&W4D@7Ph#arsf8I+gBz?7*Gcjiw(&N(SVSwrG+L& zh}jG{fY?MbZmtQ*pvd>gNi?6kVQ1vhhn9Cz%jh;e%R}0_DmBeRkP&Zzua7^dJuO_1k&rG}S zQ?mn>TQZ7~Dqx@d&sOKb(>K48<3Ou_Z!P%K;Fg-q+k)6sM@^eN1HUV;Ej_T^YIgtI#VOP+oB6A-&kFpz6a z*R36A$5=79v|g-4EH9IXTYoj`P%0!MKX)bcL<}a!IC#!_jiq;?=iWqs>|~wL<&~O% z_I_=!o{u~pHV02&Fy%F{0iQ(9z{Cg*@*iWTtV4%?&F<_8JpoyPCyb;IakVDu;&LH} zw9d>v^g_M1+0VqbxG(dsV5|d6mc}iuVBAmJK0LW( zoiEeyNf=XBo8 zBPhMPbV26DQ%>E$`6`6D-$t0rW5IDY>DuDF*O_E;z$)Wd1w%hm*>05MzRuugX6gOI z=s(zU@an6WE%rw<<##zAd4v0U4>x02N!VT$`%uUW?~GTA94Jb>AJOJu5l z17c5g<#Qflg#N%0al;xZGF=KWojPG@s6`^W@?Ln1HZXjQKxhcmjp}FgUzW0#(bIQH|ovncfME6Mw|>=dYn+Gl5@v7_H)2$7HessjDK}GPmz4#P0ZhswTWFWNSj* zfBLgFck+B9v_F-S6r!)D73gNX>Tj<~=~r*0RsCd?S)6b>1}yPlzCLP_y5iFM&?X;#yR_-HwO(6>-1SFaC9h3r z7rP^y91tJrmz(*E2oCJV6t<|WK1NG~hS6~4_Yv?**fTTdez2ABF0DfAl6gVXjJBM3 z$kO~)W3EgOr$Fzq;&XT8CpLv?`z?f)id>1bH2pnXZu;;hu^XN3L@B>|6ceQZGOHk% zK?BF;s4*-aWnb_TZ~Od`ELSkVGC4X1pneVIW=!$evDEmUaDJ-u0Kz-)3p_8|_!2X> zFmh8Ppe{sg2hs1WE_%zfG$v&nk}p>9ico)9-FRMH{<^g-BUxS7#@-C z%dKIXW-%j3eQ96&X^_IoiE8Ps>xTL8K2Yhm1D;z;+TVpiNc&)Rgm}i3jXZ8j&C}?X zKG?5mF&FW`^+=P5(8O>ntRI?wyTKRNubov zbAZjbinHyP@dQUnv5l53j$0|h!W8PZ)0p_P_G%=-+vK(9JQ5Oh!}DlXoO~mEvQy)v z-kiux=_qPi`(QQY7SBL>FCy<=`maYJBz0<-6DeGEkDEfsRw7uYCAu6m74!GO9TBH$Tl<%&d)m#mzygYt%&(3wG+DYYkg(IcFc_ z_~UQ?$17DJUu8U@?R`|N%gcj1-iz{Vc96dP;O6Xct;?USOXv}DASv-nS8y2RY#aTl zxIo>CX8(!4k$~aAr7L{0&BuJc&|7iH6myX7OD9s zIfs|huEEOyH)_uE)un}>>GrJKV@=Q<4LhejUzEca%XHy*eg=_Z&|Y?a2xEn$_xz?w zw^%dG|2);Hth|nrx%{d5@}PIqA&rX%qP6ITyP zLh9wq+na+<8W7v7!?MxCQ<4u^R_mTQ`@sI~Z5XcvuPQ;KtpE=&3crMOB6o6x0i`aBU3GH? zL8xKE&5)+2=uY*3%K6_gWp=}95g;}z?`Jj2^V=m|xw~~f*Caz;15KVw@!+SvJlpL) zqHkQk{CV%nQ8)Rxb;`7!Iin=|=F$A94EMst!pBq|26e02|C5WqptEs2)pM)m=&r8K zc27B_-LYE7ujgvl!J1|tnZPNk=X4NmcMaLB%NfWbeJk3rUJREEQMtEd^y?wslbI`T zAgG#drta*6@+M!12QP`ttL2fdpGc?QciVvb+Y~h~ijb1FE1sn)sV_sE>uv-CSFxUXcd{x@d!OxpGE%!M)Rds$nAo+wfjgqa-qtHld*`* zGV!?Ew7zkn#3(j()L}rwHpUOWc%B0@X5}@zgs^w9t^VC3Jdg#Fg-@6>GUTPbKOQbU z^#eZ}(v;Q=$vaAdp5j#1or%OP)aJhL6$~Z`if5dkuRe^6%4xh&B`TJqF^8z`n<_0e zN~P<@&F9j;bl&l-#r3=9p0eJW4BE3?a(vKqtMGiLu9B=(WF%QZVt!~=J9$9sv#$bE zZFU=gc^05$8NyE29lIVeOQxEwZTzEGL}j$~AQW-6>BC}SRXkm_LPAd?UHQkD&PvY( zBDl;lr}%Kh%7+#>|BkLE#`Q&cs$z>uBh|~jYWL&5c;WPz-?QbM6GI-J%*^wgvfps+ z`=6U*9D0^pO~k+hVK=2-eCv`Mu>&8}aV#(Hd1?GG9#nZgV{h2s?Jph^Px-rgJR5zg zun}y>zGH2I;j|Eq9vNwzT;6s%?%CeL9wMQIY`m_x+=m%1r(u zG2!_w=)>JS)v0EROuwpYL`{Rdnc74jy_RNOWoQ>xAX2fvA#F$V^rr*AcWCrYFDDu7 z;ai>CuSV7CYqLQ9C73IX+MiGCni-dvW5YqvR4nD~qr46HaE zd-T=)o;#$+e7Q|&Qys8UPSVANe!B(7QJ%*CK}`H62BVzPwZ^2>fHs!I_>oDfj=1OG z-Pq3R6dd?PiQiaczD{l=aG0 z_R(%61p&JyU13VauUs!I7z^eaMz`L$6EJvJ)axxl4#9gwz%Zy0WG zGp41xv;rSq{k|Ih&H(J>o92J++MQ!N6QF?`T?KBLiF4PDzQ0jYsBbXrr4_P$Bq~6V z3hQt0OzY)cxR0D+skuuvtcp)%8+>N8!Udt*80QYHoPJ6tDnhj^_4krJy?b-dE_y}_ z7d&T5(U(ov|}j!NqmN+wXBuCJn*FlA&W|^rQGJ2S!HX901M=g=7(k&|-xI|U7XbkZj1JxQQewOB z1of`uD+L3=U89Kh?$Z)C1MW@F-wo}VHb(y}v7EXBpG+v)TfEnI$i?TpJLma!7hLy~ zZv<`vp`yKc(;^OWfZn*b23So70QaiAX>bihzrP>zOm1(s>Qx-*mbCfyCj%6WYj(v?+$~L38-xyd2SGPX4%_uILY3rdIwc z;8r^JdsUm)`d1kk{=UOkak@EqhmOqlIebT&c^v{!hO~Iy;C>%1kGK1uY$E`g%8M9H zXs1CuP9dFpNH7dmOHsiCCc?W|Wv5hI8yw?Gd{4Z<$>}v~=V#uHWSxwwLysvssbf%C z-0P}29pT+Hf;*PwQqag64Jb3OQyK! zyV^_r8BHS}m)49s@%weP<$Z|u|A_!{@PCgJ{{PAx0=ApZ1O`p$BJRwP0}$(@9z*Wj z6Uyvlb+uOnHQrxZK&QIbV@Xl$)zceJ*iL=;TGZhDIY=4iOo;jH?`3(5nMPKZJN;%L z0pN-}IIrsVj8Wf?seJ_~cn>yn>eZNOUJqQF(|LVk> z<%uguNBF1@vI;>D%P>YZ%}hI! z-w)yYD*#>M7|BaS4Dael#A1|y^5FV5hT1&8D$?IvYK41(X}jF8Z@!K;Y8ju&JGRv^ zXMZU$@6LQL=Agw5Gg=1NP_6I6>gQ;W>0ZrYuA~Rv>8{-w%{^%W)m!X8)VH`cfS%F; zuho2*W|`mpUoPAw<~5|VCM6K_?-4wh2h77hCW^Zyvkz}-Ai()j_N~%u$h)!Ov+`2XJbll&ztBB>kwoUaXo?lmHg1)j4_j9@!Q^(_LU3TOu zjdWxU1pi%^wNl8v+8J~4zdoUnN7{hR#M{M23?1IcyQH-)8K>o3wPdaeyVtASNq~Cu9JX6H0nU)P zYA5|}c0qn85Gp*%Iy<8L>ABCnVL!MV=20Afpf_on{zHJ)a8wVn70&_5_g z1U9{*IQ4o1^;CwdDnrc20Pg6Cqn7dvxU>AasjG^la6Ad0gA#4q^a_Uir&GxcR~SBK z%6JOV24mA684}X_t2bjj95?vu<{&diNf^`$@tE=lf05UFzz6dr8iC6|Ub0rChAl?A4HaDbu@TL1Lf}niilZ{K1*6Tay>*jv)v3t+QmI&qaQQXAkq9{@a5%MS zrI;*vM5VOf+cR2~2LuqaS_=yI&UlH2ODNCWQv@oZgm7x|r4JUa2W#9W?$b0-tLf3s zXPvK3)8N3%rJfXfDLXn#bTkB*(z=4fKnOsnfd8I5(%BIJ60PEGEs*ra8ibbSz7%e< z-lrP_x_tQ+ABL1($>CT^5Z)YJfMFgykYCOM9Fb}B{MJbR zEJ9CVR?|1u{yiR3d>EzBd3g@;3Q+6Lm1z=!=8dFbe0}SnkHxO28;5Lc<80Jr;0h_$ zc`*+eVy65?2I+I^KJvSbNdHuZ*$R^wTERbP(t`XncfOf>!mHS zy=)4r=i6YfKt+WdhDpnrz{jBazJ;fb)TCbQi$|>uo2t#|1hDVdjvfC?pGe$qUaa}Q zwUzsuS75U9Q2IRKSw(l?omOxCxL4K#`(qF?$BW4_les6VEGX8eoR7fe%t{K=~;%5Ku{dw7l`^`DSx!tE^w?;12J^&9D`%8U)(sD_x zWL;3?FKR%*H<@%%x%u6uIj>i80y{OUqW&frOZsk$>s>antGHS75&R7?(qq|Cy;M#O zFKp%@3VVYL=HeB^9!S26<=BkaoY)@i22~B7mn@Zv%cV7AUxe7|&)yRa+1%SiujxUJ zt;P9A2{>^-MQ82&>Xy;gM@D;)T463eP6U&NqPaou!OtsJ4S;B-H-Fgi4W3s-dOURl zY3C_TAgz#!*fqlhDYY7fXZ*Gbn2F#EAx_`FzquYP@pJb0z9!}GlscQY1Sl>R@C@QC zy;yu>C*HY#@BdrAK%GK6AR;~FmN!R;Sq2lLa zuf3Wm79HuO(~Qo!p%vgu%PXw1B0F}Rdw0vRt%|I?yB)lk^*rXj)B=y+yKCsIk>Z{) zJo{D`cj+WPx;KKdDzEn|F}ZX zmrO?Ukk^UK++YQLVl&=qR_2<#yW$rkp6ftrdlnyJI)9a}p02lQGM~Ym5RE$rIX7bG z^t@m923uijb_{PB+P`K`@R&PXk}&CF$9l&+;-{Z%ytS#zy3|EbJZZ$s0<&gK$7&J3 zjy1)e46&x`65|*e5nG$6=+^cM*e79DILKO-eUF2zVNZ-2{H`XtGXVk6N5aPE59plQ zZX=~fA}M$BjtB^_1ZqK6e|=TOjSl56Rr}wa=Dig;9(Tg;!f0XLM30WDrPeLSphB@z z0<_bb`^hIZThvsa&lU%&SyFo*GHr(?_w;^q2#9o4ON!s0UgDJVhW`0vX)@pAl0c&T zQ_FCpN*ug>d?+f^Q~#RVa7(pNM$UKY?}F(@duU}ny^hR8kJYjNi0h^*TW|lRhtWCH z@3ql|P3Op}6~>9!O*4Edtm^tLpMzzX(fj!smaLqfz7@jcTFvay2;wMrpveQm;%NZ% zYV7>PYkcRgc3td(Ffkdg;~Dx>{&y2+_nG2g2rdme3_|ItquiJ~^USfS@Ls z{(M3rqma9PX$eRR5~SOv_NGUDBIfIFKRj z2I=VuQFNF{^p{T8-tq+oUE<$IrMqeK7SO^i_Ry8-wtYq)j)&K3n|0j0Wq;z$pBymw zk*^je3L5=hw2H=>3x{E2tnssFW7A7bBXxFFRTI4u0o}!4&m+27XHO}ZJ{h+zM$_55 zC;ZfI$d`97JD{oOK8r6eho^&SU7XqD!NJV`n9p~I44sGE)At^+<;ZgOaG>bN)dkn( zz1@6A8~1n6mWKHf*Go=1V(m3GS7DNBFL%?hd-g!5-W&FH85RcPVONligQ0)TW?p;p zdy@)`L3!cRD!!{@$NO#DVLdU{z~tiV)<<2wfOUOIX+LapvRa(deoz4mhAC zT`PIcyEf;!RYi1JD@{++zPhK|E4E4ngU#Z9y>+P&lv!UUO?6;s9!R5i?DuU;`ubD$ zkQ|Jb1aB-OkRIYYm*aywN9>+;)eT%7`^<_IO_(SU4X@fML3;E1wtOQ5Dh^7F$Ypa$ zTw)E-r-b^-#+BN9`OAe?MbZstxry14cTeFbuv@^2QB_v=0a+Ndnq)ar)NIkM)h!yN zm0TWw2%DblpqSrLuHyB)e+N!aPut0hShGm)LJ5{7v6#4w{;Sh7Ed{3xBlQeL42fZ- z4g;wqSA5r7*P8&KJ6lI`^)q1Q)~}VuS7_(vVJ!Jya-)!%vsmJe%IId?i(ZY~rFn*X zd-d~?^z~G=d=ViK1;dLXL1;4i+1@eGOq2};i@0A~5r*+#^dc;jY&2F>*gwjU&ZO({zj-fi zN+sKJ7Wh)7nhAe6^Gc(ZRrku1!QN8@{73plPg-h}Vfv`vyHhtXJy)k2!~6)yC7V5! zM#5eFH*6E$)(!ci*GH$hgv=;2w7?HW0>nSLXMn-yq+nqPyoB{P)^uBa#`B)`qniLa zPHB_2WH?o)yF-aJAFLYN)j&ekxHL3SnCkc!X**ouQvqJIp|Svm^az+w7Y;P_?EmJk z6_zx(@AvsrI`D#i8fG>8&r@-YoDbxrhlt7Am)+aF&Ng2~2_~VYsPPo2sZ>EuLi2{w z#v+%3L8?TokcFm;tqL18clq6368BHeZm3I3sMrWXex~}P0pjZA1x^B*7Twv_*nJ)L z#_%2+WQIabq|R4~LWC@k)0+!CPK1Usk>e*>=?!w&6>i!(MT%gjCS`8?;0|*IN5B|r zSeu0|R57Cen^O|#{`c_V(?D&1H-vS|{LfNkiJvOXYsL!|!D74IE2!V-0lBObN{t zfv6Qy&EchiHc%A8UZJzAjZr6jC!n9V+XeT83^{G=8ggRPz^LL@>74x>L?*TpX^~YH zO{h<)-k3WWOkryVa?ZVsp^xc=9d0lgyc;5{1|c^RHd+Ul)7IG>_;MY&m)IRatK&z| zbx?>|8DUU>9K|?HG;OQ>fAp zsM2vFdqMb6f5G=+)nrpXb$XzYr&8pywC+^q&tL>?)MBEU-6iT-155F;GuR^?ns~6Q z>TWL6Du$Ry@Yf31s6F#DuFO#D+|MqUl^_HK1PxNCWX%9qfnz?hxJmux>rKnBjVFtL zJyK(RDM!HM>tP}kuR^3b`e^-3X##Y>1dcJDLa`Gk^XUA^<=TsmTSMM*h>{^{-Lx<3 z_7S&fxh+f}&BUBZJm=UI$nqlObk)%>xBW`UUm4&vac4Kem?4E5d%19yOX!sbmUWvr zem~#A6>a;SX^HpeDp3W~#lJK!+B4$i+S(P;KRYl@v2h`+kM!Wq=K)~666dH(Uf9XF za@w!oGysM60`Ir}K^l0DeLkj}r_@)y=f7=F^9e{(rX>)3b8J>Rq|Y|6bmU2mtu`{bB(!Mu45|e?M&r*)DSHe?I*` zN)Gv-ulavbjS7tP8hzDR>1kXECf(rdzbAAG zU~t}mbuMUu9GXJ>=gC0vfBip7j!OVp{p}%Fz2ywKk8L&*=dL6ATVPt zs{kW=0j&Z=IDORo0mxdfLe+RK8#-Pw_+!8mq4w{W`-f~&Hb5DDT?){u;Kue^yHth|OnC5U{wey>Z7{Q_CiSEWZ%Rf#&X* z1v|H@m3(Pgoq2@rp}NSd~;g7oG@;fD0%gL2h?u;j?=S8(w>ys~X1TrHZ<+=U-V}MXUQ27bn8#?wrO@xV z@oqS4MNbTlCBBnHIgs~4uW>mMLml*QEzPbqq^Es~2@DGWl^m+Z#tVNbRcdZr&>pg+ z2J7w5oEFE)LrY%lE2Zm}Vs!K^u(T@T*Y-2NVA;ut8~VIrd=f2`%DbkUH=^LgWLZxtba!W=_QodPSRCC54$}~ z=A3fOdm?{tvKDa!=L3fh2B8;m2JB;)eDTy815^O7={$$bJS%fo0x?~>^QWwQy?(?Q zLFG<uOF{Xv?uO zeo`$%G+KB*j|VpcT3B|PZ<$?qXxp|nkQrdUy(D1hG4$8~4*(E1IecptfjPvjTjck- zLJE%3cxje}6Mr&uX08)Z`IZ9ZlMQlb`!RiXJ19DxY6-K&GcE#V_5nCmlz=Ztwmq~y z&RqB67(i>`bHk54bt}TCgvBd#CGsC13Jj%P$&aQ$q42{*68*B^mwluL)q?)HjIv;O zpbB`=`+NM{MqV!xHVp_a4PpHO;N>Mi^RSATN`B7=raGPwQrpXaeFBnO^2tRRonV&yCk=oTP=jypbs$s$w z!GsG9b=THh=u!ss{fvwXu@d@$56dJEm_pwRxGndajq zrJ~;0$_J)=y?g6XFw1BM-Y5`enAk5cw*w`cd)g@{N=peSyu%w*tHyYtDWA*=1WDc4b8}B6A99abLW`zY=s)eNsmU@uy&zDi}!^1hiaY)LwB$3ViFCS#Gj&F)Yc(RMRK8-^04YN zd^c~02pXr1eG*smP{dTul$F0E*-%#1jPRnL0Ktl?+GVlOQKV_e;p7ixFnAT~|7h<$ zqncXVc2TS-sEA4t1XOg1R0~C^N{PAz1?j!l5RejD2v`o71xHej)q4*lSZ>4&K-`s#Dh)H2T7@ahWVm0Pt(IFb;V8E)ssGr)L@o;*B zqK_QrMK6YJS^5J^o_55P_x9(80vv$pjX^IFMcS7m-!oh9Bo%EZvI~v^LB#EeT_KZk zha-NW1Ye3}N5~&^pKGn)cO2jyuDk}ip1spn%W#F2$Ggs_5CZgjxpfue%QiogR1Vx& zrL@mqcwn)bD;N!QQw3+W+N{wDWuF}fH|a}y2ebx7#ETOBOjA0~dfTP1QmQQ;0RMJKi`x1pgd;{cK2dMT2+7#IJ@i3vsyA*yCV342o?i zWI)D%A5TezDD5m#pfPWkgYl3afKaTCrgZ}9qXhkjnJ`+LI6Nd}Fb9$@BoEGLMSmS8 z4_8od1M@0kU79Nt@Vpq2tUoM+m13Tc!B0T55n;_44z|)=DW3S_bW4;C&EuYzuN>2x zXsgs_#p6qc_A`!0>!8x|;d#+QD^Jk^nHP1TrqNXZ08ViB_o2~(m@C-*%47M$8pk{S zFo(}wTHmuSj^-ke*Zzwr)3VU+I0-V6*z7|nFSbv;O)-jig@&K6yU-1uXxHDR$$wEf z@JpKp5=1WsYD9?$GxJd)!|ySnFq}!eyDu8?SAtOjgr5JvWXChFr*>)H^p;hVbnxio z_5KK_!e1)l7e&gEd(Lkmr-G_fb<5KPQ&54YrarIU{PFD3aZKyOtl~O*r_|VKN^loF zJoH>SYR(Q?f;#r*d{h6&z9y508O>I$sRcs^&;RP;@2(PTMyeSeL|w4nVR>1dH)EC} z5RLd$4E8*^xcFp6iV8ZEz4{U3I+rh`k%M_SiVSIDM+G~^4Y*D>4K-lcjl&lilBs*x zn|JTM_Yisa-tpOj8D-ZwzZd6gudu`B936rUu1gv&UyxwIqiNW`Nfm@5p?SOyTSJ5w-Duq z?t;f@AzBA&E6yqfi)DhsJzTBtPNl10Edm7TrVn);>|+(lpYFpf_KGivp(#G6UP@iF z<@tVBf@UgZ{E@8Y8F}rs$bA8Ow!yua-t1xhQ}$!=OCEzDzR}EV279o;+sdk=;I+M# zbII^&)twjIru-b@9;L=`t=E{(uL)*v4%IY;{}5&(Cc5!n`vmVs41E1r8Dy-?XU5gC z$Z3j_1&}3|6rTylm<^|I?u>b4n5N^uJI_9k2{Wb>nm7-#G^4K;>nfE^OQzj`Fz_dw z1{&jN0;N%Wkz6)qa3*}9g^FqHYxGPaN;mfaKzMMc9IHxK^~c7PU&tei$88=Ex4CAj zuiHYusScRNFY;LDNqP@j9MOb4K;m82y{9q6{pj#*kx|NSY%UBL+z0(V)xUx|0rC@N zcu+*(4Ihcf$@X_;C8m8oXL3PpQFtf7((cPP69EPSuSStt6l6vfCVunT@E*fG&L-Bv z$Lxk!Ud04!>$u@7eBF;Kw((vScC86I2WtwR2yJHdX1>sxCNHB6${ey6^&vjKObPMh zV&V%~h1PGp`q3+3ZKQjL zLtP>40sE-~kBM<{GnS0ocS#*>XyZvH4J&}(y}_-UR8!(Xl27f%z)gsai zAkcOFT2536))*+A5^dB`$$UQ4i|qB(0DZcX2EC6;meR8K^PyKAI! zf{5a=o`NK80EQE{H_lGxYk6p~N&mz#EQu6u3eB8Q-Rro(b%cVQWDl6u0~JC-Ogv?} zx>r)e<5Hnt_I%r6L+MQ-L78u8=bh+-mi%cd=8Q_!@j{@#dZ9FhDy;0|=H`2>m`x;Q z%_MON!S`0)wj1BGi~XQNAfhv#kCM_yD*`v_*zVG-?(tf61D3*O16D*+StXj{ss`J? zV-4P9zS8)vh)z`EwaKd7UYpZ@z1u$>VPk13z-Hc$CbRRqO7cVBJ^XyGpU^8SYT_de zu#EnEZ^QFe(98YCnMOebL=;oP`xPK`J(>5}O9^)0K{>F-r|!yglCATdwEiK=GS+fr z7aP|#bS!s#ctG@YqpCwnD%!E|{MRq(?0#&gaHB~pCF8~Ws+6LhLMW!M*m}GI>6rYh zK6};_h=ng-4N{2?emC4(z(MOumrqX2nukgmPd5T?1ejLs5SUvg;kr6dn#K-3uF9<^ zU5;`g>{k;C#Ky9o1pFAd`Mso5N$jc(G{Y4fC+l96++;}0=Lz#gEPh~H-zU$nK+MDJ zX{^V+cLhryliom7#UH@2lz4ciQL9wA8ab2rdOdbdO9vK@)& z0$v7RxN^x|z*1B5{^RN5AsuZNB(6kdJqvm3JrgE2Apo=Gi%t-#Dg1 z0I=5(j}+M}WB6;=9;4C{9=D|o*z-%lWkZiQ0Qh)7Yun0jM8m}>t-02E(y5-(@qy%2 zxfkb6(}ybeg7XxZhaIn*`to_hK@a0UrCQ=c?!=uCHzE0M;U@1@TQSP)n^fW?^8468>fR z5Hy?Id<48puCd@DiH)yhQ{bh(+`mrKN`L6}$mW4E?Mt<3rVZLI%Z<_@QlE8yTK8i~ z376@qD9q^Ce&HKQK6CrCf|VrSmz&UUvtngwHQO_8^eK<%K+;Ybt!V^&O@IPO z4`^Aj^r%3=w*J?}m1_P zSAdD>c`>sqGR9qXmXuTt=01<*IvTR*arP_WL{}PXENDk-il=0m&H*VZ;hv=jvY^>~ z6~bK7*?eldt9tmR0^H$Yn1j6orRuG=kNP`f{ZlEkFGKBs3?Y)kJj%6)a6aMdb-a1S zq23VR&U@4n2WP4e#1!RDPbPKeHFyt(JBY8fc0Qb>$S?s0l{?t{*5*y?G$Z;O*I2kQ zRmN=K>T>ri$qg!fk*ciB0lWii__}LrP^9?{uIq%7LN^KrS26{dP+8llZ2_HWC-++Vz#eeIm$Ljis6Q{`rJB-I}%4Z+N zyw-WE{!YCJ5}N-bk+_AdJVSqzk|1{08&dXfvn<+<&!$Z^0K&m7(rjeka15oT2e|)0 zjwP|HR|Y**N(MH|*w5K|SMFWR>|MnLaGlDy!$*sr^iDMZq^96*P$FS`S&vn?Q)*AS zd+~??5ab#$d#DyVLUEL71zA@!UAW5xXnmLiBAh|6@odYtl-7eUvy*=(oS$(W@ zE&q~qjW7LuTwpXE8j0Jx|@V5yGa~>j2a)P5F~-vMsTS z1F!e`L@DWfb@TOb{w&l6tMF-&`o^BK4E?5k?A~}H9dF-xi0akgNS?pqP`?Z_8t@MN zHsZCryls^?XU*gbA19mIwXwZ58CvdcxpqmLXRmP%C}Cw(djJ7oBrYlYj4F8k3S2ub z^n3pDq_zVjwGa09^B)78r>eFhq7Du zIc>iL{@cn-|DOks{DYX|;d$`?3t9L7vd{lu%Kbk#{Xc<@{6B;F|BCS@t zl=A;I>3>bi!}I@Ahv5H`NdpigT-f6q<#xSl3*2rpF3)0!IOwF$!MTxtAUQk_76F7* z@m3+T%qH;0JRuGM_j|^bpV?~bzc5y!e3DK-A4-wb;4aj7cLIbWnVM^Tqw@^U*c)F0 z9dENe2!=dPB|w)9AFI(9kU0os$!#0wmCwI7hWXtJ0bs^6Q$X9U^%gt4-O0p@RH??= z;0tVk9>36lrwM59=8uM=kwZ&&*i*#aJOyt7-1JsObeKotkI@Mg;NOd)3WDp3y`Y zTwI=r`CdST0AH%y{pXH`2D@A8{1!=}#C>Fd5rsy2Ohf|JC-*b=uT6AxDgQIQ7eM!q zAU$KzXL#=8rhnvFVn-NJQ{VTrWaKzp{^LZnn1z_`G`uLbry*dx(GOyP;3Fw#PCH}> z+krsVtUprpJWg)`o489vofChEiRc>n(+L2GYXkv+z4HLGHqhInayIxld!%VNxGj7@ zngtY*t%m@e4h_vq5emmQf|ajoXg*J!@R!SY*+5bLjPkvF+)NP#E$*-Ni36Gl(iJVs z?f}oP4sQ4o2B6WU!4p2+0>DOD`rV=qalmkf|_LZf@fm)pJI%iJmw zdipjn3kfKp1{J!FZ2G6EbR+jK1TGW3G<$y=HZP;;Q5^;S3nyHIY*ID8UmRjlKiHh` z<(k)4dzq5;5KFwaONU`S+KV|+R;-W{^<6S_Y!KuuKFosqghGxsiyi?&_(@@Ao{GkJ z;$ByPG#*l>@H8nJ=sK+nD&&|irGxx#>1^H|8FwXLD`nP#d*`*b#5^z$_v53#B5HJ+ zZAPTH++nD38asXdRs*uL_eQn0utOYb*|Jed6hezuYEoPu*9o68{n59$2T=ORV}4O@ zm-TnRtuy11LqTmZ6zV`wb&>E8#~n70S#E~QMvcE5!gY0^FK(~N0V$w_FK;W3wXS;? z_Z?mv-K8}`ZvXXbN4;c6BjMe{Co52|`!ZVv=GVlaQdm(luy1_l%m9^Z2TnZQku!+p zyAr3!ZG$vc;K_UTR0@7V`3`tTX&flXeP0Qb^a0WibES0MEURlL*%WN&JXD8_u zRsrHEVlv}18}c-lVa3Oouln?N_YJ|?;N2z1Z*~7nx4)jRUFrnzdP}p*)#pao{a)pQT=S0yl_U>unjrfokc(n zU;BX#dNYaon^q2N1#bw-{7~QMTbJ_2_D*2(9t>ej=}jE?hZtMM1KHVo%@~GZ!TFfn zq&!tK3B|pf8p1zJOYzxt>kAno`mtP@@`FUBHlCqq?^6tR{{m5fD7mr1J1|)^!Zxht z2_rt&@abF)wp+C|i-xO|;wzt#hXLCClJuy8ulJn2s|DZsD0!dNUuMWTXPYHM<>mvC z{rqwbiY_cqB-4^M;LQ2Xv}_b9J~15k=`Ad4KSA&E2K0rcQrZ+fTVQHqYykz->lXnH zl{(lv-SADZ!HwnWrVHxjgdw;sy;5yEE!qd!+D}lZI0fX-s1GqOXCB{240Xe9`sZ5v z>Ss0=elfe;2dA*#q;G@&aKl~~$n?$-#*bYlS{O$O7@z@&&>*~} zb+U^+&itb4LGMxQpS{lMers$#@rGFZHy5=jLUgpV6&Mksmp_kbOSg0UvfO9z5Hk<8 zhDF(2Jp&N&K3C&2AFqy}ZDdJ!D%U#rY~~f}gg945`*BzLka>*aMd1(xS# zLzlP#oqXHfL_vVUA+rUh7+oe(^Vdn9)o}H1~%W)KtVS4pw z`S2)+Duj?9@T@woH9664buHk$+Sh^9dOok^mZ-;SXMM1n@`;p%Sx)~m!#3C2DkF0- zT)s(pxFc5Ee^Qk)oD9SLQjs^64;uj_FV2(_R)3MFl3#((=@<*>9Y8jh-@kJVT{IVd zY)JNIuZE6!k+08y)vK3?ea+w5q%9JI=+2#Y0PLuowd8)c9Dvk=DL7a8^^05UPse(^ z2<9P(4BqV`nz|N(!V}VLr?iw(iJ0OGrW_mXhbM2HGIOBD0|otO?(0iZca#)W)k!NR z!4UQiR1(DW>{LtvHXE^ikgBIs9aRzXMyCs?#VL#!?s2fK$=d)yyJ+PfbRA=!8dxax zfO={#Wy4kP)vg`uVAs!U_-ODax|WSDAGtm^BAks3siGB7jtyHV_4Dry51xnme+1{v ziS^FDOX<|cHAx%n;C?-3_2M^gGtV^+AkOo*iBtZAZ$O7{Lp0v_@ciGRssH$X&u<$# z9S7!on_7z8D?cP+Q? zw3>OiaFGyELEJry8+lrKf2NT&uAao3flxNbDI8e3L21MmVR8{G^4);3K8q|+r4QUi zNqIe;))e;{co0`DX;`z7>p`xHLUV_f=PvU7rSi6(qIJci1^4cG%z}GC(u$+9OhjcK z1wMv)q4~-P=MXGuK zIenA4C8tFt=*)riDEmr0CLTO$(&Vd@cl(&>Ffb$|10NF*ookK2YWvk+t4)KHd{J&u zb-AKRjgHGEIk*~nHlq{6ik;KWBp|l?f6;{DJ(0D(|3~gN+_5nRF?=h zzZ@kATt)fEej1socJ*LNtqy0s8!apM>hOCVRS-d0tHL1lde8@1uO}**G4K$4Uqo-E z^{H*E1S^qvK0sfH=+EweSD*hIfyhX-w#qzYN(&#J#-HZ%Joeek$T@STMQfqttXxfh zksIQspX#VLATySKf8FhUv4)C7F-oxH+DxMo(x*XyKWA_BJ+1HFap9P2d7qZQ00LMc z(ZYx#xueI@(rW)IuD9ZZ*P(rUYRgZZ3x+ti@6Ec{2+%D~z$ zvVOK9x7O3$OStO8u{|yHjE(S1LuTL1b?@`nFM={&;yx@_T}u<3M9G$9O1W9oC&6&V zy(lF!Er#$Bi)>xXT>F(vw_G`Lzsz{buKD>_AdIMz4hi%ke7UdqKLfWo)Psgj`cMmO znLXOf%M#!#0bqPVgSO7H>t8r!*`*0W^Oo7oBHlf}ww!*nE63hV$r|9&+a~Y2pmmsM zvY}XA3`km5dOz&mcf)RG2N!^yebl-}7RydxM`Xq}Z28{DYOL#P&_zFfEsTty%E-D_%go(I7ko78#&5n4Pkrq*UYWp4sK}WAX7< zX@d5vNH9TTvS6>G*e$9zHp(xpIHrn5p?<;o4cC*@k`7pd^$-m*gzB10^9QO4AzWd6jhaP1W4mh<8*%VYY^+2ph zl;QaAvQvGesQH&Xb)O@ePjP%pPgzz&Z=HKFE?^5k-dfOswn5(48oyK{T-9cWf&0z| zH}aN=i)PxuMxQp0AS?S{(Tk!>l_ShpiW21c9l{o1_LK!Bb=RTu)?K}-d8~?d}i!eg`iAq8`c)* z=66Zxz{VMVaTTEeIr%wLc!Z}#=4u;O0p<(aaZ2eV#+b;id34*}(SSB{r)J}5K!vbX zIhtAgwxU6v=E&FDoh1O4uEg$}88i2A6u0ONjn0{CIkH=UNCO9rjGqJF+MSmkRpzhc zcptVM55H+V%##N`?{yW>664a6eIZjDv}gg+LBA>07pIiUuGonmU;nNbnl9-~_7lEF zcfi+p7kw)r8R=;wn&mU@gsPh$D^+C%l7)`Q%6AXH!2k|)xJ$dR|QCi+j$cVrAze-5y{z zQQ#%fFSVpH!H|-^OR6O{pXTJi_}BFVmQ)}JZq72rAkQ0;>+e~kI}`ViUS_{KB>sCY zwJ;5M644>QR`;-;!JJx8)XoD8OC2zP)+0b*17qay_3ef0$6{A=_2sCBv2O#d_X+Kd z<-4rxj@pR;B7I~dPB-xm;s|L0($n|$()5Wf;T=xnPHdOo_?;?MW1X$=)>+&)+P9L! zA*GMsw#n}cXQar#GkasLyckUUqG9)1y-R?U!EE2koy3wtlR4H}AML|KCvex8`;$=* z(3DChoT#(%wscW@e{MBp&3Mz)7_BPH zMS$6Q&QxqqO*_YI z3G5y_Prf|>nzxx>QU0d!$8ZlB*jGRTF(Gr0erUK&3zW_YFyu=M-<+y5Hl0Flz&?xl51s!S4=~%F2fUDvAf0M=Z;g zKYoeQxQHm;Sp?8CPCimf(~F+HQmG!_R{Qn>M17HZ4N45|vzB>f6eo^-NMdD8*IxlN zWosQ{Zf?;!+G`YQqmckJbA}NVmXKM}IAB&Nzn(S2&dqEi(RRt+Reiq%6xw?WSNgO= zP>wcukyU9W3=Z_H^xzag2H1|(aNx8^)KXO5xPp=HJGBtA7E~XkJDa9Y(-F)Vwqhj_ z&$i80eaaFbc7oeFFZBYdvR19?x-I?91zpFkryE~>RQ)ocddrfUA|&RW zrb_}*l(ho>&x6=-sPU_d6tMRlVa&tc$K!ixry*~CF$^<7%aofI*`a$Zgx?;wS8DJ( zG+0nHe+Iu{z^yA1_=mMK6HT##>$;41Psp+4@rCn$JMoFTQif>U9arl%kR5Yk;}85LNq9COMNq{ebcn&t6B%iy{~D? zP~V|s;2EJ%wsy@Ms4@Ny{{&jVK_G}Q2NFQ};A-BSt79n*u~1ofZs5kbJV*pK_ZWKu*BJbJ7O@Da{jb z<;ZR0@bC<@_W+F)*L+OI%iI96wRr|W?{N+gnLPvKQboD^+Y@PE-`3aPKejRN5bekv ze>|mh7C80Owy*LO2<&v?;rY4++zZcD9bM{DUN`5_Oe=2MVvGL%Ex-TI5TCu?X0iVB zNgf_UnA+L@_1A+1H>%0_RQ;$I0b3}S4u&U=fTzV*);5x*C@lzi1OQLLN^ zWo+<6f=~Ikzk|&0d6|~Wo~)!Nn^ON{QW-}vor zwlHt;{LG+iexpipv_ZV-g2gPqjbLu&R9|AsBX|e%>8kiQv8d(+ZsjS^4%QLQXg#D# zef5(@f@B&lmGk@Lesg)pEAY>jghKTVP2GtxUNzO7zv#>^=*%peCd&Wb4f6Ojdy7FuU z&+$~B2Ih;%Y~PxaP9!eLkf0e7I?165M{U0M$J^aKYpfDzZ{J+NSie08hBW=~;}!ELEAR!Pv}`w;QDlJV`Xf+H)iDj+-II!kCFobgzk z_U3rr4J77jn{{;8Sq7BVS>8zAbe^EZ!-P7Y?1TUM zF}CCKm?cf>R0lJme@H}ebIq0WH2wtA6+wHSln8;NlU0+11htYZ(I$2ba?W}n6H&NX z8lV{6nd_JM<=Njhe)_DAu~w_S(zt4En0KP}qV{PX><4sw z(b?~+dP8Xw)mlH3s(NHTeH>m9%;$BCDon}~oC59l5*&LfiV_c~zIr5hwZCH=Hi61r zF$Yb)T$&EvSg7s{9kHg5Ric|c7a|ic9l4Uk{H(@6Px=>n=ADqsL5iA>-VUl+gfPP+ znQ`TzkJQR`0Hd#{{zNXIeqK5&z!Ih9v7qx$ z;qPGx84#B!O;x0uv-S zm#^Bc2;q}qN27x)Ucrt|Nt~)DFMQK_U)?uTf9T>jEr)@b;|S#YCGp|HUH+2M<`NUM z$>4ZA%0+f2YF2O%Av(^8`n?@-_qWK)2|jWe{HBEG3NTq5SjVXG-I)<-Z3X?3wO7QR zlr?zpQ~QaZ#CCy~Qtp}8(>{(sv?%QZJ>I!eGlw@`mWuY<70gJwEqexipXG(_%NAX< z5n%J~J#~6EIGLH$jl0q}Wqojg^B8eo!ew^heSFFoH!0L9N;$M}s$m>^(L8io*#-`q z9JyU)|M}R+sd@X?mvG}^-Tw~nTJ+8fWW&S}UvAj^69^GJz8R>6@_qfX)-fyLd}br% zf=cD#W4Axg7VK^ggM$s_^F(OH1-yxgdA^qu@Hjc{_7I}~?sY7L{paesQrcR>$ zU#m7~?M#2uG_)%2!uDMd`FC_LlT;qmdo&=hh-bpmBE0*3I>+WWGMF!pGN%&KH|_2Y zQ11o}e;1!siMhS1zPi|mFlNm}q4ieLAhq z8Oul0eue~21hU94TZAiTfnC%rPlks5a12w4AG&KOH!3#^tj-IcYDmtkB&fZkNUmas zS-adRp7fz1S`Jo@@TuY=rYWitd~sYe8le=jzazUwd%Q<*wjJ3nLro1*_!iMQ+;Y)q zRiDam+3e9dSr-^V7k%j9P%T<{C~%#cD9DCI$!`36D7V}b1Podray8=qtH~2llcBrt z&00SVrrFKVQR~W7MDKQ6geEUJ*0q%;2Hh7qgZBeU2x2URdq7 zUI;%A8Uwv~njBvNlWG8;noUyKpb3|QCk;*QIFk$G%xD=q_-0KS8HD=4A?V(6OOxNK z@`sM97U=n_X>8_*!06wSFC{5&986Vd$<#Ue@b^|)`9bbxNk=_u3H(zrP1GcEoaKm` zv>xJo{czVUGeq!^D`es@=Sk5hLz;B&(8V4`pe1Qifwpw$ZJ7ZKIKq8IMWza0ODF=PUUri21G%e2Es8Nvio4hJZ^Y4rxj&{)0C8Xa%gK%@=BDkc0-Q#d2 zeo}qEVuUPtY}e6r{l*d~ zOtEtQMcv-pGx>nmG{uX(bMTm&>%05=v$h4SN~#sD=vpv@B9Am(`xbB z?eyj8mC&$;`W42c2Fd)k!V3Nul-kgGyWVJ_1xpx2BH?Rz-Z772bSu${rmE}HL60Xk zG8(HHG*_|7!+AHmr%BF9=54EJB{+5p?7AFWZWZkoHT>--&B7el!Qed(*NA6m)>L}R z_-k40FGHQ)%^KcVkQilLr+r+EVuT;AR1C>-9Z9yzwA%e|81tZif6F`J6b0RJ60}z3 zku!@&EYB4QbD;|5Dq&}Y>psN| zH38LoAD&OphnOYN!1goH%Ja8lOenD z&X2r1CSUz^b?mOMRA(|YD7h)h;ND>{urwNuW_r*NMNbiSHe3OR&fm@z-g6E_^ zVUj-~tRfi&ch$bxFXfp(Nu%!wOogz|FD!f%uO`a4G>UeKajstI2nnE{KKubI=-Qpy zc4O*>kbv|Grdd#KlFb^n zH>o+#*(hb!&&xAVkkPMUcP~O0-(0Lg4&B}TMM|^jhby@{3uc$cT{2avO<0wfYJzE3 z)#lLN5T@TS*79FZfXX^mk{_Jl{Mk^#T)|S@_jY^8PvT!+bXoklrUJQ}vu3ISZ2!%t zF6z1^7A4X*g4Z6esko&_W&V&w+Zry}g3=U!!c$>~*>t%i5otrlE2K+UA4lbBog=FA z>P49IM5rK&rCn2*)S3+%#8NNR7i2U+h;2BX{`k)cuNUi)Bu^A~gqMPCVz?HLiLYte zvVv5`F8{lT`(E=L=(~{!N)jv{hi&xyd-VN#fv1}ow&&VicfNVo+sg3YZ*Dnfz_WMy z6sZp3UFu12#0o3?`__uN{VgrfnX#T)GEIzi1iU#9xPu$)mIQyx?OTl=6l#HbaSEuV zo|27?8QM^^x_VHEb1vPckcdsz}|^n!{B3YlfKN|{@`O{_F!5Rt#* zT8kt93D=)2{Eq5)9vs{4^!s}rocZso|JndRoBwwn{MQD+mhj(s@LwBjoeck-2miO) z;6rKsEceejpN8s>>MX6SANYfLmK$AowUbT!&vi&yL}-&3=a=Vy-asAM#w5MmySe42)9*V!_yL~323tQk zne7n4eqFBVfG}_T*8S&q{%}S|;1?Fkp#yZMGBOq{#bIF(pmnAXI_F3Pf}((e5PAg1Mpb$*A|N#ssUZX_GZql(1PG{f2nd88 zf--`X5CuaZfkX@tAcW9DNl3Cc&V1kQ-+T7#IlJe(=Wx8a$-Vbi-ugW6>tDAmZtUN4 zbdQLL$o^Y5|F9Af5lave5v|$13%GLhqWv21k9f#U$8Zsmz0$(JZ6Z0jM}Ujl!mVx? zi=YOM%>o}peT~eGL_|I$@7?m;DY6YNcIyu#o9J!xJoidhLY`Wz#o3#Es-M#?&Yk+C z`ZQO$8pg=V4vy@s8|mrSZd zS?J;1@Ryh9k<(H9F71k(4iIb05^lw_B;?N}5AYi?YSrcK`V0iYk$|)TCLla6P%;Vd zS?^lN8lM)zp2BWLVPk%(@v*6G%*s39%Ewe`U+OpLXx?`Be}139UY>%)7B0Hm`wIH3 zu`%;%@f!2CS9kn?@VSBqzP7w?f~$*r|M_jroz+J_;G3BOB7_fyFA*Qd>s}P$PX`IG zf+$z^zd!2eTA9jB-kSbP&`)&U|CWXg_Cy zzDk`2pa19SB3j966#}aup1UdscM`tjo>81&$elLX_|GIZb8UIIB7V;6aRrXvOe&UF zASJTnpL+u>Ol>=S;VV=@3EWv6{_l9Ts%^FjfHkkHs2kve|2vjo_=7d9LF?h2?oR)i zSToGgH6oHFV3z$mmXXN;&h#kT+?c61&#!Z1OIvPgC`E^yNB*cqeVQ6;}+4`o=2#cXxrjHXW?3Q zg*>7G@BP;s)eNU;*A}`w;KCI)SInN~qC=(E+^BnF*Ck3fa4ny1fORerR&mK&KgZ`P zFh8^c1i|Dmi-;dZlI6e(f4=s$%PU>16$j*lAR!3+2v$Z0*w?sQ07%M+?*WPON zruNnM|8qmgncqZ)WD_ae=uslMA>Y|@=l*}b@ZGcRV&2k(lG48sfOe|*e|_Z7+&#J% z0(R7C+q<-3NEk0?G?X4gXi%Yl9|}BtBT2qG2^RPE*XHYC1a9YBW4U#WjqZA?BTh_h zcwa3{cde&q?#nkz1`LX6bVqz^sG_eXEw#<%7`U_0F~yqHusL5H)G_xY=EzZ-4qx{* zcMiLV4{p?rUtZB1=WEL%*$yM^XiDSDZbweM140q}joS~-tt>&n=`%~V;OSb$#{%X1?SBwb*0j3>wJDJz2=#OVmy@F5CxX(vG}nTJTJZk|~axCHGICrCXRtBIo5hM-lt zUEcHZ<7RntpF6Sc>92n;{Gvh?*hK`e@TIVFCfQMtzBv7q!q?}#h_W}(ZZ2%Zi9slJ z^HA~M;Twz9bG)p-Pj!z3t_a0ub3`h~5Jp_jfDMmZVsw_;>)o;Uap8Vno3nW>w3ZiQ z3*^%9W)&lR8FQ+|=+pkh6rG zn-C>mqhL!#vbJksiz^0PSCOa#wzEPnIr#Zw@DGIHyuO+hx%JBQRDC93qbg$s!vhw=^+ zD!X>3Y|eYZwJ${??W`N3Sg)wAYnUgu%eL}PUARS{K88n(e*J2Iykp$p*_~<9QP2Hd zIjjymwChg5ECtc77qx-#ifaQ6Cq6}$jVXYN4}F`~NqU)ghwh@`krx$b2{pXthFCjV z&uZqcb#Klb*!U5Eb&afQpB}8XUtc#2&kyLF`?Tt(G^Qy>Py$j12ftxt)s z?%&=SFqtLMwi@qx2UHm(ZRmovks+oXzuUc&>YTGZhEw3{aP|#e_bY>8gMCFV5!J`B z%?_)0x~zS`>{_}!0ijSOCZ*=|H$4`7Jpaq+T3`$y3oO603p|m=D#g5N@6_d}N+KwUveO)#j*3L=Q!x|DyI*qtl z{=JT!)SHV#62G(H)65iRzL({JR50_vr6GtSCovgX`1J~~JcdQ5>)HG7kJbN3VwPk)JGT{8ZTN@hYtzh-zO|hkiL-yy?MoBfg!0zzY z>$__YNv#!O`W&)OKe31&t;|tDYMLW__ce5HT-{MlPb?#jw)<_SO^B0yb&6NQtHgc4KCQh#wO8RUG5$^Qd;kHL6}7B>vfn zSZm|i81(rH5UtZ(=pI6fe-o)IJf(kR&6k)I6fuM7m|X0HQ(C{Zx5b`+cuN_tWpx{! zy>HJmDdYFg!|cRwl8lC7n2`H}HS~dP+y`VYI9AoRm`r85hL};96P;0 zDs`_ud8kh5?>wcirXr;LHEr?{!Y*9-)>~I^-B(7|2a{vJdc9i}EW_q3tMXu$XkO(Z zc@#ZrVVPQ|$d&(Qn4D35s;7xpS!Ny)EB8EzyoZfANP_DXZR}^+^wJ zk|Kr=)T(%1*E^nlD(zUkrJVQNH=FO?E%Py*RQ)d@xFV{<8YU+BQhGA31D3z1|8ye*;rr(p5MrkpNSX{^AU|@8VYR@x=8x@pGm3`6LB1T3 z`zI~gPSp{*UIz#gvKoXnV^W)KM03R@Lz22oICtV9L4sTjd7A%Xf$DeOQVczM!M0<_ z;!fLd9C+3>+c6~<2v~GbLZI{w#WyGailY&afsHOQ`>Zo#8T_4ohMVHmE!GYKHPva| z|J2Nbw%c9GHcEf^BHu@+@H!NRyHj`%iqx{28pVLzYF{scP@{EioTxiP6$&~nZBg=4MTF_@QcI}_kft!Ya0|G`qPY4w0riUA}B|B)DhGE`&W#|B!es&F{az8 z+cA`XRjyEw7y~mRjvGlnJaran$2E|Px&CYUJeo(R&pxqL$ECd&zif3Y^V|c3Emm9t z*~G(_BlTD8B7RIsDqkm$0|u|E7yl#@7j!!9*rDNhh`D3S9c8>iTMWK-5%mPiT=cbq zVln#11H>BZ{MV^TD<#!@=kM*6&tkf+>g{&@-YGHkWPus)&P9@-s;nQZyzUE!tjf)WEbUi+ms(-fj*ZLYphyN&A&qSMlV*70$ zTf3_L-x-{i=?HXcc8nKB>Oi>IHwS33o7R-~Sk%yIjp}nTXPSTN^^xy8JY~0$w)K?W zu9Y`wB-Xn~X8XsbOh7(;m|n$~k(_PF@R7Zra(uG+5$LXuzxTI5m{-(;+MNoAfuP#1 zbFFZkRjt>@#k|H&xIMW9a_c$$+{WXxd~1g z&v6e?iIA@zcM`w**IHM;-=1X=y$-SVE}ZcUqsJ&K zRBHC2w*?-xpJ)*-FyV-pI1v$q2!Xvx+;8PL9yj8B()^>OaNuUwf#`g47bhs02b14^ zxcM9$rgrM^To}j=vJ5K>gx`Vr!{W^~5{5J|=hUEcG7Tw=c`* z@YAeIPz^wEV4_V3K@8b92Dka<+iAR1ArZ>tf>elW2U(!{Vnv0?3>G|Kl$dG;XfPM+ z@JbA#UiDyQ-4oT^8u`*4u`yhc*~q*cAodGGm3zF$LzfOjga)?ehsqXBuI2a@WM2c4 z8e4>TiTbO#w^x6>#1nEPqDdW)lgRVp=tJv{6~t+|nEg|)rhgQg?cn8Er+22h)FFr) zjwNRer8(fCDA*!~OD`ntA+qjQRp{UH))ek} z%~IC(oB>&zs`>zW!}E`%iQ9Umt|~)jF)cyzCBf#}=?9uzzhxeXepBY37{AanwapBg z<93KOG)(FOB(2B^5^!lMhU@u)Fy;e22G^Q+tibduxM4mH$K^vVaAOD0JqO(tR5wVW z4vPz%kLGnAk^@xNCp@&#`eQ=yLS=mpT~m`5jv}A=M>M&NlMqU&#b% zTJGNRWN3p(q;A($&kDgX?c*b%9o!{ZQaLg$%IFxld)s^Iz4eI_EA%GGYzOSx$(I+F z6M8i><1tI^Jtb!;yLniJGy93_>+N9E|4evy!fdY5iN7xsihXk;qidtC%+&5?D$k1= z5}t4$d{$--U9Pn(6LquM9T#}*NCZmxhppC(XChi+8`W>;+kg*}%%C$5++GD~mE1}` zd7}goiIumJXgP$g-Z>>c(uv$g$yP$zK=?gi_E)ltBJ9w#QLwhlB_Yp&SX{i9~dB3T2?Q*$peVB->_4k!s% zzGuwq!OB|aCz0sUCc~Je#T)01XPt+SpF-Fe|ELrnqjZ9waznq*l_OAi+u+_1MZP{ z6}2KJ$y@tQoUQPgfzl(WI&A8Y-Tyf%iyrg&HQjPX=t(F!quK`1^Dxuy+1184!CU{| zq}0t@8}8{<{%Lb7_nUWWQDR`W!hBu zeRb&jKJ{XdU-`J2*8sq2V8}@8ip>>r?)CWLf49p>QsEE1He^xlQK4##H~{F;b>l8Q zr=gtb>uaTD&kj#*^h^cpgES})JW*vvL~%ViTir_=$*S&a5!*L!JwohIgVp?A>Uhrs za2F3D(0NuS3_=1FH#x?s zo%JBQ+h%6nq|4tkGaz2e2R3>rmm0e9SAmrNJ43v2D))EaK&Uon;3W8t44E3A({=y5r*SO6IFS1T6?&DUDDYfeOmS5adA(R#O> zk1>v3F~6k~gv0IV`d!3lsP`2^RI-}CD%Llwc3}a&R;AgRl2=~4)^JGk>9SJ~zwx}N z^j$C-?=Yp|4*M}z)|vA%bAAYQ{W#{V_&eY^ zOm8aU@)i6@Gq=pWI-0ctZuc*~ltwe-j`=Ci7S3r25Zi(bI~|hSlvtRE=Mm*~lFW$r zC%4_zyDeX$FS@b{KccwNsJQy)la6)D#(3F4ndd{_PlT9~aR~nA>xfu{ z1nlK|jKUl}D9z`;^Qs-O($2Ep-f|}_HJ+TYL_mw{36Pez4*lQIK_IjU9XRTj~xfa`8ic zZ-ZOo%9uB}59)ru%1Gz0dTYI#<^n9ILvqe=0O>gtr}Ul#_k;V7+eofg4XhS-l2p0* z=tqfY$5Znr-VgLPOfP1JrZqs97FqV9QJ+!rSGi>r&AYx(ghm zKYb~vLnj!7jNb2obul>izyHvs%57t*G2GmewHBFpEbDl5@8 zcH>rw+e$1eM8!8#c|EVzeO_NO7ioji@0QysH8&%FoFsYPThp7knMOM|cdi;w)xEg; zR>GUt0mB}JqIQm^O$I7q#3Qcf3XKn1CoAB{N})O zzpBGJ|Lpbab1mxv#2I%cQ02W$JJvn zT)8_>Oy8$$LGd(k2#D>2KewyIKL7dZs~|vyn-$=x=i>gyzpnPu?u5~_uuenI?hoMH z(vm&nXF=n2ibVb@YtEl=hvA31@pQRn1d}=Nrdx|7I~Q{k9f9af?KU#H&!v zt8(YJzw`{dAf9AZ6djko<3|=?a1rT|iib@0zqz7B^VcL{80y8n^-T=IwCuZVjE4%o zF;GMDep=b<5}lITDi^4AS*sJ>Mq$oxS4V~BwNL{ldxA=w;AV#n$j`X$MG#A_{cHXi ztV#%Ftx(S+CVmASFM**-ZXu%)cZN9QjS!u>dbqs zX(HFSu0+OnZo82b?}Xt~6tyC1QoQ;?-J(BccoY8A=`xdd>9Q%#cddwIwO~xW{Ouua zAUqWvxDp8Broiso7ow&&wdP0aFvp;W2g*W$%%ZxXQg3`8apib|>@ROwpeN+iegCx4 z7HXdbEU$O2Usq_?L>_dH0uZt96SMH~v{~e@NF(?+fRxWYL1LKt?!PbmO@Z^TyAuHL z*`WayS`Ke*%hwQokz4l97tYoE;o52>lONK$FR-z*SyU5 zptnQ?Aj4$;L@3&tLAuwf2!LReN?_J+?UVyf8;M@%3aKO^-!sRcEJ?e6r+Z~4feIrz zixn6e!uAoN8~z}s8fI7>44r?~lBbn(?d8xh-$#=#p9*D8?WUpQFHx^NwC!SmKRF}3 zA~Co<@GY@;&_rZkpq;pu^oGImi>Qhl@Flm;CPWt5QLN{~I{C1T+A%(iaIG~m-yWPM zt>Z)c^%MtlVBF@$DR-=XYsf)0MMGUj(WAkCLxy?JGr=d0K-~f;_m-+lj`{|` z`c>f0e2hS8h}b;E@zL;Ctw?Ocog*9S~X_kU`9hCcxoq~ohHVsz^v{rkEIS90q6w;_{Ph3wz0}?%j$g)%+vxd=!}1Fx$67>8Y&t{XNWCF0 z{SN7z?Oy;beJMf@oh-=nLJlMA?)$xS1vE|o9Wl%x&X2TvPt(r9z8%v`UAq=)_@2F#+0z`80Nwg*j0q^`^b3%SAmip#VGV0kBDNE+d={1wQf zmJg*48LPs~^1tKBGjyA6fDE#p4*cIbrxofvP!tupG?< zc6OnoqYQ&>j2Ac)iP$O3CSSX5A?h0?IE5%=g3C{OZO^G+$-}Hm>hghD6&t&{ z8RZN3@p(3NKR412z6p?!1#?M^c54Qq)ovV_yrGlg*Tk;)OPkHHAkEddc~GM~A)%xFyS- z;;=WEnUeY?Z)5oBEWpGIY!qn)3>W7WUGp$};@$_h6ErzbPs-*U0#L((hh3hj|7R_I(ELw$| zU871n%S-#4g4>!g+U;{SEMD35OAulpbJ~)7T7St z!hCQ|ES4U^IUfX46`{aqiF4RGBy+KG70S)Yp!I!7^N4;UmLycv1e_%R>!-<$62~^! z)-n+D=FL3i$|v?^<=lzR>O9V<<P^*BA}IggVdf-t?ce{y0pQru9=EvcoM zQu!4zT+emAhwU{NL~3VVEK)=TRwNgWT3j<`JlP}e&Po4N^0?Bb>vXhQ;e9udUm6FXWWtL?IQI7o=T8KaPSH+r$^4gbYF;H( z$9zBiU4Kn4p@*J+#h@@cp0e+V^t8p%@?!b7t}t!Z(&1TRxo*I@4VGf}JHl+cUi8d; z`S>&XCNuiV^$4v~d4ITu!o9!;Chq-0U z37!;oqV`S|zV__S=3@ofjSS+cvkHgbt|@wq=!Bn+99{RZT{uO|mQroNkI%z(l$N8E zV@jH@zlWJ@kiiRh`!=6pk*5Bc*Z2i7hEfJI3czI}d=1+1N4YV6>-x99>6e^IiSO0M z{9?P4b%@I$CZpJ5_2ESMzISA51@|~NYvn=ybH86^G+ev&QN)|)J$K+z`ukHo&J3+e z?3G^NBS4vMAjne(xGs^4gazC`?E?Oj`&Ln8-za@-49_LT?irAJy?@VRsp2s~zcU-I zbWgUP6{Y$V%2V!5FAU5!*5z2&5Ae-yQIL@ehxljqnaC+k-t5pkyRR2&edlnQD8w|u ziF9fkz5xHH&83D$*GHw19fN5sD(`zWLtsJHB+~$*nm{|{6?Xe+Xt;BX`&wah-nC=! zlm>-}V-cU1!K*vQo!h}%;de=|ALQ1XyXLjA#|n+6)t1(&sL~QpI+MN!&a3Qde>?Bj$(K8-`O-71(_J0XLOc0@0vYryKes#cWA* zZs#ZJv{r9~AIVU-v?5wc+b%Mu>6q8P-;p-fuhf-8l&u%KfC?IS-0vW=bkqBCh)uzp zAbI`o$nvO>{aa&W?u^@Kr1re@FR8y{{CXZ>UNXg|#E+SN(Ng|?f7g-L;;i5X=0=a& z^@ckd`;Jca6p5@pvvW@?$E&B$UpBd&nc(Yiz&6eA*^mOR2Bl-MCRut>)xv&LUVek; zn2bGVG~QHD{v?u#EwBuP~G+A7x%MRpp0Yb$=@Kr^PRKaKQj&AL3MN_MF7?+J@P z?V$?OGU;*~)4hw7wn5#9@J%YjPykAIJ&Wy`TOI5=fA4gWzX8o_tVxAwIG}G`fNfgs z=+Qh0NcY2}$Rb$XcKG)XX#u=8$!ottA|Zzsk&2jl$KU5Xq$Smx)Eep@Z-_gZWZpUK zDc=U>^)^<@>)bRhAu73;hNmPQ<2~34$S7ZHZ;6P}OaD6m*-mr56n{kKP?CoKo(U^n zMx@!)`q>zBPP+tJ&gh1?Yh7OGiQpk1xXKvb%a8k+Q1UW65}MXLA$Qo@0%qKotWK{1l5;BC>(me;H2AqrmP>v!+^iTOC%9pPsyX1HcYixS6Xqv z+P?g0Xx8eDS)!-RWQAjues9xK+9k(gt^6}_7l`S1>dyDSHTz)L^Z0lw>Y>Z9LH_4c zwzIOy-{NNqUrwkOD~)zLDn8%-OC%%%fN1V|Ri@s+sT190BGHV%Z6V^ykuEh6ez@-w zVYGHZzRC``VW1O@poNc&QnOuIn0x9=Q(iP-FY2dzzxy<|+*~H5KsyjyLaeM44k zD!O?8s;UcV?Q)Rgqi$fjb3ZVqL%EHLd(M8e;TApybjG?Eo%cs^DvGGYd`f4+f}Xvn z8PA6HI*~hvSA&!v+HbE54Z1VHGva;S*GTTR+s?X%3K+999=oM5cy z?^-XJSgARlCKg+~KeVnmV&JdUp_O$P+vHa<=W|ysUV*zZ@JbSWD=neK1|l_&w+*ST zcST{JY`sNT_N%w@iy+12FIgk#aPk*s8gYPg`=D?|YGQ;4LJ~5!?NPYh>3&Q^|IyOa zvjhm@mUuw#YIjAD4brXY`{CJCAQrF8xi*W(TbO|&BUPW0yU*-ywhIpTzMrQ2LtQ>X zFS-o?o9D3P6U5(>uzrJD(P8IA1|AG%ziBRe@;=q(OY+JFljny-0+nSShIBI*m6;&_ z-my@VCQQ^7k+|4i7Qwl$Rd&v@+y*7NcQFa+z+?P8jzkTzwLN`@(JJW^vfNoj%%dNJ zk#)KFcm3pD&8m}8=3TURRY+IxJ>BJL?X2mRi;SyxgwyJnJ|Xh#lGJv2-X!u&EVJf7 zxXN}0;mr@$&~HPbAei=zQuSNMQ~BVk*Hc$6$c!<|SD&EE9w}(b#|#W1^|{0E5#}O{S zgNpCxMLj3u&VIaCo)A9Ikbjc5=K@wgV4=g8oH45kJ-wChL;7xIU{E@q@wA*ual=G! zyyI|*$qtrLDc#^I(b`d>XvpcboKuzg*Tp^RUfDp4=T=6(F2>Hb%|D%3ssCIP0(C%7 zy){>_3UQ9%CGJJJjqmFvEzVX$AuW?O2jc8lg5vC9%uA$S@jF%P^6CbgZSr5yAI?svw%5d6ng{7rhK3=gQf8qBexScm=8j+b-_A zW84@sEIZ!s7FXw<-2&fn3@)x~HLDer;M~R!#=Z?E@%tZ(36V}jXw zPRJ|=rZ*?zI}+Ohn? zMA2Ye{FhaHg$g16(rokvTcY3k^2N^VO3}BnnL|&IviQ?i)MznjXnm@QZLAJngFnQ2 zS9}t@D#`nh^WhiNb9;A!j@PS-++L@u)9;-bUxU)nv{)X#-(z>i6*QDu%Ts6ZhME! zpzXthQ6+rnC(Yg$Vfo(j6L)AQy{aoCFm@(_;efmDx*Vf7+BNlOqK9kq?>$REm;3yx zL>tZ&$I0zLSPxx0`O?H zVIPA#)ScgYW~j@eh5F)+$rn+}GJhERq2fz@zSN=W3{f8;t*bkE6aId`RZ%W2+2*{D z?)W@}+N(UU>g$&2FJ6Fsvxjt&NWYw!H zkaX8YJ6d;aK`gIACQwp+HoAW^{fd52t(_GnpLdG@UDM#ERRcxB0R*R>wLvV7VL>|2 z%lVMsjuEn3^<8fPBks(n?FO_8tJJ?t6rEscm+9s97n0cZ}f_?RVpKP$X~ zi;QXg<4%in6qHzZ;OtMrgnJF+FUj>Abx# zUV9^W-1qT&-k|R+KAz3odEW4yEdNl9*jP!)mV)5; z4ITU52+!Y$XN02W5w6ETH1e34GPxh6{$No?-DwSA-t^+@(?&+dv(>>mC7k)m!-SM~ z-Ne(!|MXjf-U-_}tZII#<+mj8P+kTvhCbs<0LX-_a(Sr>3r!xTfa(GP2poKUSL7c_K=?ll%5eOh)FVjtWYz`IQjd)Z3H}2HXHzm=w<^0TH=EGmc zLc}4h?!3qmFN5JPu6xV)<{OCF_fN6Hn?)Wx6giTRVsbO*+?&=zZzwe^O9r;}P~a~t zKV%x{*1Kpk{2n7L`xcC&%a9Nrzj3a2x-uX)MDEx9EkAPih#W;ZIWfsKW-_HN`i&m{k*<%abQ87?8DEy6x_NFUWtsjccmj9 zsQ)SxHd{UuXO{we_LxC=CTTBq)kDVsb8G9Wsy zc@qb!?bO;g@9Z=?^Uxk><^l;DA^kOO-efzfUGYy0@3xHpw%6Ta;27yrv&;I>fH+x9 zCw>{32^-%hB8gcK)x<{*b*IK(f7Ao?!fAxHT2k2<|L#q=i`erR^MSvfyu=GO%I8SP zc6D}iuU2>^&;c`Dya#@go8J&Sful<9vlD}B9VOPPp7|llx zsQhWkq+lr~Uy<>_N!|0#kCuTt2|JjpiVQa9i;tkly;@QA2q<3YzO=)0UAKt@{vL69 zayT6Nam$pw+8@w7{^Y5!)a80GsM<7vC~U+>9-00lPkK^Kva*@MPv*W8(!APM zS_Cj&2LUbFrhfUg3Uf&j$zeZ7o<4xPdQ5y4^v*eU8)V-cBTmh>J!a8!bDdh144Swk zj1!;i@z5%A)oaMhIkXJ$tP*)^7a26yX#Ow<-MqvfP_~@NVKU2!I~6eQkJnh8mKNWw zU!$hh=%W^+EF|<^?+bR1U1}PX_6DS*5FFYG4#ZZ3Kw?H>Q6iYyg!^CBql; z>#>lL^%C}j4qCZy$t4`xUxjlyEH0D6rsh%>GCmH0GtadqqTS1zxdCd(y2X{Y`p$YR zb#NG&w-pyi_TJjZV9?kH*+@I03y1A3dHg%!BZg)c-IgKwhj8vSp+EtmjZl{&sIM|} zb5I|S)aU;!VDAXOstH{*pk7Lhtg z#`5>i4RJG{f3R6Liw(zMcTKIeSpDK=;glw3=KA}v;Metz++1y@A-ElMw*Ywb|xDN7M{n)w*;rEG4Mwpv~Nw0HXc%+iZj%+eK=|nPWo|c z06-jOPr+OVit4Y0=N@F11-7DI)_DeOo%!1o%A~|l{y-Al!BNn0aFF+f{RoTL5xkh| z-dam0b?@wu5#5=y%BN_%R%`l3vBtC>ng zU$&{YQb`ebo6Oa-3*g|(Q<}11@q|PLXI7L6&_FUa;53wN==|$H2Dt)Yzn891Z|a5+yalBkU34hCb7 znU>962&gn{JeZLLJ@9Vx;+0RCgQ(3h{e5BGXiOw;U@f-ghY`sO-2EoPT#-}JS00eu zu5O?1odmtTp|`Mg%lW;lbx~~hpzprc_*L>2&6;imw93%xpCEO_inHgM_NulOxZ@1w zwxzyoUE3kvIq$URxg@W%oACQ(I9RLNme^QqHn5@ay@Yt73WQ+H)MG0Soel!|V<=YH z2*%fx-)vjnq3m&sAbJe2`6 z%b7@Q_=63@%n-eRQ=n?1&f%fz(dpmMe-_%}k=)8{{l%fY^~moa*YL*;V`KfVNKfQ& za&65id5D6T@skm@UIKKpV=khx*)P_#BFFD_Tf13B7Bi!|4>vJHZY|))L$S400N5nq zS@wt7NCph=OSi5rsyA03kX)|1kWc>AGI`Fo~K$WyE*cH(EGwu3s~jUBV37Q2g~qW~s4FGyB; z)IwIW$h{;TPr=YEGmI04Xvb~uiNpJ{&Ub_F_fJj3+K~smU&q-!%9N6D|8O}kP`SsX zHFN1rkooV(?9dTIrC$1b%eq%a^lRdQrWfCU-+g*I*nYYrnmbbRDtvauU*YuPfP)%6 zE_`1@#li3~@3wnp`~9)g&EsQ&E!o3w$2dH=EwXPkzRqdi`t{-RamHvm_rU8aRj@z=Y(%i{VUYj1LTGWkn3?sQ9KS$zHT zzjHNcT^3!8f=KyOL3xWIcL)tSYJ+Ob0NYj*JxP&ClC6TiA0O2_k{>BgyLQgD?;T1h zwSiE|uuVx+PXb^zN4-CI(8$?ijOtsMT5z~|FSj>sAhApTr7fxvnSTsk)m9^OCNtot zkTMl+JkV=t?lsu^ajf2A%4PfC4Py!B-rjm?dG^Y)q+TZ&Q@MI9PA&aW(CG&)K*&-) z+aTa~FzF6TRqBX8>PXeic~Z|L%I~Xe`;OX{PHHYQtlZNOht;WyoFyBv&ONkEYJ{C^ zm$ktue{@g|Cr?1$e>%Sn_ugyav)hr^v+iO~l{PDV^dMw)!5{mJtir$YuO*d8jAah@ z2bzow?)!~Mu4%W7xChlrsGq7?s@*N#&y_6Lm;by$^wwh(Xq3L=YL}^@nhdY*>;%M^ z7>PB9^6%vq3)Us09ZnG5ZdR^o0VJ5(q+0iDzYa3|S7%txpk)Ah+)w#3H+`-S=Wy|+ z@%V@8SvC|U)*QK?>ze)=jhX+boqZ_gww$H(sZ99Ze(sf?Q_I{I{RE9bXm-)t`1@WR zJ1)}{vi!Jn!=t`8&sx8*)X)$Wde?F9J@>U<5i=j9RTgFbxHqy|T9$G2(1UA&U9$r+ z3_7p~)Ec=q@44CO_NnRl7Z8c+KTT!ulykw))_081t~O$W7;)AMTBrXw){sY2YA`oo zPL^sOvmEaa7WGW6OJWA3d>(R^~eX zr14NI702Q$kQ^$vs71-zBuO2I;}do(`CRIY z-&c`)VXzVR{Cg~pPC?qdeD$X65+X?366||)F0fALX^3^%b<@RkFu;puWN&ZPF$gZ^ z1=-t9qoV}4YKA5VXju?rJmQOy!BW1GshC>wzT)FmDFGchwhBUj~y6d1mybbgHVOQaET^_sb~ zkk;#%Rub{SnOo(l&vyj}+bG%GJf5mcy;s_`-5%C^E z^|M{WNxvzny>y~O#+0#JGWB_1D51bSCP=~R3q9kavP|XU?ddju_<%VKXLyOiI-BzW z-|k&mS!d?e{@cB{$-)fLkJ%?YN1DDk00qJ`{)^L_siAocCL6Hl<%fbSt=%RW=UJQH z28J3Ib*exULsn53?6+Dl5B-X0hXQTNYx!sVWy4i;EJ~E_DpORBnZt2(bNpVIf_d+w z3}TjW$r%_eYsKW)=z9hz;I2QhM>ZjU`3(=crd_MQreoQzdlxnnHYPVaaZIR{S^zN^ zP!5(^$oNoQQE?zy0y(S=s+Q*X=+5XdB2>8P&ZlSk{tx!vJDTnPe;?N2t&*G?HQ_Oj2fXt5}n%GRig-6#1=D%)mCfoNJ4_NB|;*ih#||y4q)#l8aa()~>7(qXPaP4Gg!#>c z-p_sdJAI|XvM}tDW%_D^r`63W%X0}nH5RV@lGgQ3HA1_I9n4-$_=!mLzT$|IwachD z)@Dx&f&G#q^pAf#U#X90@&BIu1wmmEzHm1J==;u;| zTZ;;_C9LDJbB=P@<^zM?rPaIp!5p$i!S+_;cvdEwWN2N#y7x^0Q03d|*Osr-RhqQS z0$yAZw+XpamLBT#z3xNi{5V;mRdwTBTZ}dSfEZpN&%Z>OSOk*?m1(p`-`ZLFds}mw z=g48b7q#F1(t#@`sGaNF^xi7Uv!E;jTMsf)_x_|TG`NS%2u}} zhv!%F*K!A4cv(^gb+0b4Lep~ulW$kA{U(mG%XA*6cNC+PZ{c4_)X&nT2`k&TtlBDG z&T}73=Q)O*0qb3{UsLwGw!pT9e|noh)ni_J9Z96TKh8*m*W@G4s6(F(Oe+eh+-*UJ zGs#99PS>9S(G|p6_U;(lHEhCLBD4CA_F29@njCdO6HLMa5)Q>>UaRx}{{9uXeIdPC zUd5vH%FXZJEo*0I7b~G%fhG}UHF8*CrsT2x6dAVt)RH95^q@V-0Q=l|>C@lj%ihuB zRrgQjj3>l)Z?B?z>vKeRv{HGxc#Wl&_RZDq2>GcRnz!vrBX<9R;saSB+7#82VWyPgfAH9f9fdV+=wGC_ zGY!|R&L}L;_6ee*F+K{U3^p?C=8uP{Pfuk!E&Sy@cdFZVb!~?aX9?Vsobg~mA239? zhepM5w^}qZ^Q!~QtIJnGH8~?Zeyw*xSs-bO-7LH3{w9p@2+tz5SbY(XoCQCkiqAoXf=Zoc(J5R$kU4mKJn6H;5SP^B{8!TTv5Fn4oB6p+n!d9{loap8=v5|aCn@KmdXbs95CDEWBjp)?Ch+f#zy6>hoe0Q>3ud&^iuAY|3lS!%?+}c}%oak!h zQ8v@$rP6vKyFO3PQ32$+ezhWZ=&vpBRy~7`e2V}>dB1BvS5NBGm>~K3j`AkJeg6rM zouGE;&|e+E%yV&Q6J3s|(uHhW@=dec=sq&;(ZX<$YbG$9USk zCp*#!E3ptQ#|!M@!HZ?Q?A+ zQ*WG7)*9BH+t7lWVhg*}mE1fsK#|2ADk=Wm2I>A+a!x> zb2kpz?U4a7Pv{D|ja&T!JmM&HT~n@eQrI-tykt2@HDm(t4ciL)_z;yoc=z?6 zd<$kg7ART+RKMQ+SJ~csC!FMQ+{6^9Wv5-s2~FZ&OPGZj2PtxU=)JTk*HO>|j^ZEN zGaGg*UT7=0@g$Cv;9bE_am<;`vYn~(Ppapi?4`P_;llt0--V``08P)pp-m7sM04 zc}xHDwOX7?g5`PSUKY>CpxjoUhjv>}3SrA!P1&r%K7G(+;mmFZ+r^Ei)~O8c#HQ`NAICTavJ# z>I$Sz(89A_1HV^ozIR2^+_Uu9rEV>4`v0oT_{PL6|2;JGz9!_A`u~{W{r}DlWqtGC z*uI0?#p)kV6Va@!&A||+R(%AIt%KWsz)L=;<;8n;t|_r#l05lYsgMLm^It7+Z0g#G zi2{RXgqMM@Wp-cBcGs@SpxB#DY4*bgFbG_A(wci+IpvwXlBnO7aA_S76xh7t?}i8A z)R>uIQP9;{&qj34J;E-(3)8!UaW~%ea0JYFYwz0g{Q?=463CqV$Bc!kaOXNmC)!7< ziI-%+A$S^-U1`+Rb*(@e=U|KfSbgv>2u~{KEFQs}j?fX;|9eM0!J%!Z+=r(-!10(F z>TFMA1%t&>{T9rwgCDI2;+(Msbr>jLbB;8Cn)sk>~#H(4NFgK*H%uQL0+lbjEvlMH8~>$ul+-%*e7XR z4ibO1OqrsSx4eFN&TfYNSGWajy)%%>lgs#XA>N~qp3vR2(oQy&>=YO$#~Dp!H$Pox z<93bn4DTHXe85cS;SoE_Q#q>@MtMAL7)ht%de8!vm(7`Oq0eV3OeOnG3`0!Aq0X6T ziTZ?gHg_Vz_sEB}jF~ZJ%ij;1m>kgehCyFQK0DiW2ietjYnhqEi~G>F`P#IrjV+rz zA%Ruin)}3AF^$xJymwlCdqNjmyu(;L;u3I9i=?+x%@yl>KDD7a7v?E(qse2CAON%O znB%o(%O6hoFZXld=x^EwS^!=w;K*dW2Oq3Onf}TAqf@TW9 z!69E@Br=HP0P)l5S3f_JFir+t;qqWa$~up)T+6e#o6^DMyd-{hBpEv05^y2}l@I70 zjTo%lVVLo#@+4LphuAqRmXN%_BW7bI+9{h@weB{9Xzr9qVQU8hYz-z2PVEXDT_kpo zY5p%{es#wseR*ZonDikt=%xQ=;B1d^n@4W&CdYx!q{@Wu9hqeZjByHC#?9uMOqrz2 z=LaKBv}y#nP&@v3wq(9zh{l)x=8?wVOqER(1qFw}nX`X$MHd=3vP4H1Pc;c|R-OF$ z0)G6;_kYe{+8o)ajRaFJMgkbl5GOzjBmS)Em+tD1 z6mBMGk%hQ8cb1;4nP00X(}~2(&OLK?$>ppxwb}&mVAZLjTd#L*M=^D0Mi-_U{qA(x zQ~>+wmM|(~YD1RAS%w5ys-#C>MEh;r7ypt%&eVbr(75DEwzT49p?_x56JX1xtib`E z@@s7;<3XGGq?3{mJP6UNu1e_1%G0W-ZRa89)&Zc@;OZ^^LD)x?Yh+U3H~eNWa{;=| zBhKKy(jC@TJ_A zzD}1Ks2-g$o!_aaxD}VBptTm8cZdJ0h_=Wr#>&Oc>_j#(XM6HJdxpBJzk<=YNDc0J z)~68^$=LQ@GmyY{JyT@fgQTt0bD3Ss0YhtbRosA~EoO%IK+XPMkq3DLuDrpQ{*fQdqPsr&$vWdys-iox| zoBQfvsW>0?pP5}1BGI?U7;muWsXTbOP)RdxnwKgq9di^^;%{qwBXn4mnzC~JTf53Z zxf5cFLiT#a0RytWU7Q^4kkwJ+ombLYZ8hX@;EL`>?Ed2-oea9+&F-z{jqDRory$c| z^i1~44roat30HI}#CUE<@XU#hkMGxCo$3b-eLikgPSI5${aJ<87T)UD^VAP=<{fI# zSWYYz9%%)2)Kd05dQYfzjdaTI1DUlkvHwm#{o8yGMZZ{qHDYMoC=(x%E9;lYM<2$6 zo0O(67?^(Vc1V4}#3f!jJ>uVvOfHARmSZq&LB7z!PL~(WK_iDn@!pOrTT{Mm|+9rl$K;?I&8%o)Ws?gk6D;0YfO{k}J0Gbr{n=x2Be=w=iA zA|v%`*0ld(fH!j?cpEZgD}pxN&>VWnn?wR@-pqRv{z^izWh~!a`FKd0depc|5cZO$ z?jvKqm7abK2)=nAdP`Xo6TC0tT;t_T(Uz5mC%b1_F~W%re;c(ZGS5mrR}?AKoi3fo z(pS0ovFqiz_M55u6Au=LX2Aig4PVRyr||Ft^W1{VW~KsRjWVN}%Q@kopO8ls+zwZL z+!B?@ z7T(T!3(U(nYXu&_g%~-NYhoTZ_Gv6Vae}UQzlYj>+-4@CR?#a7x8T{_uJ+sg=dbph zEmOE6>lmZ@MaP#l80&0{zCfRnVJ?`hW_OD~J!aAc@?}XdB4mG9( z!k-pDZs6Lv_YJN5zGmag%3 zgI-qe%cr~!P<+4ZE;ytgsS|`iO^kNOefIVjWDu(uqY%T%yZwV1D5s+}3-Iv4e9h;C zn=98fMqo!jWQHBoq#gQxd9AMEnD!Q@5&0X0#uf$YCd@Vyf{iHM&f|Umt9|VQOv}tmqeKql zaB7Pz;e%_+&ZleOjIUQn`aBwfKx^wO>11d4{q*Y<%XQ`YJgNXdQDkOl1VDSaw>cb_ zQspqfGkD$Kc5o%Z^z5>_dMVtfyS8G!bAJJk^uUP#Oy0=}DEPpoV%bSw-`j2O}&LiJ(V4?r$CSqm3F zo4XZdaj=W+(r?6>=eaa;jrA%?k)t=Lp38#*GU6fDT5TkbxkT%;z^>4qbaG1+`9Xhy zK?hX-b6`9VHYjMJhMVOBFK_?sD*l!Cu%Fw0{M4=tTSdv@M$PA$H~3uE_aIfdQ-}I9 zhocfh4RuCGX(&b(anHeO3S9qW*OGrBXc|y0%)Ek2Ho+GS1*)*DC!{@92`Dm+13wr zjA1#`OFm2)uh;HWO!Y6`LqZf!N%IuXlO6NPFt9NYf2=RZs~(KcQNW66q+C8yXoqF< zEGa7j^aSluOt?F9`*E54a?6ggNyrHm4cR}+J_{NzW%KmE%KlPLxaIaI{cU3K_r6nJ z9{wHAV_rJ{c6+1n^KgnnY?6Ze2g%srJoAQ6Nh>v_rf{ii=Eg;1!;=?; z(my8;{~&LU63LTwAi`#oO#nudNyzW?U{8T?B_&oM#%4vyh*y$Q@=0Bm^@g3=qifc0 zPB_3F#CrgSxH|~R-y6a(!wuDW{zn5X+cAsG-khyu4hsFbxeCq!>ukjWZr1gWZI*ZR zxN|@`4N=h8a?|2s^OYX5zBPUSfMNEOL$Tiy_CviS?sAIf*gx(pnt)9QY+SgYK9*8y z7_x!btO_;n%-gEbD8COIhiq+)+;yOQrXlq|I9QC+#%%Og^g#(rc$k{_(txIkjIrG> zf}~av$k;jR#)4Q2_ON5Ac)j{nw}pUn-jOt)jn$-s+!TgUY|QVV zhTyIiv>6#)7P{XlDat?gaR4VDo;&ZFIpg;%VXMhquje*^LdA(i`uC89-@l0p|R$3Z6VR&1*g)yNh~p$%uuqb?o(YU98( z%iI2*WM>VNKUq#H!nowwZben-O6TTgE}M4F8J_Sl{?oY_9A3mYf`L`iM%R@z8{_X3 z+?mJejecrkb_;yTIY>jCm>*Xyjorb8Tr#xFc9$W329FLt#+ z!16ZLG$35D$M9zX!xu3SoVmI2Gfa<;{%tH5B^f`_AFm7l_$ls}XdC!lTK1*a-%cqg zx1f49T1sn7+^;i=>V9`Rkpf?e?(ylAaEKlurpX9lZEqlpD!dW+?o^{L;zpi;5YdG& zRlPE7+?zF9EOF?AJfRdLY-yEfN3}R!hv<3PockdzLs_%{puJr4jO%xJ)ozJ|U%cW2 zEFEgh*SOOO?c)DjgLxuE_(^L(`Iz-fbPPc<|4E4Br;u6&syJivgxAR4hqgp6dXg9= zgGJJxYwi#U|2Wj>9+4-9)BpI+zI?Ha-zWRB@9b~=HHyiQ|?8+*l+{H5GQ++S&^r*!1woMp`o}{#G~zj z0kxQD$EPy%kLJ{Lz>8CnE86YV=8zU~NBsN;em##JWFZ&$j8hFUM%+bLWE=Ar#t+yU z#kI9MV^?DU{J7@}2^Tdqe2fg9+jf4=#H`=0DUQKuv6fNHuujoX7ut0-*5lKO+ZEL7 zwXjmS7|qdU=u*HBzsY%H0d>*Q($hEWAv?`-Ct-#xr;R!d&yY_8ESm?&NF~VA?}m{a_tZ3-k~09!QMDWUu!m?{&|N|HX{xSOe4h%@2x@%xv5kNI zmQReEMIFc^x>CFfl2JdhhD9ZW3W@fv^r}*7ggzRFWp~noeV^12`J7_ZGXJ9o@pC)s zas&a$oQm{tVpErb^@H_k=MQRoXq0su>QVTg370)G`g15C;{M^N)VNobzlI^Q+o_~I zg(msFjEZrvlKP)VoLKPfVkx}jy#~VcI%bVRC&c7~E3s9QqR(wTYnuwx(b=H8|c*9Uw!@u!4i6<=dcXSiRoa2y6t_ZyAYFuYw18{4Pk3M+EHT%HlC zD&~i*CQo<++gZjhA%jYYU>Ea3K{(TyT)By! z^9<4d9L*O(rXovBNhfhfb)`>;`P^=2;U;8bW3YEQQZxx!P`vQhUCs#9Qb1`w( zPl0{kSp40@nBu~aR=uL1POFOQ$P3=~k)AMA_L>Ph&6$61%(cs9K5%OhiJU6~g(h($i&C3h~r0RR_G8Xk;&F7 z@<+~kQZyWfSf34J7^J8JcPh7rK}iJ5JrKr*fDo`Z1IA%cZ< zxbNbA!&7QB_}r}Z8Q}x_AQ5u+s3Z+k*{uE9TJsJ6c%3L|0ln*_GY5nS&DK$O38wsu zwWHq`t_k#)G0OVwG-!|ZSiNg86}lm3>V`c|XN?stP9rpadaV||Fs|}mU9lC{*_vn{ z2Bh~lCjkW*zf-C~-KkmhihkeU9!Af!^|9@*s&B8k+ zmJg6YHAZueM^G0qo|Tj?{~wVMu)m?$8{hZV@Qg?N_d;L{t_3UJBGZH@wEP1cv0d zAtvJw_k~OCVTEx=wW3e;kv6-Qv$saP^tes)=ce7&0KI$1jbCK?xCtMz*V-N&P8!nl z1AY_cck_GF@InVBk*!B|5O{A`IZiH#{azz*Lim_juCzwVGiM3<=K^1mC{i_;pl$Hl zz>ttq-cC!qgPxizA7+aesVw96h97!HBdX4g_F|%os`I0ao63`(gOVM-FyHYXuamx^ z7*L~rtL9owQor3$bwpE<8t8opqP^rLF@csVp3rlNiE$Tl`{=Y%b9|(}NvEFW2EC8! z_c?+8)*Q4(u5T|djmU$TN$Z3<$e%}#-g$^F`>_)$WH_UA;W%K-?iS3!fNu@TciN!4iQ-uN(+*98%-kbJ$3w9ra$I*%zB|JA+#Ppu zDs8O%+M$vFhxyit(P#CFq56eEfH|6kkz!mpy?H>L{zETlnf~N+Q}EZ}l;5LCpXc9* zX9Zu@piLRJ;zSq~-tbdpOZ!ZI*D?+#8U6wx#ugm4Gew`6=gye@6cCnPI~KhRs=za? zkKO+!oKpH?>G#~N!)S#$cOkX)J(6(g#|;$_2?tTVBf_MRF?8G_;7|RmX@DR0B|co` zriBjO{tv;A0or`LT@;ZS=-QXLh8sx0JRcqB8%hYG8($x>7JJCxvQ zj5QBg`0WKRel!4(j3JuUNwqv8PZg6kSZw$>{?Zl++UE7h<3XF4B6bqp^>(~Y;rEsi>i)`yJNjdq-4bE zT=MD_TkwD95-$3F*anmZ_Zu>foJg-KmSH6uyN;25mzikui_#>bUzl@7;(@)>jYlLX z-ADy-6wl3M|vt*3?F9f(_qom_V@pv&O8mneXwmCV=*t$CX&aJYo?95iF1Z zwF8NctM#TeA!fp*s%W)Gb%k_8Bqq8PGUY**8lT-BiPCb~T~!9Rov31hl7A|le?fl?hcIX28nFjC!YWGkHy=-D{JD`f95@e+kh_>**slO} zm-^;5;dw~HzDD4pzw)Ii-^}$yPPs>3MQ)-1q{ux`o z45mXr*`D(i*;|)a75d0~P{PMcf=>d~ApLV;pPG#m!p51}kI9YH1-Fi$I2t;+$}~_X z+O~NLol~NlIuJeNB+L4TbPw)v*=eW z;B|7r)l84DN;Qpw<7$VH3z5@LD1$|LsBQqV#DX@VbjYi0ZhvA%yy0SnsJLCJ=0x-$ z@+`in>h;~cu8=F|WXi^G`pwI;SSl|@!xO(tbo}kLVbs&WQxR>(^R_W~2W1m#xXpVIT3{IdL<+(wWY^Rdw_A#LRJmC4`n$ly zsQ_qkD3#x%N0|RPPNZ=98L!w(V@`s&QCQ228oXqG0x>`Shh~l)6=1G@#|>PRX9K*A zzb$HLca{g=lOhX;cz=lAetA;kn$B9bjNi*RX<|CIQCuNS<8uF@sFKAu&u{PxIGSC) zHktn}rHztC)S`Ui7x|Mj2rrqn6BU z4JFyS7?_Gp8@;ZX{svzqNO}Y{oVWT4GVQ++Umzrx0D39 zfAc;ppTbYaNKHME_#^TU|5^1zD#`)A@0Y9HgbK6!r|V@EQ^pd`BHDL=N5tTy1DOPMzzcD z$A`T7L^TfCB2-236SK&>qacV7{5POREhPs~Up;^jow$1gj4#^PlcQmeg_o!Xku8K8 zzLJv$iX_4Q#mUZjc77qx0q(xU(WRDi(7gDZ=3k%bU7K{xD@Uu$U#(?h=25rAK|RX+ z`@j<~M*`nq4LtLFss(TIpBB_-*UY@G*GEN)p`DjIaGK~39f|m~8gI!{A*1IIv>(qu+4=4tY4N%f(6T|vslMMb`v?d^XUlfS>a2Y zjoe@&Pyup`h|dP10>e4Id+_IRp^9fkO-TM3=%b;nbR&+rxaGFqq@9$S^%cMB(5}5- zHCpP{$~QN+rrC{KSf;fmSg=^n6SSYL-}P81DufV|%JB#0!#nYmqB{E%*xAzTj&MvdW~uQrr}Z7ar>w{&oAlDxa7%OwGI}3dk7-C3Gc6T zc~@sK{E4DmeFL7LqvGP&8%&WW@b$ivr*OiO8PvZmbc%FV$o%Ds| zqjTQOw(dvR~&K(o@^kva4&i@4-5m|Wu9Dpil~SIoYqxC z2H~sLYb6WrF1NHSv!e5Z6k_xLeHA)j1Q0Mc0@r6P1-Gn%q$6 zk=|ic`-PotN`0IDZ@oe_Mnt6hqY(HLiuiOr<9>qSS^Bx65E3*ar=oJQD!MgfOFw_7 z22xUv;G};E?J>1*VCVk3uGR8_li3umKVq=S$rDqaR4AwjPA^v7EO+t2D*nQ2U+g!m zF2T;aYbq7()H9trTdSfxry#xfFzj1X@Z(c0h5nm#GZjcl4a~to{9(9(i*^U5(^VYg zha5f=e;;k)PT7TPwnHj4&fP~Ks^XW)Ujsbi;)i>OJeE6DoQt$6O) z?LXTlxp{IbBei~JEf%tsdi8$XNnOt9fiDmE44&1tWASJ@%Z| z7gE}Jk6b&7Me6XBA|)rQbgTf5;RS@7AkW+L@`vP#xaK0f-%9-_-V7+C$v=}>fB1B> z7oect9KoiyjO6;2I12_D&za;nCF+S@as-z+*G=QsgrxW!Ed^qhJMhvi^b zqAbFnJZ}duK*PE=&QNaXET@(IUVDw)NzcMB$JPBjJ@#Q|GO(tZ14*^0zBT=#(B&o*;?IzXg;422`yQ*4~IXwFihWubmJ z=vy+nQG;2x6)o|8S<07G2jvfTBLM2KRl__tpQaLKwmg$7qXR1ddIt){TiMe8H9m=I ztexv5?X2J0t9T5({RQBTRCZE2y6A54!2|Jw)_3KQ^JsX01wPzLoonS4g5W)TzJWp=mF;k|!mKxTt=r%{6BWE^o@H?p z406ru*BRWAJSB-#B-`;3Mdy*jW2t$blO#Ysqjpb+5IPk)01rT{4biq8aU2z@mnm@*U8ye>HsQhyPh+K>CC|348?vEM~W7zz2Ej0 zDb}zucT#h+C^o~EtV4Zt-L`WsP9Fcg#|_8zY+>6WbFJ}xB>b+kit7<5bPj++sLXCn=@WZ5yEo6nyBw^lbBJpt|ITQ zu&u4^fryuyG9=*6D;M|YM?wCkXx-}OM=?-W zPxG^c&k2Q2ng9Ck@cwDr>!-QTIFj(Y|80`pKZhki|BGqJd-e4#ucQ9=RjC(z|23A` zeJ}RF-mm}rn#x69d;ZVM|NFuJGmX=5Vb8hiY)Fl2Wj~&Ik zrG52(Z^OIOT-YKz;S%r3R}~%{`=77beKg$vpD64<@0>lp|9`Pid2hJfKF0SS%zyW4 z)Nun|DT4p``G5OhN3$k+<{x%VA|w2mgYCajewXv@@d zp@GI|zSR|46Hpq1a=dyq^}HMV2f$`w%ApOFwN9O($S#`ho}{1XndJh+MBdY1wo-pe z?EQBf9C>s6>sicv4BRxdHSh~nUH9A0tf~;^a^sZtMtyctD+$Pv#_)=SZmSKSoZw-? z2tGaYdiJEMuGEX9@ttqu zGtX3RI!Vo`e{k0CsR!L5@0+^cCLs5Au!}*D86ZbzL-qe%J!=z=e@#E5W?X}evW}iS zq^Z7JRbvSB^T(qzDv`e#gPSkfWSHR9M`mMj|IAMPXWva~Kj6|Qn&!Ek)F+_O(TR~V z;xXYXY8NY!<}E9!mnH|r1H6yk&{wjmFE$z0PE+##_zx)uU}9=>_PHzPgM2uJihZp% z2Xx2OW4xEy<}B5hBYKQ)uU!{{?|8odf#Fm&Z-mY^wKfMl(g4Rd`8yStdT+8mDH^Z1 z{TQw*YP0II5+&T8)VP40|Jzp>`PNR(&m4QLb~-agGLe z_kTaa8-TQJ?(ib3LaHZ=SD$*Z?c5z-X7K|cv0g8z-XZ3Cmd4Vrs+H~-X5?u`gWTo> zGEGkr(J_FW!e)TCMCrQy$rGx8Cn~Y`T{y~ya zN<g^R^l|d?Obsul(H`T!$~glPn@uvlD5JJ*tY@xQ*gfa*qOc zlJ;|1cITt;-}-uaC5PU@VpVd!JEV-$YTG)mTVet3(N87V7n-wl#GHivft>BR0;5Sf z37C*pwN_g9ou!3C$jsXy2*SyQgTTP>yg^$GBeG9HayT%+5eiuz3TA53`Ybbl_bjDm ze&CfCUKlqm8_2n@ZEQtlTvv<((|zuGn{id}@$Z4Ck5uguC@sBxMP3_TYASLLO}QYR z7SF2~_rQ^B^XanCW5#1=?NiAFkJ1&K_~374pE}lN)*7&`T!`*pj*dDU(MIDg`MD~v%qA4e}k{%vC%!~;)k40 z48`73^Lwx?YQi&t$3b4DTTcCb!#p`j)k|}dFd|pu=iy_?HT@=0E^MWmY zuvy8pfyHnNINz2U1x{^Q55-@-+EujoaF^I!HcENn{!4(pM#VktTN(x8z>{tW@T>>> zw?NR=U~%$8rgHL`Evv#rfXT-*yj_CsZ^7hFChPYz(ygLD0N#bQ29AJR9gD^SKTl7v zNB31sTZ!8p@{&7B%#K$+g7+dtaC`dLS4>A;^Ze#i0W#3-uL9H$Q(I1H67Bj;f+;U8 zs7)NR=KNH-I8h;#!wAGyh~(7G%>jYzs~^)NrY9?YHO1@HNY zI&$A??CNlMt^4v7n`mw%DH#dmSR{_1*hJ=UPsv5?MO$ZwPt9qwr~!+VyyZtsEAB|> zmY-PGW;OPC*saw_YiQDC)HcBw9(v?~BheC1;}Jxya%>`S7cvO*Wqx#3V^Sv6RPPrt zR&gn)j(QyprU8coy~y|7oSjnQN|{eV#b?Z;7svjHI<};5bys^0O%AZ6?Pk{8sTH_D z9>wh0lY1D9m~7b!;f3#LblV3RoXUR4R$a2 z2mX`zrGGyB7)bkLYBRbEe+z-~OQPI*=4WxP2EE!O9YAzOB#VwTqv@4XqHa{)!{LmM z<-r~sCMv>M;fsa|$wC*$8q*(W4wg|4SanH7?7&pMqmsA5RypI#E&BeVOag!i&dB|?yB{{IUmVQU&Qi3rc)WrR{N3V zl`DzUPVFJSFctq}B_s#@BrYuBGTwQE;e0y3NmB&=IItiT6!nGYS>rI^VE5d{F3+3#ev=_9G zz%!PH7()d=Vm!GOPa$TkaQ)&&iUH?Riz@`sOnLIb$1KNi5W{XtUAt*piP5buPDa;q zpZ2a=`tIYR?}0mrGEF(f%iOM__<2}|vXm1OA0dS5ezTf2#97E52+#+bkQ$At`my*+ zl+vj}w>5fHEBkUw6{j!y^4r~TZ#W#_bDQhn9Yz2ax5bY~ z+;r5Z+1jYo#`43fl_~nG`(I{MCLP6#xUIf+G%cmy3x-}0+IK}8kYm9kw&lHrv3C&l zgSJaH;{3G8>H$M|CN0+tpcaJGzY%D04g5EA(UTTyXy$2jHhqXGFA9z?J8C$#F5ZH- z3&;!eH_^Ts;v4N4ZHo8)Qf&$mmUwuNRGi-5;>cBz zHo;<@Litb`x{AiUe!MNfzvJvZN>W%d*p9bV}i!D~a4sV&y-5I@HA#kDETjM!cJx})jqvd~LnK6)*Km8FpiEdR~R|u83eB+F^K-si5{`7`lb%7}* zU*`~sVlcO5R#=C_$@`f*LtMOT1hit$=vXGwMv^p4s!d-pv$MKFBSD7}o^j_tHY+N+0khPwS5XR~*w8Qpv4rTSc5HIULc}B(TJrMQKFj zQtJe&)9MvF5C#D6l!a_k^HQGco#dE2U2lx$w4PiD%qxU2hgrZTO+k8NAbZ|m+dHS^ zWl4J#c zt;H8&ufQiEwejLy5)Mi(=tlR>iJIXn5a5 z*jEia)U8wAR;$|NmF-+o#2-h+dlUdor$xbH6pDq$duq_2TA)Ucsb_PT6w!@E2a26Pr^mAE|&Tc$k+pnCVlU8Rj?igyQT zVVv4(CiDg4W?6+XmQGewXbOh-G45j@(jYdVS2r;!JEncEY<1s`p6Gn@mnW7<#DZ!K z(u;GVEo-Is^=7&uLxm5WwUw=@-01VGdd78`VJ1E^ZSio>14_P&U0KCxb4czD3unD2 z&vUmzxh*H*3Vy+{1Fqr$2(%9Kw`%{5&wk|xkZnp|Tq1`9-;=MLqQv#b9&?Vy8CsVo zH?mq(zl02NuJlWr{Uk1OZ|MXGN^nN%KvqV04-0l1d3@^PnIoiWWH&=!qQ&~7r*#f% zDajmSZs|$7#=sw9m?lqVc5EX<@1p`7gN+_V$9FHbu^_1g{d@+sAIkI#I(nuK0_a>O z9>5vlTF@xbaCU)@DOfO?CBFk$(qzNn!boB>+R%NLQdswVyUsa}osv2>=UZQ%Fxa$J zZ|9_j!RvOVC!eW`&}-WHv!&o5Wxq8Z^q7UGJv`O3Qc{buB{HToQO4bwEw|Zw$HS7> zxp}6lL&Atct~(|&7j$9wgfz-anBOXlzfex~)aM-f3WErkTjvv)~wif^}*Ql zCkQ9-%L@O9Mzv!f&m1%J3^8Bo0F*5r0bIxZ9hR266#hKG&jN7_*7;66Y-+W7Qe8kc zHFR5hRxbd%@l$SzVtTNU+`HGdDqgz0F1S>>rGYr3F_32lX zJ-os$&m>q*3LK5BG6$Co-X}rsxSz}iemePmNYV2L+%~8=E1gb5YxvdyL;ex& zyg_C@JhW{CE9DUFboLcG;_0uKn?m+FlXjy19G)IX!6?(DM$Xt(0Expj^T<0!HE&r>{SdX55H*l&BXuYE-`F?wMosKXU)t3QA^RBGb_=f!iqP&`23`iP$puMrfcr~jceel_#VD~6nSFfLlf#C+S+&3EptG~|<3~cx2cv+fMF+Qgw zOse{-@UQq+x@gGa6lt20+@aZrSKko7y)cKr$V7@m6wtjo0>{!!RO7vp->jLRU0buXUMtZ3z;`zs*kskK$+%A^>4uid zzX1|6yiOw{n=%lqu_U>p5GZHVE(nrsC>G%VtRDZPNEesr4ykTM4{1+ z;YI`7fW`c2&mN=cn#{eJv|GJaSEHFXDZzD(q%SulB%Sohum5hYM(TWpUl1@2bE#$O zkkqL$VnL;iqCw55qI5o4P zM%)6Dyp9go@szBGBy;B1)^AA>3AfLUV#yuBu=uKzaqyGu{^zHR1Q7!8Td$#B%APi$ z#P27tHLZO(@geGUh>E6wY#_twAo+a#Na3FBi_husk-GTHTu?LpTl&BQdyZlU5x=K9zhlZ4q$cCT-xXJK3`I2_0g<{ zMq&)Mhs)zX0Ytq^>K$ET3U7jqiUwGFu0Ib7?{WWPW6j5! z&woQ(9zLj8c;C@dK@ljWafJjVw`|fVufJb|LGd<5&udWOLEzyHCN!YjxARg#fs{k5 zm-ZfKjTv_X_0j6FAHDsPL=z9GVV^l-@o|u&iU3|WH^fM>BDk6iHz&qjtPG3A9ax?t zM-5oQ=+G=>XP4Z-)NumSd?L?(i z5y)IuVGQt(5VefF%%YTL%$ol=^F@%c@`Y$4MY76`=ok_XwYUsAeYzhI9S%y5R~eD+ z0{M*J!ZZ}|M?XbwT^l|oJ=220LyKpNW%vHoxkMacRW@GxVPAfkWo{w*S1l^TKw+cd5=MWS` zS6Oh%h`=2G0t`hKE|sfWQC3I+(h0p%-opp4M7iFea8G9^?0 zWGp$70fX8h?Gd<6|5CCOR;EF8e<)~hm$g}NJu-aq^u$_$Q1#Z&)MwDluF>kukvSM9 z(;t|(;T@8FWs$n_856dFE1sEuVc($#sbzEY%;!t#N3X9hVn9+S+&s|7axfeyI#8(h zS>4BjX$Y9eV3`H`4JgWy5bfbuY4TXqs<0R6aLS4S^?74lox!+|5`kegAN`9FlWYA$ z?Qrc}(jvJWgF?pcXfK1F#|TopQ8=vo`v$Kp+nne?*rXbfzA`aH{3DkELq5NSG~@RNd9_e~x!{_N>b_txY58E(2zl@B zT5qLrM0!-`8-_eoXu;wy)NtA%O=p6dsU5yedl%!XUyDU~(VF=dG3hwFmLoS9{Ylpi zDlrtg!-+E@6NwL(^J{YKLy7;mJ70n8cBIFCBAz*_x5qUXRO_h{e{(>m7<724 zFoVd~{ycvpDxI8j&oIi`@e#)!9oz<%7(L*D9+Ud}Q)u0bL36Tn*(~U_sHU@R zCxZlt4_Pr*mp$bAh=Zsu%G*W^uW`l=V~IiArh&CpFc?=8U~N)J6veda*wobPSCf65U`7nTQVCkma!=XSn6>?RnOkw(Cpqp z;=v&!vzl){UX}}u^Y4G^+)5SgEd;H5&2RWeb12a&!d6Aw%RDjslDX${>SINwM!%Eh=q8sg}7v9xb;-ulyyI#KDQ5QD-{#EV}W zgGsOfe^xwK$Ov$Z4rdY*xs>1m&<)<7PEmnIzb>tx?iY=Z@Ut*q59ccOS6`8e>D*Y} z8iWt9jbDLT5Y1oUSUHDr8FFGE*>NCmTH_?6?m%+Gb(8JMd=I-#R+Y{??vz$~Q^VaI zbX3TgO>@)K5y?a z?p8I}u>feUOx(T^>K;BH?v2AJBzqLVug8`Ib8j@?@^CW1tx)BZ|J2jH!k>O4=IyBB z&&)tHIl%HQ*L|5b8|6CzZ7kwBXZ?EGNkSqt`a3}&Z0v!9CRdsKJ_DLocRQ|bj^LQY z7=9+IqWLR;N%?FwF>aHr00_~1u~9*ZAC|nU%$0-au-=SU|4C3o-d=K07`q+ndN8@< zFZS6+`v=c(%y^>PDrKT>S813$?_!cXFDfv~j{psOb{|0;96aQKck9k3$8?!T381rwW#90Um8mMJ5Hdc5t(fW?s5$@8N22t!loC@ zf6H3Lir9<@YzXbzaX#Er=Im58r@^@&(6-J{#Qys0GmadiXsuq#a2&6O=uMY<6;qe$ zIsJj<+ObA`TtoU15uMqX;6T3V@SuBFy}!jPQ+KFwwD;mGtmE(3435mZM-_o@f?dU& zIuHKhbTQUZPkD;~EPN+=dOtN;o+J~0x91k3p3k3vb}Zpu=A#RsR=vxR(4LoN{E8o? zQ*+Da(aNsAou3r!D4Yb@I9*KK)pQJn4fgqwE18H2ipmrf`*17*OC%kUb#+df zI8A3$idGP|BFzxS(!_e2omcm3xFN>Bc?~h9<`Eu|muanVy+C_tNTqK&%R8<)P~AYn zI5@;aK^ z5m^52-Nl(m?A$1}@7x#9U<+WFYNzfdwOfJA&OuRyLNkg-_sUnJ;KPmLTQ zPcBqSkxoFfe)tvLkB2Ev|DJU}c8_bJ%fqnnRO`i(88wG4@nAsJ8ht zWxjr&%Qbt}E1$GAMOu?Sg4$c#&NYl?J3d6wqLu3Wukiz@zx^|ye-xSMOlz8LVqy}x zKi=nwtKiI=TH|KyNs;ppSKjTUM_+A-{u|na|9u%sN3PB|5sS8_6M5K>_{oBw?>UZa z7n(XK@WTO2CCB)!b$Fr4@E=Lm!>L(Nlosfb32e0oZ)&nNQB#z*ljSF8!-TB+^HeRb zxW0WYOPn0ZM%yeyo-SuME6k@R7i}z9Pw5}W`oy5%kSR>Up6&ScyAL1b-W>)dk`vdT zOdWVY99avoEm5(89cTQyR)z3L)7ZBMY@=Fi_2uJYALqqEat@Sn)#;QolR(C%gJQ;y z$X&??Ni~}#KFLzBbE|qTDz+Az47*6p&m2hp+cSAAutx05!c$O93tsp{9{Iz0_(jFs zvd3I=HlDHPx7D5%!=E;1zO3R8TEZ|S*yN|tod~hA6(^Ezxg+9a- zIPXz+0Q5vlr1rk6wooE=fO%@0hL?oi=P>q%flW+|@W>@E6+B7oA+&SpY|S{~cu18V z<1|uwU;gp&AJwSQnYI19(UHpB^L@}h}Z}7e*CpvNltEj`L^z6-MaYjY?I;fHYq~t zl6i*^qTlf-JdSSRQru#)qBFuI3*Q{kU%OX&>+pIIubd_r`lL7FOic3lh6<(&!@UzM zrW-yl>#!0~4q{l-cFJF7K9l;VAiF-qtL78ea258b2KH{bdBr4B1g}GXd4!tRl57;1 zBkqLK3Q@VC+|%Vh%neNznjjKg&TTFYeWj98_2|4^uqNTc(`C^cPX`_17c1FDw(l|5 z*jbfsQhO&-wMik2e>C7E#>$k!x8|gNyEfK3ZARo#R;JstJtYh>sB4wACS&^yN~?%0 zdWghZ=NE};Lm=Mxi!mbTje%3a=;-I4m;s+c%|b=o*+l4Sk4{$WL{d@cg|7nb>gxgW zHe7J=Yn=e*0$}6UuK+4_&?)ML?6v%cxRSvoKj>QmB$YuV7(1KBF1S(GnWVHDR%qdO z50BzNY3gya3?~Z5FQg6D2);{b+`|mW)pKl>q((E3y3m;6G=8qZa(KbF{PB($#F+Q5 zZh|w_U@2M!PH(kuc_YAqNF*^lOM^;Ecq>L6=)(cVFT`_!c{Fw2j^+=krJ>`Ch^;b= zjsiu2`=pLvSbtULb^+CNgPre!9_VNt4oEBJy9HhtYS>LehpLar^KZ$#vTLLtO)f!Y zs@kkqleP3-{s#Pmgi@j!@awP)5dd7Wto8@#orghbr{eU~EugdKKLv}RALbtP*UlIx zjOdZwsB6PV(HZ~daD3MQDCVA|&5kN)yB?HkeqWoUMc9RuFf3-KT$#&WHOdGY41ZRD zV*mT~GaFEgog$=j$fni++J!(9y5(wIuTMYh-$Yn~H)$7x5wzOJ1Hy_uXz%s2|IiJ9 zRfhw>tGCNuZ_mzIQ54J~doti}I`8Vg=PZ0MbTc`tpLpV2#M)$gow&2hLZsZtn`s$< zO{??xSGqWGZ;az2zt7+dq2J5+?>VgTwfUP1@+vRa({Uh*st@q|_670X=ljote}4Qw z2><*q)X*yBSL2CGUg4%q+T`{yV>i{$d6UD7XHy>fGL`$X6YWf%`zB3re%0J0`PaV0 zag7^Jl7FtozicJyB}%-YBndQccGbu(T2pa9=-y7ex=0Aiq;E2bF$Jb9Y%6Ab1Ds2s zJG`2%(Bxo^l(!8h3~|x7x){_rZ+y|RIMAK|a9JO(*f3MQ>t+J^>m;6S7H0s&8o)e0 zfE4x2E+pk$g{_}lCunrPtU1YU)fe=Cx@qcAHAb{vw#C*JF4C_R0!@GJ?ovV{0IK|^ z8w)G{2QnJn&`rF3^8F^}&W+$W?W_~8l*Umfd!#OTWd|Sg4cRkreQeDO981EMMKk_) z3`zRbDAXV56B_5MyS#J9c{2*}p&c(77YO4EG*KN&iQkcdicye>ZQjTY_sbfAWnN5HTp=1D+(JFmps2a$@1u?XZA;Yy3eIy7vL}xApn z+Al$zgFae(w(5*?7K1oPC^L++u^mMNEC&l+f}UtnX+riojOTHY1Mh_Mh>A}^g^#s^p^8a}x9g5YsScNHd@XWRe}?6{Eec{J`;Lon_J zdx*--ES{c&ANCM_EA~vwCdT&1qwRc>H~}8z(#_w)6)08QIlBW82j%Y0dkYF#E9V_- zo)UW+5i0&;oAbb#$5QzW*MxIEW;bf3D`?*pn|MZ*3-uSIURQOf+_E_r z$|^j~VPSSG*gLIw?C~5x7mhf@I4TK7x_f1*Y4f)gYljLBDZoP`ddRu1ah#2)@$JGJ$90ornGPj|0!A5|v=`d5g1 zJP?9lReSowo>|6@=Cvo-%hw^e{v2y)ygG6SltjqRg-H&#a~sq(y2swvNfmtXb}*qz zb5omDVpmqorGF>K|9UnlIn%!Ba4r{iFyxHmXPhZQ`>>a6QSwq}(OiFRZJrtBQL?F{ znv_v~^VC8D*n^k+!-vkfwG&G%ZojzSxEzN$%8OW0A>`wpKb;}sY!oE_`r zKW=AVx9Od#mMkt1nmz0jO2f8S(03ewsFF$7IOEp63UE9$*=x|R8YRlJvX>Ii(Rkx_ zv}xcVBTITwHnOX2bWjiKX}spic28%V9osHb!Hy0Cn{AZU>5w-}xR#zi1)O>3;t_7n zXI)0WeOfc<-3lnsf^m03H#WcUvST-L&R(UzXicJR6e)@MakqK7BH5Vxdca$}r^Hc` zvD;pSaCbp1s$np>(y3f`Jf$RaZwI$+?QQMu{k_$p!4bRPTUAPH*u|qw(CtiqdE=u~!1+P~akK+mERf7Yt z@HbKGi}~?mCC_!3Up&5Ly6_#UvQ`M7yN;b8Z$f0{6&OSo1jP-}=CvMDF zZ5*MZMiGhXFh6SLs#d=WQVAD8^9oa{QAwh3L_Wh;e>ThJra?zt5Z#xV6JM1$Z*;H< zurxnwFK=&Vdp~7{EmkDvqrm9(sk{P#16){nyQ5rGdMxbm<+PPMz=`p8cL~C>@VbdJ z%*h(;mV_NC`jsOE%KPaN#^@0zoSyH>vJrur0=cb|BG;7ln)2LzQmJwDBo;f_<^~)<_tWm$JOp+2T#m z$zIvY_d7pI|B`#FR0 zthOp|lIaJwS{{0NN3os{zq3mETWzMr!rxOdL7wG;JeUeZwT-gD{I6^r-$5Mv_L%L>iX2eBV92qw3da#Ou2hEQlOvAg|o9D6U{xoP+PjQ_2>BI z(v+#eT^)9@2$p(~uR>v7KJf|puW+Zd%@=lgcG)~*#{GH5O|ErEkP^C+kN2vI4z1|| z)pcF7;|(eH0p&zMEco3vhK*M&f*W*^)djkqNZe7Cu#Z^};@6dr*ga$9j+U($eFL#- zMdduJB2@N+slB6lK0dT{&S-fC;L0+CxC8_)Ja+XOjc!5V+rlqo57z!TV+qOcRW=@i ze0)I>gFbqs@R;$XS@Lf2iq*m+Mcd!{ls{XQJW%Fs-r+EV{HV`?`q(L`1IJS*2uJj* zL^AP2ToNg36t3%3_y_X>&)S@bU;;i?MsQWm(8dV1CcP%K+~g;s+++UW_tXs2aec>t zn^J0r^OJ+mACEs@+9K%pXq)==emX+0uGi3+8xqcm$gq-lxbS*qXy=|hZcUUn0pbw@ zH=n4VGVp`cGBDHFPSS5V6Ai$utSLfR`0OzEv8OV8lmyM=5D!Aqlj)y6m6?vE5Dk1y zn8!loQbJ3~LljF09oPw)4UAib#QGfbj6H~rG2ul8@Bb{-{>xkgpTXrFRBuajKR1#r zl^ZiuE~pmLJ8Nrz+|=buUCbPs(S&e3^MQG3otLM~K9p<~z3`^>9lJO|8?x%^QriP7 z?9)NA>%A`&4(LO?47gTruRY{hGV4oU_792-Wu*0yj8|=x375K<>fm$I`h4w*mnK@05B&(sKZKVE^-N5o7AG$UoRPUps#?u&>sD`IRxO8r zU=}2~w9@~i)_dAa#h4^3QEaopSa4c<{8|1oVs1jFnU;sH@t^G|r+LUEc8|uW(B!{+ z1?J=dxdZsX!f2auyR-36DW+a$9F=^2A8ge;OYjM%67Vwg)B4ep!X;<*GPLa=`c%0p3J5AOlJDH;!$K}3YSfNErO6T}f zPw@J3NVpEKFuHbE=nIK&0VxGP7vuF43qbfA-Tn%a+1}@AMfZq7W#-nShdjo|MgpRv ztoDEEe8YsA{E4;|gAP0C)8RFJ@YnIepZrDNIBf?j8I6tUF0;Rvyv>AbAWpcAgJ(;mfzB`H=;&`U-{)DSS*vIX zDEu!jLR%Jte8}6g3yU;pWTfpamlrRcn^@=Dl_x*TMc=;=oxC4NX+%b9q1y*O84@Yc z-X<{)ok{|on5)9nw3^!3V*8>1$P98s@NrP0_KHUP>l2&pnV6ASsc&Qx$0g4vG>cr? z>f7^faSGr*?0s+{-YkPF(PuYb&jSRu1KWxooY}8BQ_lBq3!CV&Fqm)RcQ`Ctx2NgU zd}-TyOgpHmU>W<8^hj;db=<0UpTv-#g0*Y0lg<`#{ZDz2&tH(;=Bg6)3B~Etl|ccFeWhF=696G84|* z3qs`-Ck2jw){l9cnU5us2Waf|U-|K(<(U8aZ|90O>P=mhed37nWHAMrU3=BnljMc zjm<+X$ogH_pfzxAuyL*!QmSeMTmbpg8D$A8ag)=wN>%ENxZLxq6C2D?co@qfUR3hM z1vG%{4JdsK&sSSJobID{izg(&xJ0cbd&iF^N|wYmeyO# zlR4iIdE%(3yuzvlg*$*Xk0If zb7Kcx9g=~W-&Tr5!VTj~BJ23We%>N?wefcI^Vwbp1?LfzM~%nA>^t)^u9+4$(Ly)Y z?t&oX`-Kvy*EMZXIUU8_&GuxMtMfmggK1BH znfsqfM7VV~4_TEXRuen|b8<2Un{cAES;@t^&N;PCtI0joypJZ8i@))amb5HJMNo1xf#Zx7Vob8cnC*q0v>l%`Du?K z7PG=8p!;wU+D(O>Q33UVc&WJozD5PccdcdLu(p~Ks#*_P(s!-na!A$$Wy_T5ru<;)wO|8nEdX;MvzxH9!5~-&9 zBap7t8u6Su$N=$ir~%G6#_SN)xiGA00P95Z$!%Hol8)$w+iu;Mi99e5!S!tp$K!YWz%96V5l|e0(#?MOano6=cQqyo6-fIeV-_6jL!rgwRkN$$~>D}Obkyn9BU0)xEM;C#ch&BHY0tQ zXKNLu$`!UwMq1IS$G6Gd1yCLE)Z2-w`zG#qSs0OMI|Ih zRF`^9`mbJ4ey8f@CS8UY)TmZZ+i(a^F8ZC}F6NIu1RV|jE6(6Pd#ZWvM-@uho^u=b zX|M$6i2s0jWdW(wk?5DsI*i$<0l5&J$H~hjJFG=djjz`Rs}aI}DW9Cy{B00xK2|6L zm2;OrxA?f%@AWf-ckn+*T_UrT9AFQLJZG1k=Fzws@q+oBu=r*Xqq{Gu8hPY1)UR_m zcCiInFmIuJzX|G|M#Z}SxWs7#dQ`cSFc^?h;gPM?rgFzRg+w4?S1Cmka=D%0BNwaV zrSzwly}sWF@sr@X&RC~ZhTgmpURcVPg+;mz)5T@=BuK}L>=@XQGWM>xk}oI~x%s-_ zr=M0XotacU29H#c5h?DAjM1LxYTU@IcwLy|%^Mz>)lo05#a>OZ8tMEo7-+&oF*#L6 z4w`9u)QROY;n7>IUu-V1Zt1I{@DTDmSw@$aoOHrd`$>CUpD55|_N>li5^@%Jvla2wk$m^VYhQ_ai|33rfG z=j5nrLKl{5l#6G)%pAF|>URv$(VII;2RGivO?+x;o_Q}?crF*?&`Se1g zsX8lQ4ECAQh2vdwT8_=r7TS-Bwb|yIsNP5pUo{u+JLrMyvf@6|M#AREp>CSN2dkk_EO5dhd%%fDtzern`Ko&_@l`1gV{)@ z_UcHTVPQv>;=SQrP`Lr*2L4>f@?sHZe2>Zb?Vw8Y6MdjFo2uqrJiAH|4QlvK%)9VF zTssIn7_#9Fts6g*ayxLaz&(I@@AFkCsQmkl-51kALz}+289CbOb{+=@*qYaHeJcZ? z$Z4a~TRYzo5s(z*H3G-ltNsR~Z*imA28if!wjd46VUE!qNa7@B7wVAnL&eRBx3~^{ zSVpZ~Wc&A8h#B_#>lJ-=$|Lo8dxJ#(7TTNYq;v@QLYMik@{doyiAsHcI;bLQ z@rd*M1@d5Psh(08lvP#Pw-Ubk?ZWjml+(8V-^QWlScEHH`tc7E+w-F4*=!Ql*=y_? zq}J-9#*jF20lw%dgE@dbSam>qaOs{OKO_;#X6KrW%HAu!aK|3zf!N8x{{f3 z@GS;qFVKU>0LxA0O<3TKD+<+NAvMjZi}NZ(X)#MmiB63rb+3{7Cs6t-C^Yw$8I9Q5 zut4Ie1cX*xs5>}%zXBTE>%prKz~dvQ$DETwcHb-H_VK^^R2sKL6WvWCqM~zB1x5Mc zlsv1jV5(pDQ~8IJqk9VBI9SoS9R?W*)lEp_7z53=_KkYL3#A<{IB-;sRyH_TB{4eb ztT3uqXrNm$kVrQkj&0+-m`8?@0;QgQ+^ON*y*jRzb+|TM?%|7=qkhy1+hF+yYMTJ#PANA;62A z!~L07^I>k$^sgg5;Q7^(lpeqIW7=T(sQz9T!aCSQ&cHdV5t@>(0;x|sYG9Yy7OBQP zwk_^(@An005QAnDiK;0DN(%G@*=2LzGK=B^+K}+WdgT$TDzmbBswNDQEEqzyZyu}9^x=oB;!a&9{zSzwiqCAc*c7wI zes)uwp-E{FaLhQyqovuK%CK6Z#e-*Cms$i#)EZ-@3J8JAnai)_*7DD8&F-zVpGO-I zm(Of6Yi?;hfp|c5CZnfP<$Epgof}jakNrjQ(P2yRjFig|mxJ2qF#)6KxTX@zLW=&8 zQUYvavz*anJhwb;)?3TX?yV%Ut!9l*k?}smDsqH|X%k;MdEL2k;i|OGfl`rIgD!-8 zEOq@b9=VTtHP?mfYm;nLYCO8If^u>#Ov)-N**xN4Y zr4Hh0ApINTrKg?zAnn^~8lYw2Tx%K)-(@?9TYDJAXBNM;7Y!GE?=8^6dOIGB+vx@S zeQ(f%a_{lmsFH8OnM=vgM%Bed(9)Qsp`c&LiZ|4qiHcZal#DItt^8$N6tVGj>8%SV z)PqVmxaqEp?osuf&nI%Oi}&XhW%jbY0&Qq7VgQU(5@Nlc+rmW%;h3s%^FN6Cxm7D? zh`-tAgvV{cNv7%1UlIM|e}ehft+Tmiq2fk6d`YLjXJD^yIJRI#l?k@RTLvuSbv&O@ zHl-BZ?-q!K=Jn`|CDiE-ykT?@+Z|&k&J{vd`9ZLlU{$qe9a_;rfhqlLPvNiFinZVe zwqu+hOOw~d31d^Lr;Nh2s;6=aqg%$p)`3R#L~9)0U!DMD>iLA^T2Bd~+Mfo`2(*}! z%O*b3p6QqX)SzJYs@?#I$5TR@b`($FdPJ{@PlrArVH=~>voI=nAl$e--N5~}{^hZ* zeUis{R@HbxA&%I#>6~k^y^lmmCBBJUZusW;;#zgW|kpi*rZP%2QC$ACW25u3J~oM9fh^f zp+id}rdezjqe~-DzZ283ZqVxRG~Pb`U!mdjVZp!@lreibUd%v zhD4}sLYte8Jtz)`ENe`L6|!<0R_nqF3C>eQlc7zXY^9rWhhEKmX<(K?O?cNAeruU7 zq*l>jAPvq6d<{aSlbuTt>=pgtdz;T7K{E@8oZE^>A{@$H`NgQdaj>)2N z_P(;(gMR^nC{V!V#GAHIvQy!koh<}jCsO_BA62Y-qL$$Ex_f^Yu~IVM=B7$sCtu!v z`rnr_aA*H{{C}gJ^;rIok`oI_Tdv#AmVaF{6u;g7hwpu3B&%iXXWBnR$-myLe&+Q5 zE3!}j3;Fe*d--n^n)?4g@xL1RzmMSiuaEfe6Ab(RSU=9lQU6UO{-M{j4Y(B!)m`}y zZAeK>4DH$1b1Kx^aG9HIvMup{6VS2Uw(9@6W+(toR7zR>SaA9M;5Ls~Qg9!F z53@l9YN(8YjBOSE(@egmhX?ncEAiLe_r=Di-F>68;S=yNl=0WkdJ>v$b6CN+PDIpE zl6(fvX_)in2|C+v;^(vY(L1j$C2@MYP0+KbuIh; zgu$qE2e)>Dq+R}SBVWhrN)t>x5` z0=~EX&o$?Wm5BfQ(WtJNsm6~;*@W4zPKJjf2tx^lV*9#yd}`Yrj*($T#KkfBVo>r4 zkYM%c&(l1&b0&#o8}rErqYXC_f|0Cd4BPK#)@dDd+WQq`h@A8$K9YQc$H#nG@XKq; z9r0Z59vYg{GIsP^_<^ah`_Fgl7vFua;TY@Jx=9b#dU;u_>s!Y`pA$Nrt8R9_E<4~^ z(P+CQ{^zQmvbAJDj&9zxTx8i|NRicPM;$c~u;?c49>nP>Iz2p_g-#yL&I3^0D*%gR z+M+WJh+bW_CG5GNb{DgKG?yn$POWYL^xg}j`6x}LZ-79SwvJ{*;QEgb)Z!CB?G924 z4A86S7d21j^fq+j>5+0j0ol2OmlQj?&4iKYtq%gj{=kfqsnw5iEuBqv?6KR5AOo1A zA2nZ#nO9+U@QFgpC?X+tV}W;a+eT?&lW`HCeP7wYS)fR-yO&ybbr-r#(T9*7*5Sji zy&SLxoO@1+S9M<9R*PJW&oKj}K*tqQ@hn$C^BfJJv|oL1)Qw+#Eq>63z{=+VDtkSB zc9ZPhE9(dW+4N~|=VNU7iX=0lPSG`q!jGy`@mVL`+!7DeSRkR+jK@u#K07i0Em8;s zp@1Dy=BQ|<0jg7Z-_0WE`#(jsG1}}Ry}Om~h;W(`H^bGj#4hDe(R@H3&Z+UvjXJ)e z=-xw1qtm@uS(IVhorK^OVC*wYV`di5$$lIK3%Ruv-nU)azI7sRAb|i*^L9<`m2Bp7 z$6;r-J?;=ty(a3-<+h!Ems58ZT;?~+|CvY-&F>PazaK=&%=9o1GGmAKGL=$1bVSpmLMu>c4&95digu3aj%2u z9;dKIVD4xSHFuoagNmwEyy{axhf__Plxc(8_^s2TYn5=rrZM2ohe|_(8fT9CrrPJ+ zs=Xq7=+*c3)U9u4`pTf4YNGcID>xq+whlna7+lv3nvt?%&mV4}tRwE&n<6CNZeHGk zZ}v)vFn@ho>9Z0h8J)pfzuPutwy#t9{|N2KY<;n*^t{=AMl1B30X z=V{;de5J(>96HZuDVf^rdhOGeOqCv_6y3+~J>_<47+aO7dJUs52%Xw9IUtqUc0O0B z1f-ux7L1p^cpf$$R|1CAjK3o6QCQ~d zU_pOx+jatn-4QkRp$Cp$!>9SNzVyMJWz(DltFaV~{XT@0@<6YdXqH`GW%oLCdiv0w z7T?b5BtS@=<3JzgM@`n0@AWoRsFWYI*tsny2pWiWk~@u@33sjfG-T(m{7zq?Spv{q zjDcQCxzk~$d9XZ9VRMsG{2l#YE7RK|fy2(`eVbLYG=S(sRrg^{!;)y_9f6Q%BlZ z&w7*>@~s-#0oJ3e&U7z$o!9F(njac}9WJKmRgtC!25Y-pW(j-h=>Sj*G?dVNmN>Y;PyzC8E9BF zqV8UnX>m8)e3=?JxW`$PCjCu|>g^q2Q~t-H`q7~7cKbf33F(2;elsI0vllPTjO^^p zQt7nV6@bsW&`-tY%t%BHr`Y!^$qWR<8+ zIigSht5Kc9-UN*au(DUKBtYc)`^bca*Eoo~H0OlJN*!`6-KfCi9+J+=xae$h?VQrk zkp{>Zc$yBo;+CYv?9(AQnc@F)ALkzd0uwfRNBn}yA^JA;NsPy$bj?#WBM%!6JnG;J z?W3gY%%Ju69ru0?ZVt-D1SLXOx>jZrdIAT1dW9(80-$bAnCM`rySELpwpslLQ1@Jz zBV}OOEDEV|-&3#l+-?4FZr(|z3aJzUuf0x|)Ri-^Dvx#Y*+ldndPlezX%-YBC7r|C z`g?&LxApU8glq`Wt2_?z0$(6w6b=d@>{4L1l9KJ)wRHBNBQ^VV6u__klR6=C%tGX_ zL?(Q%ww$PE{?0qrm#s`>L}#0$5u%9ZBGgWYIIVEnj5)2ng3>%TZ3WkiW{OnNo8El~ z;_Xq^=c#-AB$|WQYVXHFcAsx50k7|&8&r)Kp(mTCV2EC=l2$(sWEt-uk)T&g%NY+qk9BQRE z*llVBr`}I;y5A<3ILUoXHFva$@sc}%8flbyOmgpwd;HEUx|SWl$2XmMnTVVHLc=a5 zjE=KF+BUn8(_MPxsPE7rLz9wi)kfL~9SFYl|DzAR{Y{_y?eo<YfzuI~dxpJ)AEuUKcN zjMYb?GbYm;5(h1Z+Yta5onPs}TqjoQ-Y!RyGGa)6lB6TfZUN=Z;X0Ffy&9e_F7GGW zF*#7?G-=fZ4a>+Vbe7Ug1esFtUV|8k_1K}E`_D^1IT9d~W7`&Ms;I$LUIt)ldN)yL7g zP0(3RWgl2HWp!oy`1{WV41}HK=kxEI0Y!aw$R;%Tmcd7zo-b|ZplIB&GW{Hc^cFqG zt4O(ILkoRhwahKzyUhlD^2(x-6h5h4&a!ce|8~=;JkUQ!>N3wG_}+kB3%52|;|Kh} z%LeI@%h@`i?JaARnxr6dBpke zfFOne8-8yp{+ER811CAwUCrX+YTGv|Zy0RX(L% zVe7dA`($42yXAP41yI^5ih0e-&JhhWCC)H7&}HPYa1HdGr+@D}MaHnK2Be}x6bZ6y z9axOZUJa0LxibF0MF+`Qb4Yv8FD~obzdEC7H*s) z&|jmT-iAShBRn=1M?Z~GwYq_{NUDB5#SXF5@T2ZRVI4D_$4MNo33kbWEDl8+Fx)Rt zGe;<%UX6hH_iV2sbUbd6mteIIZ2|OLn-2?)U}Pg&$Ic26Q1#xX(;~HB*F?o!0ga2> z)%JKx_MLWdC%HZJHk+#+M@2_BXKY1x{I9hj z?*@A9ju`>XZb|?XW-#C;K2G0%EBeeTa_S%ICYtkeoUZ+kPXE^v00;WQE$ROYvg%(! z6#x(Y-?3b8b*tR;Vu35^+ekPG>kX}LPQtBYg#H1IC2-pDFm*t#BlmykbaglBuqTz> zg9|k9J1}tT8T=;Kb;CoCOlrLPr%E8@)redCMR_7-Ns2m{|cu!23 z)t)jewrH`4*KwaqcyPZX@y)?;f#$GqK79-I+2cn*AdqqcV5DB>#oHxGU!~Mj`DTKC z{c{^|vqyr>@X+|&(C;d5HGuUw|M;6Qr#x)uY+c5dgv?t;A67EV7xDn|-e2%jrTy3| ziS1u%cJAEqsckT4|8>JIH3B^6U3wa) z+C1`tlOL0+SRaIM0P_gfy`SWtw+J-C-I(_vTr9ON_)y#v)z4ph0ThXpN6(vSC_ z`1w#eN7)%GyEFM}8S+!!?tu)q|BY#@0Tce~XEp)4qL?;>g;URXMCYDbb5;t5ezI7@ zHUvYdI0RuvL98VA6I9}GYo3QrD5ySD*1U-n+3y_<5yMR{EGtsF0&{kt1*J-&_=4@nzj7>Bh} zII~-QY(h;TD>6+hUN+55>m8tapQ_R@hz&h6Y(07nC}lPo);0QyCm9P~g?YTw7YP4O zaeiy7@*-h2%|H6tqr0%lO@=AT>3AK`12i8FuMhsRxl(|d6kdOw@7S9a=tmLObSSbV zI>*I<`)%p;Msnf@pHyHyy9Wm`tqm{K*!hMorJ!xR!iD%LfcDlyVy$3|)z}WFT_Edp z;%|*S^qLcNAFdUDa4?4=8cloMY7&%5#Ef^QPW3-T(Vm0*#?Rs{q+5+c3(;$RFHO8; zNGEZCJd#;v(`wKCh?1AKHXFGs`1W9aepR|vr=ds4Cfd6>VvK>wyd!9Jm1)~Nt1Xme za0D!5+%wTY;S}svi2G(3nXxqhTX!i@jG>$fs=2U3dloL=d-~9=KaNZBfhH@*ldBr? z2jaDetuh|!=qk-&@tXQP0(~N11_X2<8tfoOPd~mQ9|{A=o!8cyJAgngIQGF>d4kz? zFBGTG)i31m>S*2C&a|tX>~*qAEFpg~QUCw|irEpQhwpvH9|%5P5|s9oILdg1nGw#4 z*5k*#GZH*!BaOS`&b=)%?fsz9EFXH$-Hpl<0MguuO92z)(l-v6wXD;XX)w-qKIfFh zA0`A1J$hK8O*{Ux%BN;*;F*i=Cor+}pD4pYiSbv&qN?6vI4F}aq{%O5!Vs-Pta05cM$%;o2s z!j|Cmk|$*%Rse_!RJLy&F>9PFqrQLi=19@wJb=el{^--=NB6&UJmzc^$0`gs!xO!#lf+!^4 zs(CPWFF8$=EfM5pOek;cOd0gB#qIo`^(|3nzV0OTGH20p!M%z1B$4qO@sil2xifB7kcyCxrEDlCU+#F2*+KZc3aW@J0<&Uvk)NYpZ75Q>DAKRbr}Zr-4nRe8|23k#y~?7MGJ+-e@%-8DA1hl1Wdu) zlU?7qx|~%vjGD95?18)7*rudx*#p&L z++(iTxLW?KpOZXQalL(CiXE+LH)S!zK4J#9h@m3_o2cmx#vHxdy>&Mn7F=B(k~KL^ zRgo;&Id04|akIfT%e0@3azAg>K)zyMFuqMsibGMALqNeHc^x{a@Hp^G{RJ=2J zZmf;73#GbWx7|)jad_pB3;xSVp4C)ti=l>Pm6 zkQTJ!I`)z%>TvU~b$6={Fsyg?m7G0XNG&=mS@VO@=Y1z-H=u)B<0qNr8<>1QQ*t6; zdQ;`w39NAmmp2J?MKoBHEycht7-ZlzV=%9W^M^0^k}|2S_*3l%3i9$TAyDoLvbGHu zA35ZP7rQmNIl16Gb@Zo~ULT+xlnJQ8R;or{4A&$DrleHRUFx_E09;A9Vf&C8OmG;L zO^AN;-=2`@-3pkQ>&5+-e5B=Tp`(~$sLW>3ngT~v7$lOIpjt0J%v|I6fY42cey&P zoTWG?WJC&GaYw9Y_9}N|R1~hGbWhtzVjYMYeZc~PUgTKO4wrG?{!36vZ&4USnSEo! zG#9)OwU&vgu+1-*s8BuO(EKLoEE{ez4XzzOd#$3SN``5O%M60q_wW86-9zANo&e71 z@eWJ+*}uSl1jq=FBNEXM&No;V!>9jwtNbY4ux1{BkiScj8*ZzN2uFk4v8FL!8c5IEz=@oU?! zZdsf8ZCm-#VkyfATK@w=eQJr#QJ3Fr-sN$sCRir!wB06yJgLoPMu6YHBp! zgBKhrk^S$AG);k&z{Kfmg|C}Gfg%c&B0gTUhV|5`Ehs6)9yB|6;Nw-Z`9` z0UD!2T2E9w2#`F9av_m`i1W_$DoC9M(SYFa?4y-xQ#a4uy8AevsXiJ@KgC{nbU%OdtQU8ZNz;^sLa7n z6G6L`uQX1#KA-!KAd0Js$!CF7N ztvn929@SCwT>M(&a)l7ab!jh%#E9B{SnSQl7^m&;h5JMX{n~R10YK8mVb>xMGbf5| zBrVW3H)R6%{Ut}od4J_mLD$DwH@+$dUd|m$ik_)Bda)P=ZO!YvzF%Gn;DmcR;HlqCupc%xp9etiG$^&R8#wxZS zwrTX|$6a?i@IF49Mb?PlWp38;;Tvy%uX80;>f=4x>kNJsUkyu5t4(+TEXt$Q`Sk>vR7vB5nnMwdKuw8=7jp3Bba% zHU+RWT-yl(VvtA!!ql@Z1yJfF<_*AoU=?%w+pkRQ^5@m6&p&gvw!|eIHXG0YApDn_ zywv!Ywzq}DRbJbLT83D(DQW}IsmML^0fMaSIsZvKRi{MJf%8MA{UZwJDK+SZ;stHc)Ed0f0 zoZi*UV|VfYbBba@0R#K^4dRZD&1Pqr2*S1pn!+Vc4( zRR7%q0Q%gJ2$$?Vjh2z%6FW*q%_Xfv(r>G9MOGgc3zlbc$T3kj6%{*{;e1#JWk zXF^43Ag9UqIW5Q1J{x=SG1*-G1Lf9X)_pv-q228tN?ZfY{VP~jk8|+_xwGhSk2%B( zz3zi`qB9Sj&>7K8Dxw{>R27sFB+0HaWgm_0!_?Z{b7tx))|Xf|fEdrn6J!6rHCz&3 z)0#lyU3W|+!26Hho;yc*|IKvIH5pH6X{={-WX!MlW00{xe){~)Bw zR{)~=g|^8_1W0g=?I6De=rYuibkRFp2)Mrkp!^BUnB9!?r4Q6LP%nJG4_03VqWAAb z%Y$pFo5JcjC?>a=lk*^(ChQ{(hh8c8zHi@in-`^d&vSQf=#9*5()r9@4E|Rm%+xAw zd;?HPY~(oPoQALKA1FL-*?J^1no7w8($--SdFwm+Rp&2TY;C5Sik6XMiMh~sQMA`Y zqHpj!oo+BVXVyA5cW0rKaL;tCd7A6cyV43sl)C$iaA1#kL<@ui;%Z24U)=>1CAFc6NG$bHD>Aqyu*Ps=5i6GfY-RpATtK*+ezS1ll5g%7Ep ztwDDF;kyyMHh#`#1JEQ$I<7v+y~e;1CUM{Ai(&smc@pgJ` z86x;o2F+tUZLqyO&@>~Ju`zocs7wU5F4LS*tBB}>3`D!DoM}*MNTs*B~AZhS>VCX@G)2^~X$Ok+gHn^_A#CuDyEDpZ=9mhpb~= zW&8Bq!DqWiiW060JKdE>`tm9M?yi2~?}f`n`eq=Tov5hsLMP3Vyy`QRc`;A=N|vgl z9A8aGWo!j)DQ+{RxZV847N|mGdGaeT&AwjC9ZP_Ad;XC)c{D zmN7moH=Kri^v>!#jB$$2+=JY9!cuUKFm-i|(7~)Cv*?fweCO3ddXH-}gn?P=#n~Ch zjWY+_E2ab5F_C=sjqwtuvZreE+pU>C4{v0sMl#fF>v#^_(bI?O0STrw*?ah81JalR zEvV3rdu_VJ_+97_+|WmWJ?i5USJhB(w1j|TuhK4FG8GrBYJ zmau}t39{((tp_5FZl;y0E8+D7uBOJ=YolpMnBr>H*!O;e36K17Oh=-rU|Gz!6?enz zU|Fikfbf#8tL$e`pqafl`+3S`7g?@-i!=(BK~Dt~LxxaoePupxi4OX*`2k0qGCB=C@?qdC~y5)_G(x-GwQ`flOZJE_FsC@YW3eugE! zu$5Rz1eP0WWLw?Y_AKaC==*nlyE?ZIYRQy4w~2g%0}L1L@TD-bF%lQs#&F(7w2V5CHQJmY;!3+1(g2DTGQ&aqP0AL8bZ1+IKD-CtqOEiy$;Miw1F9w5Y`zlp^1aB>^4%wi@N)_whVmcH*IkG2Pc zyl3}m$*Hk4@_p1YE4C&RFZfU=Jo-}RbH$Ecj`q3Cz^jiOL*Dl%%%qg|v1B2c?;%Sg zz!Va`Kt0ThVQ-?;4w7VHuxwRAZR zx*X<55aHtt{-D|f94tS=3mfqpwAjd(AkD2PHRiav@m0 z!o|{952yQOu@^0~yADjT=vNQyyZ^iJrOe{M*NUDcz=hGwH~=;}PrF^wvwZ&{=U}~s z1!5c%Vy5ti-vQCaoXEY)ckq#Vc%a7w^RFY1@8z}CJzqF+=j08Ev)&EYq^z~AU-b@t zjDGw5-NUrx6E`reiUpTa)1!}C9QW}efAJ|&RfvxHr?1+{W1!$hWAWjaCuzs`zPAqU z?JjIdvSe=?>Cw*1%(Ho@+%U!B1}gD8AX*V(Vs%Fpf`3BWb?EUs~CT%gt z;aTf@3h}XyIGx2J^!Lx};j1+6a{31iQwT>qIl275FgnJ_Y3Q(;5hb&@Cs_L#_Iq+Z zD-3-8*z|mZ%g0{x~y$|8bBcr4-LX%s+gCMGl6o6PGO$9v4$LX-tRi>MhsmGcY(sVOGhLx zT+9%$t3%Q#PvXa&j%=QT1U<=fnMGY<)|#H(t5+5R1^X}&I0A=4GFutC0cCb_f{|n7 zi~G`H^d16{(ahy7w$jxVu2nkfOUIdW?^ouM#*}y`AO3h#na>GB2ojp8VD;t0k%^kE zqoza0gzDdidtVZ+y`}H>=E*Ewf&8#fU7t6B$Q>-Ip$*)YA})4K^$+dSwUoP(o7smA z>5@~Saj0SCuY2zTNy(tk>a2D}&*Pqm9D?h|EOTGVMlu$Z8VSI7-H#b;W7 z*dO{fNSQVZwo%OfR6RSh#4Ci^(r{)=P5z?G!<4#+%fDkuyz(D)rTdB6j^aN{HZ)rU zOrG@Ae}P&^{j2R8!C2h0pstgayPQk`Nbdr)6Fu)d3m?aig`LDd_5QWMOui z*(1vRxn+~idSxbObGp5Uho#@z;Q6DT8q)Q!#0_sA_;;{*@JLSDNslapRS({pDO&&B z_>pT~o#I*)zGpmO&cx)!lkJ!B8yOtx{vw{4jxWg#Xa2}@iO>@Xu`I4} z+KbbjJJnZ*_2e|$rj1}LjIcqsERY}lcK1R}$)?>yLIfq_L6HF2 zeh^LPhy@14mYWe-&7x1RWW3YQ(zINXp zY>Ns+EXN9sp}J`&M;SY$Gxw~R8BRjmEeYN4%9~yle(GG@$$nsJCxALXreZc0vQoh0 z{?uVx()oe$J=HVcs??TV&4hH06OGzWN)RJ;lj=0p%wHtWBKgq-$ z|7lMt%|cFZ1Yb>abd}pqxJPfVuGykH?1~TY8*zhHTgpZ2X+)N2yZBLH_J_Q54mPtU zV-x**_GmJjbBhNqgLm>PF7%9QQ~wb-rJmOABx{ez4p^U0Tzd@?tl1f-^{_F;#&?A? zBy4QOy5Qpv0h@IZaVzljE$f&DpjF!mo7F$Z$&%1*PubOU?aRtp(s&-O~>enZzaW>4vz zhutq}PML@ruR1kKT0 z`EMa_KFb$3;O~_+CrS@BIiaWPln^ifsgqcE8M)PvF9$Qn1(14+L`jSauE(jrSR?8+ zTGL=_HGAH7wmdqdCobWF?~Pq)g;{&aHMDD`pNI<&F@76_>5IXWmwVvI^o=KvE(?cu zp0S>=Gl{b?Qk*oKD2BlOeM&#&hulnc4$P&`m^Ve>nrwxpT8`p~+6FRLkL2=v|ge>P~G@&Pe%o!JS|YcDc|_+h5tHlC;Zj#C$lwAr)^HKKVJD zL|F_Syo{}hbP1p=2S*oc`Ou03N*R5!D`VRnQ`Mu_oLVT*gvP>5Jt2>cr~j>*k!n zK$d_rXOuy&rRxZJGZf8M54lfj&8$QhFA!b{cu=-R$9rU+Ox6Hwaq(pHlSC?a@V?U- zq!bow-1DJm4rK`7&Q0hMFT8okc*tnCvSM(o6;Io%Gx}eDXlX1wo~d^mf^TM!LU!`) zQkN2&sGsP_<{U(3NN;)V1La1)=@0!QK3*p5#T<1nrj|Rns8J^>yLNr~bZbEU_dj{Q zRgIS?n!K3Wj}XjK&#=;h^;t*1Tnk@{{%Q*KLPq zHjhdPgU4nuU^k_%o}*z~<2ZFZMW)5lUXrjx^}V>wAY0^qC%scyZT+@co~Re*nzPbq zq9*WHsqE6=zG*py=yTTb9iC>t+j77tjU9O{UC0|7yHVI|w)Ppr%-s3+lU;>#o{l_I z25EJfGPL3OINqOwA4I(7N1#`t&s+_823rnq^jk?$KA>wtFw-+^&$$$s(^9#!!jjS< zOeqY_6fXMNeXU+3n&)}Ca)~s(`D5-j35NMmsU$7Nxuu3PRQ|lESg+aEf0AwH)=60# zx!IVocS|Zrxu#kqYzHx6$mzCN-H?!`sfB+t*k-pOVtu+E&>S)Jz?`?P!(1Z1T|Obp*C9wv%-*SsLhSGrGAMBiE`5hNr(8hf8C1-#J)U3JX2UqcjgjzBr8lhU z^$vN7Y2ymofRhf@m!0uBmqHQ-8VN!)eLEO_^>ROvY1=EsB5^jF+bC}<>FejaH6@WK zv@rY9oOI&tS^S!=Jt-B8@WiD@rbBhUS5)mKdyI^jGR{!a`Qe1io+~w-PezcGaZlOv zC|w_YJ<-r)#*w(3#;vTVA@ifSl<73a89Th{o+lMy8-3-N{ACYH%s8U$S?yDQn2uq^ z9ZLpuUKCy9bzoMS;qSv5R&Bihhg!5~KVuO8BGb^UJS~ECT#sUXmsk?4LJ8TqhHYN_ zTZ*Lol%{iYb6o_L?Us)*@P%Dann!HTViN19RBavV2DmP$<)XM;^zi^hB3Qk=;B8n2cn7QPF;A> z96w9hoM65B6Fx6CmOLjB!lF&`*EGx>#?YO<2#LEqMrrAsLzAlYk$x>}J!m?c9hB{> z`0o>OB7D(&Zu2j;$Q8RvoGb2HZ4`zaq#{YGDCCh9UkY`uy?zLF=~3YDGCv_erz8!9 zE$e6Ip)gSlYw8Ui-3+tV76u9X^z-n#e_YC2VkUGl7E}%ud77=^p;RR^gl0fQ*#9yF z-tBnV|0=Co-s}RB6F-Nh9B`pO$N&H2|7R!UdB4W3mQ3^mYXIJFDP=zfAWw`A ztA^71`nH%&mTX|8J^@lvKga*`$$w_|mnUr(&y@l&Xw3A=3}n<1cz>lRT@vWt-5ixC zwzT|wAR%G>yM%)E9m;$^rkOE^HTd`&&V&=P#2(T^O{6Y(NJy6QhU?;w8JA4{5fH;8Zd5CcA%z zO`)=oLR77n+gMm<;b1j?2@EX9pnHoXso|TDM)u#4EjWq~W#e7sd?5*w+F?VTs|Y0e z(QhP*K2jki2Oe~cn{g*7k6!dtYzV)}s=3&ag5F22B5{dgkwZ<1!oIO+_R~R?0uVAZ z*I{F>R~hb_DDr-ovokEWIEx;e+gR7|eQDVx$0=>P5$Af9ZZs~)0^;-H24L4#ByapM zQM-||Y&odzYkV=%HX_kAk?4x@Sy8<_Z6$2H!vQP1VUtV2kbd(1QU*>mo5J;p^Fn5X zM)dE@LCsQQ+rvfsb4xl+Sm#4)o+k@)NEc1lgtr(W2TFy>ta%3$a)?!ZAIMZ3YY5eL z9buZ;9hpZZI$|T38jcit1FMX=q$9%I)3T!5kCT#*A(jDm;b!rhzEB$3C}QSm!JzK- zT$B)T5X)3QPVLL4uTv37P|Ardb8pP27r!Dv56$NH310R@3nM}`ahz*s8HXPEk+I>=;2adpjb1xLDS$MUi8be0 zNpY%4lXZaC9SPY04*HP~C3J}{g184jbQ!1GWd1NuXBfDuNitQ zb}$nh>Vi6mX4~V)uUm(kp&R3;9}2IadUPeyU$Nc8L=M~(b%^V&)7*?{lK;NH3vHK1w}iu#u2EuK#tV{JM0afrgaL|}g4@cw z7pJh=WYOV$EvxqRygB0ny}Zs#FsWv2u&Cq5H^|&wStGRKprPd)wzH(lk&M5Qe)K+Wgj(_Nmh-#ClSppE;C^9C&Q*!6nVnKQ0rdop69B5jakXkAYh zh{l_9D`=i3S+?~{jRhQ49C7_03NzTVic`*nknN$vvCi837 zW;&1*422yjv))~0#_!X>kW+hCZ#E7C)@S18aS6YE6_p*K@VH0o-ESU!%a^z)?f2ow z%iJe%5uz<(bN)wF1k(#I~q}==DJmmPNpL zv?rje%ZN*=a{eRJ_jv)u{cNTrQAzhw zZYFF`xz^!Zg{WePEgC_oRm|PDt*AS@j6v%92Di#ChF|xN2HcA>LSF%}sZx|eUuxEm9PxUH?K`FGoVB8*ehq47Za{ zChyqBUQ*5KT0*T03{4Wx>*mpJj@%PId)5R^_3!S=nK`d|tF)bp>>M;F$+9dK6-_?9 zal~q7(~?<7r|(hnu$|o4&*Z^!98KN&4&&6*!PvzY9RZ9HrU~aVev93e=_bRp>ao(k zo&8s*NBP-M#>SJ#>ubPHfqsVbMfa({p&aYa+;J#Gdld!2z$ux1z@g#_gxAo>kw2*X zR3fD({#C&IJVm6&;+&P!Yz*|vnm%vSIYjCP=Dlc$j{^kypxN}}OZe*NRWDcEQur!o z-GxY1VCFloNOUEwT67hRd=rENjN|0>YQ_0;So@U6I^9;8V_UNkXvkz}m=EU(Z9aZ0bjNnR#Sef0) zk=HIFC;r`Q@pVTUI=IpUuwR3t)5a^ywXAcEo>-!i*Yvu+?8u(==z`-h9xsTZy?Xrx zX8ot7yGq-~eU1#eE+4Y~vhHCw214D9D!8;9%NO%7jq`!q@K{Q|_oKKR`gN_QK(JAMmHU+Iqr*nRQoyQC@8eTXiWxOuMc>{nshlv}vlE@RHgz4u(G!;|ixbYlAyn6&$7b%y zyy2nosHtUcp5xX=RnfoB8nKLnqg*PN4tBX1tC4=vfg@=wK&6goNvkTI=;*6v5BsER ztpewwk^d}SVP>jk>9AZ&RTMzanb9f9fTqLxYX<%`ZPN>lu3vcham#I#@XXcJ8}ZFh z4%SQLO?)&xK5{(;hc-_2Ltt<^%F(Xzu zjmXlaEH@2U;B#K&^C`p$U!Z=Tkxc0&!j#Anf!bFysu-&w*nUv4YJorr%%b8oT|vKs;P~?+lhG1K1%$09$#B3 zerX(B&Nn`j8z$%i%!;STEs#e>)P5mW;iJUe%SuKZ;%Ag-#f^l<#Q}C>@c1V>xKFWX zIRnKtT2aZfo^9`=*MR6DPLO2ICM=_=E_sgTwbhl#gSrk$*DHCL^qzmA89Ok|SBf$X zU9aU*^e*vh+EnX(^E9Pj3`5vDvX2uNCFsRWUkFXwg`=jn!GDLZBeNLa4h-kke)0a- z{*^P?RnflN2!GmI8anh5Rp4D{l$ZYK{Sz&=WLMX{BWJB6?#un_SOhraG*N6G$EIge zfUxIT)WG-T5e*j1mGohR*U6abxcp$YSs34{z74lLJ`l_vzA*oLr)E|GC;HridAsY@ z(INM(+ttM5tie`g9b6c_>N@d{lnBXZhJ%Dj;PU_LLR_X zpd8M?73_YdMes)`>N zrTJ2rrXTmqZyVb9=@M|HKHid`zDnxjRF-KZ)me`N zPxt9sUW({@Fbxbcp;3cJ5X4$v zR%}&Ql#6PIFqQJ0d$0DzA&Nv!6q;FAU&&ew^AO5%7xjg+!F&D0NG*Ck^741qc4#UB?}WFbq$)>Hn*6Z&ix>D7oYVt~gGl+@)gw2AR-mj6uZNTez|s%h3ZzQ4 zV?Uy#!#yqL!qut`UACUdiN4L1u-a;^+v~h_z(uP0t3*4h*27J9m(r6!a?BS1=n|ja zvU;Ce@%8AnR9t}KA1RMIu#%Zw_D3=bFTSXm6Dj*n!0*mn0pEkaJ{n+Zy`au*arC=% za#sak)cj-AnTvX7+E}F8S=JKnSd>34L6h_~N&s)&kvScSAS=W*dC48KwqF&uAd`c$ zjnbbw`1vTL1QevvtdU*kPc$9UfuNd*23B_m5P{>$CBo1z+0>lq=tP{`o8Y@cGpmb} zR1I#}%>1nNaS~O2847mPWfTsdVk#^8)y*5+qkLTf$<6hFM60c!oUWUueae0BZTu!` z%_h&Z2K2BKNo(!g7PQ_?4dji4*zbxiW(*BGqH9Imip)vxmovgUE%jsk8NOV%k}VimkQ{m_z0A8kmKeoa{(35F?qD29nFaC0EpEMK#msek`9v z7t=fEW*2klYS=B`UK4|~Iv+s^E?ygAhi`8w>B&B)^Mr0@wAJeCy=&je=Tq(V5wDal zS#2bFhn9E^S@)o+5ofrxtR1S;%i8VZ7mjOjO~w!09;KhCYq-M!mC#(Ne=Bs`SBAtsiK`Dxwof7PFRE`glR}mfQk67Wfc&Wvs#ogX!s?WBQYzRDSVQa zvhz0*$L+yMk%s{LTFb6aXR7fw7MDNF+%)2{ND2I`F8=H>XQ7=`Y+&(@oo>)er2!H@ zc&s+-wi>AA1+#O9_jUVV#h;R-XNjn5K)KyK)lmOh-B3EPsbWw<~<-&wMKm9P$}1x%6Otq>)*e+-{rM6(ueaNBB8i$Og6N z#NZWz4tO5po3@7e2XN4pVgx8LzF|Id&o}jL*Dgi#?-bpWBaQ4F(#uW=;{mf8_9G3G zHm=J3pmYcwPS!18>`jPeZE6vg z))RoHnIrMZZz$yRv{$9|1FMmTbr3>P!zhv>XpZzYKZbD4%?L3f%9SC}-Fse+58V1w zU(YIz>DxSYaqV#lF*B3QxECTf@mo8%2la6=t9GSZ$j@GnaN>zo?@dlFhzp#NICcFD zUh`30db4E6&Vl=Z_K^>ECLEQ(zav6rHW3N|wd?P(5PHhN=Tfw@1KB0KJm(7OM$ z%cDC~%D+I6bWRWDjTJmehFzxpeP@4S{JQOh7fac`S{TXw(=+i{gW$^YLyJ*i;h-G$ zmMgD?Df_ssYqN~mc>Ovzlnf&Moa zzc)wfR!5ojX)Zcf*G9jK(_aLnNcIqeam8i}aSENh?;-xe)=ltGA5D?dTU{H^JW zF2b;aGJ+VA)2Ug(D{nNxHU{~6BMPMR%^Inom)U-%*UZg&bBePAhaMz13)_SxULJ~% z)0FbNm;4q&OVrAtjKq)Rs(PL>(_u*=4+rP=PhiL*%6sc6wG(p1r*HhvpVpKdNbBUHt%4JSVun0eFUJ7kkE{W+(-7W%nI z*GYYPq@>bR63ir+t*ZI@|JbsYXy^AldH5`}`&`Rt*064ks!8f|)r|apueSAXci`-N za67c-;~E&6Q3H)oeA=Xr&Fq#t8k{|CS3mo%`RYC98FWUcUnqDuDN_HOmyTp(t08oS zU6H-k8N;n!>Ur1I2Ge14%8mTUJWw?NI(rhDcn*hnqRmY2|hTys~_tH_+t`0VgGECQTk)QWc9M#!Er?mVl< zJ$t4xGxuO|_R6=>b7{GX-Nx|D(1ej(NMXgyVSyXxo-xgJjg+YvRYrWCry`+#lhVE2 z|DZaR%PFh4NyIClY?C>fp1EoMR|`=u`APG{q2Rd}9_|tB#Mn?REKO-sph4Ty7nMpx~E-u(<&J$)Sbtc%|o8PO5z_nyiO0}%{xy=0$C)z z6pYR}cT84XzLJw~>h0kT&JVI`n@CNv(2E=}WN3Bc_gZ4>?4o(H`r~3^riN`(`^C3s zZV$T0iyDO=`OB2Cnlg|69{5XHJ9>-94!-92~**YU70m++FUvn zrbkO&b1tQS*cf@uzl!3>a>M@8Oc&WVL;2rYuLq@zg}eZri?cPsc-s-M>Omds=)w{$ z-MqjnV65vLyMcyfDqlv6Ls66VPW5Nba??24-AXfZ4YiS$%jI-%L!e6spAZRJN*J#9 zobhx)HFbXkYaq9Tbyyutmuq^h;RzhEl{K417YcueYUvFRWu-K%36%Aa+Ip5dEBb>2 zlq!|vJ==xRsEe+>drnRq$+%*$bG!%aoVs}b?R-pSGCtYYced}*f;OJM=YBF(Lpn2} zg4kLXS;_6yaTPc2EK{6Qj!N{aCwFz^Ps`wlt6BA(DIp&m@EOb?LF};Kv8z2})hBK7 zE6|W44g9SJ{98?+$b*6G>P7!yays3& z#oS8yTi4Nx)LW_gf%A#(*v6If_$^`6hcghloGc7i!MGDhJzu{o^5TDT#;bP5tM&U; zCqU)V)yxQdw9c)>Ac7sZieLW;PmyOkVV{CivAO(H@BIx!YamF@OLpKjvjE{-#TX6o zMO5qI0!j2V^sRO+xfl?9d1Q5YW{Q&aWXAu~bOyyH(04Fac`Gk(9Au=f9@u*r!so>I zv|92SmHpSvX8x%e@p$gnI4^6)3QG+=otwFBkGFbO_Wxn;-J_CB+qYrcOpP;E^H@_^ zZfeRlB#N}JnNllruTYtqskp(t0#=hKpyU>D1DYWU zC@KO90^dzN&-$(RUBC5y?|;M8LFOP1{5I71U-Z(R zicKi%#K<0lu*I`#9er4Ssz>FU>R{+P$ivl7v{!?gZ_5={LB~q<7oo+sIa(J|Ge7Yi z+D?9)tX`S^+!~p1u(LXNL5X=UHg?Z@Uk$&RRatPa4H}&^^d7qIgLbO~-UI{rnXnTqD_-g(50kL@>Sr|Eb)2%DiB5=knVj)X9nO(cX>{s-kt;9uekl9!W zWrMM`?_r;W5}*}w?h&{qIQMM4T=wB)zxB-5_1c}DbY(Jxgg^3ee8t%MUtb&GqnnXKh+8di z_D`BlrE3fIK84y{A2L+1+)~X)%sIS3+&x57x0tKVGRWp1;EepBaAPn4no7 zv^9{z*4;(*_mNa}K4IZjtNEeW^fArx+chg*dEsRTI)szYVUBH9FK!NkWD+C;x&;9CRU0t<}a6TmZFMg zEe&mK5qGRp&3(@(a(zKQZ`u0(6Bp6=n7AV7BZxeg603gWCy z{?PeJOEl8QZaIsMxjxn?qHPJ2^h3ox{i<~7lϧu;nEo`tPjzE1DS4$VGncVlGY z_zI{rrE0NMx*?A$2|aH|EYhBf1=R_2cDUilMB<@^98n7ZO;HA0_JIi_QKR<>0Dn2P z(But)ZT*wK>_y!GW|ciPT7;*#?3*@Y@b{%H<{tF%GPo!kl5j_i^>YO~u@dXf&(de{ zFX%wIsLPp`6AmT1mOWh1v0Nk+jyiH=ryW__oVyZ6!;7Mmts_&6SHT(cFN9Zy-y5?b zIVhyQmo%78SLy{!*@fId4V>pc_KJ84At(I^RIO*YLd9M5!hO}LA7Yy1bME^Uf^nmW zd|8Xuz${ZSk1T1WeF#z6gi3WvCFZ&h&k7gU1;-QYiJ{Kn>rz>c%8QDud+934pbEgG zsTza7Zd+;YC#|Ha6g-1jria2$`AHSokGZ9j)iLHR*~uR^I`n=Dt;8l3>HFKPOsXz) z@@DCN_DDL(Pw`kq5A8=D^#;uI#D|?{zo_KFiDk0lOyx)3d)3qePovWR4K|&Xm1d;&ahDZaPflrHgc76Xg6~O%9 z%ja@cD1z?Qb8|%(SoRgeXeqt+9W0zIS!AT_j>s<>sXJT@XS>L^8 zb81=Ylg2o@wEXxTU6m%{6D(qIx#Z^zm&S#LzKeL@Wodru%HkVjX8>u5uDtHiI4j$v zyeP&hu~I|^e;Y~ZB3>@-axC$+Nuk4Jq>2cjrNZ3=*Ylx#Cm!dwilwhpi3$Ur>U=g@ z-mP-07d_;m7P>$sG@G^+`&dO}s=`&=XhhDczM&UD$*?-iido9%&0GX=ebHh^8M)se z4*?eks}??akS`Bi48cN@>LF4lUP4#lRoD6xo@53))a#GAG{WqVWkk42Sb$W0c^k%F zF+;O_a9T+!!8VoRY@^aoHLog}jjT=#^a83mP|jJM>ivFL-^~Xn%J7IGm<+9aIPsp} zo8+ZX^r~QDVcxuymmN@2{Nms%u&61#j@-W7dAJDH#*jJUjUQp5v zidt$^x>7$CUnO}X%4IZ63^~4)V46#1-9{=XtVwp)bw%hYw(k8}bXOO>qPR#XUa>(m zmQ21!D^vM~S9%RBskt%PO#<6Yn@v(S5~7H=oLO=^6^}JK73=O$zc9GC3aeLJurO4p zAMFwp*_%h7j5p=J6Iz(hR4(3MRsc)o?HWoqmrPnADdl3mB{tW}2Ie3`7_rw!gZ69e zWWR}72y2WUMJwN-Bm3oFhe)A)`=VE7l8jT0P;Sd%p-E=#jm(5DVg4dvm$Lh9Dma_M zO@e2VK;*_qiu`Mi`kT~wZ$e=q9NQ^bUhYW-;&vP=z3%V~lGYf;YUyR9cFAo~Nh@Qq z;`k)^mZA)y-m?99IoQz+SKzx@^$ClPD-y=U=fALF{E5dnN?nx%q>xSCXYHqjLWiAA z*ufr|gZFz08^`wwEr7xcC0)3RV?ppm1Vw(qCZ`C?Ed|?P#K=0wO>iL7lfIYPsw$NZ z+0~pKvM*n~T}D9*eoB>>J~qjcEylIXv1bIiFpw?Aa1_^Us%eK_88cugeDP-d&^@jz z?2UcwD0oR}2pgjOgjRZsKYFQ})5+XC?tI8ysLJl`${D?MLoqesYeT`ZO+L{ATa1?T zRaHu;XsJooo|sCPCf5`svT8{6o!7cmdcdC6I$6CQfEL#r)_KHxZr8mjd3B3;VNgVR zyMEeyYBAGKc7sn~l|-yeZrU~^eJ2pb4a}y}#VttY*I3xKncMsQN~FouT^F*;Gn0}P1@<<*Z;FKPlCpy-qiy{|Ff|4VyJ4r8Jw zpk@BO!2mgHmFTtL;b82OkW)IXUB@EuzG9o@IK-$m)q`RM9(A=)HpDFcPv(Abq!IHh9g!qZoA47(mKM} zaD#Dblt^x)?)p32GGv%6L)VXCUbzgF72u=?QErTD zJKag!><1NuU8s*PX{{i1_1;*0yNc?slJ0tj)Z!K2!iW-E`8Gt{f8++J3;)9j*naZ! z{^L0n?oxyWE%5xIhG0eqo8AV#gsr+p7oiGT9pMUxOyv2~gJs;rF1F|&I-He|ur<{M z{-|iQZYh%~U^D@7c4%(xkV|GBok%AT=@OjqQeh+|s;lYwKQ~Ep7Q9?LPrLG@ zdHyzP0suQqe_uV_=KipNhjrH zk72UHlz~iiDV#NbnXYpM-x8iwn#KR_)*v7P%*Hcn33q&~j<274_t5>wZb!B2Q5+Ac~;sbvSh zZ4nK8G^SYU;_K#58uti4{l@;80?XaW%wW8RaCeHK{uvBd1wW~qaR#*aMwkO}=N z_eHf4@FY0;E0ByoQjG)VD{6|`8h|(#w+?*lqt$cf8a2_)-N3r$Mih3qg5ck8eg{QV zqrx*4m#Wj8=Ow?ah}~hO`nqy6{-Tox!YI*m4Vg zZF4o`F)e#pjZMjFhG(t+U{^N;iOtic+34G`FG%_`d`MK|6&zhUY!#w z`Zt46{h1G0%U}Idy|Ze%19x4>B+|m{!W7e1ipR@6c4SV6Ba|o z?RBEsVcc6&W_>Yoti$V_Q)G+#s&88q9}LJ1hw%I-yjR1xJXu5VCe=IS7=UCP%i26k z;`Ce-+B63v1;Mi@mtlbfnQqBtli29R{7vf&VgyT(rODO7(&>Je^%9Q?eUK-i;qHl+eDB%( zFTC#BT)q^*7rK|_HB55S++*J48tgla&DW-HvwJIfmj;}=c>j-V!<%fA%#_t*A|7cI zVZJWA)kO1Fy?JYkFoVj=&htz965Ri|zpKifO4$6hNkKJ3HEoQS<7V1>=*!=A0bx%7 z^s964u_iS;7k|XUXi361E&KPbJ-xOy%!j@b*z$*9LnhYi`$%c@LRRO5^FPzsI8|3q zHNJhK%Q4tXAtZ91;nxe4gy3ZT=2F|Zm5;osVf9q#m%_UfBLX435b7bbg}lxTWV7rw zo{uh0tk6SM*h=1?>PLd1fvJO_=B~GVW$hmFR_~z%HFJ$N7hsThRMhBG+QK!IOZrqW zFf;g>s0z)_HWI&xISkGX8Hg+s`%czwZ9G3P?2Tgv8GpAKI|ndLPszG69iV#Kf4GER z5M%pxGYSw;OPMgnD@m1|fUU@UZmP{1`8R!Bb5rg@1K`Gb^U#smgor>#W-#n%(INaW{!VxF#p&+zi+3ymtDiQt2(_={K z+cGG34_O8fyk-+CUU5%K9wz}n94gkA2lTs3v3BG)ohKe@VhvTe4_$gD>QzF9e7alW zh8ZK?RPFegmQ!8yZA9e>%Qt|%Ymrzle%8~M`fV0Jp90ove_qGYy;tZgJi20IlXkmr zwY1EGXIt>r^J}1B{gmOV~f{%xcg+RwlZVES#B?dgf?2- zt?RoOpZubEMdznY!LjV}%z;$_HT;siG~6$?^o|&+Nc(M3`6okp*N*$M*fMPHg&MO% z;gopS14G76DN;4FRF!WVLh5?u{3ur%q6)i+f58Em;0?R+{g3aFINlL;cPHaJlGjd` z<}kkd#e^9Gw5I`=g6oFnX%((|Pm(`mtv%j(tfFLXyk?~S&4qLi5|uvN5V7U;Xmp5z z%gjuw{ry7IbPmDj`0UXz+1wjO(R z0geTTgDrAnv?}ybkz3qMtu`N}yFSeoMbS4q^0i#u5eaeSv$)=_vrEIVq7x}*GlYB8 z-qpRjt|^Ve+Ozp14o$Ee#>Lg+?Lu|(ZG?|uyneyyI+f%Nvik|0KsC3;)jkk9RaYOw zafoqG{cXdoxpR$~NrWrZJKr{lR(l7}_f{`{nVmeNVZUYW>){Dbc=Jd0y}%$zh~0`w z^^?fe7+Pfu%KT^1KYa8%r5s3BXE*2%3kmHplj+R-Y{H1NSYR_Etg-dw|L*r;sLzWx zQM5+>?xf)XVb0||k9bW38RQtE_827!ET zz_NeH*RX$oP$jyg3odNfNIv7VlCf^D1U%8nXsOaE@6HMv^@?sMi*#)bXV)nw~+A4cD1 z-q8P%bpBqTnU@nLyTw^Ef4Iwc*ND$o8+?;01I!O9l`BVXbY4H5`8n~xIaGvpi{Vw+ zAFHc?lHj!k*hh;a)aPBOgu%&L^PdyTUo9K+qFn)Pr07UUf}t^+gitp9zH0KL`%wJw zUpsfQU?rs8@rp@#Y)9>pMQ@ufntoSR#G;mD=0b+uzT2~z`>(`cdsJc0hrauS;w#r4 z@!3b6w+b4#mf>TPkiSnOXRAKEW6~j0FpRGj3O_5WyGQm|?Y;roXAPFa{d(`+fqaS0 zP&jXk?`ko(SQwmFYDjAjlI<=-*oUw)1*5(3AT5(xm@Z0c z-EY`Tf7ewZy~t`fmXskIY_EPnJYaq1oLzCeP}|vB{{4##{tld$=h$Jx_dGVaW~{?Z zeqzWC@Mz)D3*R_~PdY-{c6UvSF&_;7i3ix(r8`Ykfgn3e{Bw&v@!nH)>a}$}5mQ+e z?tNOU+>z-`eAB0xLcvSq+jBaWhYnm~YZZ?4Mr^-oyU-Qs2|{?v_v1@9w{-2?fqNlp z7l@w+oYfPu8G0IY?bi{W4K`Fa_D)DfbVQ0CmY`^3;SpXHNrw`Kza4nr58FU`Z_!%Y zQ*4Dl4h3WH%=*D+^(WfbgsD2C(vy3)fNe;kLRUsbCZnUe$LZDVZ*+)N;jD#`6?)(r z{tnq~HhyT#N2u#39)Zl*C9EtJq;cs1g?Z%Qip=P9O!w?73317eJ1jQe#1JQFqr9!^ zo%>e#e&CST_5P?e5YOgLZ%eWfO;`jp9K1cN7FU7-memJ!u;2NgV}ZFfr?~ZtOe06? zbP`m!hw)ClFiGXze#j?8*7(Z|e3GuCyd z!jG+A3+!GxWqpcf1Hs$MWcY+49D#YL>{6pz z$pt(mXTIvEj7yqL+C*G2?WYzsw@NymERSfs;e^4brC*O>p`z-&neGTobf(0TPJCaL zA%SEh6M<-rwvuNYY@amSm35Ke$)qOm0+4r)Cpq*D7D9- zck5(0mhQp|9Z;li4lE)V9>rL{Wrd{R1ReH@mGl^fg!k+d{kuzFnB}TNU?Xb11L|rE znmdYZe(N0>uSiGJ8&-tB(V2glQ;*;=n_ud+%zr6KWt;Af8inrz$EXboiX4=H=F?Zx z(=RW^mEXdcNYfdYvTfN<=88Azm8_wx?PmrfbMB@|RC5SFpmpb=KCv_vxdRo#`(HW5=GRy_~Z1Ynps>>;Qc__e|ED*+#;AoI*b| zzU#buh8b~u!Byf=bT1j-DWG*_J;c;h}!kzc2HW@8+=UF>Y=vouN7sY9J?lMzF1QO(^~xvLgr({{8i-@;M<=0TfK{D;-rXF+p))PkpiYTLOpSET|l z3C84G;(x_Ii8z6|N~d&Ah+5QfHKrS>7COZ&0A@I=x0DRP=(!B;AHgx z&3!HHcRqa!RoV2`0do)NeYEz)1f)FjyuPUG?W`X#mTpqbU0#y)EQF`tKZP(WBQ0#< z$U(o=qd=79p$Fqu*<{#T<%Gi%O*fgfR79|>h3Ojh74d-Nj35;6FCbg8xm8^BMU}(u zMW=eGO~mj+G@-}Tjbv>w=(WBYB3TBo%$lLAAu$I}-C?{i3+h0l$N6TLau1HrxD-e` z8(l`NDwfSdk-Bq9m+L!CJ7dzw!8$Xqhz0LhZ@*2Tza7BYS=6@OcL_X}`AaeFgNgPR z!=pwPj=9=Pfpt?Gyq>6za4efYkWOMOD()edEtayN1{GFkQ}&3{=MIlwhCEmT4pNA? z;odDx+HAA9IvtYfQX*U%m0d#6ftyH6Pq9lsk~XIfqk7x`=OR<^nEeca#mg#}0nsVU zQ6;%}A%EAxAKPs*WS#RFl`#c|b7t?Aih>vzrILB}W-gP?F{_*!@dC%d^#>d+GRRl%ETHaNF|tgXBM zdZ!4ex^>@#3)k5P7kA7X3hY#Q&;kv?==(!8rL&tW!|%saMiaxrzBY!DyiTxbtb7i^ zjRZ+)utym2t-;aCG)?es$T+r{dNsdtseh(U)ld% z%KH8D|4rZe|KY_ii$D4AJi65Q_}xz2(F%Z&3K65x6MznN6Iz=5HwPg;$-RU~?NYt6 zW<_;(MfGwvCC~bBJ6hxyh&wzpvwWFgqI$11s=TJt>NWCB8xOnmBQv+L)GU}?*x)Q3S zdC-2fo|gYz4}5tizk^C3S5hhOeirGNg7KL(h^7$|kcWdMZkUjVBUdY5QLBxN4 zj|UG40)7p%$o>Jz-Q!puY!BbZnPEULSG80d-_*4uCdwU(O&pagz+zWt#PrGUzchFn zc#QJkBy*U|=Dm*K5}mlnmkCE`mB9?M(YFV^l^kfhV|d^dmIPJhb7F#@k@FoP=Nls9 zztUPqNYXMSb3B0TSe8OWwIFAvs;+JAM2!Ny(knXd#C89B}hO(-ZWYVMgPEs!a~QOO_AbB<@!dEF?i)wKv2kgBd{XtSBna z1GtLmF||73g-olh1lHM|sp11dOcs+7{)XGI3 z5>EvnaR8;x|M3>{SvAl_@#5vV{eG%5de_z3fdZ8Sf+JNg6Xf#fZ{r^Tr<%*7hh=Hk zUmi@AFKm9e-f4o!b(X+UfTlS#sSAF(vAS4r)8!tF^Y1oQ-0B!lP zzv)hcZZB|PH<%_c!AnJ<63%65Vm&1?WiAdD5Y#*%%jSMXLER|v%3e+vhKY*x82S^?p#iU4lm6fF z75(wUm-XEl9(?2@0UCoUDE=WkB;cU5g#l;Tfd$h1VxrVl@l~-P2k`#;*K*v7Z8puI zDz|}@dE7-E8`89q+xpa``FH6eza-2Aa+Z$%jk~4N!YVh3fbWT|6LX0#aDa!OHZ*%yN1N`$TsE%uRJdW zXG*HMV_^rh0?VMqY<{g9&$SlENQJ}h>rJ5+FMycQIds73L=AVNstGAviu9tSYZMu+ z{d;AW=wn)r#&U_aKaILSjOrlboo_Gf=aYiP18-p)T~{P)_%qB&igcCsEuF( zw>IYEg$PP^T<;%4$b+Td`>hO?sNpcfqu^h9i#M8_x}rWZD-o5%wOX3%^lwJT9?HUw z0%V%lhHOXR{V(;f_{V%Rer;oXD*PCv=Hmzuuj*_(f1)z@)NZiXqYVE*IxemG9<7XK z+;&=#eygxu(7pnsG{zQZ9@D;n+YwxA^iaY^@RHB^TY5mjJvz*WVS`;(d=C5C_o?b) zI}#A~dfPb8)Kz&J;r&mAAK_qv>ms@?D*woS1q1=g+zq*wun%kq&pPN#e(ZgL(JStO zOM;wNzC)DTXWFeE(=MBF9gh3Uk-v{e;_6q35J`(4eqor~#nzn&{T*ol+|-%E~Klab-0_E0!VCJA2oq zKH=4tJ%36rsyLTlq~#QD$88!(?DY-00!ksBh6Y#6)O6sKlJRc7K~~w0`RkU(LLI2J zy56RtA=qM2>c8{s(F+-C^?us6kfk*%{o$eJeu|))c*~614X<>((ms=1=tr(lmB@ta zF^P>9mmf(I0Aw*f$k`A6POLa67vYk+ZVqrhCePJEizLR)_p%_K_3xTKvWsXxv3~44 zM$ntH23nBh~^gwpbzZR zgGc+?C>wN~Vm&ApthD&ptC#?@D?wgM!+k`nO#=+FjyNV7DosC(3OG1Cnuat500;Jk z{5BUO#S(vi`V|whUtr;*8a8pxx~=r*#7mB|yxX~(dQQdN?^lnNhF!8oR=D9S=<55% zavk>e9}xwxp7>o$mo-m2UlBajhToWR(g~i$psQDYqi6R6%t~)FpHV5dC}rXR_!^dp zr^RIQ%^U%l9SO8u8Sy515J_wW0`7CwtaNR)wT=4c311G_!UPZ4efnW34aMOG>qwcG^5dRFst0=lBDJ@Wc(5; zxLnXNk|Cu{;zC$s<})B{E^RHTv6vVm5YasI#gjRIwj_!>#zRuf99;?G2lxW^ zXiN3;k9PS%mlv0Eh4X_VwB4ZfS467o(9CCns3&-Fbnmwuw9*}@RGPSF{A#NG(-Y}k zz4b4GLV9*QBW@-?Xp z+Z1c@A=YpVn}#2zgiVsMX#CJm9Nm4b*_K}^u;vogD-I0&wgyJD&%QErNz&|sO3l2U zgo57b7GJ_OZg0xSi7wy!wX4c9wOAl((jSK;K)A%~6|`&E!tggE)_(YAmawVRvE5}O zKi<9d!cL>xA-IVUVRm7%MQMwkFRP`xelZdJYbF5~951|TD$Sc~VIuZk>Wrr-KSNOz zaVGlD!Y7?l@6?INoI*$HGUzh&QvE2AU)e(5jYq5BoLhQ;bzsJHZg={7>BC^(zs27n z74u%<;5>VPI&$6u(;0^(6kpd2-<-JbP=}zNcJ}-u>+rTAU~PDPn2*mq(CJnYWY)J< z52zc=^)W7M{*k1NtNpbLD@eDeFZ7rZ=OYx-&koeyh##}O7|SN|(G1k3&DZt`hTftQ zw_W5N7#}RN{vAjT2ER6zX5KQrA}BpIP`732GluBWc=63W#z89UAmgUZ05PtL^@@F= zGCOz8-ytaX#@$7+G_8Wab*|2x! zDYBf*wxWuCJ=Y&S1ldP|Mg}$C3c+`L+dJY`uR7#YL@>Md;jUT~${>~rH_+~w9Cy9* zTn*8C|G|_Vc^?8Zt4OB0dB1(S_mws;IjWzM0V#kE934Y0*n#Y}@%`7c(no+p49L!|mM zG@HB966!cwtB>xrk9`VZ2E{&z%a(n(rhdt9<(~#7mRS~LC31jlz3EBbcjeTxTjLhe zB+|wW5v17%3dkYA(Rv;Rdp{foVW zHJ2tH!N;Lml+6jkuLxcY)=-!$FU~B?e;BdI6c~2%3IA+TRAc@^D-NtR6@tK*zrj6~ zX^CZb48;R`_a2lF;xgCnP+Osh%evZ?xSjKPolk!`YH_Gl?% z-|b#|Zlyrc0+r4us_xEM6f`wrBN>7&)1XaE36Tb%gf0rHVVcbE66BqIc!gm7NMYlV zWp8#2KL4%sQv~h+1Do3B=>Y)a6R6P`!p526=79;n$Hr^) zIzdyxnx)@Yx3(IY!uM-G-y1miNCQthm$&~O1X#qcUX+41FRFnP70Und>M^fWT_4RR zIOySbq;}?rQB9xUhw4{^E7m?A8duIJ;Lcx-BeLvqP!e5F*(?(RYKxcNrT1D94hz;| z(!&#DJq{JvCU2Sp6$pwwVLS*&G6b>F=6=%EXDM%I@1@~p#mS?qTw z%^a${hteDvn0WBGMG5#S!2o*lkM@!B5kX~@YeZQ4yx~npz^l^TfbB6`?K`iI$`KeT zF`@d8l?%tbVHRA6R005+ZJaG`2A+JYVP)47PRJEY_1o5Zey;|+1f*QaHIlpQ>;8Cq z^JNrZ-j=tenqz|+KYJ(h=wjQj5xCn_me+ac5^k+k_r?R8djgrfwU&Unu5dYM->7rD zeE&I0qt5S6UE|;El@K4QI&ti}zB80XLV}|mbDQ+0FsaUog-i&@FgGI}epgC+l;=s( zWQgQ9SC;+qwyYbFOC7{#6#$1n)+6%AJY=KtZ`Vus(+3z@w6dAbe;Bo9uY7T)vmm0Ndqm} zFKKXS;9pE&pV9dta2tc1nf*^=yua=N^yfyJ*f@Lw0O)S?yY(##-AFd%64EP~$tv&R zfCB%em5aY*$4N59@yLWeSQ5bvBd|+QyNR0r6Vx$PLU#NeoMOFu9FUWG63{CJ9zarL zyYUzTkpU9gz^*Mlv0WN5?b#O{&S^Ny?#m0xjoyF5l^`9ZUFYuMw9M$(OY$lvYqMnr zylw88jVx+HG3s1sb76i)(92@+4?wp3_$<~9ZhVRdXuAM)SN4y$AV|$$%?Gh_#;@A+ z$|1Kjw`sc>KDoMngXT$dCu2D!gAnwXcp>r`mu7UuQ>oAlKl7 zUYh=*mZ;X4g($-dlrVns^XSo~u}%ES1F^#ht!$5mf9+m80;O6Mn-s$IDx^Z!5 z6#HM=9@XrK!000UvTVS^NAY5LpHN*k(EDff$Y*DG3Ht>fD71T?;A>Y~vO`(2rMAGj zt6gZw`R04Aopn*7+pgja5cOnaeNa-2??Ki34s&XWs;K7GA{cc$VW=(HPchyn8t`Bj z`jzp+7xQpQhf_P`^d7(dS3H0hu!akf_Copd6(@%lZg)J9luucxheN}v=fBXz6A!?W znUby%OQLkVc8?G+XH)q1vs$14pm>QYGG9}LS=GFX&b)fi72Xd(C8lxDqB#vYbb1md zbVCidR*xT7U`dA#g@52ASHr})I-dZ8_}XZKx+1WX;*uakl{c^K7cL+rf0@`^Dz~Pwr^Y$PwoLVXHKZOVoc-l^=u!%uYYZ*qiLd(cf-XSq5myzIKut3Rm9>7n+?{b{G7r zQ3*3$!WXM~d3D>s$G)>QH2z;*9FG$2#74izf;@mDqcV@R^4RCw9ULwG&$fa8t(V|` zdl4`gyiREXeBw&MlGze~h`T+oDdc^|%cb?Y1 zNvtV$b1A?Exr|!=3%l&A9_`D~tNpD!)(I>A7pOFO-2umUS)<~DmyvW_Z)v@=7%`QM zfG5FD46Xqnw0s*|v)u7nI@DKhWdz9BHXk+EspuFxvR}7hYUCQo7cgv-)oNGPk4DYh zFE}=KM}|;?wb%Y-6RAdPY|p7p>`WDw%>yDgT(>FU*>zbDWrt$Vxoj`&5)G=^#rOI4 z)+hnHK6qC7r`;g1fy#V!QQW&f#l0K3@LcF5UHLS=fw25LstrM0oIW!rzlb7mQPQxU zU}edd|5%Xr;~%1-KrO{cjd{1m0c0QdpgHA#5tH=)0PmvRkg}tvDKrd~v{>-3!xhH`}4XK9c=OZ@qGEga?EO&~CF=2@!SMpI;DBU3GCV zfo71!W3yO{BY?1$vB)lIhithH)*6BujqPzwi)%O!p65CcDv;uiiHKkDY6K zd}{X>cAPRvZBq&4suh@QK&d_(bV4M`tysRK=N&PyFizcdoCZ`xe8l)D5+VXcP;fFG zMu&wUQCdMi;7(PI6V)RlQaZ$>$VH&{&LF18ZxZ0bAiPo?Rq)zpJ$`>gybVnnkd5R+ zWt=kKG()`HQ~%~{p&vuB)cY{$;I}uvZi70vh@8B#Zg{qt(}Ps?te~cn>pR!#Kh4g1 z=6^6Y!;$~1MsPMIFZCOF=y<2O&tl_8_}>w=f}isoQ4u7`2jqjR5j|5s-`f0V(j-gh zMcZ$E>?`tGs5BwoSDusW$!*lxOC=Q1w`hEnyqFUM#Qe&ktJCh$7Op42;3Bix(0b@a zX}RW%oEJ3|tbVOqJ(n*3Fnn&^V0H1;b;ITbwKQE$AjET7z4zR*r`olt9iQ$Jhx-%A zo%VO?78526y&ZD|=}EBfu=Qi0NEHr@(!5sP&b7M(6jt)B8<3(ZmX8q9{{(e6Q zj2j;S&cV4db`a!yX)-Glu&%1xs92ei2_bi%+Rv`U#PzFYeOB981W1LTQjATm!X;G= zV~4jXz`68fT2p>q-vW?hlJ(M<-9e2E;|hD0({c+E%g8t7-cS)ON&)6qmOL?*Fi<0@ zI-L!(iw>JLq)3IM?$GK;SB0>)=C2nV-s3J6^L3bmDTN@7zYl{!5zk3qLX=z&q46q_w;!9!I5aGkWzNpi45;y3hPRlLf zCTKjH`Hmk9NLfU9VQUO%(ilI`IHGxdVVoEnw%h`$( zrB12GZUwMoCaA6}f;S-0H$ujvY*cLS-9lFbTQ^`o`V-oW>dCgAhQ~j1?Klh8h5?`xjR=x)j%gbd$;c|ek zP|kl12#lsmOCj>7Ay^kD@}U{~SOQvK-osEq6heq>G%r^TpT{Z?GYG=eJYAOm%6=B8 zGuZdKT;j}6CrmOC&C5FdxHLFK#2l11b~8MO6~|e{%XnN&9+DonbHZeA)9|MYDsNo! zg3hzJd;*OcYUyY&?dD7Yi`DAM%CKu8v zOkQUTRs>zJT2sDkmvGW`=NPSV&;l6|VgP+bKLYr~o)T*ySbTul_gZZr5StyXA4!~a zkKK887kk?!AU4iDQ1Q&_GJ^^f2e|w+@!@=olMsnarq9qi7CKkIjaSDu(MsSstsH9YI~ozCxC$i8ts`s109_5Api zPoEJF;yt@hqb94w(!Xs!u;X9sGPl+N$$Khz*usrHTn=}d-|LynAir{ENBIZkKHBUU zDvj(6eO(IuYGEqO_D{-qX=m;HW`r};9y>qKy1~IFqj-}dnvOis+j)AI%PUmuM3O8)*n13-=9=eOj#BiY}8a8fsM!%+grgZ-BxaQT>bx~?qqIC76 z_Nd}6w}E>mPUGQySI8{%1%{ufcEJ`n#3%b=o?hQ0PGi^d_c_wX5-HDiMPML#{6boo z@q3OvWrAwl0t6hJcE)LSMzcgS*z%g}-?)2X^F=u^RyP1#H_gAWG_@nXx>Y_ZvVpFik!?5)Zv2Mc=zZ==T!L{9H^Q?Svw|x=u$#Dk5 zT4*`$?qV`0rm$qKS8ta)%#mwfF)YZm0E=6{B6@kHEogaECzhY|mr zzOLiMzBuq3`8jfiC(?J|CiB#-VTef)wv~|{OAy)J$-h^jP-jIsQ?isTHromv>9Nl$ zqo(#{%THkuc;B59I(5bQH%xOFS8({UeNS77d|CVQnQS*=urn7|itXUef?QY1L>5!o z7Y&|H(7EuKwlGn`XJa-w<@6+L&a0s zTgWxp#X&ZcH5?-3a**Z}uF%vPOvsz6-PWg?{R#aT$>f}Bqnc*U)w!rKPEk!2M(JkFCuyk{IJuF%RbejP@y|kvjgw`i#hUzyZwY{G@WwgpabKaQP zJ7BnyJl|eVD?W+)+OthEhm zE$Z>_j6eLAe7=f=RULAUEk7-nPTAnz`_&iCDN!|ve4h+YHFRo04JLHn3;W2|$2Qqz z6d0r%qOP%PEiqA!O6Z-%!<+5^%vWiHBN7|&80KHdabJzZvU~bE;stzCRZEoVg4B6 z#BK49y+xfxomz!cLku%2rOlWuz8)}e(MMC!J4rp3h`rb9(j(WTX%`F=TsBDOhl z88qWfrx8x;#s1LH%X7dFQ350wf<#A#>VZ*N6hPvhu5U(=jZe`dPu*1pdkuT6{!9CF zXZ6?c5IR)x`DR>F|IVpSAKcn$r*Wa7ctOrRM@VV|cSzWuFKR(cA8-HN9kO+K9Fu!t zsG_@e!wJoolN*eLSp_PJ5Udk%4NAo?GBh_8C>rYkG!@!5O|^8iZmb$ldB4-GYnq@L zO88p)5U_gFbt2onF}?z=U*;AI5hE=&uOoj=TMXKy5{HEwb6*SQhYOA4K{GifjD(Df z5j&-&9~EF5HuJpyp0Ixqxz&mB*jK{6z!N5wJ};XABJ0I<;RTV`8?>$t$b)BDN+SXTk0{c0_kqOW z@2!K%;0JK^=D!SE^6OqiW=!n3RvaX3C1X^>*S0z_+MJt{%&#j(o`~6by9c)!ACWfA zK0mHZ7gh2n`hTNfDuN@%1k+k0Xdr1Wmx+=)1a&)c+l4F*TN6d#+*_ z#B9vtc4eX3lwQV0jYldlY5eOM{4ePpp<4I%^W#w)#2Y$^Q9}tCp)UnLK#$bBXB87g z5O<#cz=R3eE#nl>V`{I2Rvq@Buk%(MP~;8Cm^gqx@zAsTK&&mlw(?O3)~}PEe^T~1 zIz@YHmzruT!~nt3!`N5`MK*eRjzVt$U!axo*aR9T9&Rbv7J2t0R#&iY@A8RHkTLD`VQI(uD~ zG9VqA*NQeQnF5u*7ptbVHcB@PWvmit+1E+ekEBri6{Q8osgN~)YiDfSAUprFlAA7x zQZk$Qxj&oxTm?8$ZPq&$Y1>WKknsA9&*uuk`|!B~@+_+llv`4IFngy6Xf0S`%0zjN zZf)XS0|hgaGhc%e46mDVuUlkvc8w+Zp)W`-y0D+2yz2in`?A|mD{pK2k=T4jI{(k) z@J2#$q~DTV5`BKdmPU9nN?!otN_iwRCPVMHNhFM}BXQ!Gq5@UE;JAJvA`MfU>XNl~8%B?poBr%zgLIxq(s4*(XBc@U}fx4W6&_|TkVY&(`}(EMh`=il(W ztrsPM;P$5sDnD>~;MD~LfNT~Rhw80gFR?Yg;<>J}K0(8G9Y3}6@aAIX`8ErJtG+L^ z;&_jiZm>=d4Ho+Fp5fqjZ`}N#E$z@yg5>Cnq1iR0PFeQ;rw39;+Y5VR2!Rj=F6QRq z=tMt@S7VZY*h7{wa@0-o5*5`33CMlb*J=Mg{7&lP`%Y2LFL5i)%)7;D6mw*v_Po{rN&6-M|cldcBb%V8mS}^uFL<$IxGd?4GRJkmu6;wse0uZsf;{FNArV zwtLByz~WVp797wQP<4mi`0o)~gf9;kNsd9+u^nQBQvT;%@K#@-OpZ5)i|kG2L46aI{iJzfM#e zYd97AT1ykF zCEzUImYz*o?>xgx;hXwu-g@|fmp}PWG!u_5D$8SIa#z=VblH5e%L4%7taXR(2#*af zH>-<|l`DXx=K1eyBKaWvp1Y5}RUC~!GywEP>#sK9I$LP056>7K{!2BEI;|;M4Uxf} zAR#<|`u}O~N&}M0_Bd+UIOAwfE63bgrp3mvL{r=-YiuSPD;>uiQ}nrIu0aNffQ?R0 zlS_+&N@`|mlMCi9iQ1;6BB?1N29_aD0nr3yQF#}u_w~(}_vv-M-Q{r4J=}B8J^%l2 z86ESFD+vW*oTDU99?dqzQC^mOm(pHGUo(R(n2ZuxppOr_&qO)=WL(dI9gY9FdXSk3 zZnKIns^tsNmdr~y;$m!8N5dKrJ7yN9l)JYqgrAzOhiFCQXf8@E z1{c7utB-MWK^OXcK*ubgQQT9ui}M9i+9E~h!@-%6aDR|1eBX_V*(Xpy?Bta6c)z~u zec%4wVwVlSh;6T)G2}gh!h%@91qxy>QTeEnZ#UF8m7r<`7q-4K$ELTI5Sdrn=yS{gvDjfg^wW;p^h#>RX*bDJjL_ob z30YeJkpuAH9miwnzquam`Duc1(;S)2UrPNQIkzdCB*; zuAXvha(lr$nHOs6@Paiu#f?>Qk>gs-F~Pp)Fd3)gO7Tj~fx}V*1&~P@s;xT2#Z!S4 zP}H34U0GG{>CEDq#BxjKQ*@kiiW$7z@;+?>cR^p2Tsq|&>z-T7L}TN|rS$>rY@lC2 z<$(6EM}?KWah>+5`L>nrc7LTdg^&ERRy+>)*P2c zHw%CvaIPeqXO;F?p?iz#lDBcVbj=ro)37dEiDOueYs%1Ic#yd%x`2N2@%37j#1<7d zP)RMGM=KBH?I@ytWBnkhHF2R7&H#uhqk>;Ud6#UqBZ%_~HAz+lW*)qL@LPhxv{~zU zQH-5NaJVLEy)255$onxXlC%DTvSCn5D5~dQYyr=-O9y`M&f#6{!H{_)4>?XE#3+`8 zhw_7WZ?VGpRks*i{JN^9MxE2HJ$E$R3Jz01)X&O%V47U-hT?>(&5*b=a7v#c66+&9 zBWU~IR<0#gax+(7p~>DUpxjcTM!n4}E`Ce0NA6sKbpX;U{sv$2^+--w4!dp>5KObB z8yAFGKlZard4gHT=t+Mepp3};kYRb9y6zF1;Bd1^z8n_{=VX}v;dyQUhRvm}-o)b4 z&E#S~ou{Lorh}0*%1x@}qiHn!?Tn%&Zo>^=sO^Q+A1eSmUUgs))Kp*sK~P;W%@PE7 z5wbXToDisTKK4~5)eurceL_j~hr$47$-DZ;l)IN-sYOZXg0ms*FZ@VmMMr5H6pNib z-TYQ!9yTxliXZHlb{kK1mu5ML0^mo25-SdyRJik(-ge1Y%c|`t4Q^1yy0iJA&IqL8EOcJO zPbYkn8f)PBH9O+ZucDLBua_bc)EH^4T;s96N^0%5K?@sOiwiYu0yS$~zO&C_%&P(8 zbBJyLyIgd$i;vOSH-mXwY6pwRw<$r69>kEcw=#^=a*g`z(BxSMk3^#16^u%#A?rPn zsS7TDcu(!==K{*#_XfxipLdDRM-Ej#c@CO#*FQoU{}y{-m&1z(Bo)*~_M!2l5<{FL$ooi#5@4$%ov_r`!YqR>FZy|H9P!f2G{I>IExxmiq<52<5Sz z_7JO0skRZiJAdfGW|IMc^L&^4)|c`U4bhlnw#ph14BM=O>8Y$lj2Uk@VM61x(<(A< z&E{2|MAN*3yH<|Iq_C+cFcojvm(khrZ zuH1t|Dycuft{p%>3Lpf~@1%A>7Ysr<^H1MA>u$>+a=}WdgXhCgtj z&O3aTC{Cb@52XbXu#+b58`&teY{>X4ATc$S!!j}+@7=;Rt11mNY!1D>Pb(Hc3mES+ z)!&e*vK=ZOIy+wP@(uMlvdl8&=2h@@GCyn_Mwy>AWq7;}>wqxmptCwYn{>*Xt4hKtKWZyNiG->j@I%=Fa8LOSl)(D!0zKKO%nFS{- zrw8uhZx=OFoJ(oed&Eda6X6%GLw`~hCMBmA+~eA~ZWkn)jomw$*poog5NBj7o`aGy zcWEsGBFRxh;@G9>tm!SG5aK1z=F^Wk+oabJp`D}XPFdQ}9mGnPI@E9oF8Mt#APhRS z|Dh{>fYB|iXA2JE=H^Fd$ZY2Km;y}pdYL+I16czOD;nO(bUJdT0&!-S;_d5Q^x?g@ z5U%+geV&NFSD&@5i_;*CE}YN9wzpR=BU&s&hLNM`%GC@b*+OcXr4BSaW6Untu7t{y?uEX9!r>PlPQFv=#N8|$o-UChtlLm zO}8X%O|T&Ty1o-2p?QLtRcdwKEO4*giTxH6ZuQ|qxnbxU;L%F;hP z3Xp6L?PPI~sH#`Nzg1S{#au5f(b%o_+({i^)4V07`|18)^-i~7^S z9n|Z#q)z}mw!CO-jB5>Yi6q-xDT*ys=t~V5S*>)-8xb zV6yL}Z%xFj)|53j)wLaX0R+IBp3W5d%f;nz2QPrIwwkL22?0I|@Ix3zx+YgBRj#bF z0HhrNm4nbpYv4K{r);1}$=-pQ@Z#0&p7H-eYkF+nQAxH}y(I$8QdtT^xv=gKXQ#!`D0P>A@=_O1)-zCSO5^Jk$rG&YE^Rl6$dw+sd16c^GI(E zlRe3LZfkS(8bRnzadFPeJx5GW)~`r$H+aU_Gmj|7A8vpB)=&L#|B;${9$kagk1`M z`)$I1Hrcj#a@Pf_`dd$3glq+$j5(9hw4$X>6#=CtLQvZZuw6(K(&bzxS-o-qN{4IJ zgj9Y2zSFn7B%ot;7YKx{2Zy-6E<8#CC9&2n^`oI5_m7aKBnbIRB2=HB7SV$$vS_jq z?mqkBVDjtJag8#pav#~e-L(~sbSj(b`E-rJhH47Qmrltjb{$<(jvI&kx2>WA2cUGpu)=uV{yzTQkhb3P}$~^v^)_U^_0<-2sKcAoH;Alt, the **additional recovery information** screen is displayed. This screen contains the **error category and code** that you can use to retrieve more details by visiting https://aka.ms/unlockissues, which maps to the next section of this document. + :::column-end::: + :::column span="2"::: + :::image type="content" source="images/bitlocker-recovery-screen-24h2-additional-info.png" alt-text="Screenshot of the BitLocker recovery screen showing a custom message." lightbox="images/bitlocker-recovery-screen-24h2-additional-info.png" border="false"::: + :::column-end::: +:::row-end::: + + + +The next sections describe each BitLocker error category. Within each section there's a table with the error message displayed on the recovery screen, and the cause of the error. Some tables include possible resolution. + +### Originated by user + +| Error code | Error cause | +|-|-| +|`E_FVE_USER_REQUESTED_RECOVERY`|The user explicitly entered recovery mode from a screen with the option to `ESC` to recovery mode.| +|`E_FVE_BOOT_DEBUG_ENABLED`|Boot debugging mode is enabled. |Remove the boot debugging option from the boot configuration database.| + +### Code integrity + +Driver signature enforcement is used to ensure code integrity of the operating system. + +| Error code | Error cause | +|-|-| +|`E_FVE_CI_DISABLED`|Driver signature enforcement is disabled.| + +### Device lockout threshold + +Device lockout threshold functionality allows an administrator to configure Windows logon with BitLocker protection. After the configured number of failed Windows logon attempts, the device reboots and can only be recovered by providing a BitLocker recovery method. + +To take advantage of this functionality, you must configure the policy setting **Interactive logon: Machine account lockout threshold** located in **Computer Configuration** > **Windows Settings** > **Security Settings** > **Local Policies** > **Security Options**. Alternatively, use the [Exchange ActiveSync](/Exchange/clients/exchange-activesync/exchange-activesync) **MaxFailedPasswordAttempts** policy setting, or the [DeviceLock Configuration Service Provider (CSP)](/windows/client-management/mdm/policy-csp-devicelock#accountlockoutpolicy). + +| Error code | Error cause | Resolution| +|-|-|-| +|`E_FVE_DEVICE_LOCKEDOUT`|Device lockout triggered due to too many incorrect sign in attempts.|A BitLocker recovery method is required to return to the logon screen.| +|`E_FVE_DEVICE_LOCKOUT_MISMATCH`|The device lockout counter is out of sync. |A BitLocker recovery method is required to return to the logon screen.| + +### Boot configuration + +The *Boot Configuration Database (BCD)* contains critical information for the Windows boot environment. More information about how BitLocker uses the BCD is available here. + +| Error code | Error cause | Resolution| +|-|-|-| +|`E_FVE_BAD_CODE_ID, E_FVE_BAD_CODE_OPTION`|BitLocker entered recovery mode because a boot application has changed.|BitLocker tracks the data inside the BCD. BitLocker recovery can occur when this data changes without warning. Refer to the recovery screen to find the boot application that changed.
To remediate this issue, restore the BCD configuration. A BitLocker recovery method is required to unlock the device if the BCD configuration cannot be restored before booting.| + +### TPM + +The Trusted Platform Module (TPM) is cryptographic hardware or firmware used to secure a device. More information about the TPM is available at Trusted Platform Module Technology Overview - Windows Security | Microsoft Learn. + +BitLocker creates a TPM protector to manage protection of the encryption keys used to encrypt your data. At boot, BitLocker attempts to communicate with the TPM to unlock the device and access your data. More information about how BitLocker uses the TPM is available at BitLocker overview - Windows Security | Microsoft Learn. + +BitLocker entered recovery mode because of a failure with the TPM. + +| Error code | Error cause | +|-|-| +|`E_FVE_TPM_DISABLED` | A TPM is present but has been disabled for use before or during boot| +|`E_FVE_TPM_INVALIDATED` | A TPM is present but invalidated| +|`E_FVE_BAD_SRK` | The TPM's internal Storage Root Key is corrupted| +|`E_FVE_TPM_NOT_DETECTED` | The booting system doesn't have or doesn't detect a TPM| +|`E_MATCHING_PCRS_TPM_FAILURE`| The TPM unexpectedly failed when unsealing the encryption key| +|`E_FVE_TPM_FAILURE` | Catch-all for other TPM errors.| + +### Protector + +#### TPM protectors + +The TPM contains multiple Platform Configuration Registers (PCRs) that can be used in the validation profile of the BitLocker TPM protector. The PCRs are used to validate the integrity of the boot process, that is, that the boot configuration and boot flow hasn't been tampered with. + +BitLocker recovery can be the result of unexpected changes in the PCRs used in the TPM protector validation profile. Changes to PCRs not used in the TPM protector profile do not influence BitLocker. + +| Error code | Error cause | +|-|-| +|`E_FVE_PCR_MISMATCH`|BitLocker entered recovery mode because your device's configuration has changed.| + +This may have happened because: + +- A disc or USB device was inserted. Removing it and restarting your device may fix this problem +- A firmware update was applied without updating the TPM protector +- Any example at https://learn.microsoft.com/en-us/windows/security/operating-system-security/data-protection/bitlocker/recovery-overview#bitlocker-recovery-scenarios + +A recovery method is required to unlock the device. + +#### Special cases for PCR 7 + +If the TPM protector uses PCR 7 in the validation profile, BitLocker expects PCR 7 to measure a specific set of events for Secure Boot. These measurements are defined in the UEFI spec. More information is also available at Trusted Execution Environment EFI Protocol - Windows 8.1 HCK | Microsoft Learn. + +| Error code | Error cause |Resolution| +|-|-|-| +|`E_FVE_SECUREBOOT_DISABLED`|BitLocker entered recovery mode because Secure Boot has been disabled.|To access the encryption key and unlock your device, BitLocker expects Secure Boot to be on. Re-enabling Secure Boot and rebooting the system may fix the recovery issue. Otherwise, a recovery method is required to access the device.| +|`E_FVE_SECUREBOOT_CHANGED`|BitLocker entered recovery mode because the Secure Boot configuration unexpectedly changed.|The boot configuration measured in PCR 7 changed. This may be either because of:
- An additional measurement currently present that was not present when BitLocker updated the TPM protector
- A missing measurement that was present when BitLocker last updated the TPM protector but now is not present
- An expected event has a different measurement - A recovery method is required to unlock the device.| + +### Unknown + +| Error code | Error cause | Resolution| +|-|-|-| +|`E_FVE_RECOVERY_ERROR_UNKNOWN`| BitLocker entered recovery mode because of an unknown error. | A recovery method is required to unlock the device.| \ No newline at end of file diff --git a/windows/security/operating-system-security/data-protection/bitlocker/recovery-screen.md b/windows/security/operating-system-security/data-protection/bitlocker/recovery-screen.md index d8011c5ef4..e21c99ddaf 100644 --- a/windows/security/operating-system-security/data-protection/bitlocker/recovery-screen.md +++ b/windows/security/operating-system-security/data-protection/bitlocker/recovery-screen.md @@ -7,6 +7,11 @@ ms.date: 06/18/2024 ## Recovery error details and their causes +Starting in Windows 11, version 24H2, the BitLocker preboot recovery screen improves the information about the recovery error. Instead of displaying specialized messages, the recovery error contains an *error category* and *code*. The error category and code map to a webpage with detailed scenario-specific content. + + +## Recovery error details and their causes 2 + [!INCLUDE [insider-note](../../../../../includes/insider/insider-note.md)] BitLocker recovery is the process by which access to a BitLocker-protected drive can be restored if the drive doesn't unlock using its default unlock mechanism. From 180ab5768c5d619048d5370ddc1477f8fd5e5cf4 Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Tue, 18 Jun 2024 17:06:02 -0400 Subject: [PATCH 05/36] updates --- .../bitlocker/preboot-recovery-screen.md | 107 +++++++++++++++ .../bitlocker/recovery-screen-error-codes.md | 128 ------------------ .../bitlocker/recovery-screen.md | 5 - .../data-protection/bitlocker/toc.yml | 2 +- 4 files changed, 108 insertions(+), 134 deletions(-) delete mode 100644 windows/security/operating-system-security/data-protection/bitlocker/recovery-screen-error-codes.md diff --git a/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md b/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md index ce03b1fa0b..388cd58e51 100644 --- a/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md +++ b/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md @@ -187,3 +187,110 @@ There are rules governing which hint is shown during the recovery (in the order :::image type="content" source="images/preboot-recovery-multiple-passwords-multiple-backups.png" alt-text="Screenshot of the BitLocker recovery screen showing the key ID of the most recent key." lightbox="images/preboot-recovery-multiple-passwords-multiple-backups.png" border="false"::: :::column-end::: :::row-end::: + +Starting in Windows 11, version 24H2, the BitLocker preboot recovery screen improves the information about the recovery error. Instead of displaying specialized messages, the recovery error contains an *error category* and *code*. The error category and code map to a webpage with detailed scenario-specific content. + +:::row::: + :::column span="2"::: + For example, the recovery screen is showing the error cause, an error code and the option to review additional information + :::column-end::: + :::column span="2"::: + :::image type="content" source="images/bitlocker-recovery-screen-24h2.png" alt-text="Screenshot of the BitLocker recovery screen showing a custom message." lightbox="images/bitlocker-recovery-screen-24h2.png" border="false"::: + :::column-end::: +:::row-end::: +:::row::: + :::column span="2"::: + If you press Alt, the **additional recovery information** screen is displayed. This screen contains the **error category and code** that you can use to retrieve more details by visiting [https://aka.ms/unlockissues](), which maps to the next section of this document. + :::column-end::: + :::column span="2"::: + :::image type="content" source="images/bitlocker-recovery-screen-24h2-additional-info.png" alt-text="Screenshot of the BitLocker recovery screen showing a custom message." lightbox="images/bitlocker-recovery-screen-24h2-additional-info.png" border="false"::: + :::column-end::: +:::row-end::: + +The next sections describe each BitLocker error category. Within each section there's a table with the error message displayed on the recovery screen, and the cause of the error. Some tables include possible resolution. + +### Error category: Originated by user + +| Error code | Error cause | +|-|-| +|`E_FVE_USER_REQUESTED_RECOVERY`|The user explicitly entered recovery mode from a screen with the option to `ESC` to recovery mode.| +|`E_FVE_BOOT_DEBUG_ENABLED`|Boot debugging mode is enabled. |Remove the boot debugging option from the boot configuration database.| + +### Error category: Code integrity + +Driver signature enforcement is used to ensure code integrity of the operating system. + +| Error code | Error cause | +|-|-| +|`E_FVE_CI_DISABLED`|Driver signature enforcement is disabled.| + +### Error category: Device lockout threshold + +Device lockout threshold functionality allows an administrator to configure Windows logon with BitLocker protection. After the configured number of failed Windows logon attempts, the device reboots and can only be recovered by providing a BitLocker recovery method. + +To take advantage of this functionality, you must configure the policy setting **Interactive logon: Machine account lockout threshold** located in **Computer Configuration** > **Windows Settings** > **Security Settings** > **Local Policies** > **Security Options**. Alternatively, use the [Exchange ActiveSync](/Exchange/clients/exchange-activesync/exchange-activesync) **MaxFailedPasswordAttempts** policy setting, or the [DeviceLock Configuration Service Provider (CSP)](/windows/client-management/mdm/policy-csp-devicelock#accountlockoutpolicy). + +| Error code | Error cause | Resolution| +|-|-|-| +|`E_FVE_DEVICE_LOCKEDOUT`|Device lockout triggered due to too many incorrect sign in attempts.|A BitLocker recovery method is required to return to the logon screen.| +|`E_FVE_DEVICE_LOCKOUT_MISMATCH`|The device lockout counter is out of sync. |A BitLocker recovery method is required to return to the logon screen.| + +### Error category: Boot configuration + +The *Boot Configuration Database (BCD)* contains critical information for the Windows boot environment. More information about how BitLocker uses the BCD is available here. + +| Error code | Error cause | Resolution| +|-|-|-| +|`E_FVE_BAD_CODE_ID, E_FVE_BAD_CODE_OPTION`|BitLocker entered recovery mode because a boot application has changed.|BitLocker tracks the data inside the BCD. BitLocker recovery can occur when this data changes without warning. Refer to the recovery screen to find the boot application that changed.
To remediate this issue, restore the BCD configuration. A BitLocker recovery method is required to unlock the device if the BCD configuration cannot be restored before booting.| + +### Error category: TPM + +The Trusted Platform Module (TPM) is cryptographic hardware or firmware used to secure a device. More information about the TPM is available at Trusted Platform Module Technology Overview - Windows Security | Microsoft Learn. + +BitLocker creates a TPM protector to manage protection of the encryption keys used to encrypt your data. At boot, BitLocker attempts to communicate with the TPM to unlock the device and access your data. More information about how BitLocker uses the TPM is available at BitLocker overview - Windows Security | Microsoft Learn. + +BitLocker entered recovery mode because of a failure with the TPM. + +| Error code | Error cause | +|-|-| +|`E_FVE_TPM_DISABLED` | A TPM is present but has been disabled for use before or during boot| +|`E_FVE_TPM_INVALIDATED` | A TPM is present but invalidated| +|`E_FVE_BAD_SRK` | The TPM's internal Storage Root Key is corrupted| +|`E_FVE_TPM_NOT_DETECTED` | The booting system doesn't have or doesn't detect a TPM| +|`E_MATCHING_PCRS_TPM_FAILURE`| The TPM unexpectedly failed when unsealing the encryption key| +|`E_FVE_TPM_FAILURE` | Catch-all for other TPM errors.| + +### Error category: Protector + +#### TPM protectors + +The TPM contains multiple Platform Configuration Registers (PCRs) that can be used in the validation profile of the BitLocker TPM protector. The PCRs are used to validate the integrity of the boot process, that is, that the boot configuration and boot flow hasn't been tampered with. + +BitLocker recovery can be the result of unexpected changes in the PCRs used in the TPM protector validation profile. Changes to PCRs not used in the TPM protector profile do not influence BitLocker. + +| Error code | Error cause | +|-|-| +|`E_FVE_PCR_MISMATCH`|BitLocker entered recovery mode because your device's configuration has changed.| + +This may have happened because: + +- A disc or USB device was inserted. Removing it and restarting your device may fix this problem +- A firmware update was applied without updating the TPM protector +- Any example at https://learn.microsoft.com/en-us/windows/security/operating-system-security/data-protection/bitlocker/recovery-overview#bitlocker-recovery-scenarios + +A recovery method is required to unlock the device. + +#### Special cases for PCR 7 + +If the TPM protector uses PCR 7 in the validation profile, BitLocker expects PCR 7 to measure a specific set of events for Secure Boot. These measurements are defined in the UEFI spec. More information is also available at Trusted Execution Environment EFI Protocol - Windows 8.1 HCK | Microsoft Learn. + +| Error code | Error cause |Resolution| +|-|-|-| +|`E_FVE_SECUREBOOT_DISABLED`|BitLocker entered recovery mode because Secure Boot has been disabled.|To access the encryption key and unlock your device, BitLocker expects Secure Boot to be on. Re-enabling Secure Boot and rebooting the system may fix the recovery issue. Otherwise, a recovery method is required to access the device.| +|`E_FVE_SECUREBOOT_CHANGED`|BitLocker entered recovery mode because the Secure Boot configuration unexpectedly changed.|The boot configuration measured in PCR 7 changed. This may be either because of:
- An additional measurement currently present that was not present when BitLocker updated the TPM protector
- A missing measurement that was present when BitLocker last updated the TPM protector but now is not present
- An expected event has a different measurement - A recovery method is required to unlock the device.| + +### Error category: Unknown + +| Error code | Error cause | Resolution| +|-|-|-| +|`E_FVE_RECOVERY_ERROR_UNKNOWN`| BitLocker entered recovery mode because of an unknown error. | A recovery method is required to unlock the device.| \ No newline at end of file diff --git a/windows/security/operating-system-security/data-protection/bitlocker/recovery-screen-error-codes.md b/windows/security/operating-system-security/data-protection/bitlocker/recovery-screen-error-codes.md deleted file mode 100644 index 1cef2bf337..0000000000 --- a/windows/security/operating-system-security/data-protection/bitlocker/recovery-screen-error-codes.md +++ /dev/null @@ -1,128 +0,0 @@ ---- -title: BitLocker recovery errors and their causes -description: -ms.topic: how-to -ms.date: 06/18/2024 ---- - -## Recovery error details and their causes - -Starting in Windows 11, version 24H2, the BitLocker preboot recovery screen improves the information about the recovery error. Instead of displaying specialized messages, the recovery error contains an *error category* and *code*. The error category and code map to a webpage with detailed scenario-specific content. - -:::row::: - :::column span="2"::: - For example, the recovery screen is showing the error cause, an error code and the option to review additional information - :::column-end::: - :::column span="2"::: - :::image type="content" source="images/bitlocker-recovery-screen-24h2.png" alt-text="Screenshot of the BitLocker recovery screen showing a custom message." lightbox="images/bitlocker-recovery-screen-24h2.png" border="false"::: - :::column-end::: -:::row-end::: -:::row::: - :::column span="2"::: - If you press Alt, the **additional recovery information** screen is displayed. This screen contains the **error category and code** that you can use to retrieve more details by visiting https://aka.ms/unlockissues, which maps to the next section of this document. - :::column-end::: - :::column span="2"::: - :::image type="content" source="images/bitlocker-recovery-screen-24h2-additional-info.png" alt-text="Screenshot of the BitLocker recovery screen showing a custom message." lightbox="images/bitlocker-recovery-screen-24h2-additional-info.png" border="false"::: - :::column-end::: -:::row-end::: - - - -The next sections describe each BitLocker error category. Within each section there's a table with the error message displayed on the recovery screen, and the cause of the error. Some tables include possible resolution. - -### Originated by user - -| Error code | Error cause | -|-|-| -|`E_FVE_USER_REQUESTED_RECOVERY`|The user explicitly entered recovery mode from a screen with the option to `ESC` to recovery mode.| -|`E_FVE_BOOT_DEBUG_ENABLED`|Boot debugging mode is enabled. |Remove the boot debugging option from the boot configuration database.| - -### Code integrity - -Driver signature enforcement is used to ensure code integrity of the operating system. - -| Error code | Error cause | -|-|-| -|`E_FVE_CI_DISABLED`|Driver signature enforcement is disabled.| - -### Device lockout threshold - -Device lockout threshold functionality allows an administrator to configure Windows logon with BitLocker protection. After the configured number of failed Windows logon attempts, the device reboots and can only be recovered by providing a BitLocker recovery method. - -To take advantage of this functionality, you must configure the policy setting **Interactive logon: Machine account lockout threshold** located in **Computer Configuration** > **Windows Settings** > **Security Settings** > **Local Policies** > **Security Options**. Alternatively, use the [Exchange ActiveSync](/Exchange/clients/exchange-activesync/exchange-activesync) **MaxFailedPasswordAttempts** policy setting, or the [DeviceLock Configuration Service Provider (CSP)](/windows/client-management/mdm/policy-csp-devicelock#accountlockoutpolicy). - -| Error code | Error cause | Resolution| -|-|-|-| -|`E_FVE_DEVICE_LOCKEDOUT`|Device lockout triggered due to too many incorrect sign in attempts.|A BitLocker recovery method is required to return to the logon screen.| -|`E_FVE_DEVICE_LOCKOUT_MISMATCH`|The device lockout counter is out of sync. |A BitLocker recovery method is required to return to the logon screen.| - -### Boot configuration - -The *Boot Configuration Database (BCD)* contains critical information for the Windows boot environment. More information about how BitLocker uses the BCD is available here. - -| Error code | Error cause | Resolution| -|-|-|-| -|`E_FVE_BAD_CODE_ID, E_FVE_BAD_CODE_OPTION`|BitLocker entered recovery mode because a boot application has changed.|BitLocker tracks the data inside the BCD. BitLocker recovery can occur when this data changes without warning. Refer to the recovery screen to find the boot application that changed.
To remediate this issue, restore the BCD configuration. A BitLocker recovery method is required to unlock the device if the BCD configuration cannot be restored before booting.| - -### TPM - -The Trusted Platform Module (TPM) is cryptographic hardware or firmware used to secure a device. More information about the TPM is available at Trusted Platform Module Technology Overview - Windows Security | Microsoft Learn. - -BitLocker creates a TPM protector to manage protection of the encryption keys used to encrypt your data. At boot, BitLocker attempts to communicate with the TPM to unlock the device and access your data. More information about how BitLocker uses the TPM is available at BitLocker overview - Windows Security | Microsoft Learn. - -BitLocker entered recovery mode because of a failure with the TPM. - -| Error code | Error cause | -|-|-| -|`E_FVE_TPM_DISABLED` | A TPM is present but has been disabled for use before or during boot| -|`E_FVE_TPM_INVALIDATED` | A TPM is present but invalidated| -|`E_FVE_BAD_SRK` | The TPM's internal Storage Root Key is corrupted| -|`E_FVE_TPM_NOT_DETECTED` | The booting system doesn't have or doesn't detect a TPM| -|`E_MATCHING_PCRS_TPM_FAILURE`| The TPM unexpectedly failed when unsealing the encryption key| -|`E_FVE_TPM_FAILURE` | Catch-all for other TPM errors.| - -### Protector - -#### TPM protectors - -The TPM contains multiple Platform Configuration Registers (PCRs) that can be used in the validation profile of the BitLocker TPM protector. The PCRs are used to validate the integrity of the boot process, that is, that the boot configuration and boot flow hasn't been tampered with. - -BitLocker recovery can be the result of unexpected changes in the PCRs used in the TPM protector validation profile. Changes to PCRs not used in the TPM protector profile do not influence BitLocker. - -| Error code | Error cause | -|-|-| -|`E_FVE_PCR_MISMATCH`|BitLocker entered recovery mode because your device's configuration has changed.| - -This may have happened because: - -- A disc or USB device was inserted. Removing it and restarting your device may fix this problem -- A firmware update was applied without updating the TPM protector -- Any example at https://learn.microsoft.com/en-us/windows/security/operating-system-security/data-protection/bitlocker/recovery-overview#bitlocker-recovery-scenarios - -A recovery method is required to unlock the device. - -#### Special cases for PCR 7 - -If the TPM protector uses PCR 7 in the validation profile, BitLocker expects PCR 7 to measure a specific set of events for Secure Boot. These measurements are defined in the UEFI spec. More information is also available at Trusted Execution Environment EFI Protocol - Windows 8.1 HCK | Microsoft Learn. - -| Error code | Error cause |Resolution| -|-|-|-| -|`E_FVE_SECUREBOOT_DISABLED`|BitLocker entered recovery mode because Secure Boot has been disabled.|To access the encryption key and unlock your device, BitLocker expects Secure Boot to be on. Re-enabling Secure Boot and rebooting the system may fix the recovery issue. Otherwise, a recovery method is required to access the device.| -|`E_FVE_SECUREBOOT_CHANGED`|BitLocker entered recovery mode because the Secure Boot configuration unexpectedly changed.|The boot configuration measured in PCR 7 changed. This may be either because of:
- An additional measurement currently present that was not present when BitLocker updated the TPM protector
- A missing measurement that was present when BitLocker last updated the TPM protector but now is not present
- An expected event has a different measurement - A recovery method is required to unlock the device.| - -### Unknown - -| Error code | Error cause | Resolution| -|-|-|-| -|`E_FVE_RECOVERY_ERROR_UNKNOWN`| BitLocker entered recovery mode because of an unknown error. | A recovery method is required to unlock the device.| \ No newline at end of file diff --git a/windows/security/operating-system-security/data-protection/bitlocker/recovery-screen.md b/windows/security/operating-system-security/data-protection/bitlocker/recovery-screen.md index e21c99ddaf..42159aad7b 100644 --- a/windows/security/operating-system-security/data-protection/bitlocker/recovery-screen.md +++ b/windows/security/operating-system-security/data-protection/bitlocker/recovery-screen.md @@ -9,11 +9,6 @@ ms.date: 06/18/2024 Starting in Windows 11, version 24H2, the BitLocker preboot recovery screen improves the information about the recovery error. Instead of displaying specialized messages, the recovery error contains an *error category* and *code*. The error category and code map to a webpage with detailed scenario-specific content. - -## Recovery error details and their causes 2 - -[!INCLUDE [insider-note](../../../../../includes/insider/insider-note.md)] - BitLocker recovery is the process by which access to a BitLocker-protected drive can be restored if the drive doesn't unlock using its default unlock mechanism. Prompting for the recovery password or other recovery method defends against suspected unauthorized access to user data by an attacker. Providing the recovery password allows BitLocker to confirm that the owner of the device is in possession of the device in recovery, and that the device and stored data should become accessible. diff --git a/windows/security/operating-system-security/data-protection/bitlocker/toc.yml b/windows/security/operating-system-security/data-protection/bitlocker/toc.yml index cda7e92884..80e9036156 100644 --- a/windows/security/operating-system-security/data-protection/bitlocker/toc.yml +++ b/windows/security/operating-system-security/data-protection/bitlocker/toc.yml @@ -17,7 +17,7 @@ items: href: recovery-process.md - name: Preboot recovery screen href: preboot-recovery-screen.md - - name: Preboot recovery screen refresh + - name: 👷 Preboot recovery screen refresh href: recovery-screen.md - name: How-to guides items: From 25ee501bdfe298420c7fabe1d9c5a3713880eacf Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Tue, 18 Jun 2024 17:25:04 -0400 Subject: [PATCH 06/36] update --- .../images/bitlocker-recovery-screen-24h2.png | Bin 98162 -> 98057 bytes .../bitlocker/preboot-recovery-screen.md | 8 +++++--- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/windows/security/operating-system-security/data-protection/bitlocker/images/bitlocker-recovery-screen-24h2.png b/windows/security/operating-system-security/data-protection/bitlocker/images/bitlocker-recovery-screen-24h2.png index b14c4801e3843b0a8d94c09ce3c6791c98bc642a..f47965baf29254af2dacf2bbe8ae27b6eb96cf10 100644 GIT binary patch delta 62749 zcmX_ncT^Kw`!%A74Y^(w1PrLC^rAEg0&BMvs5AjX3naAA z6C^Yd6#)SuB!Ps0N=-tM8X%Mp@9$mT{E^9;m2>7y&OXocoW1uf?Fjt4Bk;+!`_TNrmy|;ra@VhFzcNYbKk#+G_l&3NV!a+= zEh1u$PS}~JWY72TG+5Qc&0Hr!sXxW3v8Ak3-N|!&;+AEzZLCOA>dUnJPt-BHgc_7J z!g|{Hq2AM6>m74sTxxA2K-u0N_1T%&DTB)f&yK}{gaLgF$_lPVj4i8vFuXK1t?Vx4 z!GZew4>m1vlPTc1+SfQ?8-Izdx`{bsgz2Oh(ZI2Jvp=ocP1BI2aER`mX+pOGiGkwgyOqc*Vy26O5~3nHB(v_sC!(tB^#S*jJ{2UJVpXn`_YJi==Sj2t)hl0yAM48J8D^+i@{r2Npy9)`qZ99%klv>3!C z7X{=G5O!;~qMTFYu zMo%E#2r*K;Y}S?(h%XO_L1&0;S>Z6)FlfRHJ2 z->wVAkwA`*+ z9L-YYAz2aqya3_DvNPB%@)gqSCr&Broq{fs{yOm$QsrQcScX!Chqa$Ik|2zjnvb0N zIpgzjb)S-u{7rm^Ts49ncAaf*t7@HVEjgoxblG=|bB*ewA#Tpu0U$epxBHN7%NGoC>L=0U!2)^$_N zl6{-S+-`J|pg?pf2W(f=BfR6pTwxf3`g+IkVI5g`4ILLbS?u*g#^$Vjr~5a^Fv+7e z)**g6Fx>J8HZ~TR+*WCXKRkKlM}l-jtw*1fm$&r#mtePvA|LC!_dj=;EtEZo4PGdR zidpFR!`H9S!bc{I9?`2isQGnkMV;;HBCq611DtS(n#mJ2;X5;J@tQ+~`q}6(@>N`9 zX~N^euGLay0o&7_)D4?kaNN>4m10lKRJTz{@5?PkSAYTV$B1kZ35|(#ntYgY38X(n z>b}8Dx$%kaAjo_+vee6ut8if*n?#kBA<2jWO{fjyk0Y}vyO%Q(bKv{ zXrl%S$9F}HwWwxqX7nEMQ8*TjcgdN0J?8plz>605OH(z=K-IGYYAovHBBkvFKd01GD<`*QDSYJmXq4rsMhmqpXj?z zu-BkA7UeE5w$)n|IOrNIn1LX9#wBOAvix>4#u{f`p)zmqWj@fh5{w$vdc3ldroLTZ zVSqTt!#qz)qFY;?qlV02mGwpg+4m3@&A=KXVPx?c=q>m-r1`BtVdd)C1ZwbV@=Y}7 z2x%heJzl4omFN8!N#QpslXUnSl<92{Y@P6<|EsSIV(F>$<5kDBe@83%s`$fNBezWk zQXdC{eLf;~oIlj5`D=!k+l{p&3^m@^BP{&%e^945Lart8Ln;y5_8rBW^SMWlpi3e3zIDHgr4bjhtJz zr&7gsZGv)Ejs#fP_VUk}%_dUGc>fju!IsAwN9c{4S>X=T0-pn)_+R@thP~`k%2IFU zyI&4cz~sGRR}fV@&ez-+ews`GBwIJzMbT z0(s8gJ6ZAVwYjCi`IwJ&!^aM2CO-3=>#ax2z2wD*B$AhJY&l*SjP;xFekg4F2|JC_ zHNPTz^r3yjnueqI$AKW|+iU|mpVlVgk*1wr4X2)7p{R7UU@|AkSy^&2c;C(|`mZ6I zxvb&yfyT2rQ_Q;U6%K~k{smatS_<2k-S0(4PgifAl^8D9yg|FrgWdOEkYqUQKXVh; zi;c)}V{U7&|56!A2Ah0DWfBx>Ut31*lN2Z$eEohfJ7<7D&rABe;=`4ni>*`PA4*Qj z!5Ra+UCff+59)bJQ)I4x%GPfIzDR&oheEbN+0) z1K%f9J5|08A??A5>opGsH$wG=F9gdkU4`jL=Pw(r422CId48;Bst|lkDevsbGM$~x zx7C|L(`Je;;?1WOA_RnO=Hm|}bj>b=&2|`_ql(Q1`6c0T4RSq}`VVc=?U#&XRK?52 zA-=hq^3`$@KP9rA04Bd@wV=J?jrr*iSH?v{OvNfvVl_YMgmtOZ+6}X}Ql<8$Wmx7h zoabY58%o&ZwOfdr!nZ#gO)Ipnh&8+ED}Rl>3yx%!1bQdQbLQoBv)XR@1%|F2 ztY+~%gaO18ZzH&U@Yq&e0_PK5or_q2mE$ER?p~+$BH`Kdi>KcvLnyjmv${($M`oVs zBY#}*T)lE~up_N`b&+aFA=^whw=@YR%*LI-#vc3wnr|XTd>%7{hf^Se$l7dIC@7}- z1g-$pb6?)oja#zWTjw7sO}^*-*!XjtNz#+O2N6ix>b2bgGR%O7q3Ao7?+N%|H@oX!XVhJiwfX5n*m17)tZONY#?wtUAMe#rJi+ z(mI}5xZ46>Ec_iv@W^mkqu<g!_xU+c6{giLTHHd~arARAL8#(B7HrHrk2$ zUD|7Tsq_aFKe$<(MbEci8BZU-*!gzWw7yrEd*haPG&5CAEwPh7P2s3<+*BH2Eox>x zqJPfGo!X`NPWK{~T|8InSO2=iw7a^nrP{D(f33W+LU*7pvwB5xx^2e%l%tDstKKL2 z{fhudDc>Tu%HS%k!k;f zvE?la->u5^U*(ZbEN@eW#X`>1$T@BMnV!Dbzd_(wQgkf#Afx~FBut;o&xc?XJ{(OAf+HUfp~nuknqe zhvko5B~=81>{=CTR*iy_TY}x5zOEGc3jF}3 z2a1H-rBofCN~_&%!3VievYGK0epWN??5i$PzE|UQX{SC)^+NFBf4}eaiZ5j!<^Qm= z|2)#tRctbCm8;FNiz;$F7>0M)osv1dpj%dX(ph5;2d0&h;5WFjo_BRj?sqbU(44!o`z~aQJ4N~nmkrTd6BQ=fHV&$_KWD~o(oRbB zxJ<{L_=68V_65F|oC=+S+n5cDXbDh$0c&646VQC*zB1wvJtkJr>)MN|>~tfR3QSsw z<4Km4=UlVz2uicIieZ>?C$V1|;rTr6On_`)&%Jif?;C6yL3ET^%Rf1GX_?8~kE%F^ zLmh)?%>H->skY{7F5!E9BOtso_oq_#kKo|B$?E)WoKN1<^vscSiTsxY<@NH;RVQ3a zb*m-B)<3p7f-QDF{Y2PU%Bjl5KqV@#O?Z7>`b0Z|xjaPweK&6i+fIas(N47L0st}~ zTe7Y<{zTR==1(Pd)_Jf-UE+f-@t-DzWzc79ChwIMbrFq zvkyKh(>rvpHvW0*e4wnzt-;h5L-m`_*rg~L5qB4ArV*1J8mR6UnDqbzTiaQWmt9je z8eXky)CYmutAcqwGjH(m4bj1mR{UTxc%xmhhrt(-OZ?UA2^&z> zJy){kAgnpmu1FeFgk89?TGx3@(P*PcQ@&D9UTT|@#ate7QjKrVgL*N5mxseE{CA0K zHIg+){4R?Kl;V31`AGaX!+G+1d$f~-k;IUtoR;GzT9@GT!w!V;cK+5)b4TN(q#4<4 zBPi&~&td_IW-k^2Wel9Uo3cW?iw@BA_j&cyj@%YHK1@QF! z^}iA(X_an$ZUMHD)Vd%aj=Fa)^R3$FD%rOl)2{_wxBO-`fPzv#@s|+Wh5Dz|oM~LZ z?YWXB4`JRr6-Q%jO^+w+M@wEKkPg@F^T#FnvDVd4<6j7-fINz-Ln|FHX*K9QnwElU zRjl$|=*G&T1W8JHq7sK;o(5OdRwK(t<=-o>)eBpWywgEfS?(hjT)IfbD;^IM17(cj z5-u$H4mJ${_L_fR{}O}!k*^VT?ibatb~jD>tacU?7`d|%_p0;-6{do54@kT5o}Whg zVso2!4*p0f_fGw2#=k{v>F2FYYx9c}TDU`@b#Ax}^E?UZT zmQuev4YDg~gGpMATFdKyvr|_Df40;{KgLY?i*K)90QmUS7ljY23KlP$?vq5+4Edh! z5A)O1xO(6X>v(d-e29a1tzWpHnFmzd0OQ_8thcb)c?sUkD)%S_7xgj=9(@_G;45MI zPRx^l{?`O#d(3*^i@QnU*~#iJ%%|TNF&T9|5bSw7zG1qU?yJ8n7|QAPw)BIo7&^a9 zB-u|{>5$}cQ@_y~UZ1i<1|AsNd&y!u#v*#11YLCAs;LX_C0^YWIm$NY}o3Y%ICPNQP=Q+{z2JdH`EjcZHe>TZv$s3U5>)iCTKyq*}G?3qbadvuG0XX z%Sc5Le4AH)g`pajWRKR#&mn(fE$DcmuhfEypkN>BA^eq*shg&DGFz5}#Hfc?-)YTF@APJc^a%jaxXmq;akiZ$NW0tgvC@&Hl4TfFZwle+pK7dGQx72Z z&9cGfl)Gn-8c`sC3wzLZQ=`b;(H(1U{g(qe1dPhaamwLs426Wz%q*61roW3JY?J8e z4NApHTc|pf#b>8_xpIGqcdF0sAzi#}S?@ zoUfQ2bmoxF{SN|Z7s!w-hYeV42^yN?`0D)5Mmc87rv3FDh~tOwg`c~o^j88_A}a(Q zaz?QRV61#zmBC_bsK0!`u6V-qvr0{4666%3P^ zVc&WsD_fsU=iGs^O*@fy#JoF>RTVnFnkUZZ+_idSjp18f`ht~J(OJ9C9=;yi=#a6u zkxbyeTv}`pr|pmyM422fjQ=iunN)$Oz0%w|Utf6J$^yWUipsBNDMIq#@(|LF?;P_& z?6zGq4LsoAdQX^7L=G7on0ZjABMhE|_J|*q`j?$VXEh0G2Rcpu-j~(X=isE_0)U2f zXQV5xhq>hRb({Yex~EjIkG{OSi+M!Rt_`0A1--b{OyvBaRj8RkH%dYkI3o?6Ne66v zlE6UTmLEoA8wZx=UguRE-2$;+Zdy;LgIO9`6eH1M=oc(RXsoPXi@n}?RB~_c-0FPa z?|IUNI_}_J0AM>nW97~ik4vVa)ZQHjOW39${*te{|NFDsMU_^r?c{jX>KhvVeM6f1 zv$~dd5MFT}hB{*-L*(CY+K9@ZFTS315U765sMaXaxZ0T{YnD8>RaDlw4o@5j5P1@U z=CY;JF&fz;Fe##b{NWi2BVOe?6&n0`?I-`IGT#0{@#?}QvJa3OG;V`@SGoYU zn9KzC(-zi~J*_&xpr$TCG0Ye<eI3)Qc!VDNqMF-y$GsUe3Yt$|4|vGo4v%&!#ieYXo&>s+Fspk2n1qWbD01IePoE8Ox=jl zZnpg1jvy(s9ag@-?Q-n+MUG9q+)QgVVs9Ub?qJtT&fJkWJxYep9}sWn_!HA-KM!P{ zW%pjppJVIg1vVyJknYvcNz#MaNzxPMZ?ds2w1-LWnQX~aQtbnYyl7iq1t%R+R7sl+ zjc80z`T}kPzMb5oD_5^58n+%#*y3f3?J`2R+C_dmX!n}}p0vWknO3+xQvIU??M4w} zp1c+IbPlDvQZ&AMWjmJ%g|kOGP7$E7S#*-1z#rh}DIIup1viV}M2}8`$?&A>2=|h9 zb9Dd0L1?!3zWUJ1CEF;v^kmtLE`scq@Oao* zhf`0Ww55t3AbONXouyV&y~SgG7JG7R>{@)JGdPxl0hs*3VKL4jV6s_-nOeKM^UGs? ztYUxN$tP8)e~#unVZc2uKG&;s&+6)^tT(OgG7vua$*89IreoV#-Lof@+T-H|ut{KN zAnl-lqtbWef*N3YFpZKcus_*kgmF0Rlz>qdQK&S6eSkW>H{42}TyX=NJ)m7qRYs&U zOk|Gom#Mj8jJF@003{o-ry-4g!damLMK?$T3@v(Ep6xR8!BO;D&@aq^veDeGdmPk^8= zzn`FgWGz7v-(2a!A#TJry0;}_p-2fzWb3Gc5FN{&JV$#nzcMVqszKyU_^ z37u>nd(u(4qM$V2R(&J@h}r)KH>%kpTVdT&fcc}yk5o4s+_%A^vZA);K+}Qp6bJOM zVOt`20p10!EXB4SNvf#*@T+Q2DS`9)i$Mw5iae>e`OCQ9BD_q6Dkl!r%FXg62?I*x z;nD?SvSRVo_3E1`Qtmvgwy9kDvux9u(Rt$huqixqVdt<{C z%@6Bs)SAAH1w2{OiJ6N>j!n?vh?krHEr>G$2Oh;mmYcdyA+v@3URrnLW93Hn%IG*; zpplMx0R+InC1Za6zJdOnC4NVGX74-Zz+~x!XylPUf6Lwx+M$1uZwfDjUQL*O;EsSM zt%^?n4dXgM>*>#>o!!LKTr`D3#L~QovCD2JQ){>6vr1j#BAchR_Lp}b`@b&ue1-S9 zyXVws&<{G^d`OggNDBIl4h1I})=B07)VM)ptEQn$g|Gmip)sC^sU~1cB~8wJ+04Ow zSW*bqy_1wW_I@*Go|N*x-X3w1pC451o841cJh#@K2F=wqOXZ6BDh&=V^)8p`1XT7g z)$LZlTo-ap<`;;L&}%M$Wn>)`(-7LAx{Z!G2LGP&?4IvCY$xK-xYP@HE{}8Vx>S-< zeI``?cY|+xK_o76YGQD5qHBfVIrg(QRI>{CfNgq}_}g2wN+)cq@qq6?tIin9l$Gf; zZc7*FsgqHg8Qgev>HA`^MDVmx$j-+wt=8kwnv?Xi|LgR_R`m}YY-inr|9=IMpr9TdX0PNRthg~ z!I5||JFz?Ve{Np)Z_eMx(pm;lDvm?k&CU{q&K98E=S@i>IR?;K|LD;<^f5cd*lkO; z;lXM`;R{=?%IzGp*6YDhoLi)xvd&e_OziXw>wuEA;GH*HZ}~#g=;fWfV9PZr?Tr6F zwv=!e^hDqGQrrYLIOg@)Ygf~pgTd3uIW2G9uZ8J1XejL>6z0Q(nQv2|87c5xAbf-g zyEm0{Eo_oam}oya*86WLPEMDvU^%E_oc_xCmHi~5ETV-yvb{pl=uBe;bYfJ_T6n|A z3xBoC-(>#*>m$u8{AX?!sSw7^fHjXX zctTJZ$8ZMau1SHP@clsE(dh!78-BAN!*LHHRcCoDf8m6?VKY0H!iU(d!DAgh%$t0h zk>l}|Cz!R8mf=-VSt}6g*ykjJvE_Th`~Hh7 z2ip(1A7c)FZoR}91&=Og<@^AqH;hM8ou&48mp+p*rQldeW^axU5Sue|c>ZQbs~I2P zDjZlc;JWulOYVCnK^txN84(UrJmTAuN_2r{U{l7Lb}}V8*^JdTR?dmGue00h<_{Fl zRLmcn&Ca>w!>(&eheN^S;$U>pvNm<_H6&G*qF;^k69rp#c2b;st`y)i;3TG9TP!0n~ttSN(v$Tu1Dck7f8 z^bLb0WC1xyi&E(PEJUcgi~*?#wk=V1zP->&NWQSMNV|PAC5mk@*rU*@Y!eBj@Rn+} zsQ_G}biT1uk6s=CS#wLr))32XZ`2{aAvkYxM;pRg|EPoRb${{g)zkrNIl?Wf3(?4; z?1Ghk(c_H(K=Mf9JiqD_vD>w6k9j_)i(r}YupJAb0Vfj32j}%4C`az8tQe4}VJ>W! zEmK4u8Xk;ts_o51T5|H5(KecfggnLj5o(*dmKJH1fE|4!zlq!; z4BFKk-e^qImA+A@55b?|eE7bSxYJ_(@T?xl=dEQI!-eH@kM})lRcv?L6gryvBa&Bq zM}??Q7>Nn`yu7PcAK!(dX9LTYLOS~3|LM&esa2>EILr5I}qchIJP25DFIJPbqCNfN&!ZlnK_fcZsJnB1U-<$|YvH+A)nv7yhN!6QvN zipDw2-3#`+w%%Rw4vlYV7M~{w!|Z58N9b>k6TDduw`~vSw38(K=^}ni^O*26@Ye&t zx$P3NNM=*GOXL|3*5I0w@aGDRyWlxpL)uvB2CWd44P2&uEeLR(b+C~^1O>f&_k3dd zbx?x{CF%D_rvf)~JWE?@8=Mx=^pkgstJPQ3AvT35&zZ7r^kv~sJ_)$9N8zgOs)b8U zx!K256Z`Z9DJ`WhZy|cqZ+8YnyqHI`@8lFa>tA1luPoSB{>&djXs3slg&IW`NXf}( zydBam1mu3XMedee40lEX4x&r*8_SFe=?3o6EAmjK=BmBuRkUr2UN~?Emy@ts<-c>f zlhH~<$l`K_V=7v2y&{BkMU8caW{`Qf-I*x2a;0zG(ok;WZF5&}VprWf;jcd{Ictxv z)iwa7vLAl83G)KUQMKLCUX@K52=ilCOMwskS9t^5oTH5cd8l-R0=f6qs$U1~lYkHNKrsNk|{DKFg@1s?w6~dio zuKn3favs_mr}K-O#uIVlN8>fW>w4+zIP-14!!$#Eg$*R=K2~{?rJ_{Mhz+UqIV866B z4k)j+2C38QrQTbkSC# z42GZ2+*4N0YdvtXrp4$uy9&q+)*-J107vd@uDbGc_mW^t2dFzhAw`(HMTsnZVB^Ye zE_I`$T9dYoTUlX0n5T4eZQUk{?RPm?eVu29%5eDr1d_2)+NaRW{;P)*MkTIhV&{5t zd?dr+Mj{Uz=%Ht`byh29uGIw>U8$_-BAt$CAPgoJ-;4N7#p$Ty1j zc{QOl_WLC(L{rf8{gd*w897_Q6>1dz(~dfX5kf{}oT!_1_8fgv-L00mV^X!CDD_2T z=i+9=RonR1d+`2eE7zYBK&ED{Fi%c?FNOGZ>3kDWF3AywRO-wo+D}i=)hp+~<=ihr z+It_5vDI6(O8|ve=1P81oJ3x;u|(*uC95sG>+F`$ed{&dD)sU=rx0+V_-N`4FphK1 z(zIu3LKFtNHAWVhRM{OYqqv(YNW#Hh?eyXDvgbX*AXVp@-7FC=ZTU&`1U(oo`eT%6 znG_XuDlPHo#6y}YC|l~K#1r<~7YcWU>G6VKAKM6I2(TngzT~<(lrR-A0o6+`tI9Uh z;`7k#@@NE2Xd%Zb7fP4ObsK2L4oBj)XwAjF`v~!OWIo{Q*iAITH~oaPSc2%!)jI(u zoS14-9(a-_koLNw-!z*zUSEl5AWk_0Ficn}>X}z5CvL8>E8?+(uKlP}RC+{DZv~JD zL@il%)N8}_N3QCgX546n-$7RsJLi2$qxG+rdXRD#yG>|~wxjIuH(CC7>7@xGVOn^Cv~mnsC+wQ&f`ek9y~FS3qtr(e2rxDX){IwaP5t z-*~+H>e&uHRLxGtEw-}WqO|-YvQ+co7O@gTTPFqTy6XSsCC!cjTL>^e1~g7W)?Rfi zrEroZBm;DWpMI*iYuh_n8U~zd)MGUJ4b5+GEl670VZRzvF1|Vs#H;KSL_umpsr>Bl zq%t$w)!mj)y>}@K4pCK;J-f3yDmJ1ku@S;QC;}7}0_0~*gIjXhp@s3SF!qikYo*Uv zVSmi!HS~`kiOH)mGD9pQOYSI!(;6OpmKr)fPmbRr>)8t0ik2OG#B4w8=lE>Z&Z~5; ztk>qQu&X>XHs(3Nq)F+-$Z=h_ejIJRkC0XbK$T19&W4nM^TIf;c{2t&yAQj2p{?dh z58c9*4(tKr5pnA#|FKN4df*E!#7N0aQ%*8-4x3-5S6Z#aE~k%)d5L?Vg?2Kqhjcx~wxYdB)vd;oX?Cfq}3BK_UA{O+wbuHk<; zmP@;WdQ4k$zG$(pb#>zcPxVda`27k@^>LLf4)xZgzN&2!G8TFMSh!1uGve5IRbqR& zE6Q!^;6=r4TcdOK6i@j()(QTKCLZXl>LnUaNj6B4k2Kk%pKKM$@14)csKYJ0PSMayKcADIJhVQ1#36ruuail`3*MaHWNB_o#<0%(Cy$+ zFg$Xvn9hp(hv6h{4!~};trv`+YITwClE@Z2-*mhzsoY5>loRE1iYnug>&k)Iw6b5h|iI?pw*W>(@#;g?-_Y%Fj@Tcjymw`sD zq;1Gts;gW5Qbpl$Pzn>^a1|>7b4K5uPlYiduI$eZLroG+lqQ!(!QHf$=FKQM?6b!? zwmXO)mGj#>vgU+Hcv9E5Zp(oE+X2l+3kpir{lh`9Ty*G0a4pF<3?KFCij2y=)oAbC z&l~ncqq_Cl$xm!NB~w0i+SU(ntFB`-2fJp!(Te(aUZ7^-@*>YT*E>%RY{~0h8I7xW z`X?A!iSBbhh6X>Y%gNm?f4Bo6s7sAZU9pPS&h7UMifZ~*?h3v^gj0k_B-Z4>4J+3h zH_-itZ4#U+lFrNzn-1fYywnMS76JtE&pJpZd?b?G9Zoy@&S7L@0eH)6f=r8IK4j=$ zdKas5)crGfekE(k9`kSZ(3sfI)8XsI;|`S@=c2l5 zQA+d_;8G%KkXNw+mV+U-MHO<%`(Ey)~x-$iF10RCR7ad*TXrHS^o&iZ)VysRwJubhPPJ|R%{+33i$HK{D@&2f1Z zkS3``(bp4EUaa&tTEV}ye8*Am6q<9zPadDiku4n3uVD_<%Ux!C zFI2h%k}EY+PRiIxpIE5fT*c3xMG+<=H+)vhdSh;n%6k6`q!~Jn&IDKUl56}%J!~oo zAjs#l)Jm*6zwO4hlf`e!Q2buG_ymf+>WbKf-v)s@R@{>ws}jwhp!$5KL;AN-3K_l4 ziG=PWrhP<*Y)>xsDc8a;mI9B`FlDsvQUebS)7ioeKO)~gBhl_RPV=e?(S&mW*<4}F~C{zQ4?zPJ#rBS`B9;oM47B0*JqYCG!H5BJwqCqJTipE$dBQucIEi1t-V zJ=i3QHsbuQ@u1g&CQwWmb$o4reT~8k!assEV3Ld54WTUmO~em9oTGcLN@7 zLKlW*%>mNq%PcKJ>BHNE=MgcgYAM0#qEgdf%vf3B*uaeC(FVVsm>2}11g5j^dyS@r z*G$G(U`kQ?C7}Ch7u-6HXt3ZH&@*sZSi;s%_=S-!x-=xITPI<8$#S)RHVcMBWzece z5kqNOwiP@hgRa0&FoN|xdIlXzxm~t@b9S((&HJ!w*8)5k_=$Dc3F|ni46L3!NJ%?R zVAv+t9-mC0JD^pL@FfIbMq{GFcLE$A-P42wgvV$Dh>GEO1i~3r2M-T+njS6rH>adi zNA2P_bA9Js@gQ1ljpoPs+d=R}y0w-{m|K1TmVVd_ASMaKEUac+t0p#gE=hVV(Dwfw zYt_n*;P+6wYtw8T%=iR%ScKg0iCXusLn}GThd)<8O2K0i#@F&{94{$;;B1f2Ntqyu}-);hsh!fS3|bnz4-46 z?(pu$T317K~hwvcj6VvWTJAV295cQPrj0%;zP z^0hXui?z`lHpxr)!w44NLDp*gTN$Qf0FU|VB6XH!=8;x%v=+6)hBh!sz7Nq@J1$n) z8Sktq-&ach`iz{=F*GxydZwV)A`LCjs*dn||HUa~#ojC61dOi@J3bPzzI>2D`hjZ0 z(pHSGBuY7#hXQBQjSw#-Ipv76Wo3|<1%!hLI%U}RQ#d%qC-h>qKrCWZ1Y{ZU#M5Wu zRhMxkB~rGNjugl*$M4Bo%eX6c8+51EYT{S7+H1)Jm7ztYL`H%9oPnY$-DXt#9WA|n z_*p8&gOI|Xb#cYjpSTcwkAr3C!YEOq0pxkf`!SwSt=}G8tftU>U}7cBX;<7;V{CR|%q=0| zw&(PM9Vy@+$2|2yF{{AB1|uJZzsiv@idZV#tY{c)D*-}v0Qr%7(5cZ{kXga6F4JF)tp>eMM% z-~I3B+-=$A574u(HCm(D?p53uNnafrf1wITcWV0O*bl7)jo!QFfd5*d4;3_Q1U^f$ za(23M$Uy^$QRajF^}PylwwsGT_f50{z<9x*^8MR?#T&{$Ita2BqZ&73=PKk)j02l3 z^beh`tuO)$dO@E*<9LdM1QZm3T5Q=kY!zkkRC7cLz8m?gv1QwVUf$G>YQD^>yt#TV zTXOBP*3vCd9K;waH^+WwBjfeH_t&?qyj9#0eX5uo+)ojv(|9~!yo);8{n!Vf7!_@{ z4XzXEju_1;2b={SnfHF~`^syuWB>=>1A{G()DdI1h%jf^SRsUFeu7E#opkA6qMRbw zG74^vg1=BjCI$TIL5ViGmlX=DA@Vvf%j*kU#cu$_X>@nGU`I>NVG-G2_C!P)C%Jzk zou>SWN>@7iLkT}*;pbTh&~>v>wy8ARN~!oG`xVu=ft00&`PI*K;`MQj{hi?pHdI%_ zXLgbPBqAl?Atf5x{QZh+<#1q4kbnAvJC6tW;~2L9Dvi{JZC1@^rPo~ z_)K=FO3b!BB?wHmwneF8lyyfoz6kE>WNWrAyH^nEtAA8Z`T^$FFi$Sp3#tK&RY4cm z8f|?xUHvoHeDr_z7WK2o(wldhc6|vl@4LYx@^ERPmf{o_v~4811nC0Ww{t2`lVpN% zW=G7f9*o;QehA@EHvWLKxkb2>e9G5&64@D zTD8h~ZU#h?^0RkL&xXhf(w?Gtfhw^}&;(b-Yj@jJU^Gq5kJzA1&R2TAKoB@Y_d`{m zL^aJf%5S>RNT|fZFUcd9{TAgh*R{U?Qe?+#AnAhhcbBo+-YnV|Z_ptG<9)|6uGJwd`=JS1wt8`0890!LUokMZ#mU4CzF@ zEJ`qxkVY@o_KSen-@0DWDuVIvcMza-EyL-A=IMqX?^Yq5FJk68?Qqs7BjEJ==!a!mQd`^ew>dAt5p_HHV^`SxzgTOEhh_ky4b9n-R&F@8 zzz)=heTy#PfkndtcYK3E-3kl9~yIEIezi6qtNMY)J;DdSb_Q!K%rdC8W=#RMhuMC!^8>Y zz0|5CC@HLhqXx#7Vo>E{rF)95|q+)!90N~VlPqj z;1J_X3|992IQ2S&v5#;X5&vN?JnijF-Z4a2S+8j#te=T@35IqZlnNfrF+fFwXUyP* zZE!QhkItV-T(ab-E4UYhJ)x-+Tz(dBU+tpNVtFZ6`O5piDM0=iVOun-8Q&Z>?TBm% z+SBDyu=$ptFUFTi2DQV;AJ(+c$)`&n_*voR)#3jjYFm#<-cR|v;0l07FL$=;HLpx8 z$*eV znBMi#Y&U8gmiw&33vsDFR9VPea;_YnO}jgEaT{@V<^YFseuRodhR4E&8!cihg^qBd zheK>i$_xiB{OS^0$D(pKQh1d;cCRv85www$a7z|tEijw?&GwZ>@SrEGiwz`7vWF$a zSa5i=Pf-5qF@k)2Z6c*Y!i?gI~y6dMEjz;uE$;a*lh$IcEZ*bhUlSi)B zgG{6EcpTV(PHQ#M1&XHSJ;c&8;Ei zF)_#=hf_N1x`z2Mlb+yYu{v$mT5%)XmIkLnT&B}3xnCixZM z%eRSNUC0C5W2E2M7LO#R8-2qWcPudGA>npx%liO#`oSk$D`h+jaU0|8F?LwJOLwc{ z=X_Ma2&P^scsIOPR=Cs|HfZt5=uJXL-rVrcR@5C{#e?5Z-9FV<3i=H!2!egK`%W{D zemaH5t$jBei+Be-4#*#sGOLw5RVCD2( zT|$thJ?sPF#jIH*wE>5EN2LC&D;Y>l*F;sqcj%tOE8jn}%CaqEBfouFTlSRxTk3&9 znmog|#*O#QSq`ROStc2u2BdiuFOOc%Dr|kZ$6|R417+>_APJlLimB?QPMtn_uUo60 z4cv#JPNQ#L#|(*V_>~V-2tyfjsV?nh>4pv}Wrg`&h#?|u`aRnf;EYz*g#hG>t%dW= zX6Ut#`V~Yv@ov4&6-ZwaX>yiE8E(;Bhr128Onua-3Ua05r{MwPV7KWriU3X3KK?)Qv(K%**9WvJ0_FR&dEO##&1zU@fx-%uEM%j2 zSV{fOpI`quO797|^ZoWc5NEW1(2*vDF~(fA5nZ!=cknmTLG#MgfQbtTl7c2cgugA( zzy4nnKBGPV2H(v0Q}+R<4l`)|oXpIF_B*=YN%un=B;Tv+snwI8Pi+y4S)0B8YY^nD zb&2nOJQtGl;kG`{I_?=R{`f6=S;!kMAb9MCYv#`RjUG<@by4T3=D(Q=ppmZ(A!8J>lzr zugmS(zbgI*h5z-pclyxOA)fLx&I_2TTfCI`hBO)(i>TSNOI&q(sYEL258+>K+mmV` zYu9=AA2;0Hvz?{PSt?ty=^HCuo*b10%RP_5N{_KWZ&fW$RHa|8P9x90^IzI-NVo>qjjxcEcg1o zQES1k>u;Vm0Ao>m%Kglzhl*fZdGHd`jSkaOGxAs zG4`oL9P>AdCd&&g>esfuzMJ8*zX8m3>AbPVdJINtjTtNQ*PaiD*M^%KJagdPztjwj zvcRGT6<^R(?h3qAyoGT89mM*vsJ^OqPyvPVfP`6 zH@LVmb5v@zx#IZ!BvY&JVWsZJZ+&nktY!$m_i)%{1BEGZrJ$QpIUA7$xWPSfUs=qS z?XZ_p69z(;et*}Ai`zIC4u`@j1!G-#aOC{Ec@V2{hhka4XgEPX`7ICr*|{)Ek%@8b zOZizU229PkDTmdAczZ+JTDTV~_q<{_ZO^ge13L4Idvmf~LMpna{g2SVH+Av2OAGGAZB9k=4@x~&}Dd8WuHRF;JjkI#&u@`*(C7x~V zAW0S+@zTPlQ2Y-Y zkuL+w0mW+}+yTXg*Z_%wTTs#)wki(Bh2hd#P*PgCUF7$o^@w?5QJeO7Fl7dZutVUr zlu}!mBWT0gaqUf7%}g3(t+cFQ3ib#uTlZSayAQM^`p>Zp+ zw{?136Q?#jbM|ju5q09G2E$?U1Y(i23ZLx*p=%09OD1Hq&HJcVFc2e#yg{$vmX((V~Fyp(9#kcYdx7ME6jpJSMBR zsKZ~W&ls(v@SW^F%&^voQm>N?!Ee)Xa_78D61F6#AG0*JA$QsFLBV67V#Kl7oF>8u z^oX&xpN!~atqez<(r>GPWkHBqv$wM`(L25VZ4wrzPpYJ{0IsiShE%p!jTVHs7R$_S7DiA}Y4zFZ*egZL)Co;cN>^KRw7Jx^G>0q>Y=S{h0dTR-XR;f~!N)ZSisYZf)u_OyYXnAtJI>?kx79WPubOX-$A8N|_}w``j7y*uW<0*IA??zcysqu3kf=b|=Fkk$kJ zd5z9CTcU!o$ZBa(2SiMM=Bq?)+`2|&L70vn zy6-s_Kx48~ep*Z5^-SE^Zng~aOiV#kLvH`O6|<3_W$yjWAq4GRLWs^Sy%Puctaz$q z$IT|}7H@)wQyAWw3?`kiZCJDO7)gq zFqIji^Yt?F4wcW`p8264tZXe)pJJM?sXMGOZ&nW(`8YG!l*U^g^VNPJb0*Q|GEjE( zYQEh}e(ATrAv+lk$vwA(5+KT}B)OrPs^6|C7S&jrUYj?Mn_N~o1WI%m5Qv@WM^P!5 zZT@w--qLWHrP%CRhol^XmR*lP#eRY)FkT$I_2%Z}4p6+d8deYORhWItLyJN{W>5^{ zQLia}B6r{8SZC8ofyfpT5`stvFocdG*64CYfr>jlNO!8d7GCgUYVyEubC=YhSUFvV zPDrI5kr9n4w(zeB8%o~X+6%B&+9#+&1v%eoICz-s9ZTUmmU!(j*|Cm$sJaRi?F>=>rZfT@t+a)Yxj~ zoZdlQI*a8(^(O3tNxGJla?+?!g>$8=Swc9FQ-j!bKiFmpmvHEX} zh~dDYXnO2DvFZ0Pz%!rqh4eh;ryZGIf@0njjGJFQyHRgMb^yugMh-AAboKp)vnLOd zvXs5@RU8TeT=7WRpzu6A6D%StQP!{K@X%IMQ^Ua#^sfpHHddl2|rqbb7V_>Xg3?4)u3a?AH(>z@=Cu_F# zZmp9WQ#Pib$~5h=Ej@%95_Q)6YK5fe`T=PJRH(6AbQSMgYY4$u)_X$#dh~n`V3>`b zacEOKB%w&Sj8oZc=@)YsveItwtq%JXVwnC!lTW($=nkobVO>^+wkKCc7ehkU%xGU+ z8Dk~DN00h{e%^KcAjh=;$vcG$TeGzhMf1(sqqjFSom@a&gZU``D6wKnFx`XMORvW| zL)7!h@3hUu257n|{oP}GyxCuWcI}ieMwgxMQE~hWL9AVT&$3j|5DRD3_jBK|u8Y;W za9~sVYfbA%;;gD;;bNQbw@4fM#iyX~lMq0X)m9tK%=220+Q}&+u0m&Pd)z9S&F8tE zQ<3LHo^+8~om`zC_o#_jb`kdwmzB62QJ`RV4QGQmfpMwjVf_;)ZMFXS8xpCi31>}s zZ!8`MWh$n!wB8!rTa6FGIh#;cWK$_oGQ3S3%2=?H8T%*U(yLcCbhmXw+s6d}ogleA zZ@%O7eNOzI)wj}ov+v7JFKw)J16SjxZg_UgSMFJG8SqWPX|WxmDlOF+`#)G-hL1Q= z@kn{%!=3ee#LI6}Y9LUa{m&jD>q({kZ&O_1agXww{t;T?_J34;8ae@wb~@Zn&l^Ig zybz-p?`h2!ibk?*$oAjbA=+x^HPAkAl6U-Ser@g9ekE(?GK& zbIdLY?v(VlU;%kKGf+PYGMi>vcSd;{!bAy5xs`@091bM+3}r&0l&v-T(PRj!&JgD4 z?Mr>?32x!c$+jyEEcu|t=mpx)sTXn&mJ=P~q?wBfb`fIOpm#g6 z%8Lc29Bb|{!qMKF`I3_Mgs9XU`GH$5b0G0g=jMhpQf?ZS!;kL<-Up(&%|&Tr*wX;1 z@ri^xDqMe^JO?t;ZfILtt_nttijFDvec%q^?G4slC@Z~=v&~K(GV6?|x*95Rl1}yi zsMj0rO!WGwE>&4k)gx2w?+~phQ;&!jxmEXvjd8adb6OUoLBd_WJTZtU8nqF+POaX!0pDX!|WM%sI5F z-oRT-M1#IBhvBif9wE>kwNa{EnntZUxE+5EoOYT4yx;ks+%&S%kCNpnejrF7_+P-+ z!;$F)P7`Sbs+U&bS}z01Ny$}^JWMQ9WabaV~R?LUL zl7?3>r!)nNfVLsY3w_A-TmE6T_hO31M}99EJP>7DrNqRvY!s8%hdfDGBPY|)1`W8M zvOedJ;j7BGPW687dc6hw871i@cJ>qfgMR!G8yTC)5tSst!7x9R^xC<6SLo9T9 z%D}%F+&y|Cz1~}Nb6yy-N;g1$Ftt%I>!ZJ@g@?Xlyjgxk+GR1?=Ewm_6h1DRt90Ty z%VoahgO*(`+G3&gzi5pQ)7{puo?lSBSwG}&bHHY77TLU6vn46q%xasi;0b=4=ik0Hp;PN+sgh}iZ@%E~25dq!O3va2z_6IM-4g8ItP$~3S z72j@r4utI-(iM4DmUuHTbUf9>yzKO!`6q+fdYIF1U9*Rii|Ai`G`uK$|L?f%6bSs*vC$4&YE=X5vCM~SMNrhunQ|>Z#HD19;UJOf z`)c&PeM6z=q_&qH+nRk|#agH=D1QyCH(~P)t34n6t7g!{f%aIzEbq3#hugEZ606^)?0r?`94;Qr981rL3Y1gUzs6)Vn&%(cx~;(Cn|(#( zhmoISH3&xx{m40J3qz(rGO-!9MlSC5Jma~;K?${^Q|7ms#%Q@B!FQv?CDZlBx@d&<=>lmy&`~mTW@Vj~&^`KmE1<3@J zvI(oB)NhITCpRa(kZ7E7glxyyiM-eXi#&0o_7P}Fk?W5Bft6}gEAs#la<(stbv@*nG-S_)lL_@_nd_ddc~hJr!jn( zg>trBd;^LTFA2`Nc#oU>$!}{F9{9${*^f)cSuh+viAm*_oA*IV5ZY1}`P5w9qW3}J z1&D`4zw;pFrTk#8q4XiI8J*EK^@Hpy?Q3^nDA`*zxQni*YsTkT6I?rR z8*AzVw8;+cfc<1sq;>SD@e}qBRza%X^RBDb3B+cauUKse)pWm{b zf_>A&kdLz7kTvs`7SZf~viywMQ{La2J_&q{Y3*rsmL28CUJzDRIpxb=sCkJhP^hvn zKY5hYsZg6?$g}%$?IW%-K$?Qa=Lg!af9nEf3$Q82wrhlf(yem-0sZL~EdQDpY-bce z;r7i0N8shT+-I8&()_6P@RvA~t>wJjD#X3WDQ6dnA8{qgi_uY4KPnry5tg|&>)giX zmK#6b&em|=t*B+-$$$%fjdGLvF8_2jJc+^b-Lo`+K+jZ0>%EBB=c;Sm{QX(IjgGZ2)mkzvzGW0WNiIXk>SQ}T3RV}aVqLA zX^&u7wQks-FJqi|(dsdBqx99>`2IGbp_EQ!bIR4xu5t<8M7j-En0QANo6)AKX{&c< zgpQ)SIlEf>HYe^od93{w6;o1d2Q+_A&5kWSbBVmqBE)6H-w*bq@U(K0w>F6{*UU|9 z&!a%weq2lcte%BzaCd*FV3n~$QP?|TkJjc}oX>IMMkpnPSQN`w9Ls!Q_Ar zh0#Uup(bxS=w=DN4z|)>$o?WD=;7!}?hlN)6KKb-@;&u-L4U-pIr2?%Iq+C*%woar1_)PfNNBBM;3h}9+^b)z|Jh0&8MkQ2m zLd;82zP?D$ZVJV+%KYJbwViA0)Nt~&pj4JN!~>t`xPzmyp7jiyT-`#VUWWwN^@X?6 ztf>h#e0dP!YEjBC)5>5@;CZJMy39H$uKjoEa&7H&h*oWcXAHop0TYmmxm|^p(2Oid zy_c=5FZBxGc`78wxQL}Fb7+cI$1~`|D|b1;11O;Qfl;FB9+?%?WzvMZ{7?OtAhcXI zwMEAwdhnc!`-dZz7m8{sgesW)@^Cuc7o?utH{i^Cs}c$8UJG{R4!(5|BL^?q@hZ$A zCL-@1J$x?@h#7)ak^LAdgfTK4{={Fe9CR@6OvK23ZjWhk4rM25`pkVy5{rW#MgPevA-FG$cmzr1QYk3cZs!b|W9o>V+^M*Jt=36Q+(Cui5 zEl`S`Di~(JgW8LRZHZ$4t`-vb*=ZaA;nmEBH5ILD9HdUl%e$f;7*Rb6xiND3d~b#5 zS~;$3fN?ZsP@mC#BszXqv+8#=kZ(V_XfJY-kDNM3*IP-n*S2XY(}P)P;cKtZ)O&RpU%5-06C!-Br8q&{ zpY}vKc*nD%sjEa&SPv9mwG$%Zo>VpUDv&W#B^8SPpu9TW)pU%BrUkhna%L|=VVvrV z1L>G3F)cf#)Eb&}GxO)wH7`BV2`rG&ML2izk)c`Tb&n-a++3`U=3OVT6XTFqf#xgU zBZzS>O{zQEH!aV==UlL}eFGG&Vqt-#HS>r20dD`+C(vFL7C3tG&?qk8Q5`GxTXgWV zes62(+kt=f1mVy<3dyJHX#QNHyGxjWr2WE$xQfJe~E$y|?LH$&`{KBcAK3dJXeUt}|ckgHuei)IHy!l*z^Dh6b;z5%G z13wcD>=%Z;V4te{?Qn3iA8lXfFrMZnN;GpcppC&=8Op=^B=e#0afH3Kj0fqmM$SI! zD52p*yn|!2!+2DKp|3+`H}LyJh-ifw`K8W9wr1m^BUPPhnQW*yo0!pB<;%uYp?6p1 zKOkjsk`^J48+k}CDKXQ1>Jby|ef!q?L+p1hb?6U8HkF;1Fr5zm>%*{oXFYS&$|N?PDnBn)tBLmxIn?Uy>l?p0LQynqHKcwBytaiy+tWc2JEzA6s>*4>tO{MXmp7 zW70%c|DOE%Tv>emD3d*J^vcQeZ~B7*$m|iXHH#umR?6w1+z};M(cU8eo;Pv#Kx{*p zNIy6{YvNkM{}pIye?C-c`2|Px>MP=wt5HBnx7lJyk$$(yz5IJo`H{?Tq(L*sO74hO zE}T&c;a+U5CU6cVwkvaPyG!~cs$D!>t5nk;If?BeIRIKn!{0vq)uPArkP{n7U(_TK zmVOtqs8z1Mk_A=<<7aS8pY6E;a!bT@3@xWjyF=_HP~NZNnUzJoO&)#3a$%9Ms(oBo zBqc_X(seAOynjbq?!Iy}&iM^#xxQQ0=i7DmJHC~38+?R2l6*3s6AipKXi{itx}|qB zWXI)LU{SI~B03O;Uid2b0*;3=VV4yR0_)iDOw+iZ z*3_3QGg^K0J4-dLF5$%cRTp=0T?b-R%nvuKuAH3@@yR2V6V};;TDZz0y4bXJpCkB`gO*VStC^lWxeQy%jgi1UyA+ z5fGjexuSpZ1B{u{6v4TYNt5vZ* z`k91y0t(wI&sM`w3y;bDF`>p$b3{jg6Cm<2Y@k0`f55=4oEh+O7TyG<*gl#qLd^Z1 z?<8%vAqyzCc(50VajTjW(q|b5h;QMJ83yj;kAWqWw2J<|&n`6;=D~kG{p+8ze~9x9 zZ&k2|B6Q_u>an+T%UM0Lm9!9rbW^t5B-V`agzApk_R?E&UYvq``mg}+oc=JPkG~V7 z)j;>(bpKivxdp%EDu)Y@v5xL!&RwLWK6z*uXa%f!rZ5LsSEJAo*NF~*Zf;or-xc%U zdvR@P63kLXD11Q)THgx)qp`p)X+%~jq;tIiO&hBfx+&4X8fgvPJk?&ROK3oDU1ID9 zm&P~kg=go&>C?ALOQXHJ5L&$iUNSVn0b2YiG;Oox*v&nmd8f@3mZ1lkq)XSkI zM;{ejaa2eYkosOG3C~keY}9!$1kG0!hBS$C>N+h9F94j5=O+(|sI&+1+N13>u#{0pgVWbi##jLfs-8-u@yDnh3ljH3HGu48Sf zZC1Kgyv4SrvW+B}Fv1&HzBh}ZC5O6sp)?wEQNvy~qTh$S{ksd*UCONIj^lF~lJlvR zoL)J@)O3U7Z~jfP1^KS@!svc!K_4nwa5VS+@InMh%@7JtVZa6V+)2j(u9MpXF0-%d zfqe7om772>q&{XqQc%(h_68Lef=nrKrt&5`M@u(W$X_+x;i=UrOC$$^ z1h`fUTEtIS%lCwclx4WRykB`q7_CWXyi9s^iM0c z>N@6eAtSOPvKG70n4nLhzCF5Se(xmnCZ=+FK(pi{mi-=p$a?Ha2iZc^)?>1nqgJdI0QJG9-bV_*@3GwgL+Wc+Cx)(C^$KP0!hjd8`$-&gnG6m*MvR6RZFW4E=sgQ_G0;cW{B^a2%& zjp314{VZSe;TYO&D2haaW-Q);QG7?r191aRy3?hl=-2}E;`?h)0C>p6NDu;}CEOHv zAbo64JtIE`|_%s##`wYOZuGqo?nNak_ zuk1GPtKch_1=_*?!I2#nVbFTs8RQNT3<#wDW`j%lyWdtc-Tf3G{pLJ;xk6eng7;6j z0N-)<(th`QJNirGb~PI_7j}>3_<;XCx7`>0Z>&s$o-_ZA_*YlbmIs<^`YQ!q_umB? z`axR*y>Z?T*51BK_b712tf11s)(#nY54gx?OsZOw(upUBP+b&W$XzhF(ivZw@BBr6 z;%nf6F<}|_fop6&gar-ush5>ZliWayw0!lkOKo?pho0q`4|EFKeT~b-5E7_zd_*l3;=p}RaIF3i>)t&s;+QWH( zQCd=U#<7a`GS6z~Uqk2J8xeZ?cfNxo?@!^90j+Bo{a~$yRAUjoR1N3sJiW-q#kJO? zfd;u>cPw7|knNQ{7Zs<=lmO~KUw%lxGI<7l)0X+`=X|F?SCX%;Il-F?WQoSLgaK#^ zy+ojj{bq5v@b+dL5aU?o5jMO(Nvn0aJIwLju%U*GTo^LL);5bG{t2*9lris;B$6y$ zIkFNv$5&X<$5p2)N{l*onzK~H@zB&*S)a?UC;EQIZEx!lJ{lj35QSpc|I$yu576#* zh41*v5XgZ*2E}c+1#8|k(Br{aJz(O!H{zHl8*EwduVakr^__Zd_w2$2;b{Z*$L|ZA zIyKnvRKa8sfc54w^K;k+<29U>g1Uca0EqWDA+`v3_Ko{BCa26gP`lc6=XzFu0dZ<` znlYhN>a}%>lbRP6b^D=iZ&KD2=lnQmJhJseh}@V zKb$QEKTq^OYk=iC$XmJ}2eTS5X4-nYVby<4L(PEQ^v8PIkMgW}=*rI%k|%AZZ5XVD zn~9FXLFlRF8&glO39`kH+l10Uza9Br`Oi&&ZQ-pBu>Kqr^F6w@_p_t|@ZcwPA&eu6 zgd3^0{tUra=nnvT^8%lR+s7j!c)`Wy$b_ix`)>%s)?|xaJ2Vg`V1TD`xI{~_u)NNy z@yL*)d+6nZd@4^%m~#!s9<8tRm$Vp!Z=*iexyIizvZ;=DZ$R%d(%jzgI>6wt0ueB^ zi_a&d<_ukyC={iwylX0)E=?%3@fL4LF^#I=d)s3H5YP?7vu|*c`#Lg$M-$7U;K>(?p1vP7yY zaH9D4B;d^=k8j)S-!cf0gE;6K+N<{{jPhqeX;bOYD1J{Fyi?rxm#M{4>iYf%|F?WV z9-q%qP&-Q*`-p5PPk;U*vgGk0rAx(EUJ0h$)Fv&9NS2Xb?tAg^)H?w`JivLb^>Qnp zQ*ZITlBu+b;!6|U1B)Rg3E1Zj4g5@Qr!0MG5V70huK-<;C{{932WTeDePnAXtpK~O zd7=1Yinh~sMXxTh#_tv>)_P)CAFY}JfhpmV$3`B4GFT0ml`W6WslIPBUGp^K8jd1Y z6nI8OUzq39(G#fORnAvKU?FJbLTSeSkY0gC-a5PzPPpqZi3ZjTqkFDLVNSiLC!~xI z>@km&INVBDIbk7Gbp`b36Gh&8NVYe0eJx9kL;#MbCK9&ZvCEsJ30B3%i@@+bREqKg zN_cwkb+H3MQ7bERTA=FqQ(Xf7cD{t6VRAAbG5nkQC15oVWiFh~;NE_7Tz`I=N}SXJ z*8Zi+?d}4}^K!p=e$hI=M$sy>T`d|cJSQxwG<`y3lXj8&$X4;Wz%z;MHJBSBm6I#y zmb>+JRLhS|Tv+{hP70_dWjehaH%YeK#~&uRFGDPDiRc^kcKYq*^ft%SrZA>^(O?0` zP?sw3?)Ib-kW$d5xin|PH0CD+{a|3{V&*q>#D7Fer~6j(wOTY*P8VCZNfx`3tvy?n zGyY=TU&-OHc|IKa8}?-c)PpN7xn#&r7ExCDFtxAv-nVH?0)VS7FG9=uJ^PuxhvsW% zssKd9=%}gVWfuoD$PW4b4Zqf3!x7Lf=$leunSaXjxb4A*CJ(&?V^_EIv=7~%G6*yI zpgdP{Dr9_}l@KVEQ5K(JqWd%1rRrmeU&?_!shMI)W&)`aOW5rXo;h+q>~p|?LB)M3 z_F4!Z-~ji*(3O2t**(~ys+Jh4o?o~&oZs*%fyLNa; z(<;IhHP+>}NX4@=3AK?w~UTeSh=`58!eALy*s)mW2HLp2wA&zoif>&K1+Pv zwr%6SwzBIE_3yZwEg(g_mUiTcHpyWa*vlwQaeCP=P$cDkT>AD{^CI%9X$RX@NacF5 zXP(J(2j}MmM+HMwx&DmUpA*INi^3)2>&NCDroWcVj*c{$p#(y_{HLw9JZ-PKep~kw z;nx;Ck2+a2G<28y1EMt=Zm&!>GU@#6r-h+EH?(gQXpr(>5VBxCOsL@^7q{IP0mICL z3$cAofp!`fS&qYZs1~N6K+H=Y1VR2Lvl5mdT_3lHs-JBA>wdTU@y~;fkc)m5)9%kGYNSs%6x%yM~Y#-J%{786;7L$V|2=M@&ZT*Td;JN2TWIR+v@RjyHvk$dZs z596-nn&6eQi6(qnB2Ag8z{}t;GiGCt1%vXYVnQGXB#3_J#e^56`izp=qC>9?Um^QV zPU4|qT^KCt`KH*dF{y#LICQ}B_g_aKpUEN6hF4lb91^)4g5Ddq{i-lA*vd#b*<=Fy zqfTURAo@-#;qz+u+ltc$FlBGU!?Be|f7rJ#w+|}mNNobd$#8Oxa?JSE^~*Z?>&tj~ z*sX6EvrxyPRI=ru!ppNvn@JCzVi_9 ztS2lyYkoamXx(Vfx;?t*!mzHitFL2`5{&H&92)h4`ZD-b8Y=l%Z}|y{YyO{bC2QDM zx#w^LM?_^d_1>4vnIv2 zX8OUt?nVG>(N|!%x*i9M-Zs#=_5i2NYW(lEu7YZ(C~wfN&8=Nc zBmVu71a`TZ(FGVrFDBNgrPCFCFWgzMrYs!GmnGzv)%UGcA6$V5l#D+;248Iz0+p@;Tj&ses1{2k($;C9j* zDEM%N_22RWw+X$XD_IGK;AwkXGPc(99SGmOoSzm+J!>9jV({4y?ICzMvgF|n3rbK& zDX_5av3>2k-`^lOFedZ2l3A*Seazfd-6CJFbTPAyX8-s;tNL{mpt4kQ|Yhz_Hm&96Wx39`-NbRhW=V1%8|!Ix1nUmNDV%qOQQO> zifGR@;!w-&wNI5o<0}d6adB-c+w_7uT4a6_`>(-75q4fed(>8OIdNctmw^J$(*GM1 zWniP5m1hFig;kYau7QSng1g0o3O)Oy9H{=_Ju);#3Y$%JYmpu$AyXVDIROr( zWos+HYfwUd?Cstz$9REfr1hY=R5A3Szu<8-D=qgmkayWIg&i=3UYZw(6?WsS>c|YZ zNpS(FT&o(y+ozVA#rfxkegEYn3HlX+sQ@4Gp+K$F2@Zp3=%r5<)`#`6qm;e3L4vfJ0p4<%Fs&c*OyAWMJSG+y+)c?Qv=o^0@ z6mP`8eE@oR=U*(6RERM&NSg;u?2HTy@srmR@jrG!>wm{A2t~HP%*$(fy{jnz-Dgxg zz6z`2#kY6Un*Y{iy6e)g8nAut*TD$B^lMBde;R+ERNB--b3n~WyX{gG_--_y>$SF@ zE@=`ZxsG$|u6VTKZChS*CpJXLO0O6 z2)vnRPlqQkj62$yR%%vY%#gj!Lu>46O`3=sdMhhhnmZc$54Wlx>oh|&34h9Ds|7kv z(h|mE3d$ozX$?7hQ*xcOt2dhrmI`M^mVY^XYC-TkPWY@H^MBT%} z?w!HY;{~iY4H+7KQANFsK>(}c$8K_RkbGCl zFLqtwthVxYV^0wV)bz<+a!bWaL?>3`lP1cUTg{B zzx)+P+Bs3@Sk)k;lZ$V zj4hR;^O)|AqHm_~YuCQJe2SCO`8P3an9AsK5gQvAR<4kBm7PVh&P9B^59Vq&*5$aL zEi9O}Z}P!fMcV)6p}?}UWISjPlC!W(j!0(pvQ#s*^Cdw#@DLgZN*{2hsEgG(pl3c~ zFeQoucIwf1sN==Q^*uq~u6#&wry-lPm?@4OA>Aruum*4j(_&~Vt6Y?3yQ9FJe>H(9 z3rZ=Om9Dz{uZ0Kr{I1A=(NN9yG)lmWlUfjFBrS*mz-^+wSr&Hurb{y`1uRc)>m4Gv z-Fqm@bwt`u2iQuv4NZv`T5EoIYO;3$R35xHTXGavm2!QMCemODy4KZzb>Rg#aOSO` zAt<4dKhze-NVp~(fd)4hHhWL^j}`O#iTBu*Df%KF-02}lA7iOaH;{>#WeQrL5@Zr_ zz}uNtM?^oW|!!Ft5#_h zjtFpdA+8rI$c4kN1WxyKzqUrP^Ata1!4?BI7Uhku>f%&}4Z~9{x@reyI`>osD_wFu zgGw|!1FAsACHXvZ+e&KeWcKfAM?pH$%x2UT$r5Kl$>pbF+qHgyMdhxg?|WJSka_O! zQE;#8Hg&#Vs}Q}qn=_{s&WHm_IVoU$$z68Q@Xw`Rd!goWkUHk9OS%4;H;qa#6`uBZ z)AlprhVVO=_?!GPf+EMhSWkDCZqQ8mi`0{MYPX0K-(Z300 z>CP;*CSQWIrxWA!>taU$`;_{UwX5)@_?Sz-8(u2kP?_>F@@UNzyx!%;H)!a?wRkwu z5?_x)c@0yq0^S*sl|8O9i93;_x*4enmj`$opxVmz9;}Z zdf2=YrI+MF<|hH1lye9tU>N*mwuh}Oy+Z^L4j2b}n@y}b^Wkr>KOSj|JK=z?$3aDK z9A+|J4fQW!WcLaWKI7AT^0_25nQQkZr6Hvo2`cj?k|*jsU&|eL0lmXM9!bOXy_+sI znGPWR&`!j^+g1_zNqcY?Y+_r##_cnKivHPQYVivFsvc(Tal^y8Ja1xT*eI@<+wlEgThNSw_e@ePiQ=2^_{Z<+5xGB{#z*Ia@me zSg(m**MQON8~kTX9IPU=z@i0;#dI!~B+H>{vBYOuEBNK#= zfu&OAN{zAwLTxu@<@lSAvnjYKuuYpoL;mvF3rK8|=|^lHR=!bSEzExvvU@q;@Z^Dh zsc)?dEBw+uax3|BqdD66>Q(V+~u99Mq)(&a(--f@$Ai@MuUyP?IuQS%jPu)239 z-)v7tH$7;tkG1D5!130w;$h#@oM#P6zNd%T0pe3z;nGqERACl3D!p!<>PE7)KbxFI zLWn_in2=8Ty~wWX*Ibt1bAjqwT8lfPG3%G)D&`cjM=8 z(%m`e;%(#eiWdA;)g6)VgHP*JyKT5uWn5 z2|`m}<_?d9v%hP!9z>aP_b&*1M%O0F2PY<92RSUVAz)q9)*EPkl%_ovr`_WqJ1`H|-BUn4wRGEzUt})*2WD*Nj1Hoj+qf>VJE?gVPt> zg+agp@J)XPm4BzZ6I7-AC0$XD;#cer56cxd@6276ycu0}Dzq8QSb|5Om;U&sBMs&c zmyc=okPA|3`>-uv5wliZ#_R{&$6&=C6WBZBVNtwh*fyheR z$d-R4MaN$ezcPA{s^9Pyagj0wrgO8hW&0D`rLYWA_QfsO%}Iu`LdN$e-S;93`ev`_ z|KBx%)BSfado~5D5cA30o6-EIk|#m=NMf$M6Hv?d(quCLZ6|nmYHsi0bBR!{kz6GfpE} z6Q^{KvG2`AHLSpxwppaTl{4ad&n%efHWJa5s^2*MI}hG-JOoEQ%!doNmlBsC!5Q_% zpjfo>N?F1TyK>!DXAbfd*!5In^`%%;ezg;;y^pf&FqTQAM_-z)25*Pk!NksMLE_9^ zFN~sQ)Xm3}>0phsgZ^=df1`Ni&)MxH(2msH`pNIutcx zsqiU(@wX-_q%RaBniIBlSLwaYd4A!csvtT1q!4uTnoW{HsWs}~ed`tIPGK7f?I8j! zdXA8<4mv%N)>F}ViI%Cfef-B($snMyz-ShYVb3H z@ZyqSGVDiz0AO#5VHaJiZFkk}7}fT(D>pgW{Ek+RT?aJ?Qw`;~ zUys+1YyqN$+4dlH=Z$La@vuO_KrYo?F3;QA(xlghRqRiVC?ZL;bZ>M6d!d>W*m%Z-*7g#ru}C@ zIsVz>DQJ9)VbnsF*qL3)z5@#ZZuOEU$sAz$&5s|Az1<0`fR3`@jor2g_g7aR|JdE( zH6fYF8kRddT|Z2Ulk_qzU+lIkDDYed^~8CE#_GH3UlQ=C??EWkBW}lhgS0XHA3jUk z&92P|uUao{Eq$sV#1FsHbL&|Iodx{Vra)EdfS?{UY7zCrq?!)!&US;j>sf`;D$o<* zY~S#1zX?oHmdOnb3-Y5Ce-8`ymK@Io(4c#ARS%y%{kdq}veu*$bWJ2_|KGj$lmKbA zEn(hlsncCQpYB4QNStEB&SxR0g3jw*mjanEDBq<+!iMaRrU#yt_xoM_j)CsH;9Jrw zwB`u|d<*P&Yo^X0`k&xuS?&L;55z}+25KPk{cJb$2BAo`4z~0N*#ClJ?DoG0?jw0R z{$8gO!~ir-Xd36n1<-49n;L|Z9hzghKmKq^R5FJlsl%R0B`e7=$BH0VTMF10;g5R# z6k`&;1)VfN_lhxY56=U(4E1 z$d$umq|?uVz^HiyVhIkV)|8}y#t{^);oZrCQqL@Da%WB?sd>@5 zKrsZ^){-bbZPIZvH;y=v3l??mMHOxz8kSu!Hrm%ZrMJ;5G?9w*eHTm4X=}T8|D8sk zvva|MIT9&aY|Hs=Hqju2QzR;*9X>pva*HB?Q!IN<4jxv-~Dl z>UoMYxlXBHjr%>FdW~~0>fREg?TXtVIR74ilef37EjDZ9?V29cY{kb}L31G_5QInF zxJ!(@L9KR|#qpgyKdx^v#;o0x`~b9LXxfP*%0T5SQ{g1OR_d^0ZOyK8hO(eDJSEsH zRlz}rk!Mx0#|#BsRO9YioiH#5rm~Q2m2KSJ`qAGaz);vE$6GEiaCHNiYM^0bdaru# zxUeTREq2&Hk!i*X|Eyi7VsJBHk`To}IEMMAw}+l&N1f!_x? z8g7$Wqg|E3dap96JG2|F4O3Q;dfyGG^3mZFTvPv8-<~1?H)0suz-vPpz*@4u)0FL2%r1 zp`+NSDDVH_Coj%}d96R_FY}l&Qtt^G1|JK(Kf>=K zF_)xnk^x$|Zkk%NVPuCc*Hva@pmDm(UUD<13DC^nUCi}};@iGbUu;Z)O0`DraR#q1VL!cPDsr>ZJPX&j5~)Jr zr7I++#0~SXYJz2;o0L`70?2R--)f_dCpB+X(XJfx{H+!0um9~po|6>lk3Td$3bbkU zIb@pE;=o4rJQm>z4m33*5i)4_7+T9&i-Cc(J)prdOZu{c?_SO- z=@9!k7m_QtQ(B;<>@FOjl+13KgwAHKC~h(m#_K7+^@$X_dgn{7e)ByRZ`(?sR`Occ z$w{x*s1;ew2|oW~=-H|vKzOBDqQ`)Uo-@U^>DZ+qYI+yg5`)&?2qNGPC{9RHz5RDuwt|5j3j#0e2aQd zmge!&y3h3Vsgh5!0)JT>yijA`sE5@wRkGMb3J|eXwhA^T*Z>%@_Ok4?8`N*j`OzqB zEc1c=VjHqw+8$BcTjV(883uM_7&Z=x;WPxw*$*TqypmQ}1ed6`x&I2e@53QSwq2@S zO2z2_Uv9*O%thhzK5#{pu5dyC=T}z*y_=!7bvNM$?~epZ(o3dTrwMV46<7C{;WvW$ zz$g-Edfk-)JF^)GL#Gf8F>7(N8ADZCG(0<3Hu{SQUkI~hr}HSttFo0Y6*?;q;69BS zEvLGQi95yInSD8Gq%Xb{3eEjle|8t1MpoC+kAqH6aL#UH7H|Y#-OVD3Q{v#8s4(^+ zogNLw!TMJ>U5Db6AkTH8PV0hUYr?w$I+vba)#OtQLDsiyAt`+E2Bq!qd1$`p3EA{* zoajQ(BdX;8W9?1jl1kqPZfPAS(|$ISnW^n&Zl$TYpe<8YmR6?bUSnY9Rw^nYo_1%( z(iRoXh00NLgA$iqfXdPW0dvC@G(}QG6a)kWo@4WWUOw+0Uid;ko||*->s;&ix^BzE zHFoRo$jlcjwQsIQR@nsHwv6)npn&$a5e>vYLvPLAKQSEo82#dF2BSW2^=`d) z8Hyt?g)2`II+d`qu`AS@6qDO=;;!Ge4-6|sLrGMG$@|K~z~3RD^f_fn$+0rr`Ip;Q zZ}MhI9HQ*CHko40_ZJ%zeQ)nyo%~yE*EMT*_8FJmmi<$4#RFZJmvviDmrK;D!0b>u zq0Z*Q`S8EM2@g3d`u2^htQ(02Np%dFIOeYXQT$)RGl&5l)!@x*6ScwX+#dYX6@_5X zHK{rvsNn^4dO+H(bHd8#Fzz?ssrdjSf3z3+ToJb(65iN0c*`wh@r&|e;h%oRVdB)@ z?PTXBnWJ9;{&cAMB2NgH`-c!4>^|eYyk7^U_rjvu@5m@-R9C%A?wO~=ZC0ME=XV(p z9phS()!zzUOn`Hb-n|HCu@N{^i|ac*5-1mjuL1K5F~4qAME%_htt-1CD<8QCy+D$Q zKMd0HmM-<9H?-aP-nZsQqF(OVhT_BJ4n5&+BFe=n@m>7cE-NG-e2Q@sHkR0KyHl{= z=^mrhJ40qD`0igsmd^NW?I>tu*5KR!Ig-OCe-bm?`qIpY%Eg`|I8(dcBU_6- z;Om59!OnHR+Py@#-AS7M;S(k^6QK3arkm&IPQCHrBJG-_yx|uw90k3NMr(H1tb27t zBmaS|-Sz$x@0Qb`)_eIobEFQNZW)r%=S%pn&3~KNx8+;uw%e*r>mHag(odZ9pF6NH zHcxJ1%tDt!(2Cx$i$&uNVxzkm4tC$q;GbzP9tQq8;H9(1_14>iQR(T)S>e))ci&z` zUA+^3>Or*S>Y{_!-8vHzAS0`yUJZ5fUDRm0{7=A1!r}@?JeN|-zx+ZH1oj1^_=pT9 zfUnDFQ4HCx)iw1TjGzo@dH7%y_6Wno!q%)}UJGUv*(VHg2+t3SYHSJi?Zo6;%Ljx1 z1+*GxbtQqdiJo;n<9YUH?azt`A&Gp#y2%b`9#!$oHpnF`D2TRep4#u_l*~3aS;bI8KT%{C!V~wMLhj| zV<}B#Zr?O`mjzrh4w02?5m@pgA*_^HM{rq!?^#6cLw4Qb?{hllc0uR|1 zvT$D;_EkU`xebda0@m9gRV(k z>a^|h=7ytocT9On(!dczF;S2k(OYv%bWR5K@|7KRb<$n|)J4z`jAo6F$GQ*}BvmMI zmMzOQIe4(=+?(MN!SjyBeZXMT(OTVAseFbNo`-y{`%wG-?I2|!YbSG|)8R~hv}H`l z;AE|Ga3>?b&oxW=FyDUHggk=rPlkd27;gv1>Vcf0+fsk*M*)zYvT4`0*$X*|Mph8u zd#udCQ+8&mvUyV2e;oc77dnJ?J38j8V;r;?cM$J8h#c6sxX|W8CKNQkRQ-&`atfih z1`eVatUBw*Ly~@-FzoIu&dxGE((mKv@Vg8co)PD^a-4R1qHYElvggeZ+eie$$#?q? zD)6$@pew+2w#fQT(FYkaCu8LF?#SHwwW6dG-w(YD#>X}ORWozr4i@_C{hxtFUMGOm zkm}Ek&)!7&=kFymgf#{S)4^ql4YO=_c6q==;p+_GzpQK?jMu~n zh_a`0hWTW8emTRfEJc!~YH9rQgIAh1)8<@UH71T(*FFzE#L}Q~Sx3kEH9Ec2)0z1B zm-!Eb`cEWw!9pSm4@&A_Wq84y|D$boTo?YfA-yaHNB0jY(G%-zMNQ{6a^x0@Pl?%p z_?xk1{pp|Pu0U(m`^e`Vcfja5hCpO*>@zB~sTv8l&X-J?+FTDC5hXPbP~tGK=#38^ zNnc!ZaY54>$oZtd9OGLYiO8@}Y}W~Q zX_(>X#|5q!H8ZjKn<^Y5oXjHu(y+>%0;5U{0*5I9q<7_r3zPSlKckoTGppX4my8pB zN%XeTa>kkKFR9k7U6cMAbB~4gH{7R1`@WTtREW-rKvo~KF@Mrzn6fUUD$bNIV zQi47c;J)n{+O`>9T8%gnku_>hc$GH&CrmQD=Kh#C_FJ=y%VO@N`G;351@bgBi*tkR zKiT8&>3-i9ioH8ZM zT;i)tL+`vZ=M<;k>9+zHbcm!NHwz%H z%4Bx~cSG&M;+m>h#gd(LjE3SM2D#x+gbbi~=6HdyL25i}O`6(9Ks65yMHDk=!|^vb z1^j*Pf0kKB6Xi>J64dNd##>TC?6G$4VlCrs?9a5#=+)gC@Nk$zpH_x+J=`Slt46Hk z+;E2O{w)1q^pz9vLf9NIX!Po=pWNZ@(tv9XoOoR0JnzL&SNK=rBK9agdD#560+X%PL`Q&L_F00FwUZ;PpbWU~ z?qoFGE=r|I&kUW~jAWec2BgCl=qn+p4qlE%GjGl9TD*bIOr=!CUl+o)P&=QVd!BzU zmc|hJ+4Zm}JQ#Tjw7xgwC1u*m3d>e=1vK&N_0>W65xofy#a3$Y$7SibVGSC=THQ79 z4f5vVBeUkk{%bHc{Y7f}XyTo!<2idq%=5f4qx)fJb1&Sv1Kiu^7i-i01Z~gNq{g;r zUi_*1WUw|)(xw5{H&l>!P%{nwOIY53xz3=sj>ChVQ zzm>$FcCA?ZHB&uXocvhM8;Y02Jb_u_$!a(8Ey>D;z|@a|Xkal6@!lHW^x*G`_0oH2S$7Jfpq1(0F8dKjuEJvM`l=ePg#ZD^_y;m+G!r!cZI#F4 z@tJ10o~hbdw*_vu*g}|83=Y*c@zynonrj<~VYAc30oX|#CeFl6Ba2rX?d3@d#MDJ> z0$kLyjZ>c(Z?kq|^ErEd5-o@H3x#P7>Ry4_A5u$=J=P=gzfHvYA({kf=0W>br@YBNAhu=CD0x~0Fwxb~@jA+}Mmwl~@DU!8)o zN7Z4dnVSEh7wa&EUJT1<*20_M$?D7wXRDVo;1vbo%y9V8ENL_Qbt(0?XxETsNA~^K z6B=6Yo7^{N?S5$Ep83p^4!{q`aCb{EN1|&_o@*{TqS#ThD+zu-tW9}>=8VPsY|6Ry zEDw4Ma>;j`_;;c&gLF_WoR~?;3oq2iNiL6E$^#DvD&a0zQd{zB*m2Q|{gz`^KZ}k9 zp!wD4sE)~GM_4KTKnTuadLS|o>0w47V z_^6#0+J<_IUAGpN=`}OF=zPgF#&tdvV4_fG z4+B{|{mj~ME3~Yoz0!?UNpeZfd>LD!462nrTyNn^>8ZkpbN=ZOF;z=K`P*Z7=-K9$ z@U@JV1t9-JXp5xAvxieC-rPL+2L;V+2;Qnh*NPm{d(adF_q8F%p(Jq1*hn#!Z-X(5 z664xKX3&`zaL8%13k-J4_&?KKR?5oj7N^mk(1f}cSO#aZnKLf#jUQecyL&~NSdCK5dCi!_lZ^Td0>-N z{PkGo*PFv}qT@t7z#O;Y_ml8ECwG!U-0MZEoNy4Os(;v|ve{A+vzl4ZpbH%IG&5M1 zj$;}frH=cz31zwWck0+$FLN*T0&CE~|abbjS8pVMZvFmWM^gQ;1g*n+t|}%CfeUEP-x$wd#@h(Uwv|o#@98h% z))eUeV!YVpC)S8ZT{c?@Tt*V%vY5^H|15vzY!3+zSkq0~uxxK>5RV8W))Z;r9J0>abKjTe)db4YLT(C`4O!eu2QwoZr zUBB5Sm~Tu>q};6eD*JMH(Z)(u>XOf+ajlm^k)_tbQ$yl;A5nYek}h|m-E;eGT=X*0-caEWX4T- zVP7iK*p-SJ7YA1Dqq=+6B?5EhX?fj39y4S5M)TM8;PGZWvb@;BwIN`8JC;Wj_=ijo z;)=Piss%@zlD-36JC)7fVs|aED}v0Wc$UoQjeq5N5nlZLwd0g zj=~=;ni%2sa1)3tRPcc!^i;Mt%>7zQ%}69jYu>2&p9Wzn_}9ZT=QIi+ zgiG;lo*!FVQdd+?qTuHaP(N_Qdiv++BI`q0alKk)8#}L_v%Y)U)7Y`)x`yzw;npI+ zS~HpYVsdd2h*jH)1^HZ;l?D3d9T9tOMdr9}Ket9LV$seW;7}L>)c5S%x*he459X;1DW_P9hSdK$EzMzaTtQ@8= z@Wh#dZ#N5kbymRJ+>Y|=P9kkC1BbLNT>~B3w#Kl?yv;Uyb8AXF_@Ny#8hNNa*Y1h* zTK&|L)0OM+!n&A4dsp_4f0!PiW<$PDGV(de$??I@?-s-QXyOp%&7FS$WiD>6vT1A| zV#pg;-0tG<9fHifcaR@z8>VOS`ebu1!Uw=~e44s$_PJ9-QA52P@3g@buuqv7UZ82P zwe(*wXm*-?o7Pu#k-DwQ$W6QtjasOATp6@huz=<<1V{o@hiY zKsim{q}jwU<&hEBvclDt!rViN7*}nG9WX5YL^WBmqzYg+Zhm_)-Bt;nKl*Rb-EW%J zx)-)Cj*q*afxifMR*1zLGfIL~I}O-qJ08`=naT^z5}!`4($tb3x$ z)3SIJSC@#=*xlwGqs*j%(T&tz+mn8jUL2DYyL(baRR^MPgPdX(k{MyigMTokIV5n*!sCcpIzws96YSG8 zZ;pl+a1NZM_K|7ALe7IeDc%ZDa4{4ei0%K1=7J+^imIge!nMNPnT=i-Umld`6S*cPh6qK>9qtDBA z@-J`$ESG@%CRokmkM3#-inohw)Q>D~Wh18>k+V!8I-D3Bwi7V#BH;_}DQVsTgQssW z^)_G_bP}{ApBrw$cT~>S3ic74OHUeDxGymxiWP5J`9^#x<00V zU-P3};+0{Zw*|!*4kF4wq^zWtW0ynOwS$9WSNz)W4wnk|H?6V_3U+c%ja*~yUTAXg z?8y-m#@EB)^oZa@_0^aj(h;Ft$yV|!Zp~5FF@TD&07F~o zv4-He!hvFt%bX1s6U0yRHDWVrfXFpFhGHXWbFt1hoGTPqiIwehp;4|@ZQo1zzaEO| zw*`vHj_f7WYxJIznPygp2#&&~wPsgt!0|fSl@6lvmJnoheU>RFX0|e)tHp0fSsc*; z_GAv(AXRehtjQEkowN@{q#Lc8eCH0tFV(sH7%{GEj7KOO{DQ3kj0zW%IbD#sK=6~i zL*8vo3Ky`M=s$BR&6T`bl0Dg-?7*m5C@;$@u8eYHlb*p&jgcHZg6esDx|nR~1l3F# zTwc5bW#V$qis4UF>YtlF1S{eK$nv{zsNOLF7X5)L{DEeeVqc<%tg}SJff)y3jCpQg z8Q=juA+o8N!9Z174#8x8Q{i#kNI@%(RE7^Ots{^GtC1{>TYG2ArVDPg{EI^3zs~iI zRq9t4u;HQDM$~-u0in!k!J)zDn0Od>m()HfIzUarC>iM_`59v%kHc03hnZzt7!SfC zVhq0J@OBIxNg;;9W4x65h{bCH#03|DFpoW}XqMLv&t&tWpP*r3vZZ{kO)LwYu8>dF zrK*E*jSags8}SGlOFitjW)p!tn7H;%=DY^GY#J6aw9-dl zY=8;+4YCaa#iafQ*#dkSQr>+bI7=UIM4Xcxsf*ElL9&~3(LWef|0JujHtl6BABvKm zZfwJgSUs`)0o&Q5RP%zJg4F$UF6};RhWi56tTP5Z=3X%CbLa}2rS(EEAfESLSyIw+ zj4!QjXeU$Sx>XFQ;!~&kUhG!I4exVLBj$T=fA}05l&$}^1f%ym#0VfAAv~n4HPMLI(_ayBll*Q3wwKR3Qec%J`w&+jLXUgj495XBNQ<8e>t8hYpt1-JJ?n;bd zm_X2T9G70R3ZP(We}`;`IAQvJhnW0!25w!CCwEDNvc{SfA14Z&W7~hn{BILvyXJ7p zsgY>)votlvX%obF^A+6|u5HL`-;0-)nklu((Web3-@37&^_bXAkbqSUK}t8ww@nc1 z)jgNv2gWwTWX zx{73X`dSYnnq}}>k?^GuMDtQJtNowGUhA7&oF8YJi4*0RIX%dB^9hw}VaG-1VS}!J z&%#F=pyQ?=BItZik{nzQu(@c4I+JmCOveYx1r-_wx*4(=K+lI1&OK-LMJ1$U#1T%y zJ+e2vM$>f_bdN*Hu7R3wcB04p zb5=4Ut6NmW;x`AdHm2?84omBj>*r0My%4u%hnl~MDaDyTA=!q&{Q^WHY8f zAL4ynOWQx}aCwBrkG_aD_qMvQ6SgDvTYjU3;+DoYuACyFPlEW#EYtqr$#;EuM*6$< zK}NqN_lZo!WU8<(O4MQfJj}Sq24lAcVyu<0yviWPI0pJk9jCjo_;XKS0U|$<* zH(Xj;O%&@oNIJHQ@$orTu{R2Da`3r?xDB7z9yrv$5?y?CQ)KkH z!kuGB1m;#Zp?#plv1}{6lqId#mxPA&6Ks7k>Gsu*6W#$Bw9f4s$%6{agyeNXc z-E;~Uq_X|_eu+RsP@IbLe)`1Pqo@Qtu-S>0^f)E?1=Q1Nq-uOGO8Q88p7_RSm6grW zd=71tf6nz1gKm638}|2C-N5x0aYQ4zoEffolC!(MS%QyjU~feot;TUu%J{d9GCQW+I$ZGkA$Wg+L36FsQ~`AcBgo+>r=eJ=TTPn#Dg&%Ckp{lhU?VG8n8Tf zi?dAw-kr@k7-n0GkJPfrcZ`~1&x>4tYz3|jz3v2KrftK?>*d<(b#vIXW_3tj^;3vU za`~cWb&dH#b#;lh)FaQ&F&LNlmS{sod3s5pfntK`%5vK7+tjN3t<-hU%oxT$g|Jc& zO5OP@$Q3m`QK&grN>``mf^mL_t|`Hro_pn1qXPkU9hzXi5qj`g8S$a)+gH{gaEy?_ zxOQJmpdXB22#tP4W`@}3Z#+EVNX5o>A4g^O^mwTbVrVlpH74R~ms^5YB;1Xm{}>8z z5@R5|a8BXzyhlU9^agX36JIp8C~iTOMBYrIG(w#R7>Z&2oca*3{t+(!rq$E1c0%eY zSr1HoP~VtC3@WbS+aK13Hv#ZzOz&z^0Q+%QOpYV1k%q;UwD1^DO;G?w8lGxNlM}Z^ zp?3P{T{}HWD5A!ONy2=IIo>PUY^FU6D??5~J)7GyToag0=8S?-ve~L3kJv(3c3yIJ z)(DM}?&Xmb8J$aIq`?at&N{jA8Tc-rxJN0~iMEA&GbQ`cS{J~Z{YR(vt&J7j$@{hG z8+meRug^ZV-vbvDN@5O-QkRNdI79<`H%_F@rIy(|`K0o#5>ZwxjBYSt!ft?)h;Tyd81_ zE<{*N`B!NH!^9D7e+4xJ{x{K1|2H#*P@6`HNPCRLHXi-*6{WRaC2)$9R>Ts;lDB!3 zUcKCEZ+dIz!*Xltn;CWDRhZ7WD)ZI_D~>JCVE3Mv0qoI*BxB0>2QN15_jY#Z){d+< z)75RN5%id%F-+j^jSJ`6x7{s^VFclJ=5Kgq3jPX;|5-TsOwT_aE!uBfn=P?)6?6R50q8EgSQaH-0XCsy@B54KJfX24Gb`rN*c)=8amfFcqQ6zivxn)OSjpd zZ`U~O;PwFXF_NA1Chv4-p5tD~jqosn#2|c~=z%Yq@IlY-MC!2pjDJHaP6UPjaD8Q% z)nR?vxMY1Kd_zHmx%(D-XKA|yGf1B6cc(daJ(y@qr1vJTDdfZvhIiGb;uT{Rewm!M z%y1k3cANXI{^AxtvR;+jp`kMK0mV!@CV2;B>mMD}BSVNUMEjr%A(=t;uv*{OheBhI z4K9i%KQRjKO@_B}o-@uy!+P)X)<|BkTpdi>V>-8lNCl7RA5KV`4Z@e8lZ%+a9S~#4 zJVw3)vJ*nU8100dhRk5XcS5%7++5o1zIi~e0N!?8baVbACT}O?ifPJw(tP>?3c=iqyRr$Zp8K74&?J#cs%E^Opi*u(2EbRV~bz z^d++Al~#NXde=~!f`AKtATK|b#%m&1k1v%LS-+57!ra^q-h>_I$!^GR5F(~@H^k!i zbBwOMh`a+%@x$XsmY|gxZx<@1T9_ZZA-l8_XfmRpyEn7M;$I@$2D4=kWEZ3m|?fCREDFOX+HM1r%bl|JjGS8T-Bl z-^+Ktsh3=pXQ1ze-}BYSY%85yfw3P@b*k73P`Tp0d1EKh&Skyrn;X;B0<7fiG&Xoi zr&6IVcCS=RJyrSBu8MiUi^c;~b3k>f^qbmWDFWnaVvX})x$u0@QY%#Lfu3=&QcHda zD!@~~|5WyWuTFG*OTUQNUVcc+p9@2v#!d;g7o&%+hD-nhK_3^Gv2ogJ!(V>zueOfNYC=bQep0AzyNJXkaX}U6Y+iT3)o`jqv@F1)# zUfoVNUW7#LQX#dS0UIDjv5$Von(r`vQ8KLkfTEMRX9ora}UtH+y+ z_ePntV-kw&uo16n+rJ!`Tq+HAFPu=i-}qLQ-ZGn{FR+>3KU3Eh*)Lqg!K_585WW>g3V4XL#X1;H0~MVx-#4qjGJmPSry}Xh>UzRgi{q?7YsC47?Xu;PD!P!{F6G` z8?ZSW?f7NBoo(EUqG01NK>qbvHJB$1*0ocfC$uPTchv8j_uGQO!TB1PsG+nx0DvIU!42ytiwzm>hsip(Bm3cAyV*mxAp% z?{|UR;+Em`9NRtRBtps?$TDLd+cpzlnb{#-OktmNqHxbDP(xLll?#Woh&>QW`_$S_k}nJkG}t5nDL8H~bq`*2 zAp)%2o+icwuDMN#Bo5QC`sK2bR}ZEw@6Ky}8APSS{65{YKzghh`lknB_%VLwxX;JD zdz)om6l_f*Etnp0RX`Lxr1Y5ku6ZO9;p9;{yf%fj@Ep!klw-z!jSmDlsdfVr*`K8- z%C`*e)h^9;0B#>H>TWSAGaO&8FuSyADi~iInt3EY+=Y6- zY1NZ&x8Q_82XX^29(I>=o#`74e7l_J<9QaYRTq}d*(_p(2y&7BgP}|rt&U~13a@B5 z-|Su(FGkadhefGno^XYo;;|dB*Z|Iu+(8(84k+CeGNgL4s-qMYV6#4M*4n@_Q{b3s zib`dPUC_#lQ^%}rNR=)&&t`d00w6#MImr*MO|iT7aQ*hk?|-FjDe(;7B6VY6ZxkS$ zaQMI79T~7@9kX^O(|B0S$71LD6P&*CCb=Q`_j*NpnW05Psw(4#d8QMCb7+He1kfAW z-7vA(lyjRV=rTqSJ*S>E`3&XCiKD7n!Rjf4=-gGavS+)?Mg7R^-3^&7L=sjr2d>&xENrnrywVGq9@G!;kuTbvgAy*|YY+o03#ctRcK~+HTO^?CxnjTS;>uZ{9Y$iF(Tievc*`gl%(OSxnH{59_p8 zc~jH^x_*SBbiO}M+!eWYXlk=wI5xtRS=CN@!lWIfxquiO-QS8JK^u7Mah~UMoh|=- zl3Ec&LW0!=04F$35A9Gm^rd273h4nlguTog9fNIpZ%>l-(o?MVqN1X&1_YFU{Rt}T;f!O z4j%-Z111VAg@v%-^i&V4K{v_3-)g4~%b4IUKm)#AmFBt(lzdiegQI);_01vchfczE zQn>EEXVJr*U7yh)Vb|hK{Y4_9Y_ww3l8p?^P~EieHi@pjZ|mU1`kH^a=8E5I2=9D6 zgZ-Y`qLMvq1l;Kp5>vkmi8&>4W;odcM1$>j8`s1qW<0vSw#t>+_mx(cEKC;9waqA- zo}mAc{PVM^&?GI>8~nGQRE+s*2-pd@{CWTM&8maE$)8|`)qcpqHUA+a4dMGCS62Z( zZ~m6dxKuYux;z(DsxMCM70iqlUqj_+@jn}bPy-IVML~q1dIo91K>Vd%R2N`bX$gYm zO@hCDD~`pqc!4n__~E&Oh5bPSuXg%&fF)M`E-ZKnfdCPOp4 zAuZ6zjoKY0ZL5^@s!8H$5wQCG&nvuvfD~{Z9uSDV!Lc46^!U(X#~UB~dY1tJRUF6| z_;^BrcYoIPe0`GWvN@$=xwLFY0a*?o`>p-H#N>%<;*Z+D&L>=NO#H{pjTwz&r;(&5 zxPorDv2x6+(m*GrB3b^Jx8>(zc6T&#ExPq|VL77!n6-8O^%kRC?E)ep@D&ZaG*}c3 z5vWSb!(vlq^H^W2i%#tx7E+JLJV|qiJl;?!2^xA*f))MOtJA;PxbkxTsax@iR@cg~ zaJbKM;P?|}0$1wRyfsi?q?$_lyPszXEnD7F@KZ`yb#SQfWk^eqy08R*g*|C6MD^k1 zY&3Oem`=YE#n=o@@I@^2r}aK*$n?e=I{4FG$%enw^mON337&Asw-6_AR)_VeJ!HX7 z!eGS0-OLJcPSY2ox2S|dAEq)QEz`2LR;nVRrt`+!To-Rl#x?jL8R-&!xtf?$!`Q(M zRg=1Xr%kzk=Gb)uRqRW=#*PS!*utuYx7_@=7!nz5Cbr%iGQzu{e4x|{qU%oah9sZJ9~hDK4^idu4woUl2FQf=s=y+**m~Ah*7@oT{Jdd) z(-##z@zFHN>daYWTxzU~)t38jGE?UN$u?L)VU+o~H>T0AP*lrI9mos_D#VZ9i|Ob6 zn(1yCVldY|EDJuyNT1PDcK%qDPrvK&EWf)oCbbVym~thaSQk=OTfT!^rX+y|sIlF~}$jkz)mGfc>X22d|4A`h&XgBG82?W_5Z?b2npDX;gGn~32$M|>PYlrGx z#xc^um_Z31;*oEHjektqHU+!l^SCaOR{P3U!BTzdtO|{q?yQb@Al$(iI8)*wc}Q9K zp#wBtFg9gB^5s_^d)x8m>_B?MiT2oQy8R_f$VXd4Y_0*72;6f7mb=kK@ja$OnxVv{ z;v?L|MNNyU5zIe_AiJy?G(9FHw3b(1@C>)Xk?}Q-D$;#jTK)OBg1-6wEVc@pf3DVQ ze-s7jxp&a~SO)m2VMY%@ep>~G3bmNULy&D(*B9T|ZT$@IY54Hb$J|v%XovCTtB{&8 zvmpH7O{OxUo8iB`8i~KDgiTlnqja3lMj?5m4l+WE`#-uf-JBJZUJT8!ij8*fR z9QV!s@Dnc3U#afsU0banNVs;{ELlawq&R@phOy$_Aa?3of=gOe$uN=y(y_50Q7#vW z=gA&$JMQLSsF1by-@wQ{H;S;^?78Eh4Q1&UmCj0L{6~Vy3bW@Lc$4?Hh76)KF=eYu z9g4Qbu_Lk_8xirugZScAAD^(56RHRwI2U)^l*-ppS0%%LQ%Q1Q@qrQR*=bi{w}C(^ zn!oKs{9rVFj9{gNx8|(=`PSY-rc~XD+Pi)D(KC&ty`x`4+o(ecX=Kf>l$q{?#el2& z>{ZTrSCG7`nWfM#8Wbr5=Xy5k3Ae+H;ADep6nGBAy`@D8|jbi?K?d)&*j9Tiz6hN^mM z?9lu9DsOp4ZS&3j>=ErE{re=uAuMV9`6ILcI>9?Y(yIO`u)*S`N6zXDyw1Jm^Hx*N z8&VB*z6RqSI75+-bR8QC!Gk;-zQn;n_EC>X^^qzY$127iTfUT?%azaUN^MaqJ)EMRpcUNkF3IUjBtWo)@Lti8R$42nAGfz_ zAzlEE3FS0E%6l3S{-Z9oAP-s)I`Tt*X6U7P!`T%hR-PXxT}spg4=?{W2oQcn^IH9x zobf11Rj+x2zr^vZ#z70`j;Aylp?iVB%?0$#l&%LX12thwMsuIU@C`R>! zwe*2R>HDizQ+kvA3OhuAq@yswWf0dq^Gpn?;Y$rAXl_y$$!f5v^wZn~4-sqk!)VEWbDrLKFWWKFK)q(A(R09jy)$hc zUg`>0vu?ilS<%&h*8T8Uffo;Y-~BI9e_V_Yn8W&-oNyh!JM4t8wliv3z{VDxuY?ZO zKAu+ETGpkUFIRk1bX<@gIQUFdcm6d=|8!&7$o|fFkmNh3&hS>K9ZK;Cq=|9C%FB}a|E60Q9MR~=`C3$V zRx=*#qWci2Xd&6}Usu2CpS-Wq_ZAr6^pksYVpF;9SX_t|{u!(!?dZtyB0}WpkuaY~ zRaGy1b!N%1sP;nx%b|X{kuaDDmM7izFtF{X9WrUbRvaL=rp&rkGP4CZ2;Vd3jBcN5 z?zQ-70|Pw4g&k@i=vRqI46uXX`eb`p+YPT3BcO|LH@Qu?Y(yEPf=$!l{=%|KD!4(c zcTqMHRgjM8L61SB+d*C^i!@%n`eVw^%Uz1m{UygoQ(GiWUWFS-vjb{kcwkQnP@_9t zWGyF?px5<~bn8pyibU7`^H&lFe36W;HV)J(hUC%8?kq?Dt0$rd7>P!l`J6DS^9sXq7UZYt5?PP<=ER8 z*J zb7Iibok?oClWXFUI+jpwrY^cEV}o0}5tb7UhngIA0x3icn8+@d}tzI~6)M*$H@(jW6QbPQaZrCC8>EF4^G!dEY+9;0fH=hOnhp5Z9M zy$1Why2QCX4`ZY4UI~7Fi(8L&X~4^&lHq)_BLg39Z!6xhDP7 zNs9M-KM5+j&F9fvu4N$R&|%0nUc0_VxX^CRR7YqLsbHy*~#=(GqPI{xKOjP%*;;@;>*0#-FGyE=|7^w2nS zWaPo2j>SOIyE#%5lHKCFVy z1uB?+MGWgvE5+bT1YIE7@5^ET#Lyia)oHAxc8C8Q7+YNpLizu9+~)M_N$JdUehpeu z!k)=ZZsAU*SAty$WRG_SKZp2Ap|XDtzvi&=EsGpBD?3IQ z{J*yC-+ujQX8{j%rMthejW0TVHjhGXoguM?ayF_a3re;7bTu&b^I^q~DWHDa2VNU2 zWsOdN3W0j{Z+2;iHeE;tm#u7?t?}#wW|NmbJ01=NC1$ zP21N!^(+L zRCLq7+E2(!i;POW<*yA^$FD30e_zczL08xhI)1>$G=@02^baQ+_F??TTh5TwAxid^ z+h&8pH!l<<+x<5~>HP_C@1mf}?)ff;CjD|*@+45g?g6;)2T(Ak_%EK0+|~W9zg}DU zoi7)dW1Z5SXNSMWeq0U^*G#HF@t|rOLnT)b6a3KL2)7I$!ZjDr#*1rVxuBVYpKQdn zj8-K}qNc}wtTmfG2z0DoW?$4Mn9 zd}|elD_I5wRZ{g*k>@Q$_*J79?Fjp*0s8EgXJXImID#! z#KN)$7B~SP!wSh9&%D6Q4@&*{aQJ_KA!HWXTj$}&JFcj?GQ|7&FNVGkRf?HxHZVEM zo#rH_-&+T^WdO^48J-_+mpacHWb!Q{U7#{P6+Zl z2ZTmcI8mc!3ORuatDJ5$WuRx$Vtfc+cvnM)O0mNLtwJ4*Z9N2TT{7<==!P^M6U!%C zv3RwMAcH*XT(p!z1RFMzUiba}iIY3KG<+Wc41hg^pp9xs9?hZpLM_!JOMaqx-fl#` z(A=MVe9%wgOac`uo%#PX_3eR7@BjZ+PMvi`<(x`x-K2|BmgHVJsR)(OFe7XsR^&1> zZ0Kk-mlm5 z`MABq7i*A?;E=b{FRXVfS$SreHJjBLEdH%Cm=(hF&di@vujGlgA37E)YMU!8?AqO` zkCk<6!W(V4;*Oy&-`>=gI5RA~q=H#h)055DRjq5-lyd?m0KZG+n+PcYN1IPz0Wv>} zk5&4VNyXAfx5ee4jBfPAYA)%jx`|A{+5xO!qs^U8?qc9NRW@xedW<|&T9!=s;Xngs7%I;Z$1MJ+{st{_i7VnARBJN#_w z{y?JXn5{;toHqLyOx}8>6?^>xkkWMhr#;pPuWM6RfIFh;HLuE@AVlk8XDTfuW(wBJ z5*#_&>=TnVF1|50F~#GvUwVL=KkhoOO`YNGARW8til`PoXC!dMre(#m#L9bxpI8+y zXO)=Aa;6`HC2P0(R$KV?2^N#_yKd*sDVtSEUSTVS?hJ+)zg4e2f>~Y!8pI2rua6u& zy5>u78{758QlOvG#0vITOwUVX%M|M71|Ik7FxNFxzE&-IcVFr%e-6|Eh=g%WgRMh) zd7vpFh!9TqW5;9-C&GBSe^dx>If5=T@KtIrgMh3aB=66)Q+JO4^n}Zo-sHREp?h~J zfJ%6d`)Tt!9*`p7K7aukpp?82^}F{G6f{tv(H>QPZ==_Ssij4`)1O~TF4=MNV{-;V zI|NFE6XDNaicdhSUk{edMxW&%mp zKy$&f?Ccjp5Co_Xj2!g$EOtbFj32y5Go{}j0n)Np|Io7#a#<1s)pLIJ(NuB|hW5&c zyKTVf68&a=zrICHMbhTiFZ_2C%iKEfPZ~wS+n-pjm=!#E7E49dbQ2bPJv0cX^+^x! zsVDpJeLa;NFlU+ku;l>A2W0OcrNk5TOFv;&!;BNs0{OeQdG809Pq|NkjdHY?!c!PE~?hl zc%;-`$O0LeKy>L2-V%tX324CchPK;WiM@!8SW8XsAr}QW1jkZs zh`-eDOnDq`Jn9FUM8a3uLaOpVf6n6de$u~)W~~sNF1`Pz{dgFxVI738N$Wnr5Hn2X5q*9VJo9QaR6YcG7eSup*R?9 z_d|~@g-26gmOjjnOH$Q~;k-{o*J}$nUrn0aKG90%s|)b{8bzdpZVr2*cJ73y_{*&- zV{M@;*wRz8jN()s#S09(qo1AQsm)e9eW>^`%yXwb%lVPRNt+Ec|4f+OR=BakgzSTy z9osnl!bat5prhpGMGR#nTV zZ&z=+ncQPWK@-`h7;fPmhc5uQ)2ky_C)JKzNZH*VPng5!!P+pi*}sLZOnq-1pes`O zY>vVe=8Avt+|hh)3Y>yC+!hy`>+1KCMF{yC;K^_c0XnS0sx)xQEJLCx;)%2*2q-<{ z5|lsdqb&S3FX^~5@Ve$C+s_nzhp;r;RsYd@5NBpgghqPW;o1FcVzCjoUH|W}6^`=f zZZ%|NMmTpn`U6=NbH5E+T5V9;JI(Bsj+}#lD>e)~i z(M_9tVyPdHEm}bQT96&>NoMAQ6?yh+c8S}j+UPQphTG7sQ45^-+@$5pU2b_gxIEYK z$vcw4zr$lAEk2?G6p!W#Z6;&h=sl&b7O6?<*BaMbu=@sGD8*)Mr{YtgCPvUGj7cd5 zq~wBCj~l$Gu;5f`07E*AAh`NyqZe^Cgp$PD1mw0K*(j^~p)&AB)Q}HV`VNPbe}_X% zp;oe**LSBkt6M$~OR2Zr^gioG=u7tfnCSdtj6=x!cc+|^|6>c6&>T3rY|lfeGxWPG z;<(;ng*3(uxq2eR4*aTNNpE$?O4asq5p#$CN@uSo*A8_%Th+_I0%~IRB*Fi}j#Siu zb3>%ma{q^E;Yfv>ppiSZhABC%@N2_1n6eELL zjLv=#rT_x2_l>;YYC+5ac3A$@ByGK*JxVNFN?;W!+DG5H5RVaw3FF=^)eMEtLX#%H z8u)&muJHBzX_y`wp;zYzoiih;M^XiBm(C95a~&|{>b)u3>t2c;&H80{zg2$EH1uU5 z!{%3#G6@%g?_Ha}oB-UEfd)&sn$FRNFHX0l79RStLD*;uwgEm#FZ?OVBQ|$lnnSnE z)vUZqy0MhlDHXQwa{<|pti(bUc>wfRx~vU6H8(vVr;>85u2YQCP&{^^H)I<;m23^; zhSVkUrppM~Hz22fK(`BrVTAr0ko`Zr&-er25!P-%)a7OAA_R?_kbRIEg5gcb5hLcB z|Ju^!*J9*t_M$NdAl`%+10Yt8kmB8+Z5oy320?34rm+l!s71`@ojp;}gZxyUMe#6j`BbxdZ4G5P zp;MA-Qi7n;88Wgrbt7}ni{u-Xvuxbw!>&A+Nq5tD0Jv!w_8J?bZu0)#}*&qRMQ&xx4SEFeDE_B4r!sMgxt@I&TY zxSG^CvC#;YocCL=Yz)X5zm$8EBLcC}l36?KgZ=Wh?n2N*AAAYSI9mMe1k~-Huc{c5 z&gHu4pmU#Z)a>g2)%fl8tH5jTLggMWWM2cDKzyWnfS-B#7#o$ZU>GZdQp7B1)496H zpu0)NdDMCV{Xaj|phkC=`_tzZ1%xYEe`y6r zB@R4;8X`?i+_nVMOS(Bb_Cp?4peLsmuuRbQTdU}zrwXIDfG||_(NNR%u9Qp|36Q_< zjk=fF7DWL;C#Q8|Z>zWV@zlgZH2~TCI@8-{I{K=tNpMnk>S+p|F%)tG{?bSx>ZhA} zCN|pQQimTP%~P$o53289KEl)5(PQpdi843>38a95C7bvP&RwQMU;F}e2KEL zl)+bE%Wn{xNFl2rHd<%J-X_^JJ;zlms$K8}LjR*F>B2E`v4IsW81%@#|NO4UpLNE| zam*5k{@VTMBt5MvF&w)X3m6CW4`>N9qd23757#{m9L9T0>G+Q?_VMkhvWSe}9ig8u zs1kD`?MoPn;A~NB-P{*J!g9yCAf{$0^)}?~+GH^F1(bRBx`=f4P)3qh+8^euZq;tp z$y-nDis{l7{xIjGDx1XY=`K!qLL^XDQr#I;EB@Q$2;bZqaEN^mii;J~&?9!C#ZA=R zKCN4izy_<|(Kqg}{;U5V3xlf2_e;E`X`kI+buqFCmGZ-O7Lvej3p*}!0lwd#$@5P{g=9}UeG@M9jHuUE$^P{17Xi_z9Z$OPL+YfAo{xjVOH?f$xPs~IaqxFV#=6i6Ep z8t!mt6udc=Ra>wr%AfC|y*~YNo7^4U|HfMkJ=1zi(6|FpKODUwvH-89`?WOZk4A=k z-Hak|>yGVzlQMX81;Uv#kgLE$-yhN{z-8BLOJ4pHL|XotLnj#ktMLC_w@tsq&j z#+UE7as|*k-~Lbr4LU2yA`2pm?B_6Sk+OH^@H7YjS12znApQIl* zNSu&-MX$-iXZWb<}YVWHX0uZ0NL;0#qL+wU#OaP6wF%?Qe z>Jg7e9rysbejmu`*+(;5Y1_37BEpeEjjs=C{M?!>} zy~2p0`~;AiAl3b`6a2{iyZ=Z30%_4ZB&=;UgG*bw8WFI)hNpx{kDIQlyBUi4d-{&` zv~W=^Q%#Y}t@=v$j@17L?Isq!|5~7Mm5h}Ih{*h#YQOys46R5&5ELjbp@85cibK{7 z(N#{#WQFzSalQtUla-KLpm${q{QJx}35Cq%@?`QB40UPIF5$L}m8|VxacT^YFr*Eg z+-U<3oE1Pcm-(D!v`w$26|l1=t7HYv4GImJA&>)YlH2B7u%iRu5a%npRuu$pSyJj_zgA99@I#%oWAY-_~h~B;*KBte* z1;tW%(InZV2vQ!IuTrtQoSpRm{6l2jWO*&d<{rx_q1$Xju~hY`>3Ba%uQA#5GORyY zrPzDws5Y&fW)Qz=RDJ@^JQHA2O43*yDPbC;rgm23uvB$B#hqTH#h~xF@11B6VB^kY z#-mFS+CR<&PkPyPwk@|7z0)a9o1c!^EIICuZqbjJ7-98Efm5xu8_0iSy$+Hxlqux(%#1EvXqkS=TvIT#V()yJ#INd{pzlYrE=_*1PE z6n1h!gU0TW)XzOK%mYQBZoGlu!C`hGw=%af;WBLzY@LF1Z-Q)m2In0pJ^@HMHh%&- zU;x4tjawfwLGiDXx|jSmT>2vXS*6;NbIEuJyl=3i&&3ch_D<*!nvmMLcVQjYb?Q2S zC)xTPU=S33yxm23tIltz1aIL4PZVFsQ_WNAb)0`7g&L3R6Fctm|q80Ua6 z4Jc3GV%N)$OhioOu%6TA!!aXCqB|wT9wd!b^11Da-9Svo#rQL%UWerHnH9`)LI%rf z67{kqaItqKRSAgf9S@9X&jdYS&+c%s{v6}Hm*q%6nlQD^rwb(r$MSWbiwPo7mjn`M zmj}a;HK{nA4Fp*hY9(yUL|$&VHTO*buN;zvEV?o-cM1(Vot(&`1Knn+G4URQSWdXq zM6`h?^Wox=wA9RDX&`1~aQ0dXAlNY(+CTO>6Hv~$$?mLMV>U{-E7`JoAn_pQxeTQf6 zOIrDQ_(l5}FTxB`mLsyDEtCsoayvEG%fq=m&tPJp2Bw~4AFOJ%pS9=q!G`M>hI%(AP>l)&5CQj1fmDT5K+i! zD8n|;&WxN}x!%eJFQc5cE_faLw!a?O!+SiMtMJHMPAAI_*?e#xh9+h$rNfqWhx62d0E}h`qnnEcg<^)Dr>+jJR8xJ`03PtAb7l$AZ1z{|Fhwq9CLaw2yRXvA>yuNhLT-X$5pEG(jJ^jVR)2~ zi;lc#Y~YHUSFRCnHRN4kmlS5Uu;&m7(s}`Gdgi9)i*Y&|74+r40QXggg~)~T`RA5E zCx5R)XuBtkJy3Cu@QWAZ#32_K>lyDU>tXQu!rY&F2Kf|lz6f6Zz%(1H3@lRlt8Kw` zfZ*u`xpJbH-7B5j20RNNn2c>|Jw=$WvfJ`Exh;g@r%%6#8|XN=dAy*y!S7oZpGxTU zf|#mLJ#+fRno^kl$FKT1!B3+$^2^8RD<>fCgaw@jdxEYvWcQYSr6xvWI>Fi-VhLb@ zOanuvJpS2n#;?d_mk9yCvqds##C@Ggr){_Io^S;wTcouD*XKjiAKDcVn&T=T`8`b! zMiY#avo({n@V=}{{fvj^>xd_daiu$1{_&(+5B~9+46~BOd68fPbco4f7Rx3tte``zrqP>v3k07F9#?`#28ZOJWBc!8Y=CTVe!RuJx?Ax=9$3B-`^ZVSd2%eoM~ z2WztgIvS$#OCDx)c1B?s05!ZMu|U`|Tg5%4N?1cfR5ycpY6R7L5Wh{7MZ)j*AZHE{ zRaD$t7u!Xx`v<-TzOm7*XG-6!y@rg=YQj;e+f}yylGjHVz6UYCI7h7Grv9Yoau00F zzZmRWY}0AVdA&RJa>mMPxB~3hyb7@zYIj=)ok{$4%KNO!jA{6DU5Ay^s@x zJ|D=johNj4GVOv~>974hV5(*dW6^{izK~yjAYTDGh6%@gA(~L;ntRFQ1(tCi;g&Dt zG|+KIId8!B3yfl?=87O)>{3uet8}%w`Nc+S_3w2qS(r9zJ3WY-I-fW=x0%{5CThPp znlRFw(;Ygx6?rp5$)f?qlDirR0>lsU^Tpw7zZ=toO)B!v5A7s!IeGW`@ZcnqR%RfPI^n>W^1LMuU z?w8b{ESoB1uxs19S>wG>wb)Bds;V0x(&{{ zk`TuYyr(-+)fF3x@LYjE5x0H91lT-yQ2zchW1(1vguno$=Yzfej5O*lIi=rvjoTL{ z%hA&7a6_u8!4LOiQ;+;7t#H?RF6Mm253I*kf>4=G%zXt96g|;$*uw0?p{{J%Ns@9B zIPmC)belbx=Ac2nqi-m`9U{H{IPU}KMX9SiV0EP6nC(X0l{M8&%NDtBVSUrFPscDU zx2!9UTL5$_ba=_AoiS)W|0XwXnDHP*?;Zt+AI*2oBdNn9;G<^VbjHH1lFbqw{)on7 zKd4;Q&?o?i1aX19_IEu#L6)ci?T}(fXovTc^hHfA`8lq6E)P+QNNP9(nSNI&muME) z*N}a0j&01v@sR_C^%A2~k{t$4q~=Oi^#;QDjzfH>8F8ER?j{p=w20}myXFYZ6KPz( zw)9SyMd&Jt`NWD_EgCLi`Gem+>h)8(H$YAjSi>+;qdeO7J4}-N6R00b{etU+;boC} zo7~+kG<15q%a&3>q*K5`R~5(@B|-*W&o3&Q>`wf!h==IqNf)G{pN2o=J9npWW=T@-tKb1MDkDA z?g>x`Y0y31y~RF{H`!(F(lFN*)aS~cF%FP^p>rZ19+h{4YJk(m{q>MnWGz6}#>iG2o#OIgueN=^woCpG zRXzsZ9iSnu8fK2BaNJ?Z>XG4kZ!-pH-Ke&yC9NO9Xf=bvxLe6&wQXG3gGjcQ;~m1T z{nrbnYTaMCi66xZj&`Y!u@6Rr&sjjP(AK-VhiiaqWKK-Sc=3=|as=mY{a@e8WUV-i z5rp<3`MpfqN_*Z6@8B{5YKqqDTsL3d^m6rDe(1covbtA3nh15hG)h`qnbbDP#aetV zcCu3{t?teknyme>H1%xHai?V6Q*8faPkuPRqSc3w5KpGXW<`}Qde=-@_3KxB`sADd z04Hhh)rn;hylMIka9(P|sZSYS<(RKYZ11Fm<(Qk)QO(;7(}iDthwXMPk2H>~mf=pe zilDmEdCON?u!=c z@$^QHB6U~5aGCM0ZS=bI z!T94D525XA?&(|v5L<)#CP|A;4_x)mNldFQIrlmw5EQE0trfX~&ynfS>UqXn9+CAP z=MC>?9y?VE`Es$RwHK74+){E!JuoJ7Xs@CMoaSr8w={=A8%0IKCT4V*W-WnWZzl3s zO9MBpqaK3JqT&_9?nIUJ?k%*sKNYYY=l?PRNgK0ak2BJsV{yz-? z&(jy3nc2f?XZ+I5jkZ1RP~U!!og0gZT(ILXt~R@%ypzT|-i8fM%M2ESM+YQJjrj5W^WLUBYGt3+xNFDd1t{IB%`F#mqBY!E& z(`~JMky)8wDjiXrCI2P*fHcb{BLf;j#Tg|_7)?8f%?xkUynzv@Oa7=NPa>p=tAPSjA#!iRZ9fdT9;~-Um}fIuR<0U@ zjkOQ|8BHRyv@#5A&$2w3?poy5@&w+;76o8PklZuH~8bC6p-m0VhV)$~s_V%fQjGwU9e`DxMx9r8%<*FAU-loQ-GtgR#=bDpec z%2T|kF5vtDqDn#I~niQ7z+(yOHgvKHLJfGxDp|# z&(S>2%Wf_UJ!zcEj+mO$Eb^ne2GHIFn~#9M5ExYv*o&*ltQ~9Z!Tc7eo?Ocl$0u?< zR@HqL8hlP1E}b(f5nHBqvhCyj?&(LJKRZJh%B<0?H^UhZ#eZLDCqrqP%ylO!$$bMi zSB?x}B2D1_q0q~E0B(A*C8J8lD;t3s=Js3lm2D3nZ4t;CcCQQI1Lw(zBrWgO`|a&U z@ondaaH5hVqw6m!9molRvrwCkbRE|D3@u~8^z6{6^Wfz=6W#iSxmt#ez%;P<@L|Ml zMrCy}!{v5K>n*g4LrnV(apob6W@SH4%N=N6x4& zUcc{>FrInEOrqxp^9X)2?_D(zTnA5CYjw#MoM$RWG8V zq^KDdXtDJF!wsC|GfhL5b& zL(E4xWfVb8|G6 z63LQ|X5ZxW9^yO1wynyNa0MA3%q3fy%JBx}G!z*qABkRtt? z-vkS$ssrAC-xXEt`G0ZY-#yCTHMw$)@#u{m|FN8>R)%gh2vLT}#WYQoU$F{PzW}{` zp?}+tgx?P(zEEUlM5Uekr8H~P^#0pXGwwe{p;tAWp~aW}f?VbzS=#W7vZh~FQ_fVs z42Sq`u6}`q&>+B>gy3PN?;k);wJl5UYHPDywhBhJ9%~b^S{T8em0I}VJRw3dE>s+*p!uq4s$Z`;U{qMojP{oGsWxVRDN$yI3>)L_{KeqG{IkxSD=io>d RQ+Cv~%eKFkTylT%{{YP-5~2VA delta 62909 zcma&Nc|27A`~NSJR_c`~8tSExy)bHQm7;Ad+1HVsF{WaO!6_=0J!>?`G8oI)W-zu& z5web%Va8HPn8C<4F^2E-dVl`={qsAw+srw)+gWbsT+i$Id|ub}xIbTR3omaACs_*u zBGtB+Ja$E=Bzv3%JYUPk1r}H|yh&csJ97Sa<_%5Le}5J)effF$U#RiX(_)$LQU*Uw zZVuBY#|d!SW|J+Fq{F5ac6xCp;1nFr8osbui5v1sR!upozh<*xuXXo=&GUa80Y^|b z#F%m&Bl~?rJkoeWb58hfU(0svBD*JdD}{?EzH6=qxF|hfD-Lp%&^xkO(b4V6h37Ur zj)7F#SVeRfS&Y5s5MJ$nD*UM7QrFoC+@myny*mgvYiWk+#O_v!5ZD2O5 zgDpA>wrar@w<1T;TU$dn9H-wgv4*c5Ek~InwuUQ)@Wdr*q!wtYPsdaqYX6NUd#MBt zb$NVw{v^;sKHyXas@Fd6K97|04QKjotS;eT-5FIA4oRPoK=+8^1ZklZD(t9*;jI?6 znV6gtyVWTxEj*IiM^OsR8+-%)xcF^&WBw#8ko(^9bd0Zss~OEW`-hH|i%9LtttUTf z-YB{i+%W1!rWH8f7Jo|KC_=$S?1PQuh@KZNV1OXbuIMk?H&OU5Asbr=YgAN;0dP68 zqY?gusqXHD9{NUJ9qi29DKNY2e>_$zerAs~{crD2Y@VCboc0WFkv@-$j zjf8r_vql}_nGF^*8Bx-s4)&94C>Mt%BTPcp5EP`e8AohWBdwYoya=3&M~~mA+}5INOv5(2nY_I0WwXv%E z48Lh&cZuZZ?xTs+X_Xu#$P|B~mXd#$Xj*@`7GWHk*FTFA)+nE{%cb~eRB!>EjTBFP z)|Fotm`kZt?fC8kCT$}@@%#IJ3M=|+!CaPXRlXD~%%lOtj!7N;53n9(Q0^qy-?=S3 zk5IIt7~c&O)+Ov5(3TNjDy?MMrGX9qz)@tRBuWn*S=#}E6RGoeit;j-Pn|qpBw}@K z#ta#%(rx^?Xu%)T7nr@d0elWIU=hDV6(7qcjP)ky1F3J~ze%^DUS{N+efHs)vU&@? zd!wbS*3|RjLJ8q}r!(V0wDc~&P8r9TA$o?q7}@SJwxrS*L+wg8`9j|)5D}xh(k5zF z2BAG~f0fGYf2~9-BZ*sCC)v+f9wA`5qnq$@0dCGFyRtxIUf_3hu`$Rx?Cy47 zpH^&)(|vhXs>MtuB~M4fvrY~ZznE#|=Cd&=(pbu+HDDRf4(XH*c4c1FT62>~+OC|r zSQl9aoMbxL4xB}PLX6KrMYN@d%Ooy4pxHIEU$hQ{#X@!$|670=?vhN{OZB#v4{H;A zzkh(oOmn|!xxaPp?LOK@;4X4s$>>P6LxdRZ80Cfw@ZkP#wu5eO$Y@r3YlvqS4Z`D538f(aS ztpB2DGe9i0?j3U$CVh5}O{=txPI!7O?G0TSBkdXL02ZugLTVsbC0aQ8#(TruwC6y6 z@=NQvM{UshvN!rQu0P^>ESos{$X=Rl&Z)RK7V+(`g=W_T6rR-V4~{D>ODs+eNo4>Z+XdYpSVJd6kX^KWu!I+9v$R z$S>C2k^uLLsRC7_v+9S|$@s)zF=?P@rAKqRRxA}7lGDiy^!KQx3pmGWW$*dxjsghx zL#_ugknD+YFK5ooQlMd=A@kHeT`zEXm$AXL@FVf^yCy&OBg1YTc$^;pwCdX+T46h# zv8&j$(0`$F6s4;D<1RN2b*)s6DtmMA3@@LyOg&#`p}Sqz*deGHBNg<^9;mtkdVR0z z6S1rm?!N1=uBc<#05v|YLIk4QGB;+*(|gfe`lV-nHtuPk^q@Q0LiyB%FIg!}jk?DV z@02h8VYzoOn=tCtLB6Xt?Dza|MZfv3=g;Et*rzj3A}ZtEVd#EUOrWbpu_(ZH znXK9*&UyzKzKanEnw-Jn%os;0hxE@Jlg8k;hP+oJc@3wyI+|T8iQbxUEBg@Jxxs@n zx7@R9bzVRxWzj&1oR+R%QyBMGvA&Z672AkMPr4!2PKix5229WK(c?Okp6^T0Pr8!s#du>|(qK8=cRJq>o8054biYgvzg5B|92A#Mqh*s^9wq8qMu+7Tlc>=ZOgw^n6; zESZ$CobGPV?|f^^XLMoxWK^oW3o?0Y&$9j7u}uliVyTnFjyglXK@6;Z?B_OCB!yXi z(^35Keww9CsQ=<_<6~M(VD^`dr1)MTbQqv`bA|!Nm;Z7&UT3ipkf8VYjEKQShU8u` zTC>gL8#FWF#k%2-^A|*V%NNRf?ZM2uyR2Wfn2B9hG;=2(VXcjnEKXs-pM6$~qoCEk zt1EUOy{)nKK}cqAb23b1;d@#Qyes`JtFqVsyO+r$T>~Bvw|J$zrG_gq&d^^S;{y6K zaeYQfVj2z_uN3yG`1*0w$PJf3ugnUTeuJw!X~vXx9MaP$dstWVl}ZNPWjLTUa{BV zZ5zCTd_t)HxX-*H?4_mc17eQV_c1WQ#bmC`Io*UBEgR?JY6LjTXEPgUJd|#AV$>g1 z>l;&+_IV@giEJ5rzm_;l>`Y0(r*JeX!1&~I|5r9Z)?MM7L6HkQ%e4f{Y*V_}@+WG4 zoxtUB;=RMxQF}szOh@ksh05((3*il4iaGX`vH4{=XKTpEfY&r9HRY)V=@A@-MrHfC ziyw5jwB0|LJYax;eGnH0+z}oPQF@UwIR=xCBCm|AMkjG`A8SSa5kG96cLtpH$VG4in<|o@ zz*8La*)N5U5YAjyLDp&;)n2Gg?zJDN32Q3Rg1-vFwBw@biOf6zl-PZiP4X0TPjz0Y zJu+0^q*uS@9&rob>-P`!L-WJ+$@=z+vakZQ`5C=nN2OE5;p=yZ<)3zf#f*Qdo<0H@ zu{Vlzydp3HoVv#DQZ8t&*#;|&`{A{E9#*0b zAYNkPJ{^J>MgRzyNC8;sXiA_QIBZ1bj#6!7pnjbGWe-auWwV8Q#~isKzR&a;23)<4 zSEJ2$!rTfPS$Z0RfBoaK^X|tFdQm1?zFL!A_437#7BtB$8FAmvp z)!`<%suhQYK(fGnipUlJ;KRRZm_whVUSti`zwr8E?o9dpNw8d5mt5i)kq|E*54Egx z@0pMV4u6*EP;ANxrg=lj7D4mheSp%teGu7LfNoBZYeO$T@mN-KbZb(9TLCU&vOBKj03YGr0 zNVb{GnZH9X5;;SWVSU(x&b-da_Po8jBnSNF$!Ep3VdH6v$#enWT#L@hKHzo#co5DX z$Ugs}&w62!>OwWLIo@{9E_)lhasr*_B^xg>Ld%3Bu zuryO9Cdz_4lmP3QYCI@2-Gx;K;g117%Z6^A;Ehq(J-Rx&m`#-N%MDXBIp7y`?RfSp zDzgcqE9q86HZGu-pfQ0Wi4pd2=~1noj3&&_P`PSm-64H3{UDjKFUr|Ua4YaT_q)=} z-1d7K{oBqnCq-p{RBdfeD{sInl=`!%{FJ9-zSi*}_PB&_;JjYV`&h&H7Qom_8ya0* z%H$CT=qp=6s%83VA@lcg51eHwc6!B`gUnmwn&w8z3_snIqiZPzZ`w6iHeLQ~)e=~t z6u&C{v)TO8+@Bu7*!5QbS3e%*F$BY^ldG;voUOIY?POL&vD^SO`)7P3c^_9?L)GD` z+f>$%%Nc_Y<|4ur|4lURRR$tFg2nkKuq6z9{j zc40r!X5Ulg`xWpzX?0>ldq$Sep;!@b?4Mfr!=R*u%U5wJ#+aUJ0r&A$+IihD zKl}RV(g2gf>NSmHmu(N9b!sO=7WfTabUxcFq)H21bVO@Ec0PQ{W4gbj0N(|{;w+hC zs{4J)XLl!MB^WPO0@5J+GM%xQe(Z5-N%gZE1z&>He1}`0j4=->H{qlT%%IRdes^~Z zwJt&|>EcxHzt+M0dKLBUdtU0V1^mvaFso)wjJq@8(c;#FKdyuYvTxv)Q{j6*H0kk+uz z+aO1{P9ZUXwK@Il$yM9QZHJSJwK3#w>@VV*U0StQojqBR{c61y6>rxxqJ~40KFW0b z?y+5{XQF_Kur}zNT`bj6-E<~XIkDz)*-)hjl3B=4Zv9o6%=Hkj_yMVQgh8PP>SL|} zV-c<8XV5`!zTyRc!175{SA}L6VruD!RayU}RKT0-R-Iyj_2;wtvj^DWE+bw(bpM^O zhPIExoBws_Plp9Mn(txE&CujXnfdY)oFG8sSV=$oQJwGFaB^+UnUVZcxsW#PX?K^I zBI8gGIW)JJQ(ITsZUyS7cD3TSd6B7e5zKOby0BNbxbPFoiQ=h8+rO)rntxA^?YWnmE~^K%!*3ty(SO=r+AO}`O7@guh%(ru=5@*E{q*qwO2#v(Mco>Qwu8FwR$=d9nu&3Z2< zRLbp_?_iSRpXS5{GX$+s*#5P1EjXm-2j2rqX~Ha$+{A5}A1C$*AJ^Wmp^o%_wOr#a zR-Ds2RUeC*n@|XU)UPO;TlruC&y5^xaRKAjk@|R+gN`Jb%Zj|6wR;-S!Z~(#7jzBn zrelW+S&7sM)gLq@1zjOmv97!>;F_Gz=}7mj3cN$3j$8uI@{&s?N-%xsq;{;esBB&r zH?GKMdoo&f!G*nDR(gkJs_ytqKki*%o6qq2vr_{&_f0*0kuBo9Z#{U*uxW7k z-l)Ul>rc+=|8y--vTp4!{%{9A=`Oyz%Jn4yupE6+d%dgAFq~eG#~{O*%$!PToVSv4 znTa364PM(y-`B@#?h*Xq?QB1CqyE@You+z8GsFi@{WTpg>}Zw|7pVp~ z=F+@5FjTQ1akBsw3A@2Qx_Tc|84Hon*TO!eR{yD!ExO5G!zc5LOq11{6(Xcz<7b>8 z2INV{5-F?VEV?>KK8B=u)2E3frpQ=K{_-NQ*R-HNJuPPa9XE;OOVf6d3kYctDGI=k z?NNkLT3IAd%Q==dcMP+5FSgng&{*-%;RQz=>>0$jpWfM?u5UB^ZcwbX5EkxvHwf^U z22Is3+)6Y)&XOt#Vnk%+R#uHy$Fv4*85Zu;qHz@%Zf1UPx0$6QC-1)zu8yCz{7T~m zVEUV!y-5|x#iA;x%u>zG3Rgd}$~UU+zrDsaIPxz~9o3SZdbV>X&|3Z2djj1<4I#fU zL%AJmDGu0VnQNeNwULgFpgW;gTy;B0o%cX+1a?p|;TF-m$U=czUE03!3w@AVR@mXd|O58(X}7jrg;U58bfsm^A<~mDua3iZ(N@{ zyf>dj?g76GDyBe52D?t`SqPx_{n^=J= z==r7!k4=Z7No2Hm+~~17*-bQ2G)%9`YnOzfnCi|eEUmZ3ZZ&PDVgbk;Q2Imtl! ztP=|7LYShii^&N%S&76hcTmr$LUP43?_RF-du$o%@uVHH03X!1b&22w|KhfCUg@q+ zcCvuC)a7`>=lxFJnqO97ECpRLonyW=sgI+Is#m$INp~|7af#M_3TckyI)?s>sAX%0 zz#!o^Er4Tw?|vVBCN&tqc&6F9Tw=P&1(ydSC=o9viH%@3VJk-F)v}yFgAgGc=uU$W z$kl@kdvp_youkC&$?HWH!F(TxC0N@5Ea|^~^SH5Ywv(~*$4F4+FmXE{;)zvvRz0-n zY5Cd<^NIOYZNJNKDAJM|YOT$)_6foWOT-ifTyl!l61|0ao~6clH#3nKT;mu~Z914q z+8Dk@j`#zA(`Ow~AK`H&?L(q7W=3`)vTpT59I>8Uh*&ZtQ-9ZgHgil1(*#D}bYGAd z(6}CobFDM}+E=Wnu^nn&{Pwwh>o%&uRD)_(U{%@_iN4_TO_Fl3KvgCk%W=9pt#{Ya zO>S;xnFLYFs@v5eMof?B1CW^Y0p_+7g)2`BD03fH|NCL@6;BBqRB^Qy)TGg`-f)kD zh-yQ>e{hG1>UnC?-yJ~!Qizp-S`!hb3UxS1>I!F|maU*@d$#S1<=?ycTc+Xmxm{JR zh{bY4yMO6^+qPI}(kY1=`owf$dN`fXCK z&R+j}gurF=UIC#4sTG6ZFH#=^p&!WcWyoBbuS)*f5>O{vNaYgFK^`C!|CE)U5CO$k zXj`vc{-{CaoD@!ng|d?U3b)cxAt)N=znP8yNGJ3)t;fP%lPO|nrs~y#;l&F(-{vpF z-}R;O!w#A~8nKP7#@R~xEQN_HeruX}Nf{>%Ykev4{SvaZmD3j%ts~EX?L2k$d~ygL z0GJW=Yntyy`WEWR0sqxK_>*VkX}--gim~bnwqC8bMNjJMAce|`vG_CYvB;oZO>zpY zrjO;V`n5N;ZUQdh+?6ql5>N5w;b1HE#J7KNzk@3!C0pOj{i3}~EOyTRUn(UaV0Tf1 z_lPSC-1tAE{M{Xp*#%E=Ew)WDp8%y~7oYt9xj%5S;q)%4iyUs}KmU7}R{fR^`waj1 zGUNEJlq(Y|{D=K_kweY@o#3CF4O!$Qp5-6B*U%75xfkUDbTsP_f9~PbCM|@zL2IUF zIA?r1D?4q^Hpw`q39L{?UQ4I&Et=tP7vUK7y~zflhKLA+GS+^3-hRDtb!O`qYHHte zr1;`7i`+gPOvnm|_WW!2@1n|Pn}o!*W`nOQ^>YL-JI@==f9*OTA9hQ_YV)pctN(*Z z)?Z_a00}uzta{%nZ(*rcOo4CPJ2GL5yr10^c8U^pqE;mo!dq@$iBFjWXrt8HZ!$vvP9lqm*h>d4jk~2~;ZGhqTMb-0Yvy-HUYfV2}QeeHYfyL+a1@cz{ zTBqnq7D=|#sM?TL<`{3bXss*l4f}OWj(*lx0(SEBbL;2B$M|0*fN7FG@E{G(GwCPEI>E#T z!VM5je6{pUTiCR_&TC3NXIxWXE-HC+=fmjFM;ce1>;YP26e|QGC(= zWq}pjHyM)?VfbHns!KfbK2uT)T8n*b6EnVFM_cl*Gr&K8x+@82gnwV?-;8RLXQNi{ znvcZq`8Dys(Kxw%uj^Oo4DapauOiAFog_IEQ!`j)-C`BiqGcuh?07#2>3it1p{jL# zsp+6@hH60S9!4(2)XetylY89PN})x+E zk+{{(8^OPtfYxT@T`(%4DZsh3%y)C`jS6(d{nH?!q|N%PwKVP8IQTSn?)TT?@E7)q z2n+Isx~c3~@U^XATzt)1Pk~>SNaL@YE~J=2;;`?GNEhp+Y16n>%EJ>K+A8<}oyJz{ zBGUb{Ejv_$SARNT3WuPJr6LwO_$`w8G!MGi)3fdf)FVnrYTF^2dW$`8Am56{G0We?B(PywnbOHN^Kq<~DC|ajjCW`z@L$x!5Lk z-Je~08%D1;cv$Zkd+{xJ>09+mS1dbRVxd8Ca}1kdpn~b>!%mR1P}{?32a$#8)dt=a zF#NkE2`l$@*@3T_DEULnFw@rQiEZK2Q$u}X)0p*$pPy{Iawf~?PVCC(`TBjf6M2q> zt#Uj+PA$z{Y!AOXu?RIh%7~dL>;J>H&05Cp?q`^!g;leDTQ3HdK}bk1S*counb$xNn$p3YpMXcl#SBW$!=xdIP>$e!cMCA@A`TrRmYzGQq9Ri zPjorA)vk3;A7_c`HcY2E6kDw6opcrtfN{5Hi%iB@3|L}D^?DiM24y7RLw0UE@oe9m6LVW|bJ0DP zLh~wHp@90otNRhwHs7wp2o++ifD&KFLX_s(=)Jn@w|3sG7MnVHEYnfb_u`5y8TESN zP1L7zbsTYLpzIec1rh*cImyLVhE}^(zF;D?N=A8&%4_{?j zP5ge&J~}?BhmrBlq*aGynJnZN)ter!yxI8ExqYjDBq9@VUi(Zp*g0v%#a;M^a>-Ht zEPnhPDFk;rH2+})`={+-n{CVU7&qFq9lfIO#PrL^!V)Jpx0xgW`vUll=}#GXFvq*+ z{H1B8AK8>JJ)!=o;?++PX5T_2>;um<+WYw_$q*xkINWzYX)^G;aTMh1zkB z9Z}o|GiB#)*Rmt3i5lvOcgETB=R@aIl*lC7)xX1|&ntd7E{rnAO zxBLmFoU41&rb>z=zLP&mm#eWhET0eB_j{sO^tDeg(|14LH7H76c5pJ z64Vb;eHdZ9?ynp*v*CLMh*?dDe8l#9k(t*MTh19WK)Yd+Xj-)8OcU2UrmMTSW2kR) zC+=6gu+&zB&m=jcavjR{$+d9tvXqLPfk^0xVEoVTe_W<%463N^Ge!;gOh$e)Mp64k zrd!raYv`oNMwYp>W4Jra<=|DW<)w3=DNOQ3>pO*^^(fvrKgBD=5GKE_#;p#9)_E?g z*~S38a7GFi#vCg#(qnys7&6Oiqnove|gqguNdYsDAL&D5OB8mwc zeBd*A%iYB}ExwF>A6_bH5wke*L)xhY$lU6x@fjHJTRUU_bKP^MlJbDhEj=3V`z~+g z)o-{y>Ew+QR;mg1OM|Pg2&%W{gBgT1-&QXKuiACe-XKnO+hR4)6SoKWOwaF~3q1_i zO-*kmexVv+@QCDTqelo!saoP{(-|b)1(PB@)J$YmO-Q@X@c#~Ebu9OH1Ga2@7*shQ zY|60Ir>u<__B98}t0Pxk(=j`d8Xxf~+bHYY(PdYpZh4^7OchMW3dz~p+@95LRcpgk zZCT39<^))58sQm0!?3?wI-So#S?_)ccN80J$wNg_{nsROr@{iOA zIE-UBQpYJFiRY*;8w-GoL}8Q83Bc_^Q7}HP@^g0xrO6xvZ!kmDEK{6yn$dm{roOr1 zUiO?UuNllTjFS%$8Rkd)0`)_<6&Kotos%}36ql#8+ZCrPIG>qO%v6}9l`+X!89`5& zY^6@qvsQSB_@PpWRC;Np2$8KcxzBCQDHOh7KcTJLw5w=H4d9GY8m8(x`;;L&hV2KrK{zWI;%PsqWPv z{}`tjGpcWXjm^gM4G&C|{e&7jSj|&Tl&v>+LU@X81Pbkzi#PaP8oqj>O|(?6SSeVZ zWdbrl%K?089n68Xl@D8#iW1ACeZa@xxm%Ia`etO?`cu#e)7$Y-Z?OJ2rAQ{)9th42Sp&i1Fzt+oDWQpSR<{#Lm!o!)o^MwKYT78k9yQgQ;>tgU z;lPi!($({6e@OoNE{2Ca<(Lr=Q{nNC@TO_#dQvAYCpqG})&&R8VpjRG7P7FeTCc~; z>P5ZW_CWz@NXk;;2_e2DY< zJNg9mZLR7}XRghX3iSv+!K(;nHU&tdPEJo-f?v%%?ALk#?$%Tn8@{9|3IAe0@m%h} zwGSfGDX2w%yOj9t(BBLF4~70o-&T@KD)YN=thB^PTcWVqwAXHf#gh=%kq{W)rsv)k zI!`T3+>)|Dm zb6f40p=kWCwc=PSXX}}WG!i{EKJ_d1N*uCBKPfpUwtcpIRcOaRdagO&!z!6xR0C#2 zNlCY?m)$b>*@Ye`zT={+ZZpG+Ikjp4C1i(~`u%K60N}T$3tjEYDiz|@l=1A2ZEWx@Jklx9WTM6eML4@nZxkj`cL zUWy5&g@~69JhUsjEt_!(N2oq4JM>g|yy z9vEj-bY(zTqt@Y6$;0N}K^99Lkn+WYkc*VxgJ%@ahCV?eEHQ^8J70oACRS_4wM7)t zgST~m86e3UpB0y;&Gr>f_6XWlC+N0dwoR2>xhTZ=by(#9PH*PN-z-0l8$|l*SwTjStB3KHgnGZFX)V_$K z0B&;6RusprAvZ$35Sw9%mwm?wFq<6}*;jpQnfW3S-F6%FJ12~%%QojT z@IyEvc2)}8#t=_I_zX#uCWuqcW^~*J%$7O!yiJ>6(N6ku^H%Mq^-Sv-q`c2oGx3@3DO@z;P!6p@lRu)1wc41(7OA3zNdOLh>W^6CIxp$nF&c+A zjIXrV4)r-C5qi12=9(70mBhlhzSv{F4nd}N&c9202dYP;!F+4z#HBv?=Yn56^yO{Kd8OV+z$P;bkw$p1X^@n$ z*es$Rx9%L=JA5ghWXaDRg00%RE1%ga4cq^9r;=Ca@*eb#28A(iJhTMuA$Ro_WoLMp zW#+1%xb6-*wZD1uLnZ{HG!%frE69)Sr8Yl)-ykjAa^@0eQ~ef^aPiV251sUl4=Eh| zn85w1yknCxlP33%>IF(Y61~m%aN2Gfg+S< z>+Tw;0h@ZxW=uMz#HXJHSUPEpd?iHm1euyu1eF2fhGfL!!ywL6QW+tlGt;?DHvVQKURz-o6mGNOS6{8z?&t0!ZwJJu}rh(NBFEJ|R!KESMXp1if zT`V7lm1loV($MAI=fNAC`@89Tn-m%wKf_JNn+GDERlf04P~nY&CDvMKupgi3>+(J5 z)E1c7jXzg-xXFESy-zLHWLgkM>pd2Fo=K$ZAE7`o{Q;lC9BjHd&D^l;urV+3ZtAOk zvBGqUBmwRTEVPc>HczK_+*DfV88_)43<3Xb*%znz*loMm`?&+l8rb(Z20Q`+H^~RtSd*4`$>OtqzguoBG2-kL$*)EaSVh5r;>4P^1hFanb7hh)s;(4I~Np z_UT{S;;|Qfw?~6Y_p79dTq}EEi4Bgj)rDNS03!1pXREp{T}u$)e!a!WARoGi8ndWZ{J`0yNlwEN%yoj;Sk7cwN!Lfr$mECd9M6KH9b}#%o z+s@J=kaT#xly1+0<#I^8|HX($aq$VF(Wja7R-^Vyw=H9y!^^dA0@g%{YT?8FkUk+3 zL*J?jyBo6vh}c~4Oe)0e@Fq?)jD@Gwl4!Ze-^{=*DOGg&%!ylg6RcC>&{SpkIZYR*SpCh(#=D@jC$ z57o|z6%RQ!5>F`vlwM0l7K@ubLYfQiw^`#4&ULyXPO_uJhqgvqN}z-2we7iW zuMU@6Py2T7pV5_U?Zqr}3B^Ocd&H%ED+fpS?=EwZMV7_|wZ3IaqqdC}xHGu5W<;%~ zPaUJhwRZn35LWVLPmuF?9oHx%j$~GU!j1Vg@-DcDK%cWbt0^!N@oX^zmulfp{jUy} z2`}Fj7y6m1c~WbyT^gj!NdfKAtDXxvKHuUdcL7}9s#;p#<{$J5A~XEtNM%N`=>QsRue>la`QxG?ZqZ}A71Il#1P|Kj#53;zRGrbLk)pb z^9`^kSd>O;Xt!1bQ%mA6O_W-~*{T7$S`mc_o%AsH3V2vgr=mi(ZCaj2)$t{3TVAVI zbqF-63)jAmpb%$Y)F)IEu7^I!A~OD^6nE|S^-t;UqaN+oHN^ddIbWZtnf~xw-78wS zI~%g$JiX~2)H+Q#P)!K#5qzYqM6{GT0h9*!W8IHUqbRJ-ypIAs^ZJg2@JckldZOC@ zsP}TsxNaK37Ev8GXBImCQ_4kq(n>ujj^+o>_AgETv)LDk>2+T~uWvIwt%8v(YQ#F- zw-@5ZIc*)}t^4QZ#`&+p===AKu52LJWxkf&77J(+gNDpZOb7kwnRE`?BEcspEjnsTnY8daFa$t%Myxq=QpKNX~z@E#R{+T#S6o3x$pp<5{Fxa}r z6?XJF>%OTaR8y;e>EWuo->lYjgH^lf17RE-)n!g9Go(D)Y4YQOUCS!t1&+3KKRBT# z+;Y^z@@c0~mAg@R{#~#0xrIybCZ-mzOrC9A^H-~U_Sa!5 zk^B{0K~p^e4-2~IO+F<3hy3LE>sKn3xA#IU-Q+BXAMjV(MQ-)kqiW!7SxR<{8g<|| zoj8Q0AvVwFQiWM2?)FW7Bh%OHBpp5X||J zjTkfM&No;cf_vR+Dfyfu@_u@P3FvN?T7SPn&t#%YSe>^L_<)|TpFVHA+lX6-YIU=$ z@WrSD+*^q#Kk5ljHxR@uBuc&-un<<0otW(v0ou4jkb*u?1u)AW2p>Np=^qf>%(ZAe zgl4jN7($74XYDyJZ&qucFeuxQ?%28fLpQhS+v9}u<+?T`5F73s#p}228s11!#|BewX!oKO9>_)P07yJx;XO+f~#-aekonCWHXRlIJM|FRhQDn+`Dh3 zYguQ0{tL0KTi9UhhzY%Z*$Lx$8uk8D_dPBgC`}P500HYH(|0{-Cb@O*ZjHVbjhe}# zTjpBM%m8|v`~8y>x`Wv;>Ju#Id8a4pY<-~Gp*yB1DzTTP@fThdMMbSK4+p^Y^>y1S z=A9MVXnUTaTIVm~hAIF06>HHyPqO(^#m{Yc?XjQJ$Z>7XHNK)j&}U#FfyX?0rL{-X zYc_%Wn6Pyd<1j}@e2kqNBCbO6ZRfJ0KdY>2S(OBKa4cM<_{IirUjfm|o>L`CKSA50YUCfJ{06a8ydU8UFb2h(OH+7EzDt~ ztSzWI&pY6aBWC!4a^7KOcfyJ43pUP8jezFW5wqCto3)pp=5Byn)}PB6tSn+yk@2^P z7Nhq_WfPMPb8Par_}sSbV7^4CQWInptTunM|GQnzXBp#~^?z;DNI*6(gi3rmeUG~; z6lrbGm2T>+yHJisrsxk0H;GZA=dZMEBeYwdBg5v5Y;)`Nm(>SZquXy!XsME(w zqOzL3TWVS+l6IfdqP;lCNUsNUy;DW3D^>jz+~m62-3QkFfo=WL2-{0r^Zh>#U)nj^Bh{Shh;G z4C!J7YNbm(v2i3a$N$<7o?6LWPig2nJok;dCu@cu)K)FyA0FgGos4TKs~Oc{d42Qu zPz@ABG?PlvvoQ#rv1e?sXfe12|Lk9mj=A3AjDHQ|t?6s`{F*Q|@JE!Iy)4f(EvrUR zMlkE7?KlfL&P@X^BC~#G47Y@ol3o6EQfwID`CtX?T%$$(TOJ8QqwQ&1P-f7=8}?9p zdr16X58*Teuueu#n~l38%Es~N9BQKkvn5N0=P;&zFW_r&t2o~nabUssK2OzEk9)@C za_zmZ^;hqv;r*2crMX@bnPxR}CxN`m1V!jZ$*8K<>wSN%CmV5&zdJ5L71$$?Xnfd5 z>oNv4t`VlCWQ6*D`LnM8{#n{lceVIo%Agis%Vew$oW#c;A!D;D+5dO_w@s9hpaAVsMQx+!_%(0+x$7%o z-LS71KCbbX)(Cf@2{D;ID?J>(u+xQi*|_+h(992ENPNtsVbQt4<>Hhv9b_2T6_0(} z`bhi3+RR5Cd;N>r5oa&mUma^M7qPLO36vUqJ1M~@N6H=lxAv3&qRf8<4t^u)pnm0Z zKddbbuTFc+NGrVFh$BJhim?Aag)jKK9!mKh5Md}RU2&%(6d+UNFN)R zz4+vrD@(2?CBjTU$u)9h?GMg_=3e%iw60ezKl*zG{koB=6>%V$9?4VjXvay;nlMO9 zb1v4L@<7Cbe$QAWa{^AE`MXa2C%--cdC0-F`vbnpPa3Mv>X3rH+L??nm$sZmkzIUl zn~yA2p=GMSl?Zu+kNy~IV;hEnFFjm_bGUp4qwD)jWcnSBDbLr81cnx3G-*+JtQ}7>^F|>Ih;(`2!Ey6=L-!QervzfBP zmGWI;H=R>_Pr3T-?Y&E0b>;_>G-7@*^Z(0jh-(a?-1$};U;E)8ZPRkukWPJO#^J9r z!f<&il`XOnzbd?Cf)FEr0S$Z79}_-S0i0`^HQ7$y zkLG6>Z$=Zc=Wg4M!$v_~zg8bBg5*zCrJ!3TppT zl>AMJqK%LcsgsfSU4kAf=e6DIMRX~W&oi4HXXPZGG#+ju+UpjbGAfT~c*p$mSkP$a$%QwGxn9m?VPFOST`12~4 z9Jo9?p!?*>vs1wcOGms&q{}ucZ1L?JXs&6lNUVU-C__K`H6QUgyb!H2Uf|M`l7~A1 zcro#lLG>Um|JAnGZY$?rRF0^n)8F$hD}BPwmEY(@6n7-Jm_W=JJuXNDPL$vOrj z%S>h%|Kr|ozyEnWcsz3E(V4S+KIij(ypA)PdM}v~pEWUEc+!qDlVu;9 zNC^2JhBk4E+;p?c6Rer@6(Mq!IZRsi`IJZ&5U#aJ3EESJ@dW-)T7tw`&Iv1apAgPxADS%c4~ zGw{0oX2Ir?JN@mQBIMZFhZ4x%G#y`479LbI7CVrmp_1r!&^0uj>Cdc74ff`2sj?e> zg!&>Vx)0X7R1YIMl`Uh{L^&XS;1$6IRZ_Svuf>RI?-9v#&jI8%EvR={pIB)`NAu)5 zO2zhepv27tv=_OcN6jeYE3lTF)Zmx1Jr6J9FjU$HtRiYFaJGJz#r=Ja7bNlQdg~fGGmL5-no3)Us>K{H&XT-UFQlp@^Uxc@0kEV z79B1L&E00HqtYu~<*?&c@clc`Y+_sBY%TR&D$xyS{niw4mM&4cVCz`4(+P_W#8Z{( zjv)iy1t0Dhz$lE?u-oo~?#IAEn?T1Gq*JwBACVm?@g*iyK9Zcb*3bSlUCwqeVQ-MVn|oK1yKww3Css;) zVmA$z+g{N>-s58_M>;@Hod=y#1e$BU0- zrEzqhc5wtV_NKg+P0%VL{90bcrX5%Z?Fkf-JBT0h*-}#?HzF=mm_sI%2{0TGA->J+ z-`_aUql&QC+OVhFzFxdENCRD(^dKLYE-SZ8X_TeSxMuH^wmEB=)z3)!s=WB!G`0rX zvIcd(viN93IV3gxrg=MR+En^`<_3S`0P0BX>Z6*Kd_arwq1%zSBisB4uz0{!dic@2 zY+z*%P+*a#JoGp_p0AnFxKWQhaI~}7d&u+{`(0M>_RTiJW|xCu?Bewi{XBT-i5nTb zk)p%YoF*Nx23T8s9pjsvU_F07FRA#jk8U)_m8h89M!W{X&VlFJ85 zBIGh$$OY@?ze}Sev2GLxAIVbbNYW zCK*aA`##nj2FlDNY{DKAo4o8OfwdVWEnu#DhNJF5E}ia|`Bn<9YUzha7%xp*_FcEK zfG?e9a9W*8OkDhWT{Dy7T0qXcK8T-w5f)17_R)NwQX)~cM$2v5`i|Yu-d&1L=95@d zvGF@|xJ*lp5bSuLYWt4IZ8yC!*o<;4!hjiw4L%5v1smgyoYG!k-ts;8EJ(Q`>r@k2 z4+sb~&R6a%JX)-Au^|1$|7?p|9mc!tyY^ul_WV}wFujr49r`WrbtCVM1cxm;Z#819 zQ>37k`wO(4!IMSY%Ark`@GupE;(sm24jkoib`AOAL=M#E6RNHCO1D6p&!Ze=#Y14? zWOHCd%xdEO(ji73-qR`Q$dEQZoZyobAyN%plHj>TdjkL^&}^3NW@FRvQ(YexFW$BWc-zR;Ggkef_O&2cOAOZiOn<)GTidRtJ(;w2P-tT z;)B*z>qZfnJn~M1TPyWf=p2f&?ZA^S1w>SMusl<WM$hzLjtR3@qAOTC1iGBaQ*%ac2D*%dh}swVNgsugI|ovnoG4qH19@>!WQ{J|%FTWL zxwXSUP+d8`G10t6M`HL-wIZ%~JOLX?Oc*Fswn#rtyUH}wCzQ}YQEf4?qQ>ZGaH0N4 z#kjf)9JyFKfx!_I57%m%z(br)+lQRM1Zy(`J&%4BX!@lukB?(8PslaK+FtGl1d@Y$ z^LC0kR2;GttY%ud(MC(6XpV4(;-Bc}lsVW7A1)UuqNd+B^fw9JX+$Na)=B~W4bOxf zkb&9^@c3y(yZtvFJAAY2P2Wx2|39y)XLT@a?L>jeT0qpoRKPo=l8ach$UwM zD{d;nkBCLa76n+urx&sm~(JXN&!8?c=z-mqal+^VJ}HK4l3r7PKSCL6fRNhvZ`XA zrUvfsMxcY)n)@c3*k;LtCF@o^ku7^t(n&S2g7r#ac2TC503c`$dxhir3Jt@W+%!>G zzF{JKiuJeXx7uaz%q7Xo?C}?PHBnTd5;Hvrx!?OO|BTz?w4cC2m|8>{6o0SXRs2Yz zqaGzQir|r}Z#W=iH#FGq78Gc3^b77I4Wa!P+L#B?XQ4(dEbS`%5XSk*uHqtm*L^4C z<52e{g5GVwoHGe4u4yQ#Z|?VAJUY1Wq)C>T#MrA5f`?tZuuM8#CUt2n6{?z?x&N)_ z-$F8PlBZoe{sD5DURA~(zlRu+XgOGNMAmmPxh;3$a!p$t>wO0bz3A;Qn%!iPRYMuM zd~de#>_Fj6#8=6!K{f~3zdjayYf3ft96D28ufVvm<6~@K_~MgS!%n)*oTS&+Le2*{ z9{FeUAGSGm4O)%bAA0M)`T?*=WB=uAL&96jNhFb4v&GZEVRDH}#ac%fuO@Rl{0?-} z*T~GiE)C{g!@4lhuynj`9D~2hWVV87vf1n2nE6EI zsLW&@+qKbWr0t6OY&E;tY{jrCR;lz`TKL|QCNCZ&X!IDkJ<(13r{cUB5SMVeT4|TC^_Ljb=?wgUz6^gwc-HF)(!@pJ z!ncEeMR*bt38N=|*_^h{GY@CoMa35~`Jm-VS&{BTU)6%^<5Mw&(QXQT>sM+RWaw39 zv@Ya|Itj#p7P7Y}%@ zt=WhhgaFmOTN!>V2mSJqgb9#*Q<@8X#M&0BLsjg@cx=FuJ++c~Py$8$ur&BzmgUzn zvTZ~a4Pqp5em6Vb<1n6^;!i`C3D+f^v2K-6Q*~0;qW$~b&_~5SlY_-e+dz=lrpj(t ztyyWWXtK(8UiGr@&S(i%@3>O(Du0AeFUTLj7 z`;>XTG?=5juNvJ>OM-0EfSKCQq_D==P9#%UuQK55DTtWa&brlT9x~tb9|u>9u|R^?{W1qgO(DR(0CP6qgcrM<=VA;?3H41ci@Ar}LM8C~ZvXP2A73Ei^f-ZLz!m zXmFt9>YmZB@0D!!#X!aZx;;Hlj{OPkNqPB8-&G}|#HPKb*C4NCJ>1ScDJia}T4`0( zs4z=z=&~{e_@k<)pvg6u_PjuM-f{QZ)V!}mb_@lq*2gu-Ry3CcS{Mu0D2;vHl8+Gg z2t{3A+83>FVWSaRzVK*c^=VlV3wP^krouhszYjP=XQW?CP@Z4J+s}-y(M7B)# zsRp_+7DT7yx)ldOzs^GA-FuS(m&SsG?b)S%)wi4SPkc|q5fUU=T=^5K18`l&m z34EahTsBFJwX0h9drNyWyzp_MR{3ybG3w8+2p3#m$U+?|ZT5;(bTz^@mW;7oy|LK{ z-c%{vaF5&Le7nT+jne*xkBP$s%sMG^L^K%(`}2Bnn1I^Eio@JJFTjPLVLfU1xWN1V zJ>T>kwn#>RO&^t4M3tZTcc#fArazayKQ#MWxwPnPndi$dYd2KJWKI_bNDFgibp-?~ zjJk*1kK>_Is~-lT8PZo@aD8_N$= z>yyq~vWE{YiIhGiA&t5DZw3;pGSsqDh zAHCcsdGcHOTwk%)O~bZeC<<@1j_$l@nPD5;q%we&y+zD8ORjud4v+tJUfGJqJJ&F2 zl;{}v+ET>($>36P+2Uibu&5guSk|6e@v)b4p@#M;+#f}@1OkhP+c0F!Wc=d0`2J`a zm(wL3K$`#uqxOkL?P1l2j(n-BnQVom-}qusU|V6HH!)wOBe(1}nDLd=hGpKdSP4l{ zeSiKYo93VYGsUsd4CH=)MjrQZT8)1gVP$p-M>x zY^mp)4*L6?A^#*ao)t?$#Ehkwr15C-b1BIK_OI$Xw=7ca)QdKBq%@Uiub~#9Ak9&Q z>Dp>Pyep>h{Fmf*d&KCZ~@_&y8pJ&}mAXetg+>f_6qW9UZ{chv$|;3%DyeTq*4}-t8MXh$2LJ>JzgwFMA^`vz~hJR zJ!!UXw5YGQ5zxH3dk3z+hW2hdC&wiz%9+@m=%y>&!FH{6Ljxu>FYa=;5K7>WQFn$n z4IL`(Ep{!iijBau(&jF_lGeAW=?{+>tKDBNWcgHLd!!!Qtd^nc}jemMgXn0whH4Y~4c^UYh-iH00iNgu>= zQ9;+5@A}NuyRqdKd-ArCS?Os%YrNp|RU+N~y27PIBF55T@D3bla9zHa7d2nFU@u&I z40A63yBoPQeBj_e>6rw8QlKX7XF3ZCVSOHGg<{e!CpYMN>%K}_^Dq$H{qaI-5>YNI zm!?;yT^1(bW+os)S^ow5apV)>qaw^HdESjCsgc9hq!f)l$B)FA2yz-xb%G< z4z;l4j9A`)2W}ru0iSl}vP)|YhnVFFB(ftB9RHP}Uom%etVd~~g}aL+KJYG{23K>! zAAQ{K-4ZYM@hYu}S(ue32=ZJbWh<3lBlBs>eSyAShk7SJ(4`O>D(8tzX*ciut7Rt! zqVo}+op#Lpox-qyi9yRquLDu(j4t*Mrvk0IAcC!qUtkcB6tk0=>Pt#7@bM(Ow7(R4 zIyP`Hy%3v`d3m3DTzGLcN-J1hp|Oco0ctjizB|WGiBfWVdW!f5#w^7LRMXX!^SdLc zT74mnn{Q`PK16qcm!G-iE!)?JWD`yzeMO(X4L;>U&NucHJA2Z|tY_mD$ON&hw{(B6 zs6kRb>^uiR9Fra({=qa$z$BJU;8d_c+%gmpTfU+Gl2+D5Yl6iR;w`cFmWv8U%j|TA zsc33k?YQsB1D2x#H0%Wt?~=#wQEw5r^>S?jh>_UZej8;pGwaD@JqpBxgY}Wm1TK4| zS-gN?YtW_pPSwFRrVWAdx!NnCM#QVNe?&&z1`v+>8k@8P$mQpfi0_EyZk{W?jkNJA zRGsqT+XznG)*G|Y+V0Mwc)StgLX5$H2;_Z2BX30tmTTdH#D;963DJXcCs>Y**dmr% zi^07`y&bA|HY2X>T2iXszO~pt88UA*9(GoJts%@Q*(}z=a7gFryqm*l660rV>8I%h zKEb*v8U8c;u`~G8K?IOt)mX@ zb3Q}?(@kTk%OfVkQF*wL(!r}HZ)msXvZa=Ta6e0E3Sf>JQ~@us93JOj2m|JZ9fpmP zh}PG&8OIK>Oru;u1-IUHz-&1(_8Y+INqdREwOf8fgZ3-H3{$XcnYQy*a^(gmSSL6m zom2=a_c!qLkb4MbGv%}~X%r0~6=Bq7sHLUdo+w%_F*76&JtUcNFuQvd@P`Afk`ed2 z35jL535cQq{;Y+%w;r8h%@ewc1vkXe>ZBYmTtk!r7NlOIMX7o524sNv^0LI%2g8gj zo$>_}i!Y$H8+2>;Hv=$)>5{d>{Bq^Gwm6K_#;tz0+TYN{wpYEpA+JbhVSQ21;?HLY zM>-Mfvv?r~$2Gu(+e574r__syx@cefM zi^J59!y!vWUA`*GisD5B{-7AO@8v4#!EzEK6-Bjy!>_?iRG)e}hUJ#%x)SdU+n5C| z-yvn1#K=^JuNtmBTP}((C>}5Mfdf0e5*7D%b zc9JC`G8PUC9;&sgt8pYR8Z1%5U{eiCbvu#dQZ31R_%LI0I<tv4K2FutmJe~LfEd4)H4KHj3>5WWlP94uhqh& zjeakvxeMJk%BrxSJs%MBF+@`%RS#|3gp~rk0p380bSJF#3Kqj6kER4DTDl21VKy^r zJan&Zl?Iq>VZlQDj@o=^KI3|b7^WR=)SjvBT=gxvXys`e?>-$;^Z1U!XB)%4p@Dg5 z^*YClHx{aPZz$)Yg$uk1%oa^SS2)uRu@ropaSwLmX&{@HRc{LMg|s^EoW}r;<|jhA z9WoB_c|6H;9C}!uJ;Ry20U)Ym78amOgGV%WzH^qtG?XU;{gxK92j^AS&S+)&v3@Mo zTWxyVk%v!g+e)E3WSnPH37dC$zo%rzchVi)jVNz}K?~mzxZzfE9ixO(SX(rtf1IF} zT(qV__`@{GH*~ju%e)Q)ks3D6+EriH z+QPFJbH^ovzT3EC5Gfr>gW+Y$-5(d52~Fl9BbU?R>uisVU{4v@SIy^xJlr3Dr`vOW zh2(E|J~1BLTwNNw%R4+cE^|TC_k8hqQhHF`pwAX~S?$sCCy(ZZQveRh$t&4#oP$vO z(xb9-o;J3k?IdXby4J0{XJ_iRYB!Y0ltk$?XH7hKMlB6{jd()DR0YW;)Jo&Qgx$(S zC1Ymm+jC{pNIN~$5-BG@CPlz)xkxwQpVtm5n;^_g?r;iSw6@$8HVr=L2r%Tispf50 zE3TbAxlXnu2Mq%li$G)9M=DF0O|oi**RoyxLhEBaLf(*PwHtd&whK<@Sw9)NoHtx*pmD)90)2kBTeIVWn+Yxfp*c$afi`=O z%DbeIVaCH#WDynUt&b&3+&-X z9ek$wjj&2`HdOrr8$Hui1NsDrqmlEbQ2zmRp8mzlI{Z8Gpiff$fc&q zxPPlyiAzsI(vuDJgU>%c9yV#o?kPN&gOVFC|?k2+B`h&@TpRTCjxd7TTQq{{EA{hJk^vOfSf_jYp~{P#DP)Z;|samoLISolSriyhBCJ0H1gy(g>uw@s2< z4kVh4OMsvGQ}|wgLf!7q*nh1M|Lv}ryvSYc5*@HFaW#4d{2>67qU8UXfR3wH?-@$c zd&_S9Hu#VtBD^~ecUva#E=h6bnFaC?$vp6DCQkxd}?-}m>D%ZHZ@9+sLIpJzqYhHFor8DJZ&@0C!EeI z;nrjypjgAOiBGF96<$z`|q zqZ=ihh7*07o!H2mZX4hl>>O_q?)DzyXdx^~7i3rsiO1lVt#@jsDWHMz{alrD*!lYBu zsUXG1qRRhX8CwIwC$uy$(TNc$*J$()_gn)}eU@}ntPlui5Bzwuk=x~F40qa1c8%Cy5yOzwHm-_j4^n)*oxX=I z-Mf<}C9R`$yAg6w=!_8m$Wt;DT+;86fE=)aWuUdD8L{Ip5t)}GN8I`VF1Wpzbt&zX^dC}MmW`MGGnzN~c_a3VET@P;jWv+2Kh*9)ot5&(pEzZn(S-)~Ym?|r>h z7V=WT?|xN(d=^%ZGNN+QzMxF?jdDHmM-+f+@bFxJH(mV!<{>^8E!E6SpKNf@Z&sphsmI2 zlazw?EyTox(7`%qTyZ4G1l=^F_5tj`vC=#~M-A};v4JbxpmuQv+8tscdJ#40YhCoE z*Thw-MNPbhAB02&BW^tQZ`M^fkrykzy-muRL;v3tRiC+I#(n66K_M=g2k|meRaDgg zd_1*W_vtnlX8G~CndHjCKva2oOUj6 z$zE#};II^w1hrHR2bf+n#i(YODrtSPecnM&^}FV5@6ZQd9tnri2$`0&xbPiCmV_p! z8?r^=nYB^S^EFeHf8?1&zeXhl30k9Xy5%;FVK^%|{3tH8Fw%G;)k^mZWV;9#sP6`0 zkh4{fh;CZ|ed_9nn&JIM{igzCc3v+o%$WEr7k-%~O6_cc(u~Ssjo&jJaX&Zc#)k;1 zbwBJ+(1rHN_?1N^=w!7Q>aUR9dk$JcD1tNR$&QYGMtR4DDh52-n@qbbMg+Srx=i-3 zOcXYgBb( zPNLN{>X9OdQeH`y+7Hb#Grn;75tx)i@)6Ku=jtTv<6CORYgLov8zLZNp2NzoO%@VN zh`Vm7edn@d@1K?MLD&Q}c}BHM!%vTtl=PbR0Fqe&BUN(zy8M~^6rsvG2mSU7E$bPBZ$ zUk}jr@DdPATHgIp_oYngQ=0NgHG>ld zg$hA5t|Dr6%N&>>3^dduA9Ufb@!UX0hrkc$RcFJtfP+-^qM=OmSj~7wN$2_O2A56v z3f_!ATop-R49DzG;~^QWGdMe%!P~Zt*yp=kPfN#ozw(|HIi42yQr&si7Q z9ltr*F8K#^fgzYb;PJV+tEXPCf*?nL!Ea}sDuw==PkNHNV*#v zU#;>k0z37Mf>{V37+QuZ8tq3-w5g5;&LMg=w6pgRQYV_Lo{=#=Is$DJHS!$PWy6XkcK^2H zwQhBTyh%7zAyH-`g;7JH=yREt}282ZDH8P6)eD{v1uVw@4YRlE7Nks>%X zO8Pc`;`e3kO90<@N&6)~BKFlaalJD*xL70y>8@$cb@n>>nU5KKK4~^4n#6a=E8p|F zz5}FhgXt#+hmZub$yjjAPd*gl)ADMb!9`?lli+kviJX}mJ)+?i`oPhM27BCI1Vox_ z(D^0-^*;*b?vyHja*j(1l02%4_H&q+tEYs@Y(Km z#>vqIxRDZqvqhf=%C@1GHVe97kjLw5d&}{EH}GNL&eKbc)&-&U`$WR4opTEZEZ!{b zIl<-q4RpSGpd2BWnfZ@z7*V`iizHVVnQWUWk1q}h6r%VS*_#PQ7GX2@HS^qElLT%u z?GjDMq5#;sEskJAcy0rcKzUmR8d$*^H79-z%_2Lmhj_UaO)v{)OZ4Wz+GurpVbplo zFMg3H7NX0K6tc2_CA^x%i_&e2$Qj6@+irig4;y@gWFf6M925>IF+!@}bLT4dm4-TR z5(k<>D4##_j;=?yL`LF3KUiiBH8>-dmAF7Y0yJ~@t#*H(W4&V~&jn#Y$QwcHyQgU& zYEOW}Xcn^w!Oj(1z>!YzLZT^ZQ)~WlCcUxvo z?FOa~@^VwvZsNHI`7YRIdSDkp@>n1qmL;GaHU#-4SkIvPLNm8iSwxwGNC5E&VZZxx ztc^lE-wlehDXKZWCWtlcLcLl+{o)4(Jz>1o-!jwbCm}>wLugA<2O%KyD+KP@!(WBz zh;HHIqO}tafX&L9MYm2Nc|%$$a$5*@>AohJ9m(G(MMPfH9p|)59(Ue1AY*BVw|ZQl zZy3)aoB0{RW`UmBdD8vCqfW@3*d&PpH`c%~ZZh9v1{uc(&s%!-Wvv0F3e zPC**~`y(=6MO(Q14tqNQbz;f4E&$bO;Oq16|Jz+01qN(~J`mO@^(@BNrceK^t%75N zGkfg7f45m55TkkJ=bQ=+3NuhLVgP>XdzB2);gONeX*@v3|4j>>$H3B)zb=ENAAf>m zE`M-s82v%WI#Tvm*vx0*UJUu~CL>(;Km6C!D`VYgWyhqcV7PIruldnFE^u0A#y@$%g2HK|+B!YCc(r{b>=xw&S=-2(Dtjk- zX8#21LT<0vV=k54%Bw8u2_Iy#UV*9QvPfVKP^?$JJITy(pP-9bl=B`*GAs>i%RV-g zX8V5;XAL-;{yq*^-E^=p>MKIutYv)|GEg3m+wn*MM0NIN=>9iP$UT<*eD>f1v z4sDG)nOU;gFgTbx=vu1t^ykZ;l`AYvd$0ZNxtE}cX7JL)mK%V1lhD2R=|ay7>}IPj zk@is}Mszmx_k3t=4X&>9J^3cIP0DV7Wj3|*2qQ|^>c|$Z#4nEU=QtSrFU*4-2&y|_ zsb0IjI_u6Xa_)>3I^6z}Tg7-0^<_7>6zHcE5%#O6L4(_S=~Nz9qaZD(4M@|5qfv9y zb_bx_;96A@>|`{N9=sjN0_}sEqso{2tMSmSH^KI~s$1-r$rkU8#b3o!Q#~V}J@$Z4 z?*T!2W#W`{9|BBY-v?S2tx~6~+ zwVl7;;w=reS`)XRwPe7^@e#XvrUl@gx94KzQD}|rzGSsdrLJmgQlR6~R<~#!r_xl% z9nq-OXImRDhR3DlYMC`G>_j>Y3y#ZG>+f%c1{DCTf!CUj5d2v*NZ{8_Z~E2a9a8+- z*l0Ivqq^OnnN#)QW|xM2z@8Sgw?#q0%XxpR)e7=;@6D+%20;Uua;I^J1ocDb;MM_l zdof-b53IaiFM)&XmG!GtJFH0cFjB;4g zD+u6B4n!BM$x%Oyi=2(V#uo$!$&f5oa|ak>`NuqDmBnlGJ4Vn4tR4i2{u--i9Z5B$ zXKZ(h$6$b*>Ci1OKo`ge!3XBMjz8S`q_OXVTBvq1XueuVPn_7awd_{hJ2HbAGUfRiGo*axjt}1`Gn=(su;Q9; z!@jeSkPT2B(k&I-Mo^(y5NV+?b5db+Hi&fNJN;DZw9xCj7i{UeV1%5ApB4dz#3$xD zUaU>Jbv*1iBJ!H9Bp;V+?svDnnYk*Wh))(K?-C4Cf|+QpG;Uwv=O2RxcYAzj>#7us zqH@MyG5q%73$wLO0_P<+osy@!J+)26wPqxYzX=#G?sPJ(-&lc6n}LfWdK(EgfZ1sc zrAgHC;>gBjQ=3_Ffdqt1V*g6#;Crq&3Q%~n+s46emb z_?yj6`U-It2q%{f^A4#Ap&%RKu{RAA+CTckK133kSZ-KnWAcexiTbiFh05RL|aP%f#sA z$gpYOuEqa*BgTM@Fmozp?Ok;(3Z=?j*Q7^7KVFm4IRAcz_t{?d&+l_Syjtd0$+7x0 z^@i?Aw9Ia2bO;o*?f0IK0IK^_V*n66V|E`l1Gh`EdS_)RC#|s=_+~;eN_V|k%(R4B zAe0YN{uH1%D)`+}@h_yL1vgdLV>6~HF@smQhJ%jYjdy7?>KUh5{h&cA@NZSgzc*{B zRj}`5+D|(X=7HjHP)SR#q4oqi-4%`+PWl`fWiW^_cG?cR`+zkt;SeR0Z(7XP2@j>} zHqyE=twt}>c{*+-6sg4dc^~i_#ny!gX7?IYjgu(tdjbx;q2a_fQMLI?XpAdgMf0y7 z_YR!2q~C72W;3vP!TR#Y@YxBziK0-euLf_t#GTU_wzOTj)e`0YgD%O*rf*EMY@VC( z(VEI`nmKi?Crr#olI~(6>z0|T0RkdE?%|_L?#oke{m#3iZj|fogo`%+e)z2G!D-S% zuvkvCfLJKEuXbU6!1;diF|dhN?Sp+E-F%X~(}8`Hu-Uzik!CjXdg$zF&@GMCFI|g* ztEs0|D?}mRj^>Q2x#81^t<~q+h4Zp=44m9IH^S<^qT@mdw$&WlCR;O0w1blB?Alvl zvIqoLTV5d%dFhb?-X}R3HDOu5i3O!W%x&X9qCduTj5j{=-Ty`gS04{Jxd1nc2KC&k z6vZCf2%a385E@eD`#ky$_qR{y=(if2=$GKXD9;SIZ`qk0r=1kMzE*^bt2FH>>eUci zrjeU`#>D6Gc+R|P1p}0H+J$#zJlmf7R!tVI;e3u-nQh4RTEwS?vaQgkZq1z#>qtWt zY)2@|80{-J#mNu&Z(&qIDL~<2%W=0sJ@!_A0$f5>1-4A|e@YsLda=`O>V!i*QRENQY+;f|&FbG=;kpMir zh&3qko&Ee??C}SU+7(c-o#MvxakI_Vj@+aUeQW(2)8i@DdIqpdRR{ID>;@Df{rv7u zEgbnRdTA7k4;$1X3J$}|jmCJy-ePm-Sk)ndljaqsW(Scga;KMgC5xbsCpzBM#?HrJ zBu-bvN+n6d$y;Cl5cy?s^idafJivDmJsLWOprJZFI^+5>{R9FR@NkpI0>9@a+%c}N z*Q-tguM9|E2#Z3Hqe7oI45<J=iJ3m z5c8%{gDzx;f$(9hcs#l8ij+*p6DmZ2SpH6*_3)XP-43 zxya+dTe&Wfg$=KEJs}UM47Zhym71;IY0t(=7>9W8bBBnuP5K=ZyVf|{`eJ2aMb0co zqX3)jT7j*&*AhVmJBjVCbnuQf_{_rCcg8iupQ6h$0)0Km4p_il&Ss6bIn_^6_DnEn*(hIFdym@i#o<~|84%G{*Dk&j%l%f) zcevmBsH52lc`o~4ZTs1b==l`GQdmH(B8od3tgoh^_(hExJ(;mL%!KpfGH9LhaYuEu zTPjBwLVXq$MD9;syh%P_p`J8A0@goNj6Wj}ZY>r9I-MK6|GPp_LBA8bQpWnOVhu$t zPQ(33jz_=3D#6&V_AvOs9*b2x`G~ssv9Q~~vhFQ!%1RS_bb?IEs;nwA?Y9D}c?dQ61HSMc?-V?RMs=x0cd@t+S^2Q_73$+7A5~)6=@ZY;gK_D1` zYi=l0ns7#5`s6RsUS8pdbdhsjH)6e4^SJ_uAz(qpK;uik-i^7m%O@^|L{7BNvl;7l0(4sl<} zXfI{7K@U75kh;bO+e_GWF~RP$LHl~ax*V+r$FgR?-DYihnEuXe&N&;DgJs9S75N*?;s5T<`zw1>l>LXT__wa> zpE-H%6canaF<_IT^p4hH*Q>P<-=M?=4l&74#?FB+=I*MwtDrD)o9ofOJ{bT4a4~UR z#SGe8i67YGA(N2*{!hI|@a@CJb?6J&{^Tq@n+Y1qM~(LvM0>LC!R|lTm&t zx>HBGve#Oa=3NbxW7};%_r_w$cKtTID)dXQI=c!*dvu%}fo<1vvx&u%XOu_^iG^fQ z1BtCt%)U-5Na-i&onXm!yUe+I)b<+92&CwfomUw@f&%MlL0o-pd9Xe z4_1UrhfVC{q62IOJ3tDBPa1VE(B3axhb5|g@wSov1%}U4h3mttl)WaJnGuVd&GgKN z8D#bVel+M>-jtx=3!_&h*)Ot=?5dFF_5c&qOa4FPgSBqPj_-nvZyM>QnKHh>wyJP} zltJsM^hjcFI+)cB4$0m=JSeepMW3g6LThI|jFOP$o*Pbni^IA3=PGsE*kn>~Wn~>H zFk>H|jnPT9BIK5!oWiB;UOfUwihbl3dx%rxlr>PV7U5()A(%7*Hq7u5eHCv*u959I zzcZCIe~tYxn!P{26bO%ev%V46EMP;0}wuDb2|v&JtN z?Sk0lL@DX%&Fk}M%rtsxr3n6CVZXnpnZvJP`Rc)|?IdI_>+X=xGlYLz8rgn4b-2CE zM=LF5ewTU!bPs_ecrj6Y?G(_d`o5Id7CKp1eRHtGiZfgb3xQ$SAvr8ixM=qv*RJ)2 zWf~`(S5S#NIRR3>^5*aLBfN>z%(GtWYn^+xTW~w+29m}Gz-}ih#1h|DDB_U(WOmC? zIT&2;f*`{-kM^o)A-*wClgg)k!`*qP`W~~pJzWRB@pnH15c-BM;*Rcew4{~8B#f2* z;r`$)N$j%x;jjU{6ez1LDv^;6SrKmFdciHvw?=&riVZ8=&ZD7e?zz;F^>lV3sL%(r z@GVo(m+nHr=8UU&Q!sAp{lm7(UFMo z@d7i2;_MpPitMN-1I24K;dkH6hNto99?ZkT!)Ba92Z{q_iwjg2*F%A1*PgsdH2(uI zwp3M0@<~QG_Fc)c;4aR`B-svvm_f)JmN!f-IaiwBg3o01jkB+U~)l7#dr*eZ{gv zL){9;zmdAB453wmPEwtvMCp9xI#$N%lk>*`QKVU9`th)XXAHJ3U}g*{m=0jEs*^V1 zv|HU}STNCJ)$BBnTLhhMbJK)iSmUn|HbxgI@kczI18R zZQdnXEZ42n^^Gjrp*TIV3rMhLqk8Fn`U7qaU?9-FcvHd(^L7$lTMKpEZ6dIft!_3B zcLZfC-Y>d7+IO6nUnF0#m|UffdTkX4Nswas8$pie3=T^UR@b(vR`6RVSF)eNtKW9 zr4EvbG{Y{YB`=1LgRVd9KCTGk$N!J2H;+py|Nh4%TgJw+v2Dz)rpy|*lFAirnQSq& zv^3ls6Ee5b+(5jQEi+SU-(r zypQ{M+!wF=+Ri!8^E~IAQ3imvtvN`SMH`O||3vc&x_$M;j@2TlChh*W^$VBbO{;=5 zNDGL&n(?XX$z3h(mgX?O+q<2bK8zpDHpWDQe?Ds+XDm(ck^odeXP>|=uB`KQD$6-P z16YecdKVKSiFF^%^t|nNN1tq&3rjK*rp_(|l^#E_-tsj;5I++0tEIOKG}O%%fm?ND z{o=lBWxZGPNW-aT1MB)ZZuqheQXNUN=1?O)wfx>$1V06T^>5!M%FlGGH8qz$D#PO< z?dGmyL_8KO_FnKW?0jy$>2l-bmroJIZ9t~(*0NDv7~fOq!Xa^I<}pDfmr(_X&~Q-_tVxM~c;pX;N96VzBT3Q-jDAf0Qj5%AG-xmJ z_m`Tu^xOUWe^7Qy$%?nNlp5_}YM_{}N)PmjdYx|XR@}X9ipM&&ZA;W~#p5;e1HHA> z1zS+EW2aB%cWEmahCOSrxD*s%m=bv#7(57;)Pny(D#&R&)}0-wUlO?1<4|JT>x z6F5+MuDxQ%W3$oSn_s!ded#HCo9!m}X@qM1qVR>sEyK2P4w(iG;m39|6@eth-z=N0 z1|8C3%19)RNS&7p8-3wFozJ@>C^#GlYZ<>GOQHL-A#GgJ>N+HC9MaF53fwcbqo6nM z$xbqF{d;fD3Gg0wU};Fg{~AK4q4+W~WCkTFDxwkLIF|=T@r=j#W&ZbeGBkeY(}h>W zazf9<)r3|ch;ftQaL%EPiqt8ATe0ZbO~dp&3NK*|s&#)UPH?j83D5cp%?v5M7ayRGAI+jRkvK%LWWIxCu6w%9`;hiS7jaY_hCFT{F}wBs zS=~!vQi3d#z<`>Ib|A7WJI0&`cPRk#ufty+H=TaY+8QcZvv4xx`}w@(S*H-4?d6T5 z16Nj&=DVl*2e;U|>72wA_F?0@b&N-ajHH^UU#@BVZ#O=e^E&l{b_XStH2J+NatQ~9 zl#0P^TAYt}pz_-Tm&Td2-~eQZk~t|#Q#5YZb+P7v-D7EO=-3p2vXoQiu>n{^36f(! z7gaA*)LQ&uacqL2TI^~oso3A~{rs;(bQ&8H=b=~pzF}s1K~fg&If{cU5F(T(hG{J+ zCyryulA7-=Ra;5c-l{(<)s`KRPWPy-pWw$Q z$DuB9BPD3Fz@j5dffBhhaOeQj=yWhe)r`VZnUQ=ar$_gGK7m&k2pL<;B@i2Josp3HQf*b)6`A7!KY(lA)Z@*~?JdXbYv2mFg%bwmQ0lTw?{lUP*?4Nz9CZu*i@^#|14?Bm#0Q`!M$c^ zg%;bKQQuDk5beVZghNsg(#S?Lh$DwfXx(F>b2o@Ji%UC9+amU1eu;>kG-I_(&)Nv8 zi3K0e;OIa789&>b+9^pr(qBKdXOaReW1@RI9uE zvt?xje*Va)0&+$0#^L=)@m_ocCf~L+aS)Q#3>0djm!Q)}u6#-s4%qR&R1bvZ$sk|w ze$#}mjGqI_EJ1`{1{Ddkf}7Yb7O0WWqj%i_kS~u8pcG^yye)++J%rk(LpOg)jY$xtD;(jrXtOcS2JJ%qMTp%bywk0z=ieHD z@TBZLWqzaJrn8p}e(5fwT0K{k3+?L98}=k09AN4ilEIFuXMnU^pInuU|EKOb0xIZy5FV)A_mSI;*pxakcHRA3hQ` z;ty|d(@6tcAS$hWVYKM;zXscEC-NrKvm&VamRusHV&DXHqqO!gb9xzUci&|Ko_)gQn0=SsZ?^%OSV1L6SV&Lbk!m+tg_SZ0Heasm0i`;EFU6e0m<<{fV`rA_@Hj@E?t7|Ca-|$CGI0yej9qmcmI_>k9G2_U0?rr zSCJxd><(*}=rXZg{H6%7as0UegX?JGKMKigQ8;cOBDjdJ%ujUM1Ge?a%vk@PLMl6f zTx%!QiFUz7lE0KIvpKcmz`cL*M$8+n*id)V^OCQE^#Bl0eVBPT{M;sVS<&XM#?jMN z?@4pFs$uFTwtd{>2~8#NeD%FMCltdQ_q$JcIX(1n(3^xzRD{GvgjKzN8GkYFQVfPQ z?LtVw5j+*nR^FYp8Bv|2}}wMPt|fSsy%EL!x6j_5q0OlIO_B@s?K zyM^uH@{;y48-8R~%D8@L()i9Nk_6EmjcP_ledQ6@m{U5z@!99GGN=pX!AL*~5#Za6 zS5)hHk{1_Wh75*34<~c1p|vk~jf%Tt5ty)H_mvbbTAtynLi2pzz12OgW?y^aM5)Z{ zVCyz<$l#^oosmz=&e*xb=w|lkpqtBcUhI5%HgBx^=2cct%DZ}_*j02zEU_jnE&rxN z$;qaq#bCxoMl9ao9TawilCBAEIgz<5;VB~d=Fe~~czK+$b4HiI7Sl4cZ zy8FWIY|)cWufj&jTOZuO6`!g{eb~Z;r%mLi0>^MFa%%b>|3tvZ`3STF6Kg<_LEpWV zh~mclaC}k9NZ_3-It2?QRgZFBHe@yYz3d{S$M9rAzC!`4nPsDpOw$0%jzFFFrbJ$r zZ?G%gKy&k2&cX*4n&nt%j^&C;;=L?}m>%V`AGr#Pb)>#2=cDX2pf3R!3C6p`Gvmj4 z4E5sD&q}O=DQVv#;8p3d8C>v{5Im7Xj^8Nt%3H`HFy6C}#FB)<_%AihHx1ii>^J=* zVZly<`4aPBE?^Y^EpN9;EpA>G?dyna{raaQyuSU!1Rrso8`;onaypP)k+87%$GUfm&=~R(<`&2b>uGOHq_sso4PY;?L%RUM2~xH zVKZ4#Y4S?-@kp^U;A%d_&~*6<nu4MQ}VWMW33zQvm&=Fu~0D&^XhGwC%L=`@)MIr!Lz#p zJTd{hm#KMVE6#z1w*3t0tg-@3^o*DkK>R5*`N+lg%+0IwTn!r=l!{JQZZwkpG2J#k zo-j4{tv~>|5~4c90&5}y25-7ZmTkD4vW&w#s}aWFd1QB3yy#2_(z1HR#YW1#5hRTnwC*6vHtY~sIXGEh^soeIU&~7!blHi^ zWurO!z3?Xb_iB^WeKplDMS-;2%!H2*n(s$M+t}4!b>qNim1&K^+h(*m5n;SxllG`T zOw*KGIduG^LOVzeI)%3zOmn|Rs*E$H#cz~jiSz%gA{*WxwYj*mHg3HBMN7MGR)1}{ z&SZDr0Eqe*g>rLi)>6rv&;n|0ekYn8q<%iT%-^m6Y-7v$(jr5bCikTu;B|!~=zvx{Z*)>B zw{W>I4p71qw5~}wRaN{81QU0oek*q{JYOKVQ5+8FeY>a1ik)}iuXOUQPKBS=fr{>> zc18Sl29j)oLK-cG(-{2D)!Zd zKO|Yy?p2{$(}|Pmt~GFF5JZlLGYrJEdQRl3EAHxdACq~4NpTI!vT=Dy6dN;RZOO~o z#ZYN`k?O5*vWk!;_P*a-YgaJ&+djP!WPlT*#Qq;bAKHmuhX#&=QqdDhAba$SuE^J#mqU>USD@mREA-4yx6!BlK*l@%o7q~E{j-W+ zrNPl|vlpjB#=JGrQgzCF5V~UxXdC*)I?(Dh{nbPcA6>N$1P0<0FR^5Ohw1JiYB;?x zE0xryTJXAfYt)kym#5-h6!cFEXbc`wfocx+A5Wr`(Ho=-P|dQvaebb=YWQMEyWk(h zTO2Knrv4W(TSl(V`|QEs*T#@wtaDk)cZ`tAZ8twNA>s+zok!GKwPI+UsjnCL#w)}U z5|^b?UH}>^b+?SC3GUO4OI?wPmw?I)#0Sl8 z$N8ONIWT2K8gs6qO*5IbIqL6DrsqmTZglf-M|*^4N|s+1$qyB_XmWymR?&V{2sQM_ z=2SsL`n$GPad66+TyfaLU}QmJO8>?Z)C|B#?@U&1#Z*$9cn1?3|ISgAknNr2ip!k% zZB>dK-s}aZuK2U9eXh=`bUV1U-v}4tWi*S*^2VlcExc*0Hr{LQf{n8Jy46|Mc_uk$ zSAs|*PA*nF>q{K%a!8rJUrM(GyBU4OtYt<5(lvL_YW_19_Ixjp;Cc%( zyG8bxnu3}BVkoTPagM$U(#TX-XutGM#$2%t3bCm6swOQAP{aVaaWyB!B#SBba(f7j zd@oQ(aD>}s{IS#fX{8~A*DA|dUiL$i?8z35a)t;|YXrf_8&n7*DKAyZtFB1(`y4;5 zRQ1A_Nn{=hH;QWyH3P1d_^woA%6q8w+#@0M(1H98(rR!J)0ISAYtA^a_7M1m)1GuU zgMolQ)*{t$hyE&%wuqi$2GdX51O4myO~Y>8-xL)6n{b}!s*d6u zJi>EHUv4#-2KM`Po$pFe*P`h{JNMQunUYDw)Q$!@6?wKUw3iA^aHQq`XxzA@6l!g3!y1oAWv=t7Mc4ytM+nsYk#Ggs1g$ROAp1gxMIzF zrUOc78iT$)swogB%o+(}^=!m{N}VstT|UNO<2x$ohOZClc~C3?0@91PJ~>u>hz^ zo1jZx)JVopJwUrlRO#HA6XY6K?JjAfeEKtzR!tKi)-3nbL!^Bc)m?dCmM*prYvMB} zF7DQX^&1;+NQ`}WXSwIuouQXn_S&#F-ydV{Jxo!q_U(~&zxXpRox-!ReNn^-zp;<= z+Q8HN#pf4S*XEWu+`3BFn(A=0cLt*M7xRww%+ITrI(S@`9SybC9(?&ZfXM+490 zm;``v5O)4RxJUkI=W|gZ(42Kpvs`+k`ejM)2D%+1SvStFt?NvueQ%?s z_nY0%!Cpi-E5zdL%(7ro(qhqkT!s0p)90wyZOg{sO&{_5TpS~s!q?Vx*$zZkJ8 zU7a;5wwY!31S5HPBAY@#d>YzC$1+H9W)o*x7Z83SxBd;(c^#5EInD(G#wsN>EdLa& zW?F2DRK}>FM*2K1Xs!xK6?o z_|;w~*#tXu!+2HS#{N_6F=;WJqrQhYBiAfi_=i}jGK%pV%DZ*{)eB`naQTgBXl`Mj z=9u@>m_%^I$R7-89*IWHcoI1~OH-Qigum-pw#UGV*atl*gXErtVs`nUrZlxSpn#)8 z^+1Pz!7K)A&_*S4%WFM#2Wm{E9}WZoVG_!eA|4icLN%T zs|(cZe)<^OaZ%LFJJ244B^d;>mk+HQ(O*t0-F-Xo5lOij++Pam->2PO)yWJqqWg({ zb^o*+=r!(&x|UjcRFoRz>cAu!M5ojapuj_)MHF2LDeiEr^S&!Fv8{WB<6}rL!2TU6 zkmOq6pk2Ap3IUX+v6V73-|dBMhALk4CFQANcjqvKeSGBhr}4Rx1GT1+B$_iS7#}m( zj*GI0zTQjpq;Ptj!-E=vr>%S#k#-a(8YiaT5_J`yK@$xVzDw_l6L07FW_SQ_t@!g1km!SGp<6gs>V>2c_21~;rB!EV9Z_&4>D7yMB*3TYuinf z-!56CbGDC(8DbXH*FN1M-|T`A|c^-C+;Vde%wk z+R=i!I?G9hQH|%XL3azRamEI&N3`?GsGAG+zM9SETzzqfa~RhS)Z1NW?MzXsgeusj zqsihA9AE%%rO*t$g&?kMgKke3YF>QP9^u`p0bv8M2-a785>7sh`0SzOaB5i7;?rn{ zCRnnAiMYu ztC!wX8q4}z|LR7FafS70!sZ#CX)>3cn}!>>@RYdO^fek@JFU{)mr!I&69I&QWB8Is zFQqinM7V|@%*mmBAw?T>rNmgDDyZiy#bf(jD@;md22csb1b9$X$x0lj{>F%*Uh!k~ z``Pr5Kv~ke&O%CQ*tOuFt4gOmewPJ%n~Vky0vD=i4R2^;?Ms8d%9f4gMFG_>5iyKo ztT2)6c{qWh;+zaYm1hCn3qlkQpWBtEC#Y|1&bUTNcq-UQ>OF{Wu2MaAjH{74?#Cp_ zx;4i^kkUU!(v{HsiBykIRrQDr9E79~DCMF*8NfZ%?05R^_bh0i9#vF;5<4s!zi^-F z>|-^$vf_P0a)c|^ucbNYz-aJVKavFQH>lle5a{&fAn?dCeSj@BNOewJZWhzPN2QG) zO3r_gWbpIqwl(>vee zfZyk?4Ig}mDh(}jc#(hS)jcZ#sJr{R(eLglQ99qe%Qd>~s51S9(1SWDOE@n%))=e* zf^=lg#m?YRbkozE>V}6e;{=c->DktgI1zIoPB46U_Bh3|s8pDCV9uq}Z|&G%z}lZp zRZJee!_dYt0*%}PGSG3APJL0oiZfE9i?@KRL9OU+&C|Vj3ogSzXrBBnA&wxEEsc?b zXWE)w`)8X9VLCx?(G6m(Dl>Iv%6WKBYqUZUveC8lg|% z91f}RyLfrIy{iEcbJlqJ%_$ayg#Kw8C}4F`pkf^wz71r%hK^j1Swfd=1MS(Dc15gp zcCEYZmrH90d{+^BwK`GFf&S|@8QhEMy8TIG&Z_pUUWyXeqPg2Z`}EDlZ@pnh%{J9a zmBjC3m&B-l(R;Ro_B%M_-@gD0)6I=6MUT28yASRm{Av?|B9M-py*7{#!!)c^Bz`Jp zl%%C);ryS)T^pQUnxAA?h?Az#54MAL0ZSdOCEXXD`waVDdB7%`A(Q(%BB_Ebvbsx=vj4kXkumXpgR>{ zr0f@u7Hu$Li>y1Dhj&|votWFMjIs8#v|SatR*w2H{?Y9@UqAk_pW0{h%Ce{M&vKMa z%Y3zKO^BU91de@7-kuW=!Cq&vYDc~2o(k<`BJ&V{=zmd8ivwTM`J0>jvl|MS$s#XI zQNZI-U&8$%+Y>4mKUDj^V@<<@b^hgYJYuli(Ida%vJ1Pr5?BMN#kIF4{eWA28)93T zap#iG$upXkof!&C{70T4E>jP!X8`&QWQ4Xg09`t{VWU6%XjP=vcM0#K`^QGO+hNFo z9b0K1mVsw!0}FrUN4u4t(NXx9np)$;2)L1%4{3Z3w1gdu1LkaD|{ z|MJM8Az#=tqn4#HZY$c?=9GNwt1ACdWG;wGio;bvA}_yd(sgTuhlIbi!lxdIcj%C2 z+PFM-e$?GGtZSG+iZ7v9)=FyHov`gU!b1~EwO>No8Lp3uVa}&rAYV!M-`LyVla$7Ffem1;=HBL~IP>~Odl=^+)cQaq ziBZ$(@?Yzf2r$XC7M-dp0VK0+wTbun;W~mbK9~ldbGEbV>BBWPcMh!=43El$spRej zO;N>XBBsik3FL%1$8TwyPNpRO<`gtMz0Ir_o+fl*aDg4{6_uR8 zFcrt7YhaYOahtU8GhJ~7_#GpDM;_#P6gMpjmt>~5Ha0|G{Qf*Hd{Yc@E$ZP~9g1*z zT#f7Y{d_wWdEoUuU+6ZuWYGH|vZCA4*oM(Q#LQ+p(fy+eQF*cD zTILsNJwHcmH)n{2uWK)o@VY3^9HC_p1|4y#4E0!=Jxdyl<39=vND<_`;Q>JGo+v7h z320!l3_Vrl3P$Ika~pcSb8yo)DqdIMY`fB#9g^w%BBtR%_o zB{o8XJA!koZ4Lxf7Xc4n8u*0gT^Uvjzjv8@RGNayg1aII?arP%-c0J4nRm%Czgs~n zwD2T!+CSfag&vThY*)OKifH4FuLJw3v5(hzu}azlPucDIBeLu9m!j;|hZ!NNzb|Qj zorLH=R6OPrTZ0yB7whB)`_o%~a}OyG-gt{|?34vXA7WLi$X>v3JmeUhajr)aTxsqK zh-fGs*S4uKy)_R-_nuT05`2+^bN^z5c$e5x?THom=|@c zVN+q_vyZ+MUG`YzQ{mD4H|mk6(o-nmI&sopmifx_M7VUQ@*X7`I!oz3!?#x-^ zS^7~q3=8eTlv+~9Yeb#+i;bVEedB9AzF}$>thKBA^Go&`9BHYjm699(<^sNedqb8! z4BK^zI^JOBiC=`rmj^mvm8EjQ`iZX4$$nRdU%UtH*6?|;nDC~FzuQckn_tE?z8|Xx z4#jav)y448Bhhj6_{@zq_lHUIq2SyX;Dqz5Ci0+!TD8&1Ide8%^d^nK{)1mTKAP}J*&OH_k`-hZ z-r!eh9~pOIWJxqVMJu{D9r2!BK=X(Rr>7gPmAqiOI+&ZseAy8q6=qO7+$8OW5zCP2 z|Ijyn1DS&UMnCxtv|FQFHv9%U3z|i%e*^8(OZ)b#`>(^>i(ntGi*C+;L)+{IUD5mV zEosp`+-4%8YlEd-;6XHIH^=~V2;I6HIr^ig5KZB0h12WcaH+MHUl6$Of z1=L5Q_keykwtn6kn4d7_hqZju{8UiG|9fQn^<1`DpVICccPhgDFn$!^bB~7j4IL2W+1DrH)wtNk@*LmZjDVI zTZU9;zFDl6Za}A*f%a^?Iewq0p*CfeS-m2%?9g?ZXP`nf-3)XJL_-_z1?>hDb3W!u z{#T2bVmU!~aCTTZkEnXv{Vqc75GggNme?9SJS$vW3r`_BlOo-s*Jd$YRTq@c@8zl` zLuw6xLD3r8x_!BwPF~JZE4ik#!|iH zv_;lMksRZ?98%3nTO|9cmocg|$k7~)=kMZn^$i-?#}rAWkRcKcmoU~8YZ^ch&#t3y zS8F^lJjGn08bvg^wzi!l{!r~kh6rADauR%4N#`UdRlo<9GAlu*mci4=CO4=H$%6R8 zqju@n9ZtzK*(VtGOR`6=Y3ghdj|h&(7Ir>kc(g9G3|znm%B00v%ZslNJz?Y}n(D@- z)>*lp>Vg=f!bp?yc-zS;53#J8>RJ`(kVy-clW{Sc^rGoVFV9Hc2`>9L+|tzdRHZ3b z4S41Qie9yMv*;lgwLpbbbvt}qc1}>nW+}bItrnfn>u(u{b>$s7$c$eq<_a!AIDvrJ zRo+QAElPrk;p&ACmpU(xT!_Fx)0&~uVZ4N<#;dQ>k&n@Emu8a*kJex(L=6e17M3E^ z-zuY6%QgTr0IQp(=5JRk&$g<75cRyeYBsh$^{Sr+e+y!tHK;ca!31vJKUsrM8VQyI zs)v&uy#6#lrLtcgEEX2cOS$=BRTVk=U%HFhqMJHD$$Ac!2Y+P9U9pNgeTkY}2%HE} z>)x}-$3|h)SZ?FM876u4_MWy+yiD}GOZCS0!I9k$tg?ju5?f)29AMTrhwhJ!$euLA zdKGmpsw3Vz47%D2rChZqgj0a{?u9dI?CGy|Ra1dW%BTU{As)M-SB;v-C`+kQ=uDD7 z$F(yjvL2-p5gOD+(hxOIEqNs>WVB3I^+NYfOtbmaI*g1>VdQcM-Bd`pwR9ts0xJARiJ6`o`y-AP2{HXRfox?7`|gnmXA zRpE$ATb@V|r=-EQl;;VJWzL=ocUNz0Y2aq{2Mmx{E{snp&T(M;i7#=LdI2gTLdfde zYZs!60;0|$cd*9hV01rW>(@O(um-E^$`yjxU}9iWcrVA2k=#8|={OTaG-hB%g(jbq!bb)10Z2~&nL z5O2ea-0ii@+Bm=hZo;anBUn(?2SDX7e($Gl&+X(Capoh^gVauy%V&&p&BPSsR7Q_m9VoQcK4|b4_nA|# zUdAedcwtCHu3R@``+X4|BEQ8WGOJ>ir}egvNMG|sK;qzR7EMe*3{NElUl-gl52=!7 zPD_NLvyS(%Rn zJ4{K*;1i|A7xD|(T`z8?F)xvO;>MRJNZDQVaAsVYu~_4m!l|ykm-!CUIl7<{1EL6(>_Zb!M)b;Nz#)p5s{ zs5}dflp3qLRTn6bckyg?@TuIH&yQb9qTU#VF%^c!U@vzh-;vxpIGR3@pgwXvsVW;w z!nJO{#uRpcj$*+~7lt(1^i9qMU-b>Z1L|w8u0mE(?(i)jviu4)2=<;mAH+ErPNTIm zD{z?KQKw-aljv|*AF32C5o&u818JKy@ggHr&XhmM_N~y;#r+LU3A**4^dQ0Ej4go>2(H zwoVo#FU3mtqr4f{4SmSlorjdfov8O7*>530{hkC9CtUrMq_>$N1;6BhExHowDkH@7 zL$@GQ{F>vz=AF;z#|m&h(j;*ARnG%0aK>jA?W6le%$w^p5vug9D@^HvMtGhcs^O$k zS)%`FFeVbYEz1M;7f`-&_F9c^uXK2r&uG(VF_DFhBOd4?8i__E(Ii;m#j@D0o7A>v z|0R>>z}!M7U#Hr%jD}p>pPRZZnRar;hwDx90*;e=K7=VHr~hMCq4tw!VrzO-7IND$ddVytAS9@Sk(tBjR;=x)Q?aLko_6x zH6`jysf0&t%aHVRz34N`P+Bt(sUBsswl8uGuHXrY2A^nezgudbGq^=LI_50wwPe(A z{%p^SBpw>=NOb&oa)jgGb(r@ib}9kvf%o!%MZgbIYEUdU`pMSmX@{&wmtSG7qhm{& z2zdYx`Be0)C@r&*1+OHC2H#tD9X7%@&7ZXF6Mp!O^>bHnq2X{I<6kJpP#hGR#|Xyp z(s~(ZAbV~_xsW!lI`uWS9c8nC!pdX~y%l8>BFz}d=e z4i%45;rWbzG5wDuPf>~A)EhOSfc9H;fZNc&)L%8h$txrQZ4Lb(ajpB&_eY)$Yp+lZ zd`#^cZr#L;;)tPi+q)>z3Qi=zb$;w(-oh_+6KQ@?wNPBG<%|O*?LOZUOZV~1yV_Gy z(%-FUZF`D3n>SD#J~L*Ms$4^PZ(RkI*UWp*@|w+7_#t(&)o<%EuI>lgpm)dX{f3=w zmzGC#k(a1=jF};vc^gv;<~8PqZ-=^QT4jJAW@cj5GsscukA}P6Llgm+<&k%+@Wu-) zu%_3y1t+z1M^8%@y7ZBCtTjoO2lNZ!D-KO}*OxEdx&8~@~T5_xik$$#7D zedq6*|60Fk{_^f>LO_39p=U0yDo7Ch9}{EcQ9!3Idj0@t|GNL<{WPm>Kv!1-eszCK z_%5X@1dK(M>bp~CH6xScXRMeg{UYpsbw)j0Iz#tZC%J?(f%ppJlV_ugyOtt;UMSDAArxuK|c>j-lvt)o}h0a_xA>xwti1SVPZ>@B0H`~4? z2=gf1{GyPwZ*ck}I`xeYg}8aDO-ZpqwQWpMUs6=m__qt64*kc4{S0)wsKJoBs$>t>M3P&xM($+KXBPstFu3g=9b->^=;CDtZI3 z@-4(U@dw=tBY?r!8gbxs~l-B2hUFVu~0Z5Q?tb@h)hcWH-D)1s<;G~4vb8a><=qkWL zx+So-mzNV9Tpcjz$H#|Gk(23N8$fJMe@)rg3C@9VfG-QVs9Bmxbj0ZigtW3Ih_ky> zu5r=Lrs7_5PD&o7CErR#B?NLc+1NAfTzPGtqyuft5uDG+#iycv6?7z^SD%nL${6#f z=%)w>r>L~;B-L?rtR2V{zyr9AZTg=A>!mf9$X;KduCOiV*o`GFw_YK{pOAEDyG!sx zxLx4QU@^LsW&T%pHKp^@q8+fY(#pQG1MRKq;_|6|>~| zaiHHx@y6ia#QU$R6#5HhW5(-68#7I$+^1o52+L&*ia9apJ?kvIQxWVi12M%iD?^#oPMGW_y~~lS0u=+Gbatu9r^|GO>0R+fO~aG@2kfo@pZ>-lO!d>NoPr zY!x=1Ego}e3oc+>SoQUja79D4z{fNG&0$kdrTIgg)&oe2ts}Paf$&6q{ZTBNl=vjn zG1`tZ*NRRfUZLFmv2Wixy8yl&M{+jJPM^_o-ZD3JaFQL}{+@O3YPclAY1yj&aqOy+ z?m7a>_Gi(5Jm9rTq0#4NH<*kHiJ#)9bBBxbiDS|VzQdTX!7-5cd&s+y0YC0!xwhi< zNwa;HyRNewEQPt9Vxk|+4^|%Sr`7z6{*el29h1!uBt(w=mef|26gUAO!XW{-g7eoD zYdLpZIo?mo$4A%*4En;MyapaNpLa4XgxfMsDqK*I7+nhUqRc|Zm%Xq{U40vY(eT!= ziR8iGQKv@6?Vk%{*3mMLvmA@OSU1N%=Ke3JdwQ1^Ea1#vdFRb3t2*u0z8kMZ-!l1$ z?0N61jo*oqd;;L6Q#?uy+&LC7<$!Nf=ehI3s}-uTTRk^Uqrar?JBNzVCzxFe{$te} z4K8_oA^1J`5ak&ag&dl0wEa1?_NB~{8|S6r^@nm>xK7Ye_q>U+m_AK7&ay4TKK0SoEBcNh9CAy4VH zJ%viJ1uqQEtF)wz`#YU3#@?J7zxk^JYVXbF?&F>is{R-$@oL~;5zghrE;XVJ5w15n ztjz)V?a0u2^x~s-m!KxI$7JQbC?7PU)EgS2P`SqIP0yWkblH{u}$5(GAPz`rrb3~u` z;%8xJjfE_Ru@+7L-x%K(2Z}e#5SkYklWB}0DnByuNq)Gr1ISU}hdBD5EWAqVFJJ9= zilq$2qJmk5&({R3`p`Xv{N7|yeR9thcL%bl%!`3TGd|b%op?F>8x4A-Y!+;B1Q@)I zzuW0On=&#HAT$aQk3j`a$mONdYz{4~tf&)?L&u#P_Q}73Ow4fI0p6TkLYnLz=Wbh( zj<;(8bBz!-@_(;8n8M=BY)^9#O@hN(_TQOZVFp9OWGiwM9^(0Pf@XegyS(Wl>)5d- z1Ed=JFy#a{V{CVU_+Tt+esI+lmmku$#!hFod-dvvG9+XbgMXsXb+}nf3a|;#N$@gM zhOkT;HOH7i&49AqlwVob&exQ&hG*s%g%83NAMZq*HMX+d-OT4WWi2G{V)Jby-0LFN37fr@EJmEaA>+v()Doh`z%VBsUCkSH;-Ni6gG8l$A^bL%J)W2&*&>r^5U! zzu2QsL~}{3O10--hj>xl8nLmNxb(4I%o+w#XdC^xORZ=XR;74*l7n4c-amFjmYg+d znFPt|bLrnU9gU%RFe3+*xtp(+6V2>P>?)ZNnOOd3XXSEkJVU~L`hoVp1QJn)K?mF| zD9wNi>KXyyjAPm>{bN&s>d;VSC-DdzXTvCXp`p<9f{ z%|_yUqS7QXh3e^(XG8kB;3aV>zn75|nDkXQK|OOF-0eGS=R0yPk30Kw#b!d@r2HKN z@V5HR{jRw)_1w%UVcYBG@jys^N5CHEv?b)E+{0iqEb+{+(C|LRA&)?F+dk_AiJWUQ zIGe2avhP3P>we35)QT>Grn-W50+6`@O6e1Rz2n@OYf`>DIe3_N7{3+&IOcfCHCk8C zq=>Mhk`-_^(8v*u1p!FpKks16)wM>{>k09OMu)`Vb)YS$mW1 zOo#l|)k7sRje*}VaxEf$|Ear-9GmdZ0PvM(bFpy$SAj>Vw5Qc${0L5F8;LNQOS|0M zW8D*<-3d1k053_UubGuUrYh7)<1Jj&ciel?eFD9yqWhhd{x>sw3$SaU{?gT^?;HFc zs}Hdcx4$EwECJ*0A!OjC=Ru~pBWE*ri*x4=e!UERu%r>5P;tw>+dAE|?c(}eDB7b+ zxcX*(7101@C9OWis(w%2oHdH-^VWpkTDwm;3jiXM`@B}JQ51t+)shS6i+3*k@vB3g zyk|bIF22-k&Za}9ER7HDsvAC=TsTY{<}|1DpdHVQ8yD3R;zv3%^i((4V-1STUz@8K zoZwYIf?u_cbp0O({;tm-u+^|Uc7FRusS6=-O3D4+ZhCG*r@oQ-jUJH(m+rlu3=^(( zhF5%^H{(00i-JnE_~RW18mebE*G1n?=^9UsikfPTBKsX@bu)|EL~k-Qv&A{df@kOM zFN7ooX4b|?dlH-T;u)97_(kI%!&o=G`t6S!EiLzNVO#&d+hgcEYd{six5f3LhW1OX zk6s&M?Qt4X1XK(FlN#o^9w5#5hn*xo$+?)6MODAFW8S3xIJrYJG}gsyNIR_(OJ3eg zB)iI~^W4T#;iXQOrOIzt8Ck3PAnmaBC=7Cj;Z$xSY!~-&HM_S)1FrXmmBs;=1rT^r z zey!2h<5U;$CQ(s+_uA_S%bPq6D z*N&4mvG0)`Dyq^oKCZIp<fqxO7eXkN&?s^gq$u+5M-+#B=8hIlws_cRx z3&D*(8yeZd)R}%UOJk(mM4dPh@NP2k_Sh|rwMgH!fW|CA#ee=!%{ssj+ZqMVUxVQ6 zcCCdw!}hWTjG)VJ2=$i9Moy$ug-eB%t7=)ZoK`GA+VuZk8al1%M=d_*YnUb8C$x;NL3xl8r-sJdS#}}2VYNc6XmQZVG>Y4&;N4ulz(wFGKeEKt75{X5 z_-VbSj>Lt_bLJuHGsZVoC|RXymn61yWvL)!<{U85ton1NfNhO8qDn&UI$=Ql4b)_P5ia8`Crx3F-Zym05 zU4_bFj+2DSVRAlgQ(c$E#&Vn)8)+6BquIuWecy9^KEL1X``sUIw|S4f_uBjLdfuOp z$Kxen&PMN*)t3-HUawaH2bB} z5TUE`SS;&3kwwUZhFB-!-h?}2&T|?sT97bA@QO-ZzL91neJVTT-vwq;Nyb2@c81mI zmaBx5EpzlL!Z(${)#8RRyx$R44~B+{aT&P@s%OD7uSN4O1a=TXch_{Lx^R$BxBv!K zT(&tU*k4D~Mh#>D7WQ0GK^b1;u=;)VrvwB|f85D+Dl=1_MOCX>t>v>9)yxRfC!DsX zB`&(6iHW5UNcy#Bj`Y@vma4KdOGGuF0$5xWIAbCp>Ze5vjr6)H1wK9kI)UN~z*?99` z#+;KQJMp!4_kSMa5P}3lZ@rbSY!D4NZ@_bx^VMFSk8TLmg*UQe%m+{8S6ho z82#;3Wg9>=ba{_Ggul@r_l z+Xzyp{NE7V;de3&q-AQqqrXf^?}DG~?o~DXa0~$3t1(SEPzrvr z+{Nf`LzUW1&4{$XvmSMyN5OfZn$lI9>YxjU?A@MZ`QD;brMEsJSCDl(F0N)Km3-lT zSpmxhU8CQhlE2x1fwN73k$5HhCC{x%8erciD%6Z>R=B+SHT3(yKOe4rL4sob8)nei zh7YbMYJD$+on~Qz8i4SgYiqyd6oGf#wLHZ5mkUZ2Y{M+rEu#tjUIBhqsf3HLAna^iXVsc;qL*_ZyJFwMU1MFI8q7q7d*$S~ zyAG85?!RQ}n6*jc7uBEH3Ui{($@0g#xHb4B15$5bHPr9RY)Xj_5i5Ns=556!G#j}; z5ypc|4FLq$`2@Zftm;VkRf#=uL#)p!^YyS&p>FG=Y!BDQ_bs29rQ}~2+q%!A;zajN`xrSNLV1j(E)8k^^N~t-pYaph( zf}y{2s^hbBRs9#9y~XXu4;(CD8lh$BnTGq5haqG1KLXTd=x}zW*>z#vpGd?KDyWj% zIhw_<#~4+R;$wpu?o%?`TPy&V%9H4V$4vlY+@C1fm_{{E zH4&U-(4(2;T6$OL6tNJf9r=Z&ezZNu_pN)?%iI2Koj2Yx$8Y4iu=NTm4ShEe z1$)pdxL(z~7ih`KjjBBIz2}2*S{aw$qB-Fa@4?33#ggw7mV~_-HSwu!W$;?cpy2Z0PIVjcP%W?y1Clhrpoy&Myxz=@qU0d2zXbn+ z3&Vci@B(v)G90#Z5!{3|B(MkG#-0}-U4ZD`UV(?d*uf2Ih)gdu-sBvaP_}CAOBBoF-Rhf2xg2GA2k>j-Ey5QTXxbd4ydEE|`TG}5kY7|&DY=8?bpj6LpBJTm(n zSxID`Aql)(x0;^xI7)y;1hfK4!L^<17m?TvkdvOJIDh)}X-(w&csJrx~!J9O9wBk$Q zrp=-;B<<4M_>mt{abSub*a30u8dP{d5U~p@*S>S0W;$q1M~K>n;RUprBjn^}Hd!!Q ziw<{$96VQp`4d>x-lWg7vUgvnAJypz6%VuoLr0G2NQSG>oA$|^i-L-tFKbo%7xKHG z?=UrbV86G(BjNm~oSjo%I5fo(a#WqUdSz9ll`i(V?(yC-49nd*TGD)a`35t(w%{%L zKi42C+d+R$1v1=O-es~BZEy`@u}4y(o7RsdWRlL-Pw+wk7BUF z+EmMzxBa61+Z#eYE_i2^urjJz6C6l&+p3R-{)ij@{g5i4{PRY4PB2`w>0$^9L_3W_ zMQ;k&jKS}i%K05gO4o8WvcGr2(mKaj7M^ff@#)U%TGzXFHfyPm-qGPx?E=z*e8e%v z*qVU_yRnmw4@Ngt_RpAv9W*-TOqe}c{RkyLG&K46Y1iUPNSrm*x7}B9M}e;R{9QFHGt|VT2WZp94*CiEUVU+X_sQ#3 zo6htqX{+?zqRnhF27`=v%K=Bn?7m2jUG8dDJ8s)Ev2IU>fBMi}#cUY(y=xH{54E7F z0-`uxVuLLM8SkHEXn;TUzMT9d-<2RwjIosaz0qZ%k zc+;lGE$tcl+!)wUHQ#jctop1+Ga>;al0}>O*$4VhnSsyHJ6NF8`UW3_#YvT9h1qnq zYGupinJ%F0vi!ZS1$0#AByT(7XRWSc!H#L7^4h}t$-l%+`cP~lFqSfGYgAiWdo0wZ zD&sIfB{jvW+aCEk%B3a9B9PJ(huU&pkpp43{-l9tsM_XRs#GF6=kI2OuevtywV5o? z4Vwh1(!D{afn}Z(!HoEhP$bra+@Sjx`!20q+mRD1L<j1fR$nwu)Z)?ItzzqS@F!g?<_qtUmDf#I~o&8k@n^RZL)IpPB|s?O+U1}VM_bvdN9q#!HcRheKjSbRRcROl3_ zdtnBYL4!i*oNY-SNcr7{!-ey@MI9QI9!c`5z)mNvXScU1%AYs1)s=K*;R2rG9V1?_ z$tV0=*A%P+sYJI`_{^b0_G{PE0~~^M+~j@vZISKKKO?mqyFxiBFQdkm#+5nM+A(yv zLXJz*e-164hLMcQ^h&%nB_EkR>anrEuO544ZYtjyj!}pEWSiO3O=|^`0iKL(Yy1t2 zo&IVU_>P&u0b8}MHk_R`#>^0gc&X!7!|fix<7(@p_U?vA{(T2QmKEuIL}Nf=w3m+b zW2YhMowT&BXwe>ZKYpYm#bRwj&!{n8G*N$;2c{gX`VKPMU?2y( zPU0JG{D6V9LMXJ`Iu3z@Abrq}eG$cK%B4^eF(Ha|?0OAOY_Tx~HWK!Ul~Us^$W!|V zjOMG4!pWfZeunGFY;;*&N+7Ic^a9h`T4d(EI1(z_9)Sa*+c1alIf4dFA~X#I!=6_6 z=$YkNYU_<>_dOeY<;F8!2GFBzzZNE}9urE}kx5n$sB%aGx!t8SQLnZB%D=yS3CbNz z14d8NjxA4gGWym(A;}I*p3dJ{g$LCGQ`hA3X#|>deK8VWwE}O5obEew*?US00t&%U znNMP-vZWwu{l8ULfWqtV-Gru+4M|}Jq<$}?db;DE&K5c0On%c?P>vY5z6g_bMIsg*O|d$ z;`{Eq{l@X-U=!E`$*f&Rc$mbAi!l_H&^b7{`bO#A28_~P$W=1BjdXp9)mE?Ed~sHa5eEtWc*;ZmV=#tcL25gXW_D!Y*^f* zHu#=#*}}vAU#u`?i#GIq_L!jfRRpD~zr4{-0RNE!4@~s78Quu;qXIK?gS?433d~Dm zW%Rs&pkjJp|7z#>>0|0mKSu9Zd4cf+;`*J{jbo9se-xh`e;|g-Xyu*%m_^7ih52Pb zmfE1dYTP=+cdF{u2kq(Z8Yl}CbNoOeo@(kE1%^_{Hhp=Ox!rI5tWY+84C;?%V(3SO#m80T>AEPspHZ zdn_pKa1NMX1C=Pif2Amzzu6xo-xD#Trn|@(5@8YhepY*9uRLJ14aGhT)b6xYd%{SN z2l~Btelgf5$2^_$kH*%u`Oz8hCJyU0D2fkn*!$9vPjXPN^5)717(F$J!9YR8SivA( zNk3`MwlB>)A zSBsqMHuPL<{v7yMcs+M}J`@#B5Pm{Fz8&88V|$Xy&BQ4N&y9S{m-QGesEUqW3vu=5~F3T#S>g1{cIW8F`nJSuN_k4Xeb9I{^gJDW}VkQva@o%>) z8x8u+8@htDnNR-$7ErE{Je%#8d+JgahyS>EcEG#Sbb>sYnVqoj~q3K|A} zf@Kv^Bc0Y8&`j0ES~6^x+mMCS0)6&9Dc-0YRQqI05@K*eb;1u9bG$90Lg%!)M7%L) zSWSe(DzCoo&kTSy^R&ksQ2;8s8pA{f$o0?n?{SLwkTvN|iW$`>-JlO5Pp~7(xV_C7 zc0B?X+JOjee0aW!)z+~Ly4EAw5ar%?;9>OL84Vh?f+kJWMTv2s9#G4qz2^j3r2;r> zl{2=j6wf!6J!0!%N_PuvF**PfQjE}3Dxe4_r}O~N*0IpRpeZD%C{Ih2wGiB|Zt#tL z!;Q{)#dpB3r6c8dy{%RIRz=Mx2vSgmhaD-`+jxscT}un<4OL^=t+{p z3ipkb)q1o4Ne(I|?_r6<0dptt!t_rJ>{e3b3zW2mIo3_Bz?@t8mjJ&L0Ule(%87HY zkp{FTJpRM|CVMJa~C{?-|(PXW)SSWHP1vMF7sDd zb`Rq*dku^+$ct8G0Cy6JAymkl6{4o8#fEJRPk4z{R>)BS`X`vvP&@A2P!#>#pBxgC zS>lac%bP4=H##+YyeU^l#jH&oF7y#Jsr&GQ`g?kR9YT8NiF<l36p@G@Jh~WQ0V=m zyxc?bJh~6*G%TXvdwe^X4TqvLcE~2Sp-P~G-8I^d z_FTby&PpPhx!Y?fXvFFVD9~HO)#qp_Tt=rv6^Dp3u&QQ2i zJ4x>x2Wc7P-RR>PC|%nY#R?J_euV<)5Ff~;OANsUfgGH{0R>gBWoERPoG8r*{FHOd z{!0g$s@K8EW1cql#Tj=h2?Wt>PP*V!!5J|j_)-(NelInx>xIXJ4yny332gPDr9Kcf zs9E}}@Fud>!4SObJ3^c5OcPHXRJLsfp_jL-vZyiNOBzAppIdnI*a?zPjzNpLA zo9F<8fd`07GredxUx+cp7@gt^@!K!y!_E|zDD|;f>}gKFYaW$YWXFv34aj?%-}yD@Li|IPAy+1allcNE7J#uZRiU6z8_?_fv`QjJjiY;NKKn` zIdi2`E+qP^-o_!VFB)6zk8LfSh44W#{KT-Dj?w$M1nSb!|M)=;8p@Q55Hda|{)PWO z!ceo!gRhxCn;U&C#bz*264#VVxLQ+jlVLJjg0gm&mZXd^(5g2fdWU2MX!(XGUn0wT zoQ59h*-nHF_z@X^Bh`mr|I-}2?xO>4LXIk|DesR}=#FCWXA3LQ=$jCIrQ3^=U?b%q zm*mi`)-g`#{+kdF1#5Q7j4aR;pBQeAHuZ-bxFoqy2(R_pKdIJGR&Y;0m+DtlTXFPx zJDwx{viy6F6F$g}T~%J#$)2-vSgGI}{m8j?;Q1tl9T?pa%8&o5%Y>DB@OWoH65xR@ z@`o57rhD2?2Ta*pp4_*@**-9`F3XDf*2J&|&3P4Sf0Gxy#?Z_DkPC|SssqxwUx24b z8tXy_`pPZH{*4nn96IC{#L5f|69w(z3O~MuG^U_KG+PooKK{6H0^*Ba(8c!;X|1Fz zbem&E-p8hGe`Y(m!NN?5k|pI1YWo;^;ugft%mXMiF=K2(Jv~nS&1cE;JD>NVQ^GRm zq~}q(6rKCOdjYI>(iXngGy0FFZUxwZNwtr>0pi_pWwdVqMD_O73a7h2Ls)T_q(dSE zXgH9|-v>4dPRM&34x@AQ7E~6O$ z)x5pi1{(6BE-O2ju}^Wv;WqaL+xknpOS=_HevD8JNL?MeM8RD&GXP?=A1723qx!r_ zj4sfvl&NWe6Hol0L|k~d7UYK33xsF@T7sVv_GMgRhkd7z`SqFtto-TTzF1PLrt1LOr(C?@6_Co?6IYG*tI4a-d!DiCSc|t8dlXkEozy2d2TI} zU(J~u{Iv^%4GJIUPAiN8;Jmj|%ung$Htet3%i9d&%{D1w>A@zLI%BuPw=qIJkY=x@L&muWJOc9+)wb>~ zqoSj3L!jr@Xsw*Q?S`JW!EShm$-YJMUcHTkT21QL%O&8^Y zcl@0`4dptvr)B1jRS+!&{n{!X{qr`&0?HQ65DaKkjbEpb-V`;VElVHeFMiB1D8vs$ zWVNMCT~S~S7v}LFXZJOhcK0CLwBqjQLp01pETeZJK7Hlr&|rwpiE;z|LWgKCN_t3B zL<2}n0|});1i-H|$l@Wab=wYDSgCPgxWkN63S*8U8{UaE1@>usN zl``7Z4kMg{rWXu*u1`TdNUe|T9g_S=Yk2RCs)b>5^2w2SAsTuIqPA;sY;uq>Q>RyO z%0-+yYU(6>g^EOn-hu4Bo!(`LOxd}nG&@bt8V|3O+|=}Bt39;+=s3MUI{#^6Y9{~8 zB7(+R`TdCnCC0LDpN+gr?S%-*)MFLW_bP9JKiJ_39y0&(@@EOE0(RJsEIA0G+ngi{Kb&hbbdVkHe*ekD|Y(rF`&=Su% z(J?T3KM zh2=?a|w>IPh`6L`W_2KFxQI6FZ zm2v4w&OH3EC=3>HO#Iwvk3QT?SUXk0^CuEx%<5F5Jf}amR()8}J%-Al7AURAXJYa;GbBwq7EF(fdPWrAl0#UAEPnnt-xz`YT72Rmp|*R|TztV)$n1f*%l&q9A*NT<>KM=q zcdu9VQ&aWvx_1j}*qk^W>U~s}C_Jsbev=$MY#xA0mhGB_f!Aj0%nsLbRa%FVEZBx0 zuZq)lZV(9$^b7UJsxC3J*v)o=XP4+2PUXqMrP|+}lOqFt zUG1J*B8=u^1zU7^ZW}&6GOkrRsQ)wnSBX-f+^LPM+MX%Bjl&2+d1G8K{g8ZAm)z{E z(c{5@GmAxq5u?`6Sn4=)t&CAZqk-I-ZclDgokC(^darB+dTk`g(YS)0weq2T+H6MWiMXb|_%hE^WSur6ZkkN?S_Qrsg-5+xh@Yy~^T zAgmg!sXWI_Yyml2$imY1(n_*>YEd<^Oo#e+T!dtr>bKhbGkFqqPk9zdDw%c*x67`f z#>GdB3+iA5Iyf|PWm`b;VY#k}TJ4r=eEeD$!BesY%Z~o5hBpp|dCrn49$53?X93BD zISOxs8h+NP)h?stZ4Q7c!8^qnEZyW!VugIBRnG3Al1i{=5<)(;2!1AR5s z;|jVRKfS1tE}n)*0DToLMf^C)nH;Ucmc0fa655c$5+4dEQ61sjxW&3}csMGHFP7O^ zr25peFU}qTcFt(DMb3s9L;M0apm!{V07%yFX~B#g_aycG8@aP}?AT`gIf9_?kFHGC zQxYPNHQdUun2j2VM<<%G{j?A2qCBdacg8AKR#$^}L*Qx6oeP1wK2Wid?115WCoe0# z6gx=qDp^Opr29@x0E15+#t%Ouwo*vXIyuhn{(_LW#WXBCy~%PaDb|9j-BdVequo8F@HaVE~^+nl&LV%JOXjMFo! zyHucW{?wEL$ZR_Rz^N*qp>beNKpMlC;cq74hYwV=s2EkZe8xWVG=qX+>2H)TNwil7 zWIn!b&TW4}rw3Z2@B(g^Skyu4VgqeiIrK0ytXWp1yYMO-fdUOfGn`)~a*}?3oKl9+BSDW=*Y~DYUETPxS(;C=DTgw+wUMM)Ou@_ezKS~ zn&Bj75eudNjMrbc8C*2*D20zCwuD%%)oUA>_CrS#e39Vo;=B2?U@G8Om9t{a_A65d zJan|!mF3-U3S<&BXXpvHhSS;6@`9TdiH)+3-&I9=&|lj_lOlHrqGDwFu8rAhqdgTZ zHAj4fyW5H|5JT?`)mA4=(kOhH+-)JM3zS_IrW4r+`IB>qZzaaipj^Y^=#jGsbjBfy zT5`5(k8xZcFmGy)%<}jXA>~4r$PTFr`em(eK?g;!m0a%036RG}THVc!9<2KOMQ++o z`8V|Vk@z#mOglfIX+F#FEm>(A(%S0EY`Pq{ zQieCx6Z7c(yNCHtouDO_%O2iPpe($@#7K9~qtiiv!qJPQ_>4SIoW&>F9s0Ul44EBW zoUb$hJ@@uxNVyev76ik7rogg!qL_Ynrbx?ewPHxur>#o+%v z@lO{%C5x#aufcBWqkKH<$%1-)Z;&Me# zV)HU%I=%%Ag}2nYo)T;%rA{tUfnSY=In~HT&8G=lB7&NgqEk*|KTpBmEGC-?7ZeSN z$4HgDXOonAE5?C@glHRnQ`F?So}iISiD&NBItR{Y@nX7p=aRjF_^JIr8|ZME({6kK zB#YCTG*z{6@+)2&x0H->}l8MTw@%DYmfrw5A$Z;#hm?QH?RM3?G3On<8X zB99#~4#o24)hYI40qsVVZn@j?E_>w50$dLzY$81R&w2fr)o0$v*oSAEu$Cn_gX6qtN+aOPH0@1D zLp;nR>yxY-wjMJI1?cg5Q%F(_8p2D-5Py+NNIkYu1ZFmc4D!NPX3}O3-ZIL%f3?Z| z6XRFG^Qc=LBXJ!|$%C(>)`+#_Sn4^S#XoXj0cO*uTCEfNC|%q-I_E5Efj=^rN2i`g z6d*EoEXnFSqfPn&g+oWF7QcCwM|m9+e;Yg2J*0>7XKDfq-TbV?w{>a15*hW}Pz*mO zo|4QH^_y&?IlU_^BGgR>NVP&SvalOx-#C#9@M(ME%H-KfQ%G6(1lLqK9;FV#d&hS@L5I$_nt+max1 zuMSCYSu_Ikq(s&bNz#~F{002uNSTW*W(ws0G6UgU6DS1`^8BGo=LO&P^VZ|mtJ7tF zZOVcH;4)0zRIcYTugu5P2^6=lBX>D2D60kk5rXn;1CuL|tZhBuq5~Scu;#a>48S*% zv&aB!nWg#Hl0NGzd^smKJ zE(t{+;aQf(sQvHl$FS_fuYmvWDgAU}9`Rm_>>43^aOq-p9>Oc7ac$$js%g3EAWlsi zDC|N{3RbhJd9u3>_-MDToD?jd@j2>NRt#%j|CO9ve4W0(^%&*?fR;<3ZC>e(GyCs` zVf6H3)bbkAOqrb=M1mI{Xf)(%-~M-F(wKWh!&1EDWS%C$x-Bl+qI8<{zc=Zxufn3; zC>SZfcO|Zyxt+Udz3(h17uPbBM_dqvCQ|!Y$wAC#!3i;%{~DO&sBF{2UGMs%q} zsb7M(N?4ur3;CNuM4IgspZxC*EzS2#z`Y|n2B(|Uu{>!Q?etpl=ck4Ez5Qa^o`=w} z(!x-mM9crZSX%IqcRG=|1)3I&-|q&rp?sE5^QtpLxAuT*sRhek_51m&zg5}zKKMT% CM$qyA diff --git a/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md b/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md index 388cd58e51..392e4d725c 100644 --- a/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md +++ b/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md @@ -188,11 +188,13 @@ There are rules governing which hint is shown during the recovery (in the order :::column-end::: :::row-end::: -Starting in Windows 11, version 24H2, the BitLocker preboot recovery screen improves the information about the recovery error. Instead of displaying specialized messages, the recovery error contains an *error category* and *code*. The error category and code map to a webpage with detailed scenario-specific content. +## Additional recovery information + +Starting in Windows 11, version 24H2, the BitLocker preboot recovery screen improves the information about the recovery error. :::row::: :::column span="2"::: - For example, the recovery screen is showing the error cause, an error code and the option to review additional information + Instead of displaying specialized messages, a user has the option to review additional information by pressing the Alt key. :::column-end::: :::column span="2"::: :::image type="content" source="images/bitlocker-recovery-screen-24h2.png" alt-text="Screenshot of the BitLocker recovery screen showing a custom message." lightbox="images/bitlocker-recovery-screen-24h2.png" border="false"::: @@ -200,7 +202,7 @@ Starting in Windows 11, version 24H2, the BitLocker preboot recovery screen impr :::row-end::: :::row::: :::column span="2"::: - If you press Alt, the **additional recovery information** screen is displayed. This screen contains the **error category and code** that you can use to retrieve more details by visiting [https://aka.ms/unlockissues](), which maps to the next section of this document. + The **Additional recovery information** page contains an *error category* and a *code*, which you can use to retrieve more details from the next section of this article. :::column-end::: :::column span="2"::: :::image type="content" source="images/bitlocker-recovery-screen-24h2-additional-info.png" alt-text="Screenshot of the BitLocker recovery screen showing a custom message." lightbox="images/bitlocker-recovery-screen-24h2-additional-info.png" border="false"::: From ca1920ca1a4115f09847ca10ad3002933630cdf4 Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Tue, 18 Jun 2024 17:47:04 -0400 Subject: [PATCH 07/36] updates --- ...ry-screen.md => additional-recovery-information-screen.md} | 0 .../data-protection/bitlocker/toc.yml | 4 ++-- 2 files changed, 2 insertions(+), 2 deletions(-) rename windows/security/operating-system-security/data-protection/bitlocker/{recovery-screen.md => additional-recovery-information-screen.md} (100%) diff --git a/windows/security/operating-system-security/data-protection/bitlocker/recovery-screen.md b/windows/security/operating-system-security/data-protection/bitlocker/additional-recovery-information-screen.md similarity index 100% rename from windows/security/operating-system-security/data-protection/bitlocker/recovery-screen.md rename to windows/security/operating-system-security/data-protection/bitlocker/additional-recovery-information-screen.md diff --git a/windows/security/operating-system-security/data-protection/bitlocker/toc.yml b/windows/security/operating-system-security/data-protection/bitlocker/toc.yml index 80e9036156..a34d5b969e 100644 --- a/windows/security/operating-system-security/data-protection/bitlocker/toc.yml +++ b/windows/security/operating-system-security/data-protection/bitlocker/toc.yml @@ -17,8 +17,8 @@ items: href: recovery-process.md - name: Preboot recovery screen href: preboot-recovery-screen.md - - name: 👷 Preboot recovery screen refresh - href: recovery-screen.md + - name: 👷 Additional recovery information screen + href: additional-recovery-information-screen.md - name: How-to guides items: - name: Install BitLocker on Windows Server From aee7a3bae965bd3063c3cddfbc4f63b6fa367aaf Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Tue, 18 Jun 2024 17:51:09 -0400 Subject: [PATCH 08/36] png update --- .../images/bitlocker-recovery-screen-24h2.png | Bin 98057 -> 97931 bytes 1 file changed, 0 insertions(+), 0 deletions(-) diff --git a/windows/security/operating-system-security/data-protection/bitlocker/images/bitlocker-recovery-screen-24h2.png b/windows/security/operating-system-security/data-protection/bitlocker/images/bitlocker-recovery-screen-24h2.png index f47965baf29254af2dacf2bbe8ae27b6eb96cf10..179a50a84b18c482d396b40f72650c24abeea13f 100644 GIT binary patch delta 29067 zcmce8`B#!_7q*t!@nm_9ol}{qO{S)4X=%<4r_svN)SR%637Jz#4uJSnR-W^kS~=iM z9#eBf#UYeI>rG7rawMF{6j2aS5fBjg@Vx8$3%<3!UtBKNdY6Z}q+PKGkB4&Y@ooGd8bU{`B*Ib1F6`8STw*UWM#B7MdRzfy0A*zM}H2r6Zts z+PDQ>QNV``{HmSCk2M=_ta$a1x<(T!u{C3#)M)F=rY7+a-`R!V5)iYHaaFn>m{3Ac zLqeykTIZ8Lw$~<^{Wkv<6!C}$iWjSr(=FHR z^XTS0{Jd6zUoe{KOC7%sY*qu*)YQmS!}jnz0)*$M*BybFPsY-8dzN1hi0~GZKN>sO z4Rp4B$&;m-Q_FrL5-&eS1PW#{d=Ccf%9GO*NVP|s_%OX&wC`(9Ze5Y3y0%wFlVDB< z9_|Ui&~X8O_{N^>pcP%Zeaw<(R^m#+4F4#&^v$;BY9=V>kju2t4q`M`BCz=C(Foa)k3Fo4S% zi{U-QUzDVT(t&sv8)#C;Sz$x}R9M1nS#iSocZ5__0)N7s(1;P;-)(~TKJXU>=kC}o z+Qfq5H2RSI0TUW|`3Ec#mq>P53JgK6B&XE$tE&vDX0lQJX#OGW+cHY$XgFW|tmy(< zJ1j1*w+spIc{$=McAAK6ULFg{9euWMir~qtK8pc7(tT&dr)Z#D!C^bg@T>-n#q+oL zbZ2B|?hN0+e+@}e?o>98AUaLB*K3gzKs0lxkY>hvJh~m(^;{3z;Z}de_qJ15IDk)_4{X+eu4H4bMO43)|QvC49bn=%KGm!Va?mF<+VxGd&(G zY@iAoR``k6N!NM`7I&|2Jf~1Cr}R<6j>%fi^Cw+d#z{=(_x9Vr3g3KfbFVr3yx6y3 zN)LmjMIXV$+7ij-cN;KZdT(PB^L z(dgTwc#tKWZlY;4P+)v(5aH@xk=(Fn!9T137g+l@w9Mj0Kz3GOqt1KOpN7H%fb_e& zBZ|taDtEXin<3RE)vQVSXC*xD$(UP_rnlT4x8CU2^sFrynCBO$S$Adqf(I_{%9+Y* zeufZp)45aKqei`BL6m;ms`HZaBl1A-QknKuU#f$R7c{|YP<BKts`|I-UZ)N0WCDVa7-j4@9XLKP#Wh}q z;Bgz*?RD+ENDXWjq6q>t|0+KMP58VCa&4Uas4Da5oOGkS>(zt(lLJl&gPHn3gl3da zNbG21Zkl~rjdl|m^cjhWqc-?(j$2(3DXz2`ywS@w>pK5@GKAS*?3|P@duEHKHwE1r zP<#;#!!5V}H-?unlD%AAs$(i!jD1eBXP@oLvp)0}*@LRZ8i@ej4c-ZgZ}q|gqtSbC zOZ(U@gkIodd$Bw`In#Ktyzo<5LGqH};sB|o0Gc;@Zck6GG#Av&LVrs`*NCx>=|?+*KFD$9BMMlws$Hr;6X z0h#uu{rNSZ$P>Z`UV!sUpatP3el~^;3xEXL1Z;o0m2!DL@5pGWMOEGu@8?@n!sc>jB(jJ(}dxQ3~0;KoVyQO;@Jt4mNz#}6(>6J=?S#P!e_7Jm?x36@&28nrY?M> zR$W``mQ9@r=GBz)~elWxDeq5YIM zzA;+cJcpl|8Jk{w|Hjx3x`z=5EvmEV%0DG6%D1dV2Z009Ag_4_1bWuciP7*E53+M9 z%WngPuYxZIzB2@U`>5BRTM@9?9VltYtTSQt0w%xBjp|@0T%o^xpLUvF8UWXf%cjj^ zzTM>f)5rw}zT-vRZM&8$FvQvKlYPy$y*Uz+))J-}m6(0BPLAIr{@q-bP-N|M`_|Jk zJcP49#FTd+Vn2z7Xc~np91&?VVxE{xBuH%Bj{1CDyb!6J%A(W4J1;~6B)mdwK?iHG zdYVAgxp=F|;27kI(VIO*kE^QEpw(sw=GG0|eSCB?y_!}a-V-P2Od5OphLA#UK*x{x za=!bQNUwaOhw~-;f=}{{(zOG8;a71G1~NXg=QuZFtg|)%Hs2`9p|(AP1Q{zwpaR464=bb|L&eJ&?=WxI42?=p zkSt5flJ@WW!wiASbf!tH6h8z)0ChWfL>3+sIE|bzA_VpH72FwhnyA%7vR*vzO^cxQ zQtC}!<(nL>K3mlXT}}+C7@tYRGdzz+;4wP)=w1ZA=p~}tJ7emqDVh~UwttC_>=DY_ z6m!58jOR!^B7JxnOSB!Tozi&1qMbhyp;XkT!$(25rMJCfd#vp7AHWFrZzxxaxYs_R zCZ-_WMNF2$LW3#r6j9TOK|{f}v4noQA(^9LPbG%MzFwvs=m-NR(Hz5w7{b-6HsV`H zk{eidJXEFv>i6`4c^>kso$3z1f63D=YPyx)!~LrNV|Il zx_MTW0bPQEBw|<;{-1XKg-Ma%_x05mgln{`RkuAm?fda0cIBjGdJUqv5)1kh(3?J= zqS3_FYqZ+$_7nnm$AibB273iCt;g#S;$$vk=({3M=idG3T{qA1kvG|7uYI$;4^kKwr zm@eI}N96uqUogTk0K!N*S*#59$Llz*ukpcH7htZI;|X3HUwXcULkLR8J8zRVu){=C z0bG~2r&{JE2(A}u z?vgXG+(9XXAvp1*t`xWvj2DXP;lokceu?uqyOu}UF+H!sloKW(MmBxTlcqGg|J!S{ z$NJ9OzszR3e&AsegZ_n5YHD>;DpRa4Q%&vmrJo+7F8ZjOqWpc-fB*mbV=Iu|T{Lcl z5f$OuMt(}cFW_mHBmzhY8XHJH!JkS7L2S~F@#_t^iP#Yi-0z*G@3xf2hdH0mBaLoZ zA!uV>NVd6;x0UlMtB+B>e!q9YZUj$s6FJQc_j+7opEWP2`7Y=9P4Le-h0n<--Gh5qy!| zE`bawkt<0$Rpmvl0nRIO`UR!pz28mE|3unTx8i*H2)#@^R=a;LT8(>G&ePjCr0aTY#iwyakuaG@02P59DjPcF7e`;%M)2gFZO7Yi{7u`5dV3ZiJ5 zECfhR8f=(h`k2D~d@|58o2T?;^LI*s`LT;;v;#pzyuxCEn~`joG4(-KwgnNSq;>_3 z)FXrFaoGuCZdG}L&ll*7T+s(vBa-+?jDM|5obkOPZ(EiBW+$uVT#dPX{Ag|mQNt#1 z!nK*8X+l4%dEDl$BB1+LJ3(dxW@c zzVSAU0G42kp8r{q;bf-{^4ILQd7C9RWv%-fmo9NPROD~}I2_7qRbAi0qeoqC);hOc z<7v-YU(Y{pC$(%7+L30Loo1xJsnx zL6q@U_49yW)T-#0pUNnO)ofDlx2Vg7BXjKwhy=@^D(Yu zCTJC0w?Yd_TjReA%TaGwNm!Uw@2Hn!e>qC;G(<+>J;*q&qHl1sTH6MOVw% zjRWTlx3jN!tBt&jj>zvJ@-liudu$6mfKT8{`{MF%cjfKYGNK6|dWw%bY{ zNca=is%hqi8xfB9)M_}H`GENU5u~HcPYbt1;r)>dR*7F>7J}}VLwJQMO!2gyc;M8F z11FL)e2MAKVleyIdCf=pm;ED{UtfuPt!r`_15TYA&4sJ*DBK8JeB0SnaR+kCqbI8r znjdZOE`X;u7=ugva0{0wj3M9sdmb2jR|h|ucnro1@JF(d_p-l#d0!x&dDHCZHF8J# zzCcD4%&!^wSX}~UeT3DkJR+Ls_s;#W-E)h|6&m@s+9Orbo+CC^@>YRZa>YG=_J1ev zYcxfb^OV8zK;tJNbjnMtQ&}iO+Tu&Z1~8=x;ZT$kFF^c}m~DFl$bJo~S|*+i2?J=V zgm)YF(__Xl-LE`mTe)HYGAlNIte=dK%YKO?@Z-NKrcCg3zf_2_sA2IjFJ96fOt86U z{h;XUyFgJBoD{5v(FjK-0TS5Lbb0ENnrFRQSKBl{cFKz7@P_c!TU39|PAS-?)KHgd z_~Co}^+!BoG+<~!x3N;d7orWMpGRYI#w~rA+L-9Xyp0iBiKMnjS) zRG%3P<{wMrRKZ>v-%V^TUqCw?C*F7qBi82biDJHN#(Q&!dh^qg5KTl7F3-*|^Jq&; zK!!MSfsh-WMTnL4WYH~HJ=FuEYIak1e`nZhq6r-stwvs-b97U-{My5f3l$Mkx^b5g zIm78En2;hDjISMc+^0FqwrLhr&Jx@!YOwUP5@c6!oAOzOY-mepwo3z}lPw7ctspw! zjwiLEb{1~+kJKEUU5qP&M;6JN5`z3NbjD99jePS%cL3;6cC+r7aMOQTSZtL0+ziYQ zaBI6pa^$u3SfrcvpC{`o1tYVG;Ws4P-so#3liZNfXK1k=FuWDGkkf+Un(M2=Et#hK zH9RcJW$iQkx>-`-I-<_%5J01pTq)neyr3hi_sx5;TH%_D8!uZuUHi@5&=JvmeeaI7 zk?oj*x)ond=&~OyRpYj=%aNpG0EP8ffbDIb^Sl4ha7xdS=zqloF~n(@wc*d&0=2%LC&;6Z zyE62fqF&(>m2p7Z;l21DPi?r2Y^2KcS+Tf&%@<%6aZ!45k8^QAG85n)@geXR_1b*o z;e_c!j|)oXjq;y#H}CPc!SB)8lg?3;%iU7T@S6{9tciK=QZYb;Td;}tP-CUxeY95p z)PDrD_i0Ybj?23W7~He0`_zQPd>>HNk&w%hd>LoP{;ceXQKC5M%arI!5sA35)IJEt zBM3nl?B*x-3;jk008pa?7hj053>;6qmW}FVmXf%mB@XNZ^6+fu$cgVqK_fD83_6E( z*iGqB!>923qo`O5B*%<3dw;aAg@4!A;{ztm6UA%&dqpUAkt|;(`EcHMPyDSjNXB|Y z0nJQ@Yq@L~i1XH$_W7#}613Rh1ZP5fAorNf+AJqK0CnIh1G;8UpF?}5_pQCOkcFhX zo=u}iwM9Z+huN{~s`ztNs8C)tA91=!Jk)pWIOh4_4Z)$T1S_-j2um*M{UBuI8+*Yo zA?#&>VjGfLGj!d#h5MFYFG=XNo(NG2{=v8mTmVbNL^|Vg2st^HF*16-k=5EA`wMe6 zhXIV<1kM|{j35d#X>AEJEiy%I;t@LptJVK*5X09+IU{*l5XbyMOoZ1kN%XT4>N00? zl5a7$nGK^5rF*2?zLu^8&+$jld|ZW9PaJd|4rHk1L|7%6i3OdOA~}@Lj^V|4aXmVkBmA0?47qUPw(R8Z~cbtz15w?4Vhipdo5Lmo{k@P z{Yg48?NsEsImGCu?2tMqY$HG8^Z;1@lImjbI!vFy#$qzV)*Sd(kI;((fho(z-jDXn z3!69cq2VFz5rmMs#bQ1QWPo2-+b-f!)TBj$=vybQ`}H^uCNklOwKgX^p0WUYOChR^;yP*(S8_ ztE)4GTj1Q22%y|DIxy3C)swhl03!udP05R0D@TJBg|T^n{_E&%Jud~YjahK?TpxG* zn6K@lZ0A%m&H~}hmYBJ@Fqa)9aR@y*m~hv35=^M3d-O=O+Y+ra>XGuSW)zK<_4_Y} z*we2^t{I+*ldfY0b`@hfPpq zAxFr7HASH5EALv(ectlKG&<=TF846KSD5kL86!DE_~+vfrdQbz)RS{G-FbPT-Yebt z>n-)Y5ia!mBiEpZ!m%z;!I@@N2MQ$E6ES#LQ*d##$385(<{7j?K)h{@BwJJwd!-Bp zF?*m^Kse%Wlo>LEUA{Qcl5nlsr!DZm@tVNmw9K=M@;oq|B&>9;PA_M;qwD_ z1aE8t;?#J{*#*34 zMSut&dXsq;YulA>L;_Wi24dZVc1sA}Ij-b4Z|toowl|pZM?b~1+(4w2DKFhdDdtSX z@-KJGeoRihIuv2Ok;Kz;*8)K!fn}j<#b!l*u^%HidXF|x$FUDW{2<(Seg{~Yss|ru znrx)C3Pcmx!!XrsDSFlWLSP0?}oqFTMs3g%MtPg9CR9YgCF ze4NlUY+^jK6{}DL# z95pyn`&Oetb@H-7L$5R~AxMwe4*m00zQaA>MHcO~#<=}NjrL=RglbKTTMHmf<$HTG z_j(dH0`H8%7q)}E9sXJ)hJDUjfwJ1pH#=P-z2d*X5nq6-*8O?Uyn1gLxwrD!O`fZk zc59*a$$N$BrM2pB{c8=a^yo!;Ly!3Pt{+dw{Yby2{Z1y@7pTL<1u?(wo%Dmi@4kAk z@%RGQmsUQgv?SA;DK_MLMab*!L0XWVTc*nZ&1VKS&zSka=vLqKkdh6bm%{j!C=Wx& z5Nm;?M9R*+I`oLT2eE-_-R}G7`Itb1Sz1F-c1Y=RCtFTy)aBdgy?fOq1{t}P#%uQ- zZ_yq(3^RfTizkYMYCv$rU>ErITCo}VWo>e;b(W$A!>8}vmis*o^Xa!>vDn} zov{6;SdnMEi$JXZ?>%tlwjnb7%fppTH;{IAS+t=U-S%^7*aF$JDf_6od@G>}f-^SjqeB6D8(!Y7;B>Cn1$`LKBAdcfC z#C7*FqK^Q)FG~3Rpyi^JoZm58oLE;>==!rcSvSM@!*0JBxbun-Gax!}#4S9I z7sQAp*^8d}1(GG#MmIX^{!wORF1r$REBWt%DB>k$(3#Fupf%FwYfz8fg!@YGjjy8R z%F=rB#3+*8U;%)#>x^i1j@Y6lTwiNs@8KBHpg=x39$)%+z%dA;CuJS855n1QOJMbS zx#eUZg}zTk5$MnZo)YRqim6&Y3vrrZmv8{G^U&ijuprD^nx{7tZnPI^&;Z5T5p*-ITWDYzZb;V8v6(z!2c5g$rcxt%_BZ=AfB2Y z`EDCfzIOK6JK=`RqTe0KR|+%3N6wFX4_~VzRx!950VpJ6Ee~_LKFvJC?3Sc`*~Vygf~>0O_(nW zBPHo?ODH4${nkLuC3L6Bu#jI>bCZbGMqbP0TLhv}p%+S#FU1)P#Np`qlmLGi zFSDKtL>&yLawniu=Z0d$@(-$}`E7fx$G-P3(0}Nlv!s*Uo3`Dn|g~_26g8s4W>H(f1>1dpg!R1q zT9Bb}f*!D3;k9vc%2_vA_Hv$p3tXvLsgoWXNcynfEvO8%?a{n}W4bTuIP<-N_(vRl)SP5nf5~rp)9FptW{tgn%|De}uN;{aUqJFV3*-K>$d#WWK*ZlVEcxS``THc%gx=`*EBLTT&%dpO`w9_>|3EZsi|o0Fx&BZ({Q_uQVpIM`+iOt< zUXV|q^T&EBH`BMxpC$m&*V348PY@TF`h`iU^Ko|ltBBsEuqK=?C3ai~KFqh^U3anj z^)a~)JUJlJn{di7iR*WK|##==HIYRytfy~?(B>Fbb}M}KAp*IU3ynQ2X~K@ zj!hrqQ*6RcfDS8GA0y{bJ)ri1O#NH6gh$OH53#{UyU45k??s+Wz^#ADjt{k zeWr+-7!E8GZkxWhKn6(vPW7Ndu;F3Hcs5nYf&S_lTy{CqDA&tnV-G|Uo595r?ccJo z2>{nmI+B4I^tV}&e}R!t_$%7R4rarRIG>~uhJ9jJ(d>PG5^P^kyiPpB87J{?qdRBu8l52`zFh!2t^;vPO1Y=2w|pQ)aVLfeJh~)QD!u@oa)_%UsuCur87VMBd>3g@6`*iezBSz2 zBg4B^rT`z<%!+hpHj8N}4~${A1XUaPGhfvBS*GjJJvz<}~xBsdgi{z3~>4}IQ zt#lfTeJXGOtpP)4p_8 z6JVEajLDB?J*+4J05*SCS z+6tNj^+`JxGUw2lc_iXbJbTe`XtV@Q#VMq~N_v&6ldO?LQ?j;HrPVi<^t)i!BC!it z2rp<2q8zFe@3NvLcssY}M-yVF?;$A)<^`dGb%Q~a1S$S$3D8?pNUW5ytY|q&F{Shz z2bgyy-L=syVXJD$bl08ef;;5V=?mdE5>}LJI$cTh@-?DVW~4+6k)RxA6(p^+$fN9; zC579}Fg(Dv>&k)a1#y)h7B*iV{jyYASWaQ*nevWBzqBV+&^=6GO5K3t-2E6wP^WCg zK^swXOuyNQ7{(yufjIpr!&Qp9 z5yWsUrwg+d2b<&QxC%-BL(D4~`P-t`mc$o?Ma%3lR#~1*A#nw2QO~XdgBDTL5KaR( zV8&@|eayxlYMgR2U?DB_hptM-dV&WwCnOH0^@O3|-6ygLSD`NXY+OMVk=EV#sek8; zIO-~>WSi*)w2^XIDdp2K^n}Qf>3GR36O&-nEi6zAPspJDjb-)3C_j^x1TTI@m{N2j zzk8`gRu4GUu3TbaYb1odY_MuJZlP!5zph3GO#iTNR`>*FIAGYjoKwJ062>U*$dT3|>6653| zzfa@_#!iq%8FmEtT_?BJz_>u&Sj9BawL*pi2MyED8!AZ#?@3d=9zFv^0K1l=Tx;T7 zz$oI((`oj!sR7M4Mcj2shQnbu4ockp@PYv9fP}cXD@Asy=~3IvQjGAm#1PHb54|A4 zhXPUmj)=ak*MLuQwEu|tQaGD@UVQ=%TfqelCq2@8Bwg@v8HHowD!D{S$#W6munb>F zlx>GPV?egBLICC0CjQ%pgPgMd=_Z)Vid6Jor0{o~xEZJS(*4x%guexO|DkZz7~z}u zyISrqWx-Yry3~XJ?M8bjG6`X#XwU%!9|^fx2F6+6D?rB$MPUQ%##;E#qGNJf0zxk! zRfArx>%^jbXn7)z8Q)hKd$gukOJliUMtG993)992E(ni-+wrEdeX$0?BR4ebY+j98 z_#m$l#{ch$G>X(KL6Q#9MK@cY)m@16ZEx^l#d^Ig3I z{f2GSs9K?DZ~QnZbtI7Uu8JSFuqjXM7-2oy!bo9{Au2S3H}l9({$d50w#BmQrW zrw%gzI&>lE)GK?1}K z+a*)^>eA2+ghT&NP%@%Xw$hl~szZ`5ZwHkmK)9R(p6OzjB@9o#MFpX!uSt?d6&&&J z1sZvXfmGBc(5L~xhY@^Q`iQ=IH(TrKnJm9_OvPZJW~23i@NBx}Mv308!jQ*iNs)Sg z<+GjhSb4&LaC&qN3hempTGxk*vH&+6*jbc{k1PunT}sJ}8;0jL@kigcn$pLd*bjeA zS@Gm8QwFl>(MYRk!{7;8y-22=6*mFTIfr`@JZww+3pghw+?rPP1;U^QMwk7La}!F4 zTY8sAxH02aQiqD=r!L$;I{&W_qph*Cg+7$)&3<|sxGcppl zlQZT;{z)WR??E<_4E4Nu{J>Np&04E*XixpaETE0 z87Uf6WLrpOxel)OU((p^1FFG-HFDn#FrYPooH|#cwmL86pN+yt9D3lk;d_ntQ9g0$ z2mBD*$4Chio@s*44@UDfaFHZg7HxQ66tl^|S8Bg5iC8ChF4h0soU3uM#d!@2&jy1x zF{6dBf2n48*jEP2dvH(Codh<1*a zu}YLKVJtDajf;bu&F!D09Pugi8F!FoEY_K&%Q#b3+g@}cX{qxjG8O4+c&&i4IP)o} zTInJdsc81qvMAysFT(H4)d{Z2{1kj~3&8e?OPGA><%;+|L*}@irMU&(<&XDHN7B!U z;)u|jV&t9sJ^6wR0c_Ir8FHG8!i@cLJ<)~Y*W>(Xo2TdkS{9OHw7(F1k-wY2syr>39LQmOJfM!mW`zlwSSa-j#=xu!dj4& znkI|abSh$cEn%*MUA2!V=33YAyP+*V{Ql>hE*ow)*UVh$+^2;Q6)k;nn7zCgIyo`m zBX>Csk>}hvnnhO;wI?}4pZH$oeCZzsMS+Mp#!%b^lKU^Y^jWwZ4=$2@(_vO`BMC;O zIGLDNakiyauP4O`fY@X?Fl-JFl(??3E+gM1tY3_6pRGUHhFDGPHXs+PWk!(JNR59TwYLgOb^@b3fAF?pBhT~^+Z)Z; z&c*kz+V&IrwQE=8ah!K@hveP+A}7k_*mD$*Z0>@r??tb-m98Q?49D1($2PXpeTTUZ z`k!ytWvQ;WKRx|pR`(U6OUzN*pM!NZPHZHU=}sHtaVo^(Ew^-S6LN0+6+3lKh=zaw zsj%|YoYY)gtAU%UoBOmKL^7DMTrQwwJ6w`PB38RhGOh01%hi*tm|9o~Uq8TWOy}Ac zv?@ErimUwjF7RI?zrQJ4aO*}rh%@bVJP99DDVV(D5@nyM(mf5?(QKHCNzkLkms}T~ zmpkM#3WDQ>-H4J`(e=6Qu*9ch1wgtg#lj%*d99<^u$Z{QSnrR_+Wei-388%BfTA5a zGx5>ANQ@U}I=fHUk5AM6=|ZA7LskpQEo|FSYO#LjIk`7hNBy(=9@d;lFnW`w9P)5MqJ6?>c3;pzZYs|Jx&xqdti5E!}sFHCh2-sQKJS5;Lt&Hto!I>)a#Ih z?TdF`u#RN-=5z%qZG=o!29Aze{FcZ+S7d|fUFe->5nV%QlZoYnlYTxD-QhB#hY{WA zo6nKMr|)RpkWufzFiy36f_0m%}>{*uc5lVYyN%kubjH3itEz3N*c%t!4rkLP8;X3(ftnP*Fu_}-3*ws-> za?QprtoNK_|3YU+LY!kf_&4eBWP&uU%C6Sp-yI&+Q9n9*`Ap+82j3khiN}6fI8S&d zIJFw%bP$2ty}UAg;_~cR?8t`6iT$+PA!j?#O)LL#K+Kk!C!cM7Hgon42b=Nz$Z5fT z-M_{ke7DIE?=C9#&3?2n`pFiP<@-HsD+O``h46^eDk#4+YJNweAPDGQT1SoY`l+L7 z%x{aL%kr&XxOPm8TWx7Ez2_lV^dK#!1X353+%V>#^@!x4l`qRwKy03_cPLa+r02$O z8PFQf}Mf52R|pD2c>eB!5l>YlUtyDel#H0NRVcTv-)sfL*Zq2A9D`oQnz zh;LNGlMv?k#tg!{pqya-=wJlHCT>J>4`>thyVC*jk>K%cQQ_1jnJV!WQMq^SRS17{ zw~=Zr$B^)tYlQUW&P~hM!LIY!r7P!fm;M~Fryx*ATN!cxZl&G(S2b*i6g+yU8h)?g z_~LOZ{Dd+`j_7*wqc50L1-Wv~X4^v-5Z^4|OhH!>0;?kOy3?_qHs6_c-%jJSqFcUyB`rLYe^UHir%_ zzIgJoy$%gzWnVV9q(F|VFIw#5fS>1MErf*EA!h8E*?Puk)VyQ ziltXXP7#;iLZ`<8otY7~knqH}&iH!o72@VdVzu8NXX-NrjzN-eIUH7KVeb4JM->o4 zJUK4dKLwB)Tl07eR#Ev@qL5neMJpU4+H|J7TEi4h-aW8z5!|dR(>Y788A4wzIcD>O zJ?D6Bv?lW3r2h@B`fzXYiQe0VVq_6q;bY_KVgtO$*PT_t5~D$z>?oWR4;Qf-ugAS+ zTa;LMIrEo0Bl7FTe0YxCyNPb+e|(JuB7>+Szs#tLHx&?rXPl~Qy!;@CL_hF=;?gL| zK>G8Eb3d}Ki!=L_Lf(zGZfJJL<#Cd%BkkulGO-6Slk>$FjBJkDlT$X>x8Ek3oJa%& zrs+F9sFv6=_w4)={~G9);d-Al>#g}D7v59dzRqxk8%=yrF>!6D?Hzr!?AYTwJ5cu5%A?MWhS#gM6@NnjsNevA5&B) zE7bTExdERmiT|vr0odyx`KeO=vx``2XMpPced}aRWuY7;o_|}KhDOfuIV7C|VEFQF z2TBv_rT8Q@nl3Qq*+kr#5J~2z3E=S{`_teN|EE*1Bu?Q>cTZ9804>NqE&^i+S{wWK zqwU_?)v%2X30%+QPFdW<(sMzTFqxbS`T?PjB6f`Q6iDGzD z-wxk?xN|9wqB{WsSQ8!jM|*ILzli@HmzwPxmG)5d4H{Le5wdyn(*liiDs%&6nP{AW zU1MJP_zZZc;=FUkx5&`gyoQ9OCR9SJ_?U4xUdR!E-^*y;`FEP5N%j5UhMRFgCkwwf z?V+O#*Fu~Avd}78JZV#Egp)5%#6myc)r@+*xLV9l=h}r_$zd3WkPyFFvTrTB=;Qb+ z)g4^0=_GGs$uFd;YuNva4S=8zw?mpApbGN)x4nqe?Bkex@OX+ip@ku41TyLooDS?_TRxE!aQK=62~cK@n_;E_^v$(&bW(&gf#pwEkL1 zSSvl@3IQ>9KYtDz->0J3b2%zCMUCy54f9Du65-OpJ!HV-?H+)pDioJ<;?Bn?FB@FX zZgp3~HMlMk2e^AJg$=%URxMc9B)YRM%PcZ?(IK5uKV9D!ZZidy{P?Ki1R@0>t#(1) z&V|td83=HI2MCac$OV*;zx~X*l4+`0{v*nJ7 zr4|xCpi(>}H07$!%N5QnP=!T7o)xyNOP!w_GdkbzWCu&g?la^#R&rARS7SZVV$+dhHif?nwTf;b;P@}c#{cVKJ{-AV-2T4`q@-YZbBlZk;G3Vkbocyiuy0Xw zSOWi3STYlnhL?2=KCtL`xPk7(mj@fALPU}6DyQ5N^pOaqj-B|qeZoNdY#YZ#ebhUr ze2mi7dA^7&LKv@5=Er>}%!T=^zsS&*hD7W;;RLpm^^FtD437)5j|&t!x-tJJn#upa z_3buQf$QS^zdx$g{f4U7R8K^`-K2gPZ~>`@Z`@3JkQl=&h4}1Ta3(1DQ3-q@ryx;ybUIT1mAR=^zgDRinjqqep%bWtO0ig_5%E@aa|xW;%|>1Yvw1g8 zwL<9OC>~bj!d-(?>wt6|J_Hkzf}Eot-CWSAB0v^uo7=dUu~AtY;5!xKY%yppC6pFVaX5dir)NQeFqPbwvj(t3)E?ezGW2&pc(4;E< zd8*#MUfr3Ps2}w|HI*EJG8FQS3ucQR>SJMRkdi@rqT=P^4bxt=%U~~ zZx#v`TSDI-VLo6HrTm8reLuEaDD^RhiI|a!7bDAY#ASw*zb?fg78f6x zeCT*8@?U|*FOsTsB_3Y9uJKY++a+2rNP9OBc$4TM8$+9nWtA1HZh?GvIHei-6OrhF zY$HUZ6IMLpMy-Vi{`XM$K^1lz9&k0Vk{5i}j;(|MAn8?kTqO7#mb?9b)olBDYlGAX z?pLdcS|xQEhwYxC=31DHsft$c?FA+RPMBZp3pVn;FyXR(>i15h%s>y2J>30Yz+SV% zUu1Gs1mkK5v&=9paj~zL#c?R3r{R4_onQtj&V9Y5ASAJ!(*rSC4@4?|u>{t3pY3bLLJ+fIl1tp!Ze1!U~OJE&bMppWi7);*ludEIzN`-S5uOTA2Oi_5Lg%a+G|x@wRso7@QlUpS^8VJ z*kl5#EmGx42XubBSdniP=ta8 zs9l$ESV(M8U{>?3+Ar%WvfAW7C&EaK0uv~8oA znw6PpT56he>CQ@1OLrR1Z4+{yau)9_%bs$m?LatIW>yZA^Ms`BvP7VqP*KqoQ4moP zQE_+|?){v7&gY!-p7;HHp6B?Nzzyr>X063_eXrm3WB9SAdsE07fgI{0Y+hsLyUt~- zbGnWj(U-oUAiMR3V(E<;)+-^*42f_*a~Vmt@n~9D?W5-9pH#H@4n(w=sRW zQn<9lw>;FWUUy7uT#a3s_;FXIOJfm$TVGxk81cI=PvjXS0itHICEe6@-MF~Mf){c_ zrnV?gX2y%mXn&-hRpDj7kYE_)Cz_K})V@ufuE{t7gS-{AkGZIaJyymju3qaa;CFUg z0K)5M3|hYtaU?;jiPP)+9BjIt|7%$bTvbYioc%ie@B?pNc59`1<4f`2u)!W}H&D&v z|506z?0H_g1?sdYH;r@_ofoID`BreQ3f|UOD#Ot75~kjEv3J^P{9AyhH+2w8I<^u`O*i9!;H_WIVXzQOY5VY3V zYhlJI_$7lYVQp3M zsjPu>4tIyA>~a2h5NCVwo#vIP9ti9iABZba;=YOW>K|wON zjkUMH>&+^~55|P&_9|aTcp*+$FtOt5XA$Sd8QcUf%mt_GyWGv1K(k%NQ0Ubbnt{kv zq)S`6C!vnC)Xqsn94yjENipjINMW{Z$-5@G$_ev>p-+J-->4!C3Qd_)X_M>*UpX|t z-jZ3FHIf}()rwi7cHLdV_}sJKD3bIJ2dRr@)$r?|qV@R_qEw2#1Qd#+^NHn*)hxP= zdxv9UluJuj!V}3q*^!)MO?oanxXfNSnJu-3pyZBN1 z9WoYLAEfAJvA_59@Bj`d9AN#tX3_HLnXW^?=RI$V?eb>x+KbJ(`(h;28o*N*s-oUD znb?%(r?Kj>Nt1F`ebZ06LTBg4R_`%&%G@Vg-A$iK`s%M8P&@l#b>S}lgq!Pd!E&&p zP8^wJ(ZM)2(0dw9FU53x9lEPa!L$^lY4a|Cxql*U(9*Pi>?x zddfPs_4>k137~0SZT{p(d{$m$-9`AoF+_RUj#uYkc{$fyhbpYNo6z2zrK#(O7q=So zay|2r)yxt-%8pTbv8|+SXe_9Ym+IxnuTI~~$k;bDss7=4D=jt^uuE!llM+70uOlE4 zk&iYh;2f3}PMce~EizvrKTLT^(Bn%UjfzvJo~m1=NnLnEDbmmOy|MoJ#&k{Awt983 zTui8hq>PD?pd--XnDii0IBy7IipD*Pk&QjUjjt1Dhw=o7yg>(qw&}t^cDKV3#&H;_ zM9FcX-+ER07~jdPkT=);MY8i{InAFL)0n_zv1F0}AtZkM3RQKb`zk9%q?AS(dF4}h zKa%?i2K>7*UJe3v|AX|Vk+wlz9L06@OhCw0a<=Hb{;LufL*;E_$m;$%a5{TcI%dd$Ny$|YCUxkx6&CHd0_JV67 z-B=2<`qKtop9&JP0$Ng;WRt1Rs9njQTq6w=Ck(pW#(|>MuR4_yvjzQCw;3s#)*eSF z8B2)lM3fwx%ZXCnmml$u4t1W>f|>Q#+3r^NoaMc0@t;BXQr)7ThWniXcU!)zH&nW= z(2tDj-wNY04e(xgYI&-U88N{XlB-JP9I%vE-j~g@xJ!{z%r%PO$$V8#Lh)w$Ges5q zJ8M++9;DA0c=Z|5_iDEGQ#5)E=jFEOhK8O#Q5twu?~ioZ6*`jM%V2L_uqAbV9b)?P z^zk8Kb)(-dh{S$~N2SRw7gI0Q#lMiZ!}1oXh`KxiQ)KgD!dMNf)NeO*++TMitbT7J zER0n0&ss+YjST`^g8mbiOkB7$2V&kU5041)4xb{j=wULKw%)A=EJyp$FV=MmOLO$F zy7FIdwt;R;J4jzq?!?2WT>{b`w9>WV#(Sc}M9E0-R$Ge2y)dZST+!js!%EXejGC^& zydJyn%8#J-lZ~(150F?diCgdDc>+Dr=CfGNOJ2Wp{hlq#R(;x`x)9=92}h<$vm?c^ zjOEFlufWTppY3dUNwR!Z58YgIzj2HUYRl}RhMv*DtRg8bwT2SXR}Fjjt6PP${OxuL zP=m>?YDWyI5Jbt$i9=IIWRAxQQOvVuP#DU0)VyPGtjl#wKU+yDNY!z{)_+r14T_7* zeb#Ms=I6n-i(lGf_i0)+;ShVu82WAmqNq3YIzJ&1^H`ttd!MUS5I>4NBgi$SJqXWx z8=Qx!{rJ_dH@ULN)13>J&Lv*TWdTsElCdj|;&05YZfi!bJQPCwdKw{l6JHm~Tvpst zypd#t9{@RLae^PKYAT@R!ODe8L451o*o69`q%~|{PwxS8pJbs6asQ$Knq3kWN+u;> zpTA!0Pwvs<2A!99U2XrlKgTr-UPCSPJC~X)_Esw{dA6mx9YhrEZ(FS8w@b>uv^(fkaDNdbjbhChr z(ENuRM>!63v|e2CwNMI*;=o&c{@g>xJa?+Ut~so9p|3R@cj#*^DCoaIhFL5`4BiLf zc*1+k&n_(!?cdd8Na@EJ55memz;U_~Ipg|?UK|FyJ{4jJ6#epLyNRo@4Ty+v)tJxK zd@qx^=|C1 zSH6S&oDB6z0_O&g?d)4xO4gaBHkZ;+a6z6sqQgI-5o&pnll@FicVrxHK9Zd=SOb|7m2X#~{S&j5r#CweWaJN%u@up4Tqt4Y=Wm4BXRU`_5+ zMGnieKc)!Z#zA^FDE~^FTZkfi3nt5WiU zx3AYx)7&L9DKC1ZpnNQHyUY;KgLMm&l(0B^?5N1i2;j7mH(Gelw)75}eZcCwa-oE&KI4^epZ~7>0#wjOcHztak4AhHr{?a(}DP zihnh)>h&q)g;0_UT2%i5Rs#Bx5(s6;c%WXDNQE(J3Y_A?VqDleUd+3$a zL%SMO>m&GGxu4B!JFARB`|X%?P|IhxUqhn1AkjB>(jHCS`x4B*i>atg?sUT2u5N(* zGXp#^|Ld8{)^%U+{xV6w5oJPzh=fIT7CJ9NDkRFasLuA?!EZiXvyz!Xo~flZ_;HwT+l z8EI;7W68dio5@MeoV)HYsGmmvZMUjpO7YUl6r-*OIvwLieHWnT#2qLcJnS-bgmndv zx!lMvaaE&G0i$Xd@h==SiLj*J=(*B{8e@Bg=8vAm62tK`J%+7J+3(r#K(P9`wf`gt zKA4TN*DWt4ptrC&3a>WS6JMRYV_LPYDf}GY-V{>6oI_gn(T%AKCq^_k;;*;q;_pS? zUl?8fV)8}WdLeToOuwot>LD`xBIx51(m^jtbhv$uxVDj3iV!A7cZ$6Ky&jCoqrn%J zdWuQK>nK349fd=P5G+O7&4yM8a%v*I3u|+KC>jGpA7HX*3Y7yy;1TmqTxa7r@DkfZ z&=1UD@_YZ0>iE`%w8~WxmX|X-v!N(YVe`}iauXUdgPj+uS8^(+n8I<;?dlrXO?`90n3{KX1^7=Oo**P zv(>8W$NmyZ)HVMOq)~{#^feHfys8KKwc=aXgcd!6K-mEZV2<%Je_9AN9Uynq3d3Z# z@T@a)0Q}5o7W}U=ngUo`>QO`l@yGA{x z=mL|umgUNdQl;EL3;BNvkO>AZ9!|1jL`~(=)|Ohr^0I;6gQ^_?y_25;pcJJ61T<%U zFuW3Q5HTGE zZ}b-XG-!Bg8(sxm3ex2T3wO=vZO7t|cY;IDs)6>3r8fMV>H^7MR91-l=l!MEiIy|h z_eXP;SFB?$?8n~_iCw+ED`MYbLB$&+fQ)DH3Db3bznwQD0y~)BcxJXovf;6>xhqlg ziA8*qfUJaX`usYWN6`=O-*y%%9??s8S?>dSA6q{ck4Px!W^NJI_BhDo+)MBW6Uc+S zFxD05Dur8GV6qIF&!-PtfK&Ex-UjNUO|v)(z;K%m5t6!uwmGXRR$>uEkFnY=$4v?c z!y-RU;N7nlT~fhjD`zVTMl>l#Pcbt`^P(mx#b!lX`-$UGQ;C5No3RZZI}WV*GdTRI zH7FAJG$AS4_W7uHF_^C_EBDk)?GrPzt6~?m&Tr!~AM+hn{RTL>SKI?>t8K^_0j>y& zez8%04O?>{6HnBw@sr)o;U%c{%Y>D_m`~HpcZ{JDUAyInpSOk)$xitV6;}A14BztW z;j}g}p`M^#5dxNg3Bm>Uz8X>jslhzasNI7)2T9HUoo#6uIobIfz+V**izZN77v0X9!5D_dt-bU5J&(DZEH$^Ei*TU}m% z|Eik;rD^Hg!)5&KjcVipD zMX)$Udbfc3W%d^l=Y<_a4`)PWCZ-_g2;nI0_?BDSA0eY!YlXgtUn3f#IZrU>zGlV+ zHvYmomxk*gmw_jP59?>4)}{zD$ZHNS-T#8JGtKy{_NZpXgYwFdmI9XaRPn7`Wy;Ls z2*`OIYEWkhd+wZ;fg5Q$O`=AY&8>S3uj$Nm0{DVGgug=e+XSBu~$#>;&>pST=!Y<7!pr#7V$CgpDdQ5<; zsc&K`3HJ+79mKr(3Fvp$ahbZ0p>mhtHCZ(*xBoG}n!R?XZdb?$Gv=|LkOAMi6si~8 zx4|ipzQRs7HlT1Db+HeLr!?8&Z$DS%P);$D26@SPf!$W@GXI9#9o3$%6etDK-uO=? z^uPr}=djh1)>$kC*@C#ik9t_y4X3HF>)FLwv!I3YZ_$b&vM*YY^&1LvF>9;B1 zy)>smJ;>P@loN{;(5*UT_W+$*?(D4H=dc?(`?+4N@Pz~JSJ&K|SOut(x+zjSK-MoFb7!(fmS=JHA z$nF4Y1nuT!*WG6+j9=VciT#Ne1%7)C?s+p_vsSsipiGS9;gOROp#gCrwEQj}t%}Bb z-fGHi2J=>R?l!FX{KtAAGS6 zMz!|vR?0YM*r0=sRS_Gfn_5ALj;qm+o{GSQ{my|&qtW82#|(U$4#$Y z7ID7a!;2&}2GqT2Ut8^NBQw38f;K*!U-+g&iJQ&}8c!bOKD)3#+w=2#- zIk~4eKvPJJUoz6G$fC(@y_va8cmmR8cC4QpEB!@S2A@(}RkOhgu#0wW7?Oz{d%|5w_k@bghW9y77L8*b15c)wJeYu|-AB~`@Af&V``{owQX7qUWe2Id3rqAYz>ekrsSl=#9AdzxK zlS|I(P{Wx|SM__!iaQc31s^N(o8s_G@ZRY};J!(IS;kFodfMf@w2uf07$=A#C4SbA z407q(lfz^8(mJGixQh>;aU{7V&mS+hd$Kq?Llf}aBWJD$Xhj2SrPXlFru=svfhxm&VJ*hN#=hFL$>s zsZ&s8SeahnR?=}!2O`ImEmc;OaWm%7!`10U!fP?NlKw7gv`d}lI+Qi49gf3Or}{ED zI~;pZp4`|B&-$=AOeRIRQ`xu)H+q&zg=W84v$gC*o5)qO{H8|*l99+qQ$s2a6$(WNw4&-hd4O(j;345cz{Bu%Jd;{bF03_NdYjGf2cG2-Bx-%D)YC2>nztnjm6 znxqQ?F?K-7Zj&#;BRCXs#l1F+pS+tQ_5`KPKhUZZS6cB#m_MJQo@6}Vd-n}-VfNBV zDEB)2V`E^yl_2)znw4BbVG$|RrO>)ERgFvzwUpcU`>1NOGv#z_g)zAyAxQps(%LVW zXBklTPrJO$ze#=vO2t5jAGSRnwaG0kk#N4(LVfii1-JgR3_tEm4^xPlCcb9uAF*Jn z;C(69ae2*4=?BjY7*(92SYi6E-X=t)x1!;ZScN4;-KjlU^hPe#)ZJVAEa@E6fN_%H zH_@1RNu}A+Q8A5cmza?j6qQ%bBd#1f;|S4s_P2Y*?ajj$-%s#65elR?Qhidf;|bM+ zzdD4UcTE<7e$s>Y9}jEYYbq!?o1)C??`9a^9GB}B`g@~RT_6t{^k$}F zelu~W*z$7v_{ncPdDRdNODK}gG9W(T1i zT^pe@L)rbRYNM{gS`5aaT72nOweMp_>z;ca2fkVauGH2?7P9T66Ns>dRHsgfXrz9Z^fk2^}(HM zyLjaU=~T3<#)yBu!(orFuA1p51NZ+pv$%Gtg z{47(q6v4bUfygY?bvqm$>lUifKN5JkKa_NZ7G>=`-Jtqh)imF0ArLn6vDZ0<+PWw#+8|VGo4E)8+U&v_j**hIKy$zH{H+aDu<=!pGE~7f!2t#c( zHVYXFnz-eW2{Omx&KmMp^f3fXe$!pvoB(NqzJ!1sl*lbuZ{t|WmIb0?5wJa*dYa|z zNK@!61nim^W&H(u4FUTNhCp9K!glL#?>^9$hb{6So|=>#fIzr`UFIf#nX2~Hl;`~5 z%3;@T#ZtZX@+wa{9=wr9X~N_^{Jd63t6!Z%zeB=&#X!LTt#|`=8B)Z4DA0=0s`yRo zeAdjdir=?)U6h*voS1t=tV4F+v|Qyev0m9oKaO;*d`9!KxmCI>5o{jlrIqX6jL8xcvHm^3VJ)J7ZYC0$=3;5{vhq>jRQ^y{8GYzn6 zl#hFAh)EhId0to5=MgG8ev>RD=!JMvv@?5^>tARmVc*73E z9MJyWFjY~FBj_jIutVY&5UCga-WwJN`-C?2f%(C5&?P>w)1Ysb?E^b18bLwJ`oeU7 z*lim*t&jfI7iKKR%O6Ci`@&4bfjgrEy2lr0cJgmgBGCj0qs-fy?!ecgGI5fDxMgV; z-{>t-Y*_26DcLTG=;3`3`PoP)_d;9y!S-7Vt(?q@T=ayJ>N*G6-YugBMimj5?ozwV zFZoCZCke#{63glK7x7d2=os?e%>oIIc1%4Mm$6NIgkv#HtshF^D-~(DOovPrkvdM;3ML05(=6aG(G?(2b@Bw z0Wd9CGFmDS<_>E`2L!?n{P^xd1@j(h^cea{AWQ)Q0z;>D*RuEn@#ohLbs0tu_EUXC zTiV4nlx9|;@IHxD@1bos30FGBrr4E?@H&m@y2Q) z?Z|$06uhiXCVXq@+qXTV?hng-&LPy@wU@PbIB;~hZi&E#aM^afX?x~jw@GO-lOr8! zgM@G=zR&-FE}^B+{K2+%EA0+oX_>G}tr=9%{##a0W^=JFQD#BEGv>GUW_V>#D|Ugh zrw&mz*Gsbne)7(TsLf@760 z&wN(6H~Se};*b6m#ZFZmHmzQ@nHlN+9hzRQi`nt}b&;rJ+Le~M8U_zfk?|nQXF?Eb zfxzlxx!OUg113YB`T}l1S4sV-_S^ao*aT;NQ)gM97t)r3Bdc9F+a?zx>%1ra3mh$< ze-5`}ncqriV>D)BsQ&s`{mkI23pR`>oUm7sbwE&T!^%c}lZ@ZqQ-!TUKz*T2f;I(; z%kt}b*MQxV=2;^PmuOEyYFH&vQ@~hg*5k(kw`==RekPkkG!mET1L=0lbRj_=uKLxi zdtMX%GNM1O-q(1o>WKEKPSb%PkLato&M|`|Z_2eY%!&!)TG2iTuByx^EhfIm9RPH~ z-c-%8TIWfq1n)P)xEg393X!5BAN=HZD|j0(l4#?NV}n&)XtogioX&ghN=XU?lv$Z*&C#AYV*6%<@- zA}((<2#M%iYq6acq(u+wFrYWCiH~6&$qM&1nlCK)*#!OWsab)a<4CG28ZUf%mAuNj z65~|uK3bi)j@WT=C3sL*CRzu1>7=^~tjBh`p}xjQ;)?xd{oSCuC2FpsF>cLfFewmm zRsBbA(w>WtGWkdJ&b2!+Qd7*HhFXaA*G-N%yRVHdpOl%)gv05z+DD)~-Dn{=(Y0Jy zGd}L)D4}n;iq;MLfaG^K+w~6}<4Kk#4;n7zU2yNx8KT`ZYEb9pnXoXs8QH6baRCy= zq!MgF&YjP5J+3I5GPal)`ehMggljqTX0yms5gM)K)K&7?BI(i~WI6igABd zuPVJ!A#=@`;n z&(LdA;F23{~r zj{xbZyi@Wf8|s~BAUw^|I#o9zQy1m7X^m?jO`L56{gFo80m)mLm%JVa`RtONfbf8( zWVL_IZglsxaAF>hA40ItT)mxUmp3k12PY#HB0w(s204uosg)ObnYVpf7yTp0jzXRY z3o+?P5wzL&3!cxJfSsAaOWsc8KheATWvYD2GbTvuLp6@_TUm`ugzU`F`PZqE?-`L= zK@hnKG%QWmW7lh?%yd1$_z4e{r;gc4tDZxYBqNictH+KqAR~fbg#7$j_a}W9Oo%>Sr5+8WlVIfQEQ8|=_q zVE;@r3Y<&?J4DEoD}gkwFGNeMeogS>M~Fe&2=D=2<|Vth^4z8sX)|8T8nZentHE&8 zxi;SMwUo+8TIEies}b^!r~={ySGDzI<=)f#vgQeF^1yDld|a-7D@SOS{eI4nE*&5! zra2xj(p#VVv^_3-I^PuTA0cs8D`uh+eLoDQzOAP$!{Fkhsw)+#AyX38BnUKoHj09Mcc2QiIp$UaKr8HEtZ_rR84LKruEFS$8^?=NV^ zW4{V-OWpFCdAIRA@L1t~^ta=%9XqZ`d-M?h0^Hyj5kGnD4KI6DnZN1@!aKoVxY3{Y z|KC0Cp&!9d1PnvI9I1e*!=fURsYI_-AXK;|^Xk^yo!c~iK6gY(zR?(_?|;<8{D-e+ zUWs%z?-C&|8du6V-MugNpad4UM{p z$bK`CjiSK+d>Hg!Jnr9h81$c>-M?$pzXyf>57*@1KkDCuLjT|cCx(0^^3{EJ8Z zdr;^>T{(!?Ye#TKlL^BTw<4 z@5a~}P4DInHtxf6S{sKX|2lBNTOLcUS<ZgCyZ>2G z5fRBN3q#>RL)=P!>UgW~nwy6T_=?+j!Op57qZB-n+mNXNTzwE1M~k^Ze?BBKqf;^( z8Q0K+(;19-GQ?+(uoR`855}4F5FUR`{O1WJMu0x(XzenaR(d3AJ&^EnR#Dzw>w_e;&Nf*%w)X(q=2C%G4Z?I{nH{mX@Z5V;uuCr_xXnaW{K9rdBFs z4pbgBCn!-#WhgC86fq}K6f{K=L=*%R1Rm^nzwbZqbHDdL&;5D!ABtP{Ue~qOy4Ltz z>8jNa)vF)-=@z~9uad7C<^Q!MTYtgkC)!^JeT?+Lx3WPC;hUTy@`IxrNFn~+nEXSE zp^$$J8)l4ULABYW1;CN^|vvQ{;;laW6F&QU$ecic6hh-CboX&Nvl z*uk}ZpkNr2>W_afNKe_YYuk)BI?>El7x)&p=;XC{W~#DjQvCG<>@OaOg>wIW%-_g7 zcp?5U-hT)&xPD>2)s0FhXnLt$rvvEd=%5Qhw+0U*8SJ`4k6E&>M&a1qIozFPLIkAw zQ^Z{c6wiovUpY>{JyACeup9-`rSaO&NG!%F;OYVhT29Lb?KMIROs=**GRyQ7}f z>r0YOemn9m1Rvk7#Fbp--P{8)0So#0$7VX& zU8dco8=mMKg4(pXx;UW!IW;kAPOegis(Y`A@_=(`aYBhYTZx}a@r)=NAAH-C+|t`q+LM?H z{ndst+uCH>Q#$D@ySFv%eYn3Pn~IO$6Ax)du@Ai2cZ@@@OHGKn!m^^#)f?4+Pa3!894H2PG+D!e+&7mhWvDZO9^0}}_D!(TYWT^>oKZ)@ zt2F+fP}#8F{V{3WmnJv2g=dpiA6~JQh|{1P?sZPUc&9M#Y=H~(;kTNq=~t+u2<%rw-5JxCJnPx9YJI?%pVH zqWS$6X6^3brcfZr+?}nyG^xIZu7}vuz|m8pL+OsttF*X*yz=Mc$d~Jmg5kd}G@e=v z_r1fMK3Jf$u%K=k5$?i1j0ig}tX{>FpzX(GAjeRW7?PXt_*QZeWg(In6e5ph0#bK7 z5GCXe(3vO1P547Ut15>7!@07FhuG{h#6E?AZ9Vd}AUU14!eRh)9kK|V%Da^XX~ zh$mu3@$`uTF;Q+lbBHpvjeu-ou_B8Z^x>P=xdp=g9)FhE#E=zBc{1e8Q^s3LLfr8- z-a;+oZJg&1J^)vC>%bzQP6LLS^0hFFpmv=&*}36N;{!P+A*jnIVTI6HV94y%S%|{v z?$RK*hH-9N%^;ua=VRnAXSOUPHW6=neFinP!UybI?6-gIuKI`@tO=&oR5-D5x9nr` z?;YrswTGnF6bL^EY^Rq{nZ!!7xaxjF0I~=pafvnoSZ=`{AdK4!(aFa(u5&&NO+`Q@ zE^?3Zqo>`kD=@i+ja~2v3F|Du?2wByw4e;Q=HX(-ZBwdt_kH?Yg|vyKF_}wM`ws34t;Ez07{*53r1a6l$5PgRoJvx z0ZLF}`?b}<_>qkhp2{s9A}0sXN*1HzMrcC~gSRh!^@H74 zX~J#_ z!vzVr1(|YVH$SF7;cUsY!MjHOk+$bG@{w(C%*5&lBwf*oVBBzwb^W|{|6o&+wen$E zVaYm*Qw8H5iZ0VK$7vW0p@GFAMktLmc_6y$7=hgyJzbI8<{6oV5Z1OenE~a*C}`dc zWfsoX>g_5#_W_VTh-sf$cUzKN-n43wyeAdT<#8=Y@rDG;0pcrEX_=D@?(X7byF7m1Zsn) zYTTu_WGjh5sm-DoU?Cj-{t&*;V?}=7AO7SVCb&a401+{Fo=$Jk=Lv$ridvJ$+pG{EL6g#n01UWu3!Y zkSiJxD_WduH-juh{^+6TnYMh;iQZPF;#NX%zcPmLE-lL5iG5EDQP&r=d=``jai~fx z&^7N|l0lSTwFV0!eT2@Qzg$#D_4UX^=E~PZVXmnWt&=|Yv?V>VUVaa?*qg#AXkiAl zEq;%uR$(y?169PUp@GMR2easO3zYC}mFMH}=_c65eHvF|63k(NM3__#v1%IyYZ@g@ zwM26G44*s*J%z)>TUhGk2x?<|053`qrY>>=;HH^rnEJ?go3k66&)s9V%-$m=h2k`# zre9=v#2_ax*W`kmct&5kP44;hQbi}fZ+t|gq@c_-oIO6c z4*rE{v;LY06rZ^D<9z$0FP-y&S&?yDl4mwoNg&EwBtLX$QJE_}894PzJzM2Lz&+@S z2dzwIMwqfUl-7}lYoD4FVjGnD{mGDjj0(y!s>6}fHUEKHsKXTcFl=Jj^KU{XtFt;? zZC@_FqQPAmPT!kkt(HG8rT!WN4%O8z{(bvN9mDsH9-DG@KeF@4%J%94U`JzlyJeVT zF}0`8H5DCG?x@+71i0b07CqGQ|XHX7n#1qpgc@c#s zIN7Cj@tie3P%C$_-Rpug5D!1bS$Z+<9nTOkmj`@Z1NxTuQ}d{LxIo)F&X#(+Wz z=DYy8?&?M;gTunP;X`B%6`tjHW!2(B+hF@aK>mm?;2=lVnlICSlkw9n-DfPRT=Tj} zn#ldmC<-p?2X_?V4enX1)|if06SMjWsf0dp7=zqULa6e25TulY=4kb#No=y(%)j`r zrJSFaU*vhRY-vmgNR>bS(z0SJ!wjQ7ri;R;j_IcUzdyhxp4FFhV^amC+V9=UW+8yN zE338qmi?)RIe$QR@8*X-mKQB}s!!R!X$_@!smC!SB2%W*l9)@RB+BD6A71)z-+Vs&6dXQ0{?l*%7@3_VzqSf1ra+ zNbuz>_W1UD7^w+-dKx%17&&FJzcIQj-pK=i*T^CyGM+$6Ru$#j;u}Vw* zNW((t?WhX;NE`$JjWT&(c&QMOvWMf_G4Y^M=I0nv7hBqvI`)BAc_OGb(F?Q?KYE8C z(6}i+r1kqS%yDK4wV)UPE?Dnhc|w~yq{3NRK96Ym>@wfV>MsUwDJ}dSMJ6F-;u?JHGVW;0w^@v!$1`Cvkz_E0xBc5Rl2h)DQ?MG zFXKv7!L{;7YpwlheO34f?%#b9rg}-NczYZVI@?5w&}We5^FM@?W`13K)P=xKcAJW-1iYjF1f#}2U~yB*_a_&+Fm51)rtCr}Ld;cAIRSSh zu37Fg3l_yKVCYS{rb;4DPXQ8Q{>kAzu?;y7Y>-Rak7u>t7><{mAmah%xUKLj1ut;% zpeUvNK9tG{CrPU2yIm@WBd0K{nFU1S!(NuA%UX3@r?b@gz~*P2mqPF4*@(E8PESg|4BddFQdXY1Nmlb~grFWuI&oB=jQ|7sId3&b*-U&dXzo}i8C5Bxlm z3c(T#kM6mmoZJd{qqq+-UO$bu5)iE`8%^GKy@=Nxrw}Fx$+W%3|oxd zbpOxtY*$C!kU+g2yBE3gz1&7#sRy6A=w+tPU*9|s!EIEl%?l44aJzs5HF*jQzaKi6 ze-vLC1UNX$Fu>2c2LLb&@rd5Y*aqOz5VYJwIdLOM$!@8V?v0B}rE24RK>~AKnGbGh z=5te9g)LYuX$;yZbSZXDQr*uMOn!W`YkPc%U36^q>A*jfG-aDflUs<;oSaCzQPaNo z`RIb3t-91XdAdar-q2+;Bsb!#t*8S28izm}Q|>N&E5g{U(cPfyf;q89*A)9bdwzl?ksXA}gce zI0UL|hy#gh={SMZ9Fz9F4DHA2a+Lun$;1e+4>Pnz_v!(Sy;PLXb6Z(pV$~VB=T;ON zy#1V>M#83_JIJLmM96Qs$$R1mK?d8+7bG2(3=$^JP}gehuxgmbz>}v7zT7DA$5a~X zo->k$s&4H37f|Nr4qoJA2QWXc)jg>zz?@&J`x~HAfpPUcI}?}w$Tdkw*L&aVmPYjh z&{Xm){n8Y+Nzru*$%>&xeat?%bQb)WQT}@Ib3yY z1YA~VBYt)yv1Ua#EC)%j5*Kn+MrzC-pIJ*)$Z&4c1%9lxV{BJIJx)}kRYt3gNFAVM zgCzmjm^bGO>mHVW?66p}=@3D$-}v%^-&*PBtN%~%-7f~!#@<^N#>YL*z+ObSDy7o( znI$2V#QB1`xUx2pOM6sB+dcY6gE-kgo-u;{~om+VY9kUxg2}@VLU;bHD%YTzY#XZ;0AEUGg7_GfzxZhlV@Vv1QvWrQaW{fj9_ zQy5(tk0WQg7%FptXup9~Qw*$td+=<>0F|y~{euBH-WE{u3OPH)gxZHSkLCk%YqY3~H6w!5;jqS=s0`yv&R*1WQQoVzkh z+V!ISJ>vK5gh3`>m8nZIej{D0=JE{OWR80E#)m8p3pf8{DoT?H+H1zboMKHj3G(SV z$)}DWN1MlweSu?AGL7P1V<(+! z9%jd#Wj8g*VKiUakkHaUgpgxN@MIB+m^(a7@h22TL9qncu@aG$igR)=o>MX?x7oql zFT4x{fCo~r2n7i?Qk57w=r`2&3R#F|6eDPjSIM1$r8s5`Ipt3JxE&d_ce+ zM+w#B#aW)8Ea_x<8K^JQcTMuJab}Hj&kgB8mK=sGIg=^e zI{5&S+-0_E@|_28bE(el`-pj6!%eu-2@-M$z^HMtS$v=%Yn}j+y+hn>Ns170n5aL| zl~yW2Eya=QL3Lu(%$Jwt6jw&Ob12!+KgKA|p278kJv~g0e4@ir6;fWj18L!Q&Xy5C zSDBpSAAuI}5aoAappC~xSk#9O@plwsAND1Rbtp$N9F%z&%9!H?l>wfhlM=g{X$(kh z=mdmNg^h(La3cjRI7%5lq_mDe5v@kBG45^Mqz&Hg^!y8A@;|Qi4ON;~-q?sRYy)zx z`k;8xW!{PCcU(G*yGv=ClpO3x!l)SO6vY|yJT6BW5^kAmZ9W8zj5Ym&7VKahOCg8B zVtrI5@P(@)xVM`~oX43_HYw_cr-58S%o7wed~qqCXBWptr7IOvb*Y*VBd$wFWm+1Q z@Q--`&tA!o|L$@W)00&~jRYvXQp#QqT^k%;^jvYNo@|Iq5!%||_2cZ`CA-u-S^zn$hrR8A3nte=bF4N2|6x1PxEb-=UBFZ55F$RU-6vqf)AMh*;T$W{Hus^ zjPQuI)^gD<#5*||{B#?Bdaxjpa8DSjOz+?`O+*$+OYk_-BCxnHObualdxE%5j;YCW zs&rOQ)?_19Fo*GzlBXk@plnrj6WY>N`jn!XY8OwK zY%%AM;xET;4Ht>}PTk_l!y_%e*BW@Z08W&KZjchjD#Twv+Cik3J1)OC?blr;{2#*Q*>|nqhiYzM52>5i#EF#b;oL-ZA-3HFyc&0Qq5897` zfL&P3xFI-&2o>C|=}hr6YgeKf52e?L>6;ijMJWLPUBer}95GnsE}c89oQhiy1Jp=s z&P(Psw8+XyfA`)Z?q)B52`BgvyclRx1cL;_y_~a`9}}TB81*54HrH%9qdW~R(1hG% z+|U~61U=mY`8Ic(Q7e;zk4-0;*E;&??JG)7mFk?<^ElM)tJmkZg8W6N4dfUcr2mV_ zy%^f9&*3xb4|`WFL`msiww*!)_(-FF<=$?`>E?Hy+w#2RNP6A0$`m>pdv)>zt3DH}d&rOEY4AV#< z2HQQ(EvVlkbK(l!^6sC9g&F2X7Gqc*$j*biNSka!QB@R&(^vc8F>F)dwKCyzA+sno zHLE({Y24L;$%VObrlmAdF*D_{lgj*A5)Sb`#48!x!#6d8y_<2k#`rQ1Hkj@Kt0vUo z!p;k>!=^p|oP~`NLF4;AM0N?iC<^Uz0lN#9$TOLD$Bg_yJgqnKuTGm^z5CLmN#&LI z4I}bNxk0Zt-XPHi1xb*gFoQf`bg+>_m+PpjR@Ys!3{c@tcEKyM1lvj>_wj>*w}m zzmT@%hFQJ5%HQUAD@SedVfq}o3R9rLNxb<)CsS7%FE|q*N1hDeCz7n2-%h!7Zi**J70r`{MgSjFS#<6R)ki8DL!+p?fPLq*luD6y1pp> ziR78-$_>%_f|n_2Rs_mUj(@A;Y{909(se`F%iQ=~#}YFWEmw|0D1=VQRxnevP@3EC z_&GCz>wf@Gl4X%K?WzQim{gh_HXVuhMJ9 z-Iy}Nbphc=%OiEZ4@9$QY{3|^Sw=}+fVirJDp!*o1+>fJz|naQsG zx}#r`2PFHX)DCf7w50RU^KkP%JHO_^Pb(VAbuYIWj>#v#mc~UjpQ` zdFFMds9&oQFdzFum$sr?1jFkag15_EKO{y(ihwt2I5;b#aVFpRtHn>Jj;8XilwLES z4y_xoE6jw;w2V#s?q7*vn@QiAYyz&*4iyVtR-P#V1OlYpUn4|-OV)NZYCekRpkRP= zmDRR&X=ycCYV0KI+~P6XO_BlLlzTf+$cLE6~26^4gcMsg>~sP~c>O0)20A(FI5N;iHzcYxQup**(G5dfW>Jo18UQYCJ*56lt%gR{tv`-foLai%xf8$PO z;2h%KRBf6IN=yO+MZysk3J~Qr@zrrl%6`sTxyXgQLPzIPL!NGDX~(t;l6A6Iv9o_( z-N)X-F?Yhr?g}U{ANao1NwlV*G5~71QY|yN%5KD+^HE5HIAwn|skFkFGH& zv|E9&#i+@+JEEIB2bPJlRa4U`8mPpm*0d z$?#D`&KBhF)i`cSneeum!H(XnTvVxTMa#!2N6tSQ+wJ2ggNY{JZMmi*i{yd5SCNSR zp07}m5TL|E&|q7SuUX+=3w;?2!&ieHVY$vo{-Sy|hUER;q!7kdki z21# zwhbq*RjgZUjONgrG@*IbPjwe%mo6Ao*I3P0SC_1ld*(r$LvV?2$#xw`FCQ5wNJ`kZ zvYfvAc1KnImX0-`tXRh1h0sz@THX1}h!r(`(a2dat*6^y-aNn4cpt&H>)GX74Ne5; zHBf@pdeGtHW#mVTU)tG2#|fDX;Oc!Tq3duYLu~dlA}iD}fBn%3=MHRK?+Ij9U!RZq zFor%|Q)3~$dWjUWBH?aq*LPN+ixi_Ph~O5U$je}bbP=tPE<(xJf|P_TiMo+QYXG?p zGL*w6==xA?_bfv3#jua4KOy&$tp%n&Xs*w~hm=?GZI5ar8ex1)Kd_n-$a&loi*}|r z(6P7@l7R7a9}>XGBT{YX3i7sSmJHA(8W#}o8S5s>y zIDy${#V8o1TCQSw#uY+y^OAFOM(B)mAJ3$ym}eb~G*}_=tc$ylf$#B)&q%3Gv@aA| zsyG??ZoZs;$fw zltB9`r8*ir@Zciy)Hl9D2?Q0XD4;nq_DRffalk##_TvLh7sknCXctEE!Bj!uhAdyK#~ z{QkKeX}DG`a*3B$#F3@4w|TVwjnArmyIQ&*l^^POGp$Ly0yP>}XWjC)<=P8Ockg)_ z$QhkaGN+Ay@Zr#ZYvY7%>CAbZM2 zKXLIj%M_48FL0nAVXCU!K=T|^Dt1PByVF51xLU*RVU=xtjqr2Xn z(VztVyu#Ul28e~wDl2`XUrf^C$QkT;d|eFeS;9!Pzck||HK~bm<8}G)uepkjM9ie2 zWYtI@s2DLIvI=&roInPW%@J+W!!{C|N;fua>`^Z0PScf=^v+f6&$%{Qhx-)>SaAvM zr+10r6yRvUthMC;!X&HPEK@-?<}|K zhq<(dudg9z;qR6{L=hhEiYi6`hkiSAEB{H<- zgrt!y7VBKY(B&A&W+ynOzsv4GzC#1w$^8MQIf|3?Chv52p7UPa>k;7unQ6ot$pe2B z;loDA$<$%T=>TFXP6C2`2fx~y(|PEUdCA%+*e?Z z$^m+`(riAs>^9f%To&e&z^(N}%Vf>cRQLN>05H401eUMuD6nvTF%9-9U?7QkAsNp8$F3q*ZFGI1sl`3cP(Qw|01V^&C95Y%bmU`0P#SESt)p?8e< znS3&@ZnN!gK+1c{ya&{FG=jF)iW%$>h%8rT-p)S^Gw{eijZi9@PxLz`-ArK*AGjXx z6%KY-3_0-Y1+<%u>f_0MJOZS??wKsFAD~1;_(_5~dMR0*`?VEtLP}G+6vElkErC#| zaBCE|-Jf4=qEJtexX-OM!7;`jWFzTV!?DUiaCMLzlUg%WK1853$4#282pD z+%mRg<@g^H?_eYAlZO&-kzkyk4USi?D%tue(&hTV5v`;M|Di=G&|Z9Dsy8o*yEx(3 z4H+JdT>*iz1cImq4R%6C@>ALEYG23?Q z9$g_f#QeEich|ZE`XX7>+n-fp{STRAhsoKk`!{f3X2eyBFsT|L zD95GVxAX4zs^eQ{di{jZBkOY6Q)|1#$%qu@qai~xGB91NIA~z05q{A$6oJsXZ#ue^ ziIu>jxklL!9wt;Os7vV@P6bHU?m+g3x@pG&qW`5kUo=Z#)fv!x@wa@gOziD4_yGLXMyTe z`4>%qN&+a-q&nxd9sBdaOD!OcCu-WsRwMf^s%WC9{#1SaR-FibO<6Esx)IE=r7Uuo z9k*d`1o@$)Kj&Fmzn2o?2uM+^E1?si>JiOFj0Ou#8VPiHR#{9pqQOnO*XZ~hfNGD( zxQnH}P%MF+h-?=-UL(Q^F_L4M<+0ViBNyPPXBnQanXa;Q&2*N3t{_u0YVNC<(jb8F zhSbG;jvto#ZFoH`cYI;`lSaAh3|-&JCu-~6{t2-W*LVS$T};hOwJ2vX(OhKCrH#rN z0Il7BgN8o`zMFGoRMY15)BVHVn%Y~%KJHBsmNE; z6#?LjoY2Xq^Nbr0<5@7|qXN#BFg`S;S~K2gzBk&U4UZ^DGz(H*#>JpJPat&IHc5n*$rdU9n(O?}4!c@ia>KAHJ zUp%f{U)v@<&vLC(bcmMx`x)-4(}WOD6BTEpW)RFz!RDrx!PW6+8uqYwV1|d1aYG}e zs$;#5P!Sm{oVxg$Xt1fmoGRvUODe&NkD3@?!0v2}^XIuXjyceeq+#PR`PXJN+NMT` zv4iS7f#ifK@4&_9Nv@0Nm_Dq3Z>B9gN8XTf!I2wpnRV8DcJRE*eta;0JM)6ffxZ}3 z#EZiz+;;Y^^9X&$SymV47h6!NOC1^kHIy16X^6-k=N1E0F=`t#e#M))v(6S>XiKJw zhhLEU0c0wR?%Jly=MWd~tVij0VU})W)k!{|M7wTw6iMB;5t2`cA_4@+{<`K3HCv`{iqk z>?e%zTI&2xt~1SkE_8_-9KIoEQ%WwO+a^-XtMC#dfhc=lAnv8D zC$7J5q(#Hk0NlALe@U=NEYXZ~QKtHLjzfBcje@6dBo=Z_#0bM)SwnFE#0whXQPtLP zbmMbbAvbi1hxY|1OR0f~lrDrB)!c~r`Ky5e0ABrW~B>*WnUVq0Pyu>?Fi=H@5jt$bgO^YHA)3GMyizBZd@NMqS z8GIf>rb8hg?^z=}^;m!R!M8TwoIc^#oOf^2q7MyQlSmKgio7BsiyqPXto-#dBodq= z8ZBtmX4~g*HWIX@@HIY2i&bnhrBDOd%A$N5Af$g?X|B`lqeZNl- zq2Q0Wurn?+ZS5{DpIgCbCpHNv5S({Cgs*<`kxz?VyjeqLu` zhIQfT+)Wa8sOT9YU?_~aNUvj?t->pb=bJnVZ%R>g@=-}@nHNmypnU8OED)u@CGifz z&~uf$auK1Ktm-U92HLHSpE+b|lO=M_+J{VKOWjba3sc7r*-u95v=y~K%yM)YmEsK*>m_L|CW^kY3!kVn-sqSaHT zG0#@bEN1U6mwZL!?j~lD$P}zWFcxwiclX5EN_^={!Hpv8U&PK%=&E%+DTR&H{L6dd z?|jg9=9f|(LS89qeUU{X)79#O0(nDU{O`>$5HDVhYXjUQY=A{bx_RjMVfgjHu)4ps zjY=4G06tO@%Bt#*X`D!rp=PA0`b1ROew0sU{6OxmR^@%HA7}XO&^~G8Kh-&qH&ECd zMj%7M_P=O~)37g7*?MVW`2hs9<>H<0k zqpe+7HTYB0b(pGL)(BM(*=`o~zBDPf{y@UzzZb8{eLyZcI$>(%vg^NS~GA-VsPuSX}kAL!m1`Hz6Nn+ zcCpSxR#6ZR_HgJT>4F2p2O=#yY-&=1DlPD3Mq5pSHNEosLU}xVr!prkSw?i5tGiF_ zxK>OF*NRJrm9Dd?{>d~qcaUtl{ceNa&BV-%Yx-4S=0H0gs7n?nOJ`fBRgF(jf6M-M z(0*UXA}z~z`M376TCIEF-=E$;eY5JYVDdj>k8-<`^=j$IJ{mallH4v{w7y5aDfOmh^^|e1qbla5Dxr}3T zplM;8evVtd`je92dEw{9w1z?I<=QHh~iS;qzb9 z`kxT9eDPbI0s#7}#o^C2eZA<*Arnsd*3ty->hJ-L=VFM9I0Qa_H>*O5Zv1Ta7MW1! z$5ch8W!co$%GG2fKX1$(yl{Oop6G{Qq|1cm8Zx?uv4a<;q4fIm_woKjJM>m@E(#ht zBdy~KtB7?$gpP~reys7?Ni8&MzR(uc=zQR3;I(@C19o6Lb7x}EL4}CmpQ_1g!d7CQ z+8DEklckIO(Zyf`qkQo@E!OedrK`j8;m@fxUSQw~oiS(_>$bG05J_eh1kRroL)Mt; z3gR~{09thq6=ak;bBC`5Pru`bFQXAv;olME>C@!=ykTMEXLVO%2A^Vk<}4x}NR4x| z-F*K|R?6Jpxuz>*cGu~w?=NUSvg}MXwI~7W^jV1bmWU@{l6yd8$-bOJf54Z#j&zQv{auuqedb5-PMr~#5)*+ zXG%O}k7)DXjerJk^L?BQe_`eEx1Dd!4yF@Nw#8jF{#vqx05Z0O+Fb=I;kf5;EYD5( zEw)0Qsluh=Bi*G%jSK1#Y;_CCUmxZ(2{%@w#V3`na!6!@-QD`W^N5U`rX`b~jl$s! z`bMU1SgoMEARG6KGowAeLt^~8wEEKtW!I+rGuSF@{<&J)1JN{u*WMwkZU!4 z&JonEm%z!t^5qelsPlvzuC~ZgyPeRVevirxh^fCjiD=JQHC6eX`ET5L)Nb7atbw(~ z*LNSv#(Qmjl+pZb)iL@}eEBMbLF|kcE$U0{V8k@Retk7^^M;C-he;*xKi4=`LAE?L zb0kVJdyg5L){yQRPAKv8rm)P_a|T?GO#uMxq#Nkx4iD6>Ew;J{*t)VAs+tV+x+ve8 zyh^zLPr1@qynA@-&ysbSW^(>maepu;^)10It*T@g!Pd^<#5E(`E|AYtJz);KO(7sL zd+$F%QG2czVYfN*#m=Rm7F%%*hH})>XsYJ__mgM^Hq(f_*b(8M2+$%-d zh4+RG+5OW|GZ4WHwqvF*QTlE)p&Yq#6h2q(b!4j}?&aCeiX5P1tGd1;j`e=7%2$zD z+jQdqXJlQG$$bj^2$nMbJi~I$k7LrQ1$Ngz{l)sFCwg@z-soP_dD|)1UsAUkwTIvy zxPlNF#?Hh-%F%bk&+#zrn8ikBho4;4Fjg`4*yiQpxo3*$T}d9@q`y}E>1ejlH$i?7 zeigmDP$_#u2O^;x76Oh-Abs4TzTg$Sh#uMLixfb#1ovIhnO0gWsULTAAd$U+<6;F} zE_fOl@x3mtAP-a!HuBwMn)T9(cy`5ztylA;TZv}y(WNavRtvjqaJBvndOVs|)o(=% zkU5{#Ic)9P`IL^*`nPZ>hx1YeEpBj+`u%$ia3%&Vqf<%^Rueu7tdtox;sOK|Ht{7) zr8^VplbQIM{cW~s{6L)I%(s}l`vu7byWgRNv+t^$LQxNXS4(elX=e2V{jR}8`THxj zQyVA0Djnc~vd+Q;w;^29bhcD$`Y#eoP`sobitSKSnIw5rz%}v_@l0%GdII)*VIUwX zCf&HbWF>w31iBA(KIZAO1WyTj_oEou)*oAW;S-q@gEcUz9L zc4pQ^r)c-TMyjsIqf01`HCEi=Eg%P^GDADKgbPt!lGXp1n$a;mrqhXTFDg50a5Iyn z{1BuhQ5+AfsbBSXUc3CgHO4>v)LwL4D$fIp3$?{(Lrcc!i0jP-;Xy;dJjQK@}6jTc6 z+D1gzp^N3pMDW-1mlFs55sWQ%P90SYS;orV9Or;5Cu0T~iDuln-)V!;f%*10!oQ>J zj`6VHtjdjV?oJ8z%KI%z3(2_vh+0hL!#C$1xQ1I;j!lx3-(u=&%4S@-Hp0jv)ZH*^ zA;HQNB`m={TXceSB`pmX9xP6-uEEIr+U8fO@MpWY$@2fy6ccTuwt7_@1np>Njvv0Y zjrUSSKCdbKC1POknbz)FB#&hzYJt5PanaV=zB#P{3s%W*18cfM49=7_%=FBewLxZ* z%}P+E)}1UjY$1tRrL?s8dFk3r_V#&h^`&-hn%i|u}g#X%de-Ryv z;&&%$x?I4C$LiQ(g{7wG#v(^6+4WF#1Po+x)I~cU;bTq>{{34c{S10it&J7VqL!ll zu~fjgigJKgG=RXj?XhbXkr5P=F|V!8LHaoc6$HloVSNjsM!S!Y=-LzL+7Pb@B;g*> zF{mzacF&`@7>8G)AFH^Pp{+!egJi?`md6G^+}>t!>`Nl$X1~Ghb49(5*$2i#wUZV1;;hMfSi&EJB9r?aPG}P2kmD+)b!OUlF+=u`1FVznCK{eJpI&p z_K&ObP7f+%P+(8^jqoVu_oAx|8huF9p> za!BH5J6l!ba>!np@mNQB34RRaYS1R;80>8$1aJymCkxMyP`&kYN@ms{#Z4QLM30>R z@*qd~ZF2Ky@S&_~1eOCYXHr*KycHtqFspMRi1Kch(um-Y{8!A9CQm43^AsjF!;G1N zb;l~9D&@UyZ9KR5E}FWKpPTSRL7sb0aehp%VJsIl`%il0dpH@BN>lcEsFiDs+(M&E zwc>ijcH}w0S)|F1s;L|Am6t~xnhrD0nqi@}X$l~-BDwfS@O(>nRHw7Yr83yFx?#K-0>4g^367B)cv$0^4OX`$wen=3 zGOV7@q{@?3OM&jk;CDWcU!J(gcWeu6?#e*Fr>;`UGrJJ`T40uA(J*j0mNRJ|%HIV~ zyiOB$Md&j*n&RB}-Wiuahf71SNQ3MDJ`;QYpJI=vao&GCgP_Yqn>otap)t93>MZqu z{T7ew1@G+{NX=LG@jM^0>1;vao;J)I(J&z)W5t_9{g!TAqu2ZT-zN7ZO5VPG!mCk* z7@+KsiD>z070l_Ic(}TXV--P`Pv3B=Zya%CjRbTB`>VQo5`R#C4_lAfZ>viJwBvra zqDM!0Hm|jgsDS^99Nwo(dFk; z^6BTo8kDSrGyN=?#G6d7)Q&+?)$&UB%uJf+|&1L7? z6gh2Db&fEEe{DOk{o3!{1p;jp-}{AQe!=CFRWxGDG=-g zXwBSyogazy=!DiTbXC8lc0RyNMmcnttE$xEM{kA`V8&e|9A-`{e4U5<6d zKRVu1xL)nBwvKCxAM)3L))Bo7Z(~!{r{IFUOQ`uY>U4?_)Z|qibL0)a$i(`qcDPb| zm1=vvPzB5dwqbl3hAYy~ry7yx>hpm2)&{pQyA3B4Zl=S@(pxw7{s`s9m=9x^;Ou?QFN|)&|KC(D*^SeX-=prN6nk&=2F^ z-*Q=Ur|8AEyjD9TzG=Q7*}?Y5L+?*&Wfu)n_0IJ$47x6rB?FTsoIZdDdjQfVE&tBs zqjvRv`C7kD^-ZV{Sz%q$U1x^dRqQ@u&GRy{h_nS*4P;S<8J{z&&sKf+Zvt*e*T zLZ4~99qd#Cjx<`8EQ{ukeb+aq2jOsG$->V_X=D^yg_K{|C}jC)kZj3UX@Eg^R_g2+ z(2PI0i|e8m6~48N$CWIPSE%Iye8*_+uw5d)ppt&ol3xGzyVP$esmdJ@9uX#t6xX%5 z^FkDq#mxsJQHh0RME2q(9}GJ*Ydp)FnID|`gE_)~X|vZHl&{gF<~v~IY#IFh+~=+S zkJQTPTn;cf!{c)k)9>Ox$+LqQwNQ<41BbkWNl~2-MVfFrdnUUJEBmzz z%L?ZsvkGQ)D*56KyZ1+k+h&W3KKUnzL>JodB^^T_zdWmv%CYsJ4NORLH2jEY3P*`I)>NFR$jEU z(RQtsiLRY~d)$XtXcu4PzOlhQqnyVEL=UJuL(6>G?34t$?aMar(ky0Mn8pk37*3Ta zOd=R^S#RhKO9qG5>A*g_lND&h(s|KnIjbc3Amp6;w?9fpl&_P*hC#soSd*{LenCJ# zSTg~>y9{p0MVfZ1>TF@YYV?569JVK6^5#IY^|+I6nu4B!!4id)a=D90t@xBdC*CKiXB@HV6=^I{&-qwlG?<=2B~M{Cv%ira9cCK z8?~5o+fzGVFCe>5etPu)s0F-}*qC}J*Nj)8)}$~}6eEyxKYKVC#?Sk`LUhUPYg&7m zixPZtxJBHN=d9zA`0g%GptvaTB|x`sRs*vfxxR;OYXN?$kar6PC{y~1P`@GfqM)Hd z-S*g5H&%DyFzxg>U&e!zM9QW^Z<{l{^~0fLI2r!nvFsqk@$tZ8snp63j(YMl`2*>Z zK#W-`mS_{_s?=31bxFn({h^dF8=*XVpt&$1C+Cp}1PI(QEYFOV#>G}@2eQr|F?Ysg)d3N;K0@jzv%C$uy1jvLy`4$t5oC+=n)e68JFwN# zylVQpC~e?zO^45r|5NW}zFiK}_AuP!uk3&;qp+Ibb*nK+|9%^{x2DOro*O_del+}i zL~~g1y}E`|@&J+mK@fA=eSvq6JhdDf5)ld)5ewv>L(yfM_!1Dw69V)H^=+4Vau+ej zdpUi+xHW#;cwp^0K0F+HgjyWzij8kLPyVUyhtxY!mScfnzHQVJN7SJ4*B>(k`hHzinb*B`N85*63*xGbdLVTzXVeeTO-be+DC+iBJ0 z^NvoLt12V}=@yqJb#pnNYi18#lYPAO+EQQS1@7z{vMnBJxyk04&imebBsMfV{NUd} z7{@$t-?CT`Gn}&4Z2KQcGv5`ht}x--K#0iUWUcCVa4`U@x7jp%n)ZkA_+0tsM-Sfh z@6>CX8jLq~Vp%J$OHXCOitw14H$Jax1dI(jO&5thHZ(MuW61Q0>ezD}z#m>3v7gZ1 zdpz~${zTF&As^O;q0f8}d5xMN4S-KE8b@>0&WuWfu(SILc&Tuj_nx+g@p)c>k6EPf z&fsfIA0WKLA@a2@UV~*$w)VcOpo9TsM?Av{X8bioU*_Z;R|cL|AL0aBqpy%8GoR|- zA_ws{mSkwmHD>~+pF=LO;I*54h?H_Q-gj#wVltz68_;JOYD18E@evlSWmEHJEOr-X zCA7|I^t#N2fgu^ zEwmfX@=aX`5;H9&9x%jvGro*=dCi)SdGha(1mOS*fda&`c9l>Nc^CIs!x? zzO3eXa4mu9hfA_UDS*`%$P(lP4t1O59K0vk*#726-dFVEdLB!O@sp}EP*!RDo+#(> z&4YUv&-p$Xz>rhYH(>@JRD$E9G>$DayqKEn)9O(C_Zay z;>t^PeTFWL+2LiT6Q>_<_Q^NE=XXNpSb_b_+GeFl4|CgX@enUMDYw(^B}r zn!NVCt6_CNR0-jT>kFV8zoH_qzM>-5PzPnq8}I{?)vcP3qt!XBd6|77;xXsu{kVet z%-x8(7l!V{e>lPAbXTqs=h|-65yn*(nQgpBEuDEmrH%}71|Kyt<+%ZMW0i|a^z5EL zGdN4cnxSqFhdNc@N%j3LDeymWBNf%)+z_KUz2nW4Xr#hNeqxJV_VxXERL3O4AXVi3 zPI78+o{lBl%#0C7u#GED_V>V{u9Bn<#rGx1Oi&85e481ybY9qV0)-^?Y7Qc~-~au# z?}8lmL{W(YZSw2zF}O}foX)8=_mzl?#nCq+09<~M7xI6t0ig%j9#z8$`buGYtW3F- zz$#Mp_r35W?79G&Ph|UNXM}^&d!}m0xl|{0|~ymYpfplcu8UB zXQB*U8lAvxfPc!PAR2Mx{FTSH(C=oerB6~WNRqo0qV{c`An%f$T%@TAC_qD@<$-&) z);m=+Q_t3R$xyoL`*-$+e+N&aI>LD2waNUc@(>j_l%V5NcfUny9#=d4-}i zpWgmx(=pgx$E_Lg=u_{=n){H3)7ojyM>v*QOxJ4%5A3a#ngLwBUo91Wc`L25D z>@w=~X9G%_6~()OQNI`=VpaKs`Bb_=?_hvM3>Vn=Yhy0K$C7RHYUo2Y;sME8SAeVQ zKdG%3YcxJl$4KMQ92-ZsJR)AG1ZFt+_j|nfo)f;-iNHnk`(F2uAHP(Tt+Ir^`rvM< zA{Ev>I|F^xCj$YiV7^veCP--!cD8jtRnd3MLlLLkB5xW8%0SjLZQIX!1r7ztdZCWT z-t=CYEPY7VRhqs8_#g|}4{Q9Mt5!oj@_R9Z$5BpsF++a7Q2Az{xTI;r7Thw3)`aBV z^xipF#}A{v|7cTPzO#umwmc@<;zWpcuWk+fAoNMYv2dgEj+V{yb`XDDd%E08T;phK z{w8ZSN?YNP+-LzK=KtEO92F{-k5!)Kib158GUJT9wL{g(R|I+wVNZhIkPE*ag!=r| zsf8&uI8{3Zgqgm-P`$bT7t818?4KfwG>)Ij90P^LQotBV$3E zOlxC?F6r;@mIzj6t|Nx8(c}Z_I3E8YoL;vmE1($f4)s{x>%|bT%Q-Q)lUuI{Sn|&Y zMGXzOrk`j#Z*eCETWv13@5=Uqse;6BFEt^}516bFEB7f$nLtdXcd_alX1Z-9#z89} zjnh9Aq%Sw%$exKur%S)c;e)|YS85$$G;A=YCeV7Na-ZWo`rmccpl)}z@4W|hg`_jt zf9hdllLr!@<_K#mpLJLUrJK8H2PC8dJux|t8wK4}YScZAwP1`EHXy8v+ZSQI@+mb7 zR;qdviMo;17E1$hGWQirq{DNU#D?S|Z2-~yGz;lJ6=$#9>$vN<_cURr%|ZG5pSr1J zlMHJ=jnG_eX|2!4O7_-WcP3GcNqNgMGkuOa*{+H-ep`r=xu> z`#9+Gfux}QwE!g`Rz!T!0gzL0z41-g6S~HdjyueVl3jMZC1#0ryHU z^KiYmw{;UqFDGADQD6YNk;O?yqtA+zo0JSz5AT@D$Ov3q$B8T)@8*t$)!L^uSEjH* zaa$NMh@R1DEgFr0z2|Qv316e<`oro|nJ6v*6d=xdPevIDGQ>wp_{4Az;+@RCEyYdq zMh6HE1F6e-qIE{DmtJhU@FRrrdsE8s{nQdO2Re3n8L)l%{zXp^ z>&SJt@zZgg-M0@h(qAV>;TGZn%dq|dJyBLHcWlp|+K|v;g5RV;5PP9d;L@P97Q=3e zcz;}roEzgpVXA|(MTui`Uvw#s$L4`Bpt%BR&fmPoZ0IAH;neFXHrPTNAxhgra+lWY zw;JTHq6gtUsWooG@J&p6&!vOgW{hE38KL!D_F-))8=xe+lN*sHdYxoFht_ z8h-X~UB4GLSoMOj`iAw}{~LS<)l>>1EC|fS(RikM140KUx#x-(hM&Eae&Gt<>(%|IK*e}~jjbF<0ZckGnc>Al5Bsbl{HvfOGkR1n2KA%B8qcJQ z#P75O!I7T+Rg8>Jrm5JJ(Cs*R|1c-AE08*3R43{vkGj8z>Kg*zeyiX&0T>ZTo|Jl^ zR>>`2IA|*t`_zFL#Mp2G5RW07AuymHmq=wRMeo9 zjjmF_zHn$Pyg7|kQ@AEJNZ_fzGWGa7l`BU7v=kdk(0l$BXi_1@sgPQ~f#?G19&ato z1xA_0VAEc4`lmS=pP}Zv+SdPl@mom1H|Z7Na{dQ#~=9|nt=IKQAz zXwZnjwlGmwUQn~FWm^>Mhi44BjzqOfLE%a!OeUG-f;gBPB4&wWqs-1xA%daq`INVE zFfRT@AV{hUD~{p=&G;M$J?Q`{g1>KSh|22$v5RG$D0T)pi?m7H_zl`MKdGY?^+p)B z#ce%Eo-7MgJI|%Dzp@hgSoj=|Upj`A@u9kg z(niY>Xs3wkk^?J12dM3CXGWb^X3-j_3x!r1~-HfK>XDzi(|96aZk~66Egz z>Sim=-$tXMK)284W}|H?ti$9FI_p;!XSiTw;L>H3jSqgk^~nVx2-IDnb!yO2KO?wS zfbR0RCM_v#uixzsLa<7|KjiSt?dkRO4SHtLQ3w%NLu<=cU2Sj9G*9E)sEEIXC-`E`l3yTP!CQ(Dr6WeAzabp8ub4l3F zIgl_=Ko5MS*j*(Zc_7RtGiIeZ zb-hXJ%`PkjYEuo_#dPtkWwo*gnZp$p zjP@PySrbAYD5A}eD^<>_AkUNaBn`LO!^4;mf~cK%Rf9QygXNyoZL_Kwd;PBIKtIa3 zk!TH^g7p(MOOTWM^y#nYW{GRYR6oN* z;8)^6q>(qBm546$*8g@IJ8|8)t8KBh_=Q19`rOq0wekbL=oXXc&m*ipg<)&WD)-!2 zX8>t`z3Tl0Ft){g4&h{07Oemgtj*12&00X9DQX*-!GJ!FAhr#gMGQs(V(r^19jE=J}xZ--kbd9USHq@hbBwlTOhWz&&J`(M3?4kjZ@k z%6x#*-1C1JfF@s)bY5NfXIfCL!k6;vaM`1%gi39R2ZbFD2l@sneV*okB{Hc)WL4VE zy9(=Ytkp3HJ;X8T06jPf>~>GlrP{zD%JT~T)|XA9DZ9baBZ1Pi3ZkcxS`);>s>k&~8ZgX;oBYJYu&#GPmiW8av$uq{3K z7E?mR?b$q<8<&6IS>Qcj_GW)mGC=c>=Ne74&*$r0?iJ|c7e!S`{&eX%+U=1?kCsWw zm8I|=r7)@9^ceqHs&PM_GgX<|bou)BcOagZo9dSMstGfYAXi#JDp|*uO%q4jg(R&F zvr*A?J(1j^s+;v+q1v~>VzviToBhX|M4pXph%kh&i@li7=;rU zJ&=*apaKkJ4Nnb5BC6By2CGoI(oa;>n1!gnH2XyeuN+d^TYE82b&1To+})|-o!vHR z_Y?hqK^!+qVI^J#)&+3cNP1e+K!G#0;lIkv|+tBif(R?YD5|$pt2-jjC+EX+1;ex`0@(?s+56_^rwFa8lS`KE} zdN+|Qr1U9R<;;n!@HByGJ1^%(43LNgjUHUQSmjvj1|I%`yw*`DGswznXV1LKWCekX zn>QxoGrrM|1rUZtHz~oZo9ZBj=N5K);E|fethI0>_fD1C^UC#o#$|BZJoR6adUsA2 z#j}b!`bG08ciyVah&GH(R_onpkDVKji1D> zxO_}4*FLek_ku9GEk)Y7=TZBS>tiNHTva;Pq*j_ZQea@fJz za(Uv7L)yO5$EH`9tw25OG>7+8bR+|mZTLI9>2zqc8roX{jXHoO$DJ-afwc zxHXl}hOO7ky@`tkJ;!B*^0qKP~kraN?|m4lw%oyxIh zMuV8}d`EsqQ_K>NIA?IREn-0i-RVpHj?jLy8im?Izt#N^zo+s_kc=d*&B1} zOQYdcBTz_NJsJP_+O~$ifz?$!ou3+Z@!`o{lsvK^wZZ9C@zqf?elEerMUne(WYC3U zPWiNVuqlPZG0)wg-ZGy&RuZ_Qejt zgSQh_batyjoqN*KMy+tQ_E0dM$ttZN@8aynW(ZTmOmF)*7CiOMElO&^6~3pRePiW3 zAVaMXpBD*a`%m1wTbOMT?YkiNhiyc=#@}3TgFQJEeBhwv9{}a!9TwNri*m;+0{1X{ z`;ZzSr`%h3I1!dxsOsL`;o@VUmc9NKY3sq^mTmj zpZ2#j?N}H4b~QbT;&X+%7QBaCc?9sfJ_aPhF|Lbn*}chsKnMf}Vd|7D@kjG5xwZ@} z$TUptCF6lJSrJq(Ew<+C{PbIfsZ2i#wRrEN#(JKtS$dXysXqSQq&1y zQ_~l>KVmaDsIZSWh4@YbmUkXpATU+Bef7FVv|poh1}aRI7T5-$db(@_^1>^F2D78T z9n-xKLo-W1=Sw`%skVgOaPu^g?zrg@q|+1dbeu*`Iu4s{TjYJ;Gbo^eOB;6S&8W?I zWoWVHpKbGA14o`Uc&AL@;@8>dsG&GpVK*#qKhQj`8&v|=GoZ)bVoKWr^=~Ip=Jwd8 zg?r&f>Y6IZ`AGB0iivvo6(n?ul51$@NK2pU<@73MzXKAY1}5U0S`A5aubtO@p!&3h zGXqT+C-4IuyVkM`tLg*4WD6R~zt~hy`{nF8>hS1^E!2Fo&-LGjmn=nxZ^K&Mw2U+? zZA#6z@aL-b@y$6e1$B9cBqKj|C1){=iSe(C0~Q>aW162c)CdAqJ2PlHYa6 zjjaNA z&P-@t$yHh-la8Pvfoo|C8l)^VNb-h(`xFH z4TD6;jGEPJ$@<|$y6Bm5b zjjFT>?MiYBgq$?_cVM>-2zJ}i>+iu=a73CKD1b}iO03G-*Nz!qv1MF((C+KM8{Mo_ z1aL|1fsh^NmEQe!`Ceub1o?+*H_iU<*cMhr5#-*IOT?Bew3`QXdu<2L<8F)UF>?~0 zp}SrV6~OQ{rL>eyuyMiZ*`b=zM9I$lLte9?Gw3#w#ZAaT)gWei1Ihm;#NvAeH;D_6 z3t^n!f+10ELIe;xDKiMNT`hS2(`%3{ONI=3qDd`5kb{s8k|+qWXD=w@H0x$}uXD-g zPkeIpte^c9*5}2UwhUH$WN>3b_Nn?nb-{+T4Tfle9?G7<5MxLZDKQv=fN)5&!H`|w zR-dJE?{~0ENLw)=IKd3AE?%kiT6=2Ej~8wv%g({?69aDEN9k<}w2V2IzfkYQ%~LI6 z6MhG3d7R9P_D>+6E898`U~8rf{<2ck>mv#k%k7qw0(5D_*=6g{rpTm;8Ak0zDmRhQ z$W?FH96Ygf6It-sW*roJ6B zznQh)unh9?L{Doks5rT_(HC{glFFq&i5+mCtBG3I90_d{7Y|$6FqG1?B$A7b*l#%< z{OTAR0;VpNNX@&GH8Z-`(QE%u!*v|{(+Z%x9g1s$f1 z2`;2F4!SCwWCH=e}HQK_G}`pZH3+dD~n#}Ka*oBE_LVo55znK zWngI+56|mkhwP`i(ogh8XQ*BQ%Savlvgh)7ozGs$vi%b+j4v|Kq3=0lB2Hz+3P0 zJ`rND=V8{U`+7%zd{rN;!Zcj)8Lv;c*c}OU&(FN-!OM!#KIs^-V6j@S*rKRDF;sn5 zt7nABy!!P)qWkI2OYBeqPh z|FjNJIt>@WlQ$h}^10ilu<(CKjm*@)krYh$dE#cpX_rh%dd zQ7z~t&$jq>-~sYEpkYWXtFpKLLz`S~nt5c!ud*OrF>gQ}!FFyT_@Uh4PLXYtq^vor zu_eFH;sRo+?zMbUjJ@cC*40y80W*{MYIht5@+(_J>OU}FYBT5SBPCEO){)g;btYO^ zm%IG{Kc~4o;*ez;Cwg*rdvRccS1|n<)^-H!Ake!f)Vmj7omDg5+JpHuREJo@mnA0i z{FZe5=j;6s?kStKpvX?Ab#Yu018Zs8p^6RsW%}2710DgY*j)G6e8Y$~1nJ zviIp85S7NWvr7EeiG>ZQL^J(+!SxBjSW)Udi+v*58LP;5ILL2;+Z9@%k#&B}{7b?? z#d41@zDNl-D+`Lv0Dsd2EJ!eYaV(7%!%~dpaC>(PT;to8lp;~z_{}P7K@{F`?BIg( z`vzal=;Bp*1bA*g>G3+qPa6GepJ9cQRlzU8^WYI%a_#G{c4++W^0(E%*AtD2=+zVd z0OlGhBi5URYd}=)H%-1e;}EHH9D4b9|99V#e%qb=NPRRjHr@26vg|ceJ1)mg`+gsb zUefh|mYn<(a*Bsw>BBS2n|@kKJ+fNrrk&vZtscL8+xYc^$`5P)&U-%|2R_^C@gFYx zJ8}0vz3#tQ+`oL;-}V0=?(SbM?(0AN3#I*C|9@zc|NpgqtwCAo-}V33JM91Q&HY{f ze>P11AJ_V|IAx_@>;D%z?BAO1>!<%_%YCi?f2{lee*XXFL#(#M|J^fueg6Nk?*IDy z|8w2{wf;>#oQ=ReCc z`kLsjqTIZ;x4$q%;Mc@y?i@0Hhp$Jl$zcovSP>7LIHt*cj5A-flo z)Qw_fSI_a#o@y(%(_&tM1jN^CRmKz%>h;}=1g#~jJZZ4k^1PTZE_sU>|L)+m!IA7y Q3jEo0XI4r>;M1& From a25fa9344e9b1a51832019546148b9f59590a407 Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Wed, 19 Jun 2024 07:57:54 -0400 Subject: [PATCH 09/36] updates based on Rafal's feedback --- .../bitlocker/preboot-recovery-screen.md | 18 +++++------------- 1 file changed, 5 insertions(+), 13 deletions(-) diff --git a/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md b/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md index 392e4d725c..a9916039b1 100644 --- a/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md +++ b/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md @@ -188,13 +188,13 @@ There are rules governing which hint is shown during the recovery (in the order :::column-end::: :::row-end::: -## Additional recovery information +## Additional recovery information screen Starting in Windows 11, version 24H2, the BitLocker preboot recovery screen improves the information about the recovery error. :::row::: :::column span="2"::: - Instead of displaying specialized messages, a user has the option to review additional information by pressing the Alt key. + A user has the option to review additional information about the recovery error by pressing the Alt key. :::column-end::: :::column span="2"::: :::image type="content" source="images/bitlocker-recovery-screen-24h2.png" alt-text="Screenshot of the BitLocker recovery screen showing a custom message." lightbox="images/bitlocker-recovery-screen-24h2.png" border="false"::: @@ -202,7 +202,7 @@ Starting in Windows 11, version 24H2, the BitLocker preboot recovery screen impr :::row-end::: :::row::: :::column span="2"::: - The **Additional recovery information** page contains an *error category* and a *code*, which you can use to retrieve more details from the next section of this article. + The **Additional recovery information** screen contains an *error category* and a *code*, which you can use to retrieve more details from the next section of this article. :::column-end::: :::column span="2"::: :::image type="content" source="images/bitlocker-recovery-screen-24h2-additional-info.png" alt-text="Screenshot of the BitLocker recovery screen showing a custom message." lightbox="images/bitlocker-recovery-screen-24h2-additional-info.png" border="false"::: @@ -270,17 +270,9 @@ The TPM contains multiple Platform Configuration Registers (PCRs) that can be us BitLocker recovery can be the result of unexpected changes in the PCRs used in the TPM protector validation profile. Changes to PCRs not used in the TPM protector profile do not influence BitLocker. -| Error code | Error cause | +| Error code | Error cause |Resolution| |-|-| -|`E_FVE_PCR_MISMATCH`|BitLocker entered recovery mode because your device's configuration has changed.| - -This may have happened because: - -- A disc or USB device was inserted. Removing it and restarting your device may fix this problem -- A firmware update was applied without updating the TPM protector -- Any example at https://learn.microsoft.com/en-us/windows/security/operating-system-security/data-protection/bitlocker/recovery-overview#bitlocker-recovery-scenarios - -A recovery method is required to unlock the device. +|`E_FVE_PCR_MISMATCH`|BitLocker entered recovery mode because your device's configuration has changed.

This may have happened because:
- A bootable disc or USB device is inserted. Removing it and restarting your device may fix this problem
- A firmware update was applied without updating the TPM protector

For more examples, see [BitLocker recovery scenarios](recovery-overview.md#bitlocker-recovery-scenarios)| recovery method is required to unlock the device.| #### Special cases for PCR 7 From f6a86ae07d456a425612ada8e29bb9ac3577e597 Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Wed, 19 Jun 2024 08:09:15 -0400 Subject: [PATCH 10/36] removed split document --- .../additional-recovery-information-screen.md | 104 ------------------ .../data-protection/bitlocker/toc.yml | 2 - 2 files changed, 106 deletions(-) delete mode 100644 windows/security/operating-system-security/data-protection/bitlocker/additional-recovery-information-screen.md diff --git a/windows/security/operating-system-security/data-protection/bitlocker/additional-recovery-information-screen.md b/windows/security/operating-system-security/data-protection/bitlocker/additional-recovery-information-screen.md deleted file mode 100644 index 42159aad7b..0000000000 --- a/windows/security/operating-system-security/data-protection/bitlocker/additional-recovery-information-screen.md +++ /dev/null @@ -1,104 +0,0 @@ ---- -title: BitLocker recovery errors and their causes -description: -ms.topic: how-to -ms.date: 06/18/2024 ---- - -## Recovery error details and their causes - -Starting in Windows 11, version 24H2, the BitLocker preboot recovery screen improves the information about the recovery error. Instead of displaying specialized messages, the recovery error contains an *error category* and *code*. The error category and code map to a webpage with detailed scenario-specific content. - -BitLocker recovery is the process by which access to a BitLocker-protected drive can be restored if the drive doesn't unlock using its default unlock mechanism. - -Prompting for the recovery password or other recovery method defends against suspected unauthorized access to user data by an attacker. Providing the recovery password allows BitLocker to confirm that the owner of the device is in possession of the device in recovery, and that the device and stored data should become accessible. - -For more information about BitLocker recovery, see [BitLocker recovery overview](recovery-overview.md). - -This article is divided in different sections, each section represents a BitLocker error category. Within each section there's a table with the error message displayed on the recovery screen and the cause of the error. - -### Originated by user - -| Error code | Error cause | Resolution| -|-|-|-| -|`E_FVE_USER_REQUESTED_RECOVERY`|The user explicitly entered recovery mode from a screen with the option to `ESC` to recovery mode.|| -|`E_FVE_BOOT_DEBUG_ENABLED`|Boot debugging mode is enabled. |Remove the boot debugging option from the boot configuration database.| - -### Code integrity - -Driver signature enforcement is used to ensure code integrity of the operating system. - -| Error code | Error cause | Resolution| -|-|-|-| -|`E_FVE_CI_DISABLED`|Driver signature enforcement is disabled.|| - -### Device lockout threshold - -Device lockout threshold functionality allows an administrator to configure Windows logon with BitLocker protection. After the configured number of failed Windows logon attempts, the device reboots and can only be recovered by providing a BitLocker recovery method. - -To take advantage of this functionality, you must configure the policy setting **Interactive logon: Machine account lockout threshold** located in **Computer Configuration** > **Windows Settings** > **Security Settings** > **Local Policies** > **Security Options**. Alternatively, use the [Exchange ActiveSync](/Exchange/clients/exchange-activesync/exchange-activesync) **MaxFailedPasswordAttempts** policy setting, or the [DeviceLock Configuration Service Provider (CSP)](/windows/client-management/mdm/policy-csp-devicelock#accountlockoutpolicy). - -| Error code | Error cause | Resolution| -|-|-|-| -|`E_FVE_DEVICE_LOCKEDOUT`|Device lockout triggered due to too many incorrect sign in attempts.|A BitLocker recovery method is required to return to the logon screen.| -|`E_FVE_DEVICE_LOCKOUT_MISMATCH`|The device lockout counter is out of sync. |A BitLocker recovery method is required to return to the logon screen.| - -### Boot configuration - -The *Boot Configuration Database (BCD)* contains critical information for the Windows boot environment. More information about how BitLocker uses the BCD is available here. - -| Error code | Error cause | Resolution| -|-|-|-| -|`E_FVE_BAD_CODE_ID, E_FVE_BAD_CODE_OPTION`|BitLocker entered recovery mode because a boot application has changed.|BitLocker tracks the data inside the BCD. BitLocker recovery can occur when this data changes without warning. Refer to the recovery screen to find the boot application that changed.
To remediate this issue, restore the BCD configuration. A BitLocker recovery method is required to unlock the device if the BCD configuration cannot be restored before booting.| - -### TPM - -The Trusted Platform Module (TPM) is cryptographic hardware or firmware used to secure a device. More information about the TPM is available at Trusted Platform Module Technology Overview - Windows Security | Microsoft Learn. - -BitLocker creates a TPM protector to manage protection of the encryption keys used to encrypt your data. At boot, BitLocker attempts to communicate with the TPM to unlock the device and access your data. More information about how BitLocker uses the TPM is available at BitLocker overview - Windows Security | Microsoft Learn. - -BitLocker entered recovery mode because of a failure with the TPM. - -| Error code | Error cause | -|-|-| -|`E_FVE_TPM_DISABLED` | A TPM is present but has been disabled for use before or during boot| -|`E_FVE_TPM_INVALIDATED` | A TPM is present but invalidated| -|`E_FVE_BAD_SRK` | The TPM's internal Storage Root Key is corrupted| -|`E_FVE_TPM_NOT_DETECTED` | The booting system doesn't have or doesn't detect a TPM| -|`E_MATCHING_PCRS_TPM_FAILURE`| The TPM unexpectedly failed when unsealing the encryption key| -|`E_FVE_TPM_FAILURE` | Catch-all for other TPM errors.| - -### Protector - -#### TPM protectors - -The TPM contains multiple Platform Configuration Registers (PCRs) that can be used in the validation profile of the BitLocker TPM protector. The PCRs are used to validate the integrity of the boot process, that is, that the boot configuration and boot flow hasn't been tampered with. - -BitLocker recovery can be the result of unexpected changes in the PCRs used in the TPM protector validation profile. Changes to PCRs not used in the TPM protector profile do not influence BitLocker. - -| Error code | Error cause | -|-|-| -|`E_FVE_PCR_MISMATCH`|BitLocker entered recovery mode because your device's configuration has changed.| - -This may have happened because: - -- A disc or USB device was inserted. Removing it and restarting your device may fix this problem -- A firmware update was applied without updating the TPM protector -- Any example at https://learn.microsoft.com/en-us/windows/security/operating-system-security/data-protection/bitlocker/recovery-overview#bitlocker-recovery-scenarios - -A recovery method is required to unlock the device. - -#### Special cases for PCR 7 - -If the TPM protector uses PCR 7 in the validation profile, BitLocker expects PCR 7 to measure a specific set of events for Secure Boot. These measurements are defined in the UEFI spec. More information is also available at Trusted Execution Environment EFI Protocol - Windows 8.1 HCK | Microsoft Learn. - -| Error code | Error cause |Resolution| -|-|-|-| -|`E_FVE_SECUREBOOT_DISABLED`|BitLocker entered recovery mode because Secure Boot has been disabled.|To access the encryption key and unlock your device, BitLocker expects Secure Boot to be on. Re-enabling Secure Boot and rebooting the system may fix the recovery issue. Otherwise, a recovery method is required to access the device.| -|`E_FVE_SECUREBOOT_CHANGED`|BitLocker entered recovery mode because the Secure Boot configuration unexpectedly changed.|The boot configuration measured in PCR 7 changed. This may be either because of:
- An additional measurement currently present that was not present when BitLocker updated the TPM protector
- A missing measurement that was present when BitLocker last updated the TPM protector but now is not present
- An expected event has a different measurement - A recovery method is required to unlock the device.| - -### Unknown - -| Error code | Error cause | Resolution| -|-|-|-| -|`E_FVE_RECOVERY_ERROR_UNKNOWN`| BitLocker entered recovery mode because of an unknown error. | A recovery method is required to unlock the device.| \ No newline at end of file diff --git a/windows/security/operating-system-security/data-protection/bitlocker/toc.yml b/windows/security/operating-system-security/data-protection/bitlocker/toc.yml index a34d5b969e..ba7f125549 100644 --- a/windows/security/operating-system-security/data-protection/bitlocker/toc.yml +++ b/windows/security/operating-system-security/data-protection/bitlocker/toc.yml @@ -17,8 +17,6 @@ items: href: recovery-process.md - name: Preboot recovery screen href: preboot-recovery-screen.md - - name: 👷 Additional recovery information screen - href: additional-recovery-information-screen.md - name: How-to guides items: - name: Install BitLocker on Windows Server From fd2f12717102f16f05124c431b9322813c4077dc Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Wed, 19 Jun 2024 08:26:37 -0400 Subject: [PATCH 11/36] rename png files --- ...ot-recovery-additional-recovery-information.png} | Bin ...een-24h2.png => preboot-recovery-additional.png} | Bin .../bitlocker/preboot-recovery-screen.md | 4 ++-- 3 files changed, 2 insertions(+), 2 deletions(-) rename windows/security/operating-system-security/data-protection/bitlocker/images/{bitlocker-recovery-screen-24h2-additional-info.png => preboot-recovery-additional-recovery-information.png} (100%) rename windows/security/operating-system-security/data-protection/bitlocker/images/{bitlocker-recovery-screen-24h2.png => preboot-recovery-additional.png} (100%) diff --git a/windows/security/operating-system-security/data-protection/bitlocker/images/bitlocker-recovery-screen-24h2-additional-info.png b/windows/security/operating-system-security/data-protection/bitlocker/images/preboot-recovery-additional-recovery-information.png similarity index 100% rename from windows/security/operating-system-security/data-protection/bitlocker/images/bitlocker-recovery-screen-24h2-additional-info.png rename to windows/security/operating-system-security/data-protection/bitlocker/images/preboot-recovery-additional-recovery-information.png diff --git a/windows/security/operating-system-security/data-protection/bitlocker/images/bitlocker-recovery-screen-24h2.png b/windows/security/operating-system-security/data-protection/bitlocker/images/preboot-recovery-additional.png similarity index 100% rename from windows/security/operating-system-security/data-protection/bitlocker/images/bitlocker-recovery-screen-24h2.png rename to windows/security/operating-system-security/data-protection/bitlocker/images/preboot-recovery-additional.png diff --git a/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md b/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md index a9916039b1..96fdcf6b66 100644 --- a/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md +++ b/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md @@ -197,7 +197,7 @@ Starting in Windows 11, version 24H2, the BitLocker preboot recovery screen impr A user has the option to review additional information about the recovery error by pressing the Alt key. :::column-end::: :::column span="2"::: - :::image type="content" source="images/bitlocker-recovery-screen-24h2.png" alt-text="Screenshot of the BitLocker recovery screen showing a custom message." lightbox="images/bitlocker-recovery-screen-24h2.png" border="false"::: + :::image type="content" source="images/preboot-recovery-additional.png" alt-text="Screenshot of the BitLocker recovery screen highlighting the Alt keyboard button to access the recovery information screen." lightbox="imagespreboot-recovery-additional.png" border="false"::: :::column-end::: :::row-end::: :::row::: @@ -205,7 +205,7 @@ Starting in Windows 11, version 24H2, the BitLocker preboot recovery screen impr The **Additional recovery information** screen contains an *error category* and a *code*, which you can use to retrieve more details from the next section of this article. :::column-end::: :::column span="2"::: - :::image type="content" source="images/bitlocker-recovery-screen-24h2-additional-info.png" alt-text="Screenshot of the BitLocker recovery screen showing a custom message." lightbox="images/bitlocker-recovery-screen-24h2-additional-info.png" border="false"::: + :::image type="content" source="images/preboot-recovery-additional-recovery-information.png" alt-text="Screenshot of the BitLocker recovery information screen." lightbox="images/preboot-recovery-additional-recovery-information.png" border="false"::: :::column-end::: :::row-end::: From 183da2649675f68279d6aaa6fcc1ca45662b8327 Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Wed, 19 Jun 2024 09:49:52 -0400 Subject: [PATCH 12/36] upfates to tables --- .../bitlocker/preboot-recovery-screen.md | 71 +++++++++++-------- 1 file changed, 43 insertions(+), 28 deletions(-) diff --git a/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md b/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md index 96fdcf6b66..35d739095e 100644 --- a/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md +++ b/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md @@ -190,11 +190,11 @@ There are rules governing which hint is shown during the recovery (in the order ## Additional recovery information screen -Starting in Windows 11, version 24H2, the BitLocker preboot recovery screen improves the information about the recovery error. +Starting in Windows 11, version 24H2, the BitLocker preboot recovery screen enhances the recovery error information. The recovery screen provides more detailed information about the nature of the recovery error, empowering users to better understand and address the issue. :::row::: :::column span="2"::: - A user has the option to review additional information about the recovery error by pressing the Alt key. + Users have the option to review additional information about the recovery error by pressing the Alt key. :::column-end::: :::column span="2"::: :::image type="content" source="images/preboot-recovery-additional.png" alt-text="Screenshot of the BitLocker recovery screen highlighting the Alt keyboard button to access the recovery information screen." lightbox="imagespreboot-recovery-additional.png" border="false"::: @@ -209,16 +209,27 @@ Starting in Windows 11, version 24H2, the BitLocker preboot recovery screen impr :::column-end::: :::row-end::: -The next sections describe each BitLocker error category. Within each section there's a table with the error message displayed on the recovery screen, and the cause of the error. Some tables include possible resolution. +The next sections describe the codes for each BitLocker error category. Within each section there's a table with the error message displayed on the recovery screen, and the cause of the error. Some tables include possible resolution. -### Error category: Originated by user +The error categories are: -| Error code | Error cause | -|-|-| -|`E_FVE_USER_REQUESTED_RECOVERY`|The user explicitly entered recovery mode from a screen with the option to `ESC` to recovery mode.| +- [Initiated by user](#initiated-by-user) +- [Code integrity](#code-integrity) +- [Device lockout](#device-lockout) +- [Boot configuration](#boot-configuration) +- [TPM](#tpm) +- [Protector](#protector) +- [Unknown](#unknown) + + +### Initiated by user + +| Error code | Error cause | Resolution| +|-|-|-| +|`E_FVE_USER_REQUESTED_RECOVERY`|The user explicitly entered recovery mode from a screen with the option to `ESC` to recovery mode.|| |`E_FVE_BOOT_DEBUG_ENABLED`|Boot debugging mode is enabled. |Remove the boot debugging option from the boot configuration database.| -### Error category: Code integrity +### Code integrity Driver signature enforcement is used to ensure code integrity of the operating system. @@ -226,7 +237,7 @@ Driver signature enforcement is used to ensure code integrity of the operating s |-|-| |`E_FVE_CI_DISABLED`|Driver signature enforcement is disabled.| -### Error category: Device lockout threshold +### Device lockout Device lockout threshold functionality allows an administrator to configure Windows logon with BitLocker protection. After the configured number of failed Windows logon attempts, the device reboots and can only be recovered by providing a BitLocker recovery method. @@ -237,42 +248,44 @@ To take advantage of this functionality, you must configure the policy setting * |`E_FVE_DEVICE_LOCKEDOUT`|Device lockout triggered due to too many incorrect sign in attempts.|A BitLocker recovery method is required to return to the logon screen.| |`E_FVE_DEVICE_LOCKOUT_MISMATCH`|The device lockout counter is out of sync. |A BitLocker recovery method is required to return to the logon screen.| -### Error category: Boot configuration +### Boot configuration -The *Boot Configuration Database (BCD)* contains critical information for the Windows boot environment. More information about how BitLocker uses the BCD is available here. +The *Boot Configuration Database (BCD)* contains critical information for the Windows boot environment. | Error code | Error cause | Resolution| |-|-|-| -|`E_FVE_BAD_CODE_ID, E_FVE_BAD_CODE_OPTION`|BitLocker entered recovery mode because a boot application has changed.|BitLocker tracks the data inside the BCD. BitLocker recovery can occur when this data changes without warning. Refer to the recovery screen to find the boot application that changed.
To remediate this issue, restore the BCD configuration. A BitLocker recovery method is required to unlock the device if the BCD configuration cannot be restored before booting.| +|`E_FVE_BAD_CODE_ID`

`E_FVE_BAD_CODE_OPTION`|BitLocker entered recovery mode because a boot application changed.
BitLocker tracks the data inside the BCD and BitLocker recovery can occur when this data changes without warning.

Refer to the recovery screen to find the boot application that changed.|To remediate this issue, restore the BCD configuration. A BitLocker recovery method is required to unlock the device if the BCD configuration cannot be restored before booting.| -### Error category: TPM +For more information, see [Boot Configuration Data settings and BitLocker](bcd-settings-and-bitlocker.md). -The Trusted Platform Module (TPM) is cryptographic hardware or firmware used to secure a device. More information about the TPM is available at Trusted Platform Module Technology Overview - Windows Security | Microsoft Learn. +### TPM -BitLocker creates a TPM protector to manage protection of the encryption keys used to encrypt your data. At boot, BitLocker attempts to communicate with the TPM to unlock the device and access your data. More information about how BitLocker uses the TPM is available at BitLocker overview - Windows Security | Microsoft Learn. +The Trusted Platform Module (TPM) is cryptographic hardware or firmware used to secure a device. BitLocker creates a *TPM protector* to manage protection of the encryption keys used to encrypt your data. -BitLocker entered recovery mode because of a failure with the TPM. +At boot, BitLocker attempts to communicate with the TPM to unlock the device and access your data. | Error code | Error cause | |-|-| -|`E_FVE_TPM_DISABLED` | A TPM is present but has been disabled for use before or during boot| -|`E_FVE_TPM_INVALIDATED` | A TPM is present but invalidated| -|`E_FVE_BAD_SRK` | The TPM's internal Storage Root Key is corrupted| -|`E_FVE_TPM_NOT_DETECTED` | The booting system doesn't have or doesn't detect a TPM| -|`E_MATCHING_PCRS_TPM_FAILURE`| The TPM unexpectedly failed when unsealing the encryption key| +|`E_FVE_TPM_DISABLED` | A TPM is present but has been disabled for use before or during boot.| +|`E_FVE_TPM_INVALIDATED` | A TPM is present but invalidated.| +|`E_FVE_BAD_SRK` | The TPM's internal Storage Root Key is corrupted.| +|`E_FVE_TPM_NOT_DETECTED` | The booting system doesn't have or doesn't detect a TPM.| +|`E_MATCHING_PCRS_TPM_FAILURE`| The TPM unexpectedly failed when unsealing the encryption key.| |`E_FVE_TPM_FAILURE` | Catch-all for other TPM errors.| -### Error category: Protector +For more information, see [Trusted Platform Module Technology Overview](../../../hardware-security/tpm/trusted-platform-module-overview.md) and [BitLocker and TPM](index.md#bitlocker-and-tpm). + +### Protector #### TPM protectors The TPM contains multiple Platform Configuration Registers (PCRs) that can be used in the validation profile of the BitLocker TPM protector. The PCRs are used to validate the integrity of the boot process, that is, that the boot configuration and boot flow hasn't been tampered with. -BitLocker recovery can be the result of unexpected changes in the PCRs used in the TPM protector validation profile. Changes to PCRs not used in the TPM protector profile do not influence BitLocker. +BitLocker recovery can be the result of unexpected changes in the PCRs used in the TPM protector validation profile. Changes to PCRs not used in the TPM protector profile don't influence BitLocker. | Error code | Error cause |Resolution| |-|-| -|`E_FVE_PCR_MISMATCH`|BitLocker entered recovery mode because your device's configuration has changed.

This may have happened because:
- A bootable disc or USB device is inserted. Removing it and restarting your device may fix this problem
- A firmware update was applied without updating the TPM protector

For more examples, see [BitLocker recovery scenarios](recovery-overview.md#bitlocker-recovery-scenarios)| recovery method is required to unlock the device.| +|`E_FVE_PCR_MISMATCH`|The device's configuration has changed.

This may have happened because:
- A bootable disc or USB device is inserted. Removing it and restarting your device might fix this problem
- A firmware update was applied without updating the TPM protector

For more examples, see [BitLocker recovery scenarios](recovery-overview.md#bitlocker-recovery-scenarios)| A recovery method is required to unlock the device.| #### Special cases for PCR 7 @@ -280,11 +293,13 @@ If the TPM protector uses PCR 7 in the validation profile, BitLocker expects PCR | Error code | Error cause |Resolution| |-|-|-| -|`E_FVE_SECUREBOOT_DISABLED`|BitLocker entered recovery mode because Secure Boot has been disabled.|To access the encryption key and unlock your device, BitLocker expects Secure Boot to be on. Re-enabling Secure Boot and rebooting the system may fix the recovery issue. Otherwise, a recovery method is required to access the device.| -|`E_FVE_SECUREBOOT_CHANGED`|BitLocker entered recovery mode because the Secure Boot configuration unexpectedly changed.|The boot configuration measured in PCR 7 changed. This may be either because of:
- An additional measurement currently present that was not present when BitLocker updated the TPM protector
- A missing measurement that was present when BitLocker last updated the TPM protector but now is not present
- An expected event has a different measurement - A recovery method is required to unlock the device.| +|`E_FVE_SECUREBOOT_DISABLED`|Secure Boot has been disabled. To access the encryption key and unlock your device, BitLocker expects Secure Boot to be on. | Re-enabling Secure Boot and rebooting the system might fix the recovery issue. Otherwise, a recovery method is required to access the device.| +|`E_FVE_SECUREBOOT_CHANGED`|The Secure Boot configuration unexpectedly changed. The boot configuration measured in PCR 7 changed.
This may be either because of:
- An additional measurement currently present that was not present when BitLocker updated the TPM protector
- A missing measurement that was present when BitLocker last updated the TPM protector but now is not present
- An expected event has a different measurement | A recovery method is required to unlock the device.| -### Error category: Unknown +For more information, see [Static Root of Trust Measurements](/previous-versions/windows/hardware/hck/jj923068(v=vs.85)#appendix-a-static-root-of-trust-measurements) + +### Unknown | Error code | Error cause | Resolution| |-|-|-| -|`E_FVE_RECOVERY_ERROR_UNKNOWN`| BitLocker entered recovery mode because of an unknown error. | A recovery method is required to unlock the device.| \ No newline at end of file +|`E_FVE_RECOVERY_ERROR_UNKNOWN`| BitLocker entered recovery mode because of an unknown error. | A recovery method is required to unlock the device.| From a0d1c4c179875fc77b564ad93e1c9aa1c65c38b8 Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Wed, 19 Jun 2024 10:33:02 -0400 Subject: [PATCH 13/36] Intro updates --- .../bitlocker/preboot-recovery-screen.md | 20 ++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md b/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md index 35d739095e..671af71364 100644 --- a/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md +++ b/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md @@ -7,9 +7,9 @@ ms.date: 06/18/2024 # BitLocker preboot recovery screen -During BitLocker recovery, the *preboot recovery screen* can display a custom recovery message, a custom recovery URL, and a few hints to help users finding where a key can be retrieved from. +During BitLocker recovery, the *preboot recovery screen* is a critical touchpoint for users, offering a custom recovery message tailored to the organization's needs, a direct recovery URL for additional support, and strategic hints to assist users in locating their recovery key. -This article describes the information displayed in the preboot recovery screen depending on configured policy settings and recovery keys status. +This article delves into the various elements displayed on the preboot recovery screen, detailing how policy settings and the status of recovery keys influence the information presented. Whether it's a personalized message or practical guidance, the preboot recovery screen is designed to streamline the recovery process for users ## Default preboot recovery screen @@ -239,14 +239,14 @@ Driver signature enforcement is used to ensure code integrity of the operating s ### Device lockout -Device lockout threshold functionality allows an administrator to configure Windows logon with BitLocker protection. After the configured number of failed Windows logon attempts, the device reboots and can only be recovered by providing a BitLocker recovery method. +Device lockout threshold functionality allows an administrator to configure Windows sign in with BitLocker protection. After the configured number of failed Windows sign in attempts, the device reboots and can only be recovered by providing a BitLocker recovery method. To take advantage of this functionality, you must configure the policy setting **Interactive logon: Machine account lockout threshold** located in **Computer Configuration** > **Windows Settings** > **Security Settings** > **Local Policies** > **Security Options**. Alternatively, use the [Exchange ActiveSync](/Exchange/clients/exchange-activesync/exchange-activesync) **MaxFailedPasswordAttempts** policy setting, or the [DeviceLock Configuration Service Provider (CSP)](/windows/client-management/mdm/policy-csp-devicelock#accountlockoutpolicy). | Error code | Error cause | Resolution| |-|-|-| -|`E_FVE_DEVICE_LOCKEDOUT`|Device lockout triggered due to too many incorrect sign in attempts.|A BitLocker recovery method is required to return to the logon screen.| -|`E_FVE_DEVICE_LOCKOUT_MISMATCH`|The device lockout counter is out of sync. |A BitLocker recovery method is required to return to the logon screen.| +|`E_FVE_DEVICE_LOCKEDOUT`|Device lockout triggered due to too many incorrect sign in attempts.|A BitLocker recovery method is required to return to the sign in screen.| +|`E_FVE_DEVICE_LOCKOUT_MISMATCH`|The device lockout counter is out of sync. |A BitLocker recovery method is required to return to the sign in screen.| ### Boot configuration @@ -254,7 +254,7 @@ The *Boot Configuration Database (BCD)* contains critical information for the Wi | Error code | Error cause | Resolution| |-|-|-| -|`E_FVE_BAD_CODE_ID`

`E_FVE_BAD_CODE_OPTION`|BitLocker entered recovery mode because a boot application changed.
BitLocker tracks the data inside the BCD and BitLocker recovery can occur when this data changes without warning.

Refer to the recovery screen to find the boot application that changed.|To remediate this issue, restore the BCD configuration. A BitLocker recovery method is required to unlock the device if the BCD configuration cannot be restored before booting.| +|`E_FVE_BAD_CODE_ID`

`E_FVE_BAD_CODE_OPTION`|BitLocker entered recovery mode because a boot application changed.
BitLocker tracks the data inside the BCD and BitLocker recovery can occur when this data changes without warning.

Refer to the recovery screen to find the boot application that changed.|To remediate this issue, restore the BCD configuration. A BitLocker recovery method is required to unlock the device if the BCD configuration can't be restored before booting.| For more information, see [Boot Configuration Data settings and BitLocker](bcd-settings-and-bitlocker.md). @@ -266,7 +266,7 @@ At boot, BitLocker attempts to communicate with the TPM to unlock the device and | Error code | Error cause | |-|-| -|`E_FVE_TPM_DISABLED` | A TPM is present but has been disabled for use before or during boot.| +|`E_FVE_TPM_DISABLED` | A TPM is present but is disabled for use before or during boot.| |`E_FVE_TPM_INVALIDATED` | A TPM is present but invalidated.| |`E_FVE_BAD_SRK` | The TPM's internal Storage Root Key is corrupted.| |`E_FVE_TPM_NOT_DETECTED` | The booting system doesn't have or doesn't detect a TPM.| @@ -285,7 +285,9 @@ BitLocker recovery can be the result of unexpected changes in the PCRs used in t | Error code | Error cause |Resolution| |-|-| -|`E_FVE_PCR_MISMATCH`|The device's configuration has changed.

This may have happened because:
- A bootable disc or USB device is inserted. Removing it and restarting your device might fix this problem
- A firmware update was applied without updating the TPM protector

For more examples, see [BitLocker recovery scenarios](recovery-overview.md#bitlocker-recovery-scenarios)| A recovery method is required to unlock the device.| +|`E_FVE_PCR_MISMATCH`|The device's configuration changed.

Possible causes include:
- A bootable media is inserted. Removing it and restarting your device might fix this problem
- A firmware update was applied without updating the TPM protector| A recovery method is required to unlock the device.| + +For more examples, see [BitLocker recovery scenarios](recovery-overview.md#bitlocker-recovery-scenarios). #### Special cases for PCR 7 @@ -294,7 +296,7 @@ If the TPM protector uses PCR 7 in the validation profile, BitLocker expects PCR | Error code | Error cause |Resolution| |-|-|-| |`E_FVE_SECUREBOOT_DISABLED`|Secure Boot has been disabled. To access the encryption key and unlock your device, BitLocker expects Secure Boot to be on. | Re-enabling Secure Boot and rebooting the system might fix the recovery issue. Otherwise, a recovery method is required to access the device.| -|`E_FVE_SECUREBOOT_CHANGED`|The Secure Boot configuration unexpectedly changed. The boot configuration measured in PCR 7 changed.
This may be either because of:
- An additional measurement currently present that was not present when BitLocker updated the TPM protector
- A missing measurement that was present when BitLocker last updated the TPM protector but now is not present
- An expected event has a different measurement | A recovery method is required to unlock the device.| +|`E_FVE_SECUREBOOT_CHANGED`|The Secure Boot configuration unexpectedly changed. The boot configuration measured in PCR 7 changed.
This may be either because of:
- An additional measurement currently present that wasn't present when BitLocker updated the TPM protector
- A missing measurement that was present when BitLocker last updated the TPM protector but now isn't present
- An expected event has a different measurement | A recovery method is required to unlock the device.| For more information, see [Static Root of Trust Measurements](/previous-versions/windows/hardware/hck/jj923068(v=vs.85)#appendix-a-static-root-of-trust-measurements) From 3b79dddf25daa02b8a1d587eb8ffed67ff5e071d Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Wed, 19 Jun 2024 10:45:23 -0400 Subject: [PATCH 14/36] update to lightbox path image --- .../data-protection/bitlocker/preboot-recovery-screen.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md b/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md index 671af71364..8f37009fa3 100644 --- a/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md +++ b/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md @@ -2,7 +2,7 @@ title: BitLocker preboot recovery screen description: Learn about the information displayed in the BitLocker preboot recovery screen, depending on configured policy settings and recovery keys status. ms.topic: concept-article -ms.date: 06/18/2024 +ms.date: 06/19/2024 --- # BitLocker preboot recovery screen @@ -197,7 +197,7 @@ Starting in Windows 11, version 24H2, the BitLocker preboot recovery screen enha Users have the option to review additional information about the recovery error by pressing the Alt key. :::column-end::: :::column span="2"::: - :::image type="content" source="images/preboot-recovery-additional.png" alt-text="Screenshot of the BitLocker recovery screen highlighting the Alt keyboard button to access the recovery information screen." lightbox="imagespreboot-recovery-additional.png" border="false"::: + :::image type="content" source="images/preboot-recovery-additional.png" alt-text="Screenshot of the BitLocker recovery screen highlighting the Alt keyboard button to access the recovery information screen." lightbox="images/preboot-recovery-additional.png" border="false"::: :::column-end::: :::row-end::: :::row::: From a9338be872d884c28d265a78c9c23741ba6efe62 Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Wed, 19 Jun 2024 13:31:58 -0400 Subject: [PATCH 15/36] update --- .../data-protection/bitlocker/preboot-recovery-screen.md | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md b/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md index 8f37009fa3..a1006f2b79 100644 --- a/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md +++ b/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md @@ -291,15 +291,13 @@ For more examples, see [BitLocker recovery scenarios](recovery-overview.md#bitlo #### Special cases for PCR 7 -If the TPM protector uses PCR 7 in the validation profile, BitLocker expects PCR 7 to measure a specific set of events for Secure Boot. These measurements are defined in the UEFI spec. More information is also available at Trusted Execution Environment EFI Protocol - Windows 8.1 HCK | Microsoft Learn. +If the TPM protector uses PCR 7 in the validation profile, BitLocker expects PCR 7 to measure a specific set of events for Secure Boot. These measurements are defined in the UEFI spec. For more information, see [Static Root of Trust Measurements](/previous-versions/windows/hardware/hck/jj923068(v=vs.85)#appendix-a-static-root-of-trust-measurements) | Error code | Error cause |Resolution| |-|-|-| |`E_FVE_SECUREBOOT_DISABLED`|Secure Boot has been disabled. To access the encryption key and unlock your device, BitLocker expects Secure Boot to be on. | Re-enabling Secure Boot and rebooting the system might fix the recovery issue. Otherwise, a recovery method is required to access the device.| |`E_FVE_SECUREBOOT_CHANGED`|The Secure Boot configuration unexpectedly changed. The boot configuration measured in PCR 7 changed.
This may be either because of:
- An additional measurement currently present that wasn't present when BitLocker updated the TPM protector
- A missing measurement that was present when BitLocker last updated the TPM protector but now isn't present
- An expected event has a different measurement | A recovery method is required to unlock the device.| -For more information, see [Static Root of Trust Measurements](/previous-versions/windows/hardware/hck/jj923068(v=vs.85)#appendix-a-static-root-of-trust-measurements) - ### Unknown | Error code | Error cause | Resolution| From 9dc395ea246fdc4665d397370b556f604a8320aa Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Wed, 19 Jun 2024 13:45:56 -0400 Subject: [PATCH 16/36] test no-loc --- .../data-protection/bitlocker/preboot-recovery-screen.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md b/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md index a1006f2b79..21b045fa3d 100644 --- a/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md +++ b/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md @@ -213,6 +213,8 @@ The next sections describe the codes for each BitLocker error category. Within e The error categories are: +:::no-loc + - [Initiated by user](#initiated-by-user) - [Code integrity](#code-integrity) - [Device lockout](#device-lockout) @@ -221,8 +223,9 @@ The error categories are: - [Protector](#protector) - [Unknown](#unknown) +::: -### Initiated by user +### :::no-loc Initiated by user::: | Error code | Error cause | Resolution| |-|-|-| From fc8ae307deb4d71bf5ae7fdbcad9fad17869815a Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Wed, 19 Jun 2024 13:54:17 -0400 Subject: [PATCH 17/36] removed localization options with code fence --- .../bitlocker/preboot-recovery-screen.md | 32 ++++++++----------- 1 file changed, 14 insertions(+), 18 deletions(-) diff --git a/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md b/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md index 21b045fa3d..c1ebd9a8ad 100644 --- a/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md +++ b/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md @@ -213,26 +213,22 @@ The next sections describe the codes for each BitLocker error category. Within e The error categories are: -:::no-loc +- [`Initiated by user`](#initiated-by-user) +- [`Code integrity`](#code-integrity) +- [`Device lockout`](#device-lockout) +- [`Boot configuration`](#boot-configuration) +- [`TPM`](#tpm) +- [`Protector`](#protector) +- [`Unknown`](#unknown) -- [Initiated by user](#initiated-by-user) -- [Code integrity](#code-integrity) -- [Device lockout](#device-lockout) -- [Boot configuration](#boot-configuration) -- [TPM](#tpm) -- [Protector](#protector) -- [Unknown](#unknown) - -::: - -### :::no-loc Initiated by user::: +### `Initiated by user` | Error code | Error cause | Resolution| |-|-|-| |`E_FVE_USER_REQUESTED_RECOVERY`|The user explicitly entered recovery mode from a screen with the option to `ESC` to recovery mode.|| |`E_FVE_BOOT_DEBUG_ENABLED`|Boot debugging mode is enabled. |Remove the boot debugging option from the boot configuration database.| -### Code integrity +### `Code integrity` Driver signature enforcement is used to ensure code integrity of the operating system. @@ -240,7 +236,7 @@ Driver signature enforcement is used to ensure code integrity of the operating s |-|-| |`E_FVE_CI_DISABLED`|Driver signature enforcement is disabled.| -### Device lockout +### `Device lockout` Device lockout threshold functionality allows an administrator to configure Windows sign in with BitLocker protection. After the configured number of failed Windows sign in attempts, the device reboots and can only be recovered by providing a BitLocker recovery method. @@ -251,7 +247,7 @@ To take advantage of this functionality, you must configure the policy setting * |`E_FVE_DEVICE_LOCKEDOUT`|Device lockout triggered due to too many incorrect sign in attempts.|A BitLocker recovery method is required to return to the sign in screen.| |`E_FVE_DEVICE_LOCKOUT_MISMATCH`|The device lockout counter is out of sync. |A BitLocker recovery method is required to return to the sign in screen.| -### Boot configuration +### `Boot configuration` The *Boot Configuration Database (BCD)* contains critical information for the Windows boot environment. @@ -261,7 +257,7 @@ The *Boot Configuration Database (BCD)* contains critical information for the Wi For more information, see [Boot Configuration Data settings and BitLocker](bcd-settings-and-bitlocker.md). -### TPM +### `TPM` The Trusted Platform Module (TPM) is cryptographic hardware or firmware used to secure a device. BitLocker creates a *TPM protector* to manage protection of the encryption keys used to encrypt your data. @@ -278,7 +274,7 @@ At boot, BitLocker attempts to communicate with the TPM to unlock the device and For more information, see [Trusted Platform Module Technology Overview](../../../hardware-security/tpm/trusted-platform-module-overview.md) and [BitLocker and TPM](index.md#bitlocker-and-tpm). -### Protector +### `Protector` #### TPM protectors @@ -301,7 +297,7 @@ If the TPM protector uses PCR 7 in the validation profile, BitLocker expects PCR |`E_FVE_SECUREBOOT_DISABLED`|Secure Boot has been disabled. To access the encryption key and unlock your device, BitLocker expects Secure Boot to be on. | Re-enabling Secure Boot and rebooting the system might fix the recovery issue. Otherwise, a recovery method is required to access the device.| |`E_FVE_SECUREBOOT_CHANGED`|The Secure Boot configuration unexpectedly changed. The boot configuration measured in PCR 7 changed.
This may be either because of:
- An additional measurement currently present that wasn't present when BitLocker updated the TPM protector
- A missing measurement that was present when BitLocker last updated the TPM protector but now isn't present
- An expected event has a different measurement | A recovery method is required to unlock the device.| -### Unknown +### `Unknown` | Error code | Error cause | Resolution| |-|-|-| From 4c6053bb30886dd61318c63dba26378bf8cd0f65 Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Wed, 19 Jun 2024 14:02:14 -0400 Subject: [PATCH 18/36] revert for localization --- .../bitlocker/preboot-recovery-screen.md | 28 +++++++++---------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md b/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md index c1ebd9a8ad..24437bd519 100644 --- a/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md +++ b/windows/security/operating-system-security/data-protection/bitlocker/preboot-recovery-screen.md @@ -213,22 +213,22 @@ The next sections describe the codes for each BitLocker error category. Within e The error categories are: -- [`Initiated by user`](#initiated-by-user) -- [`Code integrity`](#code-integrity) -- [`Device lockout`](#device-lockout) -- [`Boot configuration`](#boot-configuration) -- [`TPM`](#tpm) -- [`Protector`](#protector) -- [`Unknown`](#unknown) +- [Initiated by user](#initiated-by-user) +- [Code integrity](#code-integrity) +- [Device lockout](#device-lockout) +- [Boot configuration](#boot-configuration) +- [TPM](#tpm) +- [Protector](#protector) +- [Unknown](#unknown) -### `Initiated by user` +### Initiated by user | Error code | Error cause | Resolution| |-|-|-| |`E_FVE_USER_REQUESTED_RECOVERY`|The user explicitly entered recovery mode from a screen with the option to `ESC` to recovery mode.|| |`E_FVE_BOOT_DEBUG_ENABLED`|Boot debugging mode is enabled. |Remove the boot debugging option from the boot configuration database.| -### `Code integrity` +### Code integrity Driver signature enforcement is used to ensure code integrity of the operating system. @@ -236,7 +236,7 @@ Driver signature enforcement is used to ensure code integrity of the operating s |-|-| |`E_FVE_CI_DISABLED`|Driver signature enforcement is disabled.| -### `Device lockout` +### Device lockout Device lockout threshold functionality allows an administrator to configure Windows sign in with BitLocker protection. After the configured number of failed Windows sign in attempts, the device reboots and can only be recovered by providing a BitLocker recovery method. @@ -247,7 +247,7 @@ To take advantage of this functionality, you must configure the policy setting * |`E_FVE_DEVICE_LOCKEDOUT`|Device lockout triggered due to too many incorrect sign in attempts.|A BitLocker recovery method is required to return to the sign in screen.| |`E_FVE_DEVICE_LOCKOUT_MISMATCH`|The device lockout counter is out of sync. |A BitLocker recovery method is required to return to the sign in screen.| -### `Boot configuration` +### Boot configuration The *Boot Configuration Database (BCD)* contains critical information for the Windows boot environment. @@ -257,7 +257,7 @@ The *Boot Configuration Database (BCD)* contains critical information for the Wi For more information, see [Boot Configuration Data settings and BitLocker](bcd-settings-and-bitlocker.md). -### `TPM` +### TPM The Trusted Platform Module (TPM) is cryptographic hardware or firmware used to secure a device. BitLocker creates a *TPM protector* to manage protection of the encryption keys used to encrypt your data. @@ -274,7 +274,7 @@ At boot, BitLocker attempts to communicate with the TPM to unlock the device and For more information, see [Trusted Platform Module Technology Overview](../../../hardware-security/tpm/trusted-platform-module-overview.md) and [BitLocker and TPM](index.md#bitlocker-and-tpm). -### `Protector` +### Protector #### TPM protectors @@ -297,7 +297,7 @@ If the TPM protector uses PCR 7 in the validation profile, BitLocker expects PCR |`E_FVE_SECUREBOOT_DISABLED`|Secure Boot has been disabled. To access the encryption key and unlock your device, BitLocker expects Secure Boot to be on. | Re-enabling Secure Boot and rebooting the system might fix the recovery issue. Otherwise, a recovery method is required to access the device.| |`E_FVE_SECUREBOOT_CHANGED`|The Secure Boot configuration unexpectedly changed. The boot configuration measured in PCR 7 changed.
This may be either because of:
- An additional measurement currently present that wasn't present when BitLocker updated the TPM protector
- A missing measurement that was present when BitLocker last updated the TPM protector but now isn't present
- An expected event has a different measurement | A recovery method is required to unlock the device.| -### `Unknown` +### Unknown | Error code | Error cause | Resolution| |-|-|-| From 0e093e9a926ee4a806a1e94b7912c2ed5899b0ba Mon Sep 17 00:00:00 2001 From: "Vinay Pamnani (from Dev Box)" Date: Fri, 21 Jun 2024 11:02:53 -0600 Subject: [PATCH 19/36] May CSP Updates --- .../mdm/activesync-ddf-file.md | 4 +- .../mdm/applicationcontrol-csp-ddf.md | 4 +- .../mdm/applocker-ddf-file.md | 4 +- .../mdm/assignedaccess-ddf.md | 4 +- .../mdm/bitlocker-ddf-file.md | 4 +- .../mdm/certificatestore-ddf-file.md | 4 +- .../mdm/clientcertificateinstall-ddf-file.md | 6 +- .../client-management/mdm/clouddesktop-csp.md | 61 +++++++- .../mdm/clouddesktop-ddf-file.md | 65 +++++++- .../mdm/declaredconfiguration-ddf-file.md | 4 +- windows/client-management/mdm/defender-csp.md | 143 +++++++++++++++++- windows/client-management/mdm/defender-ddf.md | 102 ++++++++++++- .../mdm/devdetail-ddf-file.md | 4 +- .../mdm/devicemanageability-ddf.md | 4 +- .../mdm/devicepreparation-ddf-file.md | 4 +- .../client-management/mdm/devicestatus-ddf.md | 4 +- .../client-management/mdm/devinfo-ddf-file.md | 4 +- .../mdm/diagnosticlog-ddf.md | 4 +- .../client-management/mdm/dmacc-ddf-file.md | 4 +- .../mdm/dmclient-ddf-file.md | 6 +- .../client-management/mdm/email2-ddf-file.md | 4 +- ...enterprisedesktopappmanagement-ddf-file.md | 6 +- .../mdm/enterprisemodernappmanagement-ddf.md | 6 +- .../client-management/mdm/euiccs-ddf-file.md | 4 +- .../mdm/firewall-ddf-file.md | 4 +- .../mdm/healthattestation-ddf.md | 4 +- .../mdm/language-pack-management-ddf-file.md | 4 +- .../client-management/mdm/laps-ddf-file.md | 4 +- .../client-management/mdm/networkproxy-ddf.md | 4 +- .../mdm/networkqospolicy-ddf.md | 4 +- .../mdm/nodecache-ddf-file.md | 6 +- windows/client-management/mdm/office-ddf.md | 6 +- .../mdm/passportforwork-csp.md | 52 +------ .../mdm/passportforwork-ddf.md | 45 +----- .../mdm/personaldataencryption-ddf-file.md | 4 +- .../mdm/personalization-csp.md | 10 +- .../mdm/personalization-ddf.md | 14 +- .../mdm/policies-in-policy-csp-admx-backed.md | 4 +- ...in-policy-csp-supported-by-group-policy.md | 3 +- ...-in-policy-csp-supported-by-surface-hub.md | 3 +- .../mdm/policy-csp-admx-terminalserver.md | 52 ++++++- .../mdm/policy-csp-deliveryoptimization.md | 18 +-- .../mdm/policy-csp-internetexplorer.md | 56 ++++++- .../mdm/policy-csp-remotedesktopservices.md | 6 +- .../mdm/policy-csp-update.md | 65 +++++++- .../mdm/policy-csp-windowsai.md | 5 +- .../mdm/printerprovisioning-ddf-file.md | 4 +- .../client-management/mdm/reboot-ddf-file.md | 4 +- .../mdm/rootcacertificates-ddf-file.md | 6 +- .../mdm/secureassessment-ddf-file.md | 4 +- .../mdm/sharedpc-ddf-file.md | 4 +- .../client-management/mdm/supl-ddf-file.md | 4 +- .../client-management/mdm/vpnv2-ddf-file.md | 6 +- .../client-management/mdm/wifi-ddf-file.md | 6 +- ...indowsdefenderapplicationguard-ddf-file.md | 4 +- .../mdm/windowslicensing-ddf-file.md | 4 +- .../mdm/wirednetwork-ddf-file.md | 6 +- 57 files changed, 653 insertions(+), 231 deletions(-) diff --git a/windows/client-management/mdm/activesync-ddf-file.md b/windows/client-management/mdm/activesync-ddf-file.md index b48213ce4d..e3debc8c7e 100644 --- a/windows/client-management/mdm/activesync-ddf-file.md +++ b/windows/client-management/mdm/activesync-ddf-file.md @@ -1,7 +1,7 @@ --- title: ActiveSync DDF file description: View the XML file containing the device description framework (DDF) for the ActiveSync configuration service provider. -ms.date: 04/10/2024 +ms.date: 06/19/2024 --- @@ -40,7 +40,7 @@ The following XML file contains the device description framework (DDF) for the A 10.0.10240 1.0 - 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xBC;0xBF;0xCA;0xCB;0xCD;0xCF;0xD2; + 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x77;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xB4;0xBC;0xBD;0xBF;0xCA;0xCB; diff --git a/windows/client-management/mdm/applicationcontrol-csp-ddf.md b/windows/client-management/mdm/applicationcontrol-csp-ddf.md index 6b5054eb37..e701a8b0ec 100644 --- a/windows/client-management/mdm/applicationcontrol-csp-ddf.md +++ b/windows/client-management/mdm/applicationcontrol-csp-ddf.md @@ -1,7 +1,7 @@ --- title: ApplicationControl DDF file description: View the XML file containing the device description framework (DDF) for the ApplicationControl configuration service provider. -ms.date: 01/31/2024 +ms.date: 06/19/2024 --- @@ -40,7 +40,7 @@ The following XML file contains the device description framework (DDF) for the A 10.0.18362 1.0 - 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x88;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xBC;0xBF;0xCA;0xCB;0xCD;0xCF;0xD2; + 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x77;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x87;0x88;0x88*;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xB4;0xBC;0xBD;0xBF;0xCA;0xCB; diff --git a/windows/client-management/mdm/applocker-ddf-file.md b/windows/client-management/mdm/applocker-ddf-file.md index f712663818..c8d03d6d27 100644 --- a/windows/client-management/mdm/applocker-ddf-file.md +++ b/windows/client-management/mdm/applocker-ddf-file.md @@ -1,7 +1,7 @@ --- title: AppLocker DDF file description: View the XML file containing the device description framework (DDF) for the AppLocker configuration service provider. -ms.date: 04/10/2024 +ms.date: 06/19/2024 --- @@ -40,7 +40,7 @@ The following XML file contains the device description framework (DDF) for the A 10.0.10586 1.0 - 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xBC;0xBF;0xCA;0xCB;0xCD;0xCF;0xD2; + 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x87;0x88*;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xB4;0xBC;0xBD;0xBF;0xCA;0xCB; diff --git a/windows/client-management/mdm/assignedaccess-ddf.md b/windows/client-management/mdm/assignedaccess-ddf.md index 5b113fb30f..8bc008e978 100644 --- a/windows/client-management/mdm/assignedaccess-ddf.md +++ b/windows/client-management/mdm/assignedaccess-ddf.md @@ -1,7 +1,7 @@ --- title: AssignedAccess DDF file description: View the XML file containing the device description framework (DDF) for the AssignedAccess configuration service provider. -ms.date: 04/10/2024 +ms.date: 06/19/2024 --- @@ -40,7 +40,7 @@ The following XML file contains the device description framework (DDF) for the A 10.0.10240 1.0 - 0x4;0x1B;0x30;0x31;0x48;0x54;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x88;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xBC;0xBF;0xCA;0xCB;0xCD;0xCF;0xD2; + 0x4;0x1B;0x30;0x31;0x48;0x54;0x77;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x88;0x88*;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xB4;0xBC;0xBD;0xBF;0xCA;0xCB; diff --git a/windows/client-management/mdm/bitlocker-ddf-file.md b/windows/client-management/mdm/bitlocker-ddf-file.md index 738dea71d0..6015905cf3 100644 --- a/windows/client-management/mdm/bitlocker-ddf-file.md +++ b/windows/client-management/mdm/bitlocker-ddf-file.md @@ -1,7 +1,7 @@ --- title: BitLocker DDF file description: View the XML file containing the device description framework (DDF) for the BitLocker configuration service provider. -ms.date: 04/10/2024 +ms.date: 06/19/2024 --- @@ -39,7 +39,7 @@ The following XML file contains the device description framework (DDF) for the B 10.0.15063 1.0 - 0x4;0x1B;0x30;0x31;0x48;0x54;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xBC;0xBF;0xCA;0xCB;0xCD;0xCF;0xD2; + 0x4;0x1B;0x30;0x31;0x48;0x54;0x77;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xB4;0xBC;0xBD;0xBF;0xCA;0xCB; diff --git a/windows/client-management/mdm/certificatestore-ddf-file.md b/windows/client-management/mdm/certificatestore-ddf-file.md index 34d7637fbe..8ab2380099 100644 --- a/windows/client-management/mdm/certificatestore-ddf-file.md +++ b/windows/client-management/mdm/certificatestore-ddf-file.md @@ -1,7 +1,7 @@ --- title: CertificateStore DDF file description: View the XML file containing the device description framework (DDF) for the CertificateStore configuration service provider. -ms.date: 01/31/2024 +ms.date: 06/19/2024 --- @@ -42,7 +42,7 @@ The following XML file contains the device description framework (DDF) for the C 10.0.10586 1.0 - 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x88;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xBC;0xBF;0xCA;0xCB;0xCD;0xCF;0xD2; + 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x77;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x87;0x88;0x88*;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xB4;0xBC;0xBD;0xBF;0xCA;0xCB; diff --git a/windows/client-management/mdm/clientcertificateinstall-ddf-file.md b/windows/client-management/mdm/clientcertificateinstall-ddf-file.md index 2d9b0700a3..c77ddb1695 100644 --- a/windows/client-management/mdm/clientcertificateinstall-ddf-file.md +++ b/windows/client-management/mdm/clientcertificateinstall-ddf-file.md @@ -1,7 +1,7 @@ --- title: ClientCertificateInstall DDF file description: View the XML file containing the device description framework (DDF) for the ClientCertificateInstall configuration service provider. -ms.date: 04/10/2024 +ms.date: 06/19/2024 --- @@ -39,7 +39,7 @@ The following XML file contains the device description framework (DDF) for the C 10.0.10586 1.0 - 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x88;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xBC;0xBF;0xCA;0xCB;0xCD;0xCF;0xD2; + 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x77;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x87;0x88;0x88*;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xB4;0xBC;0xBD;0xBF;0xCA;0xCB; @@ -1162,7 +1162,7 @@ Valid values are: 10.0.10586 1.0 - 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x88;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xBC;0xBF;0xCA;0xCB;0xCD;0xCF;0xD2; + 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x77;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x87;0x88;0x88*;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xB4;0xBC;0xBD;0xBF;0xCA;0xCB; diff --git a/windows/client-management/mdm/clouddesktop-csp.md b/windows/client-management/mdm/clouddesktop-csp.md index e249d20ca8..400b655707 100644 --- a/windows/client-management/mdm/clouddesktop-csp.md +++ b/windows/client-management/mdm/clouddesktop-csp.md @@ -1,7 +1,7 @@ --- title: CloudDesktop CSP description: Learn more about the CloudDesktop CSP. -ms.date: 03/05/2024 +ms.date: 06/19/2024 --- @@ -19,12 +19,14 @@ ms.date: 03/05/2024 The following list shows the CloudDesktop configuration service provider nodes: - ./Device/Vendor/MSFT/CloudDesktop - - [BootToCloudPCEnhanced](#boottocloudpcenhanced) - - [EnableBootToCloudSharedPCMode](#enableboottocloudsharedpcmode) + - [BootToCloudPCEnhanced](#deviceboottocloudpcenhanced) + - [EnableBootToCloudSharedPCMode](#deviceenableboottocloudsharedpcmode) +- ./User/Vendor/MSFT/CloudDesktop + - [EnablePhysicalDeviceAccess](#userenablephysicaldeviceaccess) -## BootToCloudPCEnhanced +## Device/BootToCloudPCEnhanced | Scope | Editions | Applicable OS | @@ -76,7 +78,7 @@ This node allows to configure different kinds of Boot to Cloud mode. Boot to clo -## EnableBootToCloudSharedPCMode +## Device/EnableBootToCloudSharedPCMode > [!NOTE] > This policy is deprecated and may be removed in a future release. @@ -129,6 +131,55 @@ Setting this node to "true" configures boot to cloud for Shared PC mode. Boot to + +## User/EnablePhysicalDeviceAccess + + +| Scope | Editions | Applicable OS | +|:--|:--|:--| +| ❌ Device
✅ User | ✅ Pro
✅ Enterprise
✅ Education
❌ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview | + + + +```User +./User/Vendor/MSFT/CloudDesktop/EnablePhysicalDeviceAccess +``` + + + + +Configuring this node gives access to the physical devices used to boot to Cloud PCs from the Ctrl+Alt+Del page for specified users. This node supports these options: 0. Not enabled 1. Enabled. + + + + + + + +**Description framework properties**: + +| Property name | Property value | +|:--|:--| +| Format | `bool` | +| Access Type | Add, Delete, Get, Replace | +| Default Value | false | + + + +**Allowed values**: + +| Value | Description | +|:--|:--| +| false (Default) | Access to physical device disabled. | +| true | Access to physical device enabled. | + + + + + + + + ## BootToCloudPCEnhanced technical reference diff --git a/windows/client-management/mdm/clouddesktop-ddf-file.md b/windows/client-management/mdm/clouddesktop-ddf-file.md index 98427f9e32..6efe3ed695 100644 --- a/windows/client-management/mdm/clouddesktop-ddf-file.md +++ b/windows/client-management/mdm/clouddesktop-ddf-file.md @@ -1,7 +1,7 @@ --- title: CloudDesktop DDF file description: View the XML file containing the device description framework (DDF) for the CloudDesktop configuration service provider. -ms.date: 03/05/2024 +ms.date: 06/19/2024 --- @@ -17,6 +17,69 @@ The following XML file contains the device description framework (DDF) for the C 1.2 + + CloudDesktop + ./User/Vendor/MSFT + + + + + The CloudDesktop configuration service provider is used to configure different Cloud PC related scenarios. + + + + + + + + + + + + + + 99.9.99999 + 2.0 + 0x4;0x30;0x31;0x7E;0x87;0x88;0x88*;0xA1;0xA2;0xA4;0xA5;0xB4;0xBC;0xBD;0xBF; + + + + EnablePhysicalDeviceAccess + + + + + + + + false + Configuring this node gives access to the physical devices used to boot to Cloud PCs from the Ctrl+Alt+Del page for specified users. This node supports these options: 0. Not enabled 1. Enabled. + + + + + + + + + + Enable access to physical device + + + + + + false + Access to physical device disabled + + + true + Access to physical device enabled + + + + + CloudDesktop ./Device/Vendor/MSFT diff --git a/windows/client-management/mdm/declaredconfiguration-ddf-file.md b/windows/client-management/mdm/declaredconfiguration-ddf-file.md index 95751f45be..031be873a8 100644 --- a/windows/client-management/mdm/declaredconfiguration-ddf-file.md +++ b/windows/client-management/mdm/declaredconfiguration-ddf-file.md @@ -1,7 +1,7 @@ --- title: DeclaredConfiguration DDF file description: View the XML file containing the device description framework (DDF) for the DeclaredConfiguration configuration service provider. -ms.date: 04/10/2024 +ms.date: 06/19/2024 --- @@ -40,7 +40,7 @@ The following XML file contains the device description framework (DDF) for the D 99.9.99999 9.9 - 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xBC;0xBF;0xCA;0xCB;0xCD;0xCF;0xD2; + 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x77;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xB4;0xBC;0xBD;0xBF;0xCA;0xCB; diff --git a/windows/client-management/mdm/defender-csp.md b/windows/client-management/mdm/defender-csp.md index bd54fa0edc..89c079aeea 100644 --- a/windows/client-management/mdm/defender-csp.md +++ b/windows/client-management/mdm/defender-csp.md @@ -1,7 +1,7 @@ --- title: Defender CSP description: Learn more about the Defender CSP. -ms.date: 05/20/2024 +ms.date: 06/19/2024 --- @@ -33,6 +33,9 @@ The following list shows the Defender configuration service provider nodes: - [BruteForceProtectionConfiguredState](#configurationbehavioralnetworkblocksbruteforceprotectionbruteforceprotectionconfiguredstate) - [BruteForceProtectionExclusions](#configurationbehavioralnetworkblocksbruteforceprotectionbruteforceprotectionexclusions) - [BruteForceProtectionMaxBlockTime](#configurationbehavioralnetworkblocksbruteforceprotectionbruteforceprotectionmaxblocktime) + - [BruteForceProtectionPlugins](#configurationbehavioralnetworkblocksbruteforceprotectionbruteforceprotectionplugins) + - [BruteForceProtectionLocalNetworkBlocking](#configurationbehavioralnetworkblocksbruteforceprotectionbruteforceprotectionpluginsbruteforceprotectionlocalnetworkblocking) + - [BruteForceProtectionSkipLearningPeriod](#configurationbehavioralnetworkblocksbruteforceprotectionbruteforceprotectionpluginsbruteforceprotectionskiplearningperiod) - [RemoteEncryptionProtection](#configurationbehavioralnetworkblocksremoteencryptionprotection) - [RemoteEncryptionProtectionAggressiveness](#configurationbehavioralnetworkblocksremoteencryptionprotectionremoteencryptionprotectionaggressiveness) - [RemoteEncryptionProtectionConfiguredState](#configurationbehavioralnetworkblocksremoteencryptionprotectionremoteencryptionprotectionconfiguredstate) @@ -364,7 +367,7 @@ Control whether network protection can improve performance by switching from rea | Value | Description | |:--|:--| | 1 | Allow switching to asynchronous inspection. | -| 0 (Default) | Don’t allow asynchronous inspection. | +| 0 (Default) | Don't allow asynchronous inspection. | @@ -752,6 +755,142 @@ Set the maximum time an IP address is blocked by Brute-Force Protection. After t + +##### Configuration/BehavioralNetworkBlocks/BruteForceProtection/BruteForceProtectionPlugins + + +| Scope | Editions | Applicable OS | +|:--|:--|:--| +| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 10, version 1607 [10.0.14393] and later | + + + +```Device +./Device/Vendor/MSFT/Defender/Configuration/BehavioralNetworkBlocks/BruteForceProtection/BruteForceProtectionPlugins +``` + + + + + + + + + + + +**Description framework properties**: + +| Property name | Property value | +|:--|:--| +| Format | `node` | +| Access Type | Get | + + + + + + + + + +###### Configuration/BehavioralNetworkBlocks/BruteForceProtection/BruteForceProtectionPlugins/BruteForceProtectionLocalNetworkBlocking + + +| Scope | Editions | Applicable OS | +|:--|:--|:--| +| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 10, version 1709 [10.0.16299] and later | + + + +```Device +./Device/Vendor/MSFT/Defender/Configuration/BehavioralNetworkBlocks/BruteForceProtection/BruteForceProtectionPlugins/BruteForceProtectionLocalNetworkBlocking +``` + + + + +Extend brute-force protection coverage in Microsoft Defender Antivirus to block local network addresses. + + + + + + + +**Description framework properties**: + +| Property name | Property value | +|:--|:--| +| Format | `int` | +| Access Type | Add, Delete, Get, Replace | +| Default Value | 0 | + + + +**Allowed values**: + +| Value | Description | +|:--|:--| +| 0 (Default) | Brute-force protection won't block local network addresses. | +| 1 | Brute-force protection will block local network addresses. | + + + + + + + + + +###### Configuration/BehavioralNetworkBlocks/BruteForceProtection/BruteForceProtectionPlugins/BruteForceProtectionSkipLearningPeriod + + +| Scope | Editions | Applicable OS | +|:--|:--|:--| +| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 10, version 1709 [10.0.16299] and later | + + + +```Device +./Device/Vendor/MSFT/Defender/Configuration/BehavioralNetworkBlocks/BruteForceProtection/BruteForceProtectionPlugins/BruteForceProtectionSkipLearningPeriod +``` + + + + +Skip the 2-week initial learning period, so brute-force protection in Microsoft Defender Antivirus can start blocking immediately. + + + + + + + +**Description framework properties**: + +| Property name | Property value | +|:--|:--| +| Format | `int` | +| Access Type | Add, Delete, Get, Replace | +| Default Value | 0 | + + + +**Allowed values**: + +| Value | Description | +|:--|:--| +| 0 (Default) | Brute-force protection blocks threats only after completing a 2-week learning period. | +| 1 | Brute-force protection starts blocking threats immediately. | + + + + + + + + #### Configuration/BehavioralNetworkBlocks/RemoteEncryptionProtection diff --git a/windows/client-management/mdm/defender-ddf.md b/windows/client-management/mdm/defender-ddf.md index a7f5fe4029..e5da0f2590 100644 --- a/windows/client-management/mdm/defender-ddf.md +++ b/windows/client-management/mdm/defender-ddf.md @@ -1,7 +1,7 @@ --- title: Defender DDF file description: View the XML file containing the device description framework (DDF) for the Defender configuration service provider. -ms.date: 05/20/2024 +ms.date: 06/19/2024 --- @@ -39,7 +39,7 @@ The following XML file contains the device description framework (DDF) for the D 10.0.10586 1.0 - 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xBC;0xBF;0xCA;0xCB;0xCD;0xCF;0xD2; + 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x77;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xB4;0xBC;0xBD;0xBF;0xCA;0xCB; @@ -3596,6 +3596,104 @@ The following XML file contains the device description framework (DDF) for the D + + BruteForceProtectionPlugins + + + + + + + + + + + + + + + + + + + BruteForceProtectionLocalNetworkBlocking + + + + + + + + 0 + Extend brute-force protection coverage in Microsoft Defender Antivirus to block local network addresses. + + + + + + + + + + + + + + 10.0.16299 + 1.3 + + + + 0 + Brute-force protection will not block local network addresses + + + 1 + Brute-force protection will block local network addresses + + + + + + BruteForceProtectionSkipLearningPeriod + + + + + + + + 0 + Skip the 2-week initial learning period, so brute-force protection in Microsoft Defender Antivirus can start blocking immediately. + + + + + + + + + + + + + + 10.0.16299 + 1.3 + + + + 0 + Brute-force protection blocks threats only after completing a 2-week learning period + + + 1 + Brute-force protection starts blocking threats immediately + + + + + BruteForceProtectionExclusions diff --git a/windows/client-management/mdm/devdetail-ddf-file.md b/windows/client-management/mdm/devdetail-ddf-file.md index 6f562d58b4..8e200f88b4 100644 --- a/windows/client-management/mdm/devdetail-ddf-file.md +++ b/windows/client-management/mdm/devdetail-ddf-file.md @@ -1,7 +1,7 @@ --- title: DevDetail DDF file description: View the XML file containing the device description framework (DDF) for the DevDetail configuration service provider. -ms.date: 04/10/2024 +ms.date: 06/19/2024 --- @@ -40,7 +40,7 @@ The following XML file contains the device description framework (DDF) for the D 10.0.10586 1.0 - 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x88;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xBC;0xBF;0xCA;0xCB;0xCD;0xCF;0xD2; + 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x77;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x87;0x88;0x88*;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xB4;0xBC;0xBD;0xBF;0xCA;0xCB; diff --git a/windows/client-management/mdm/devicemanageability-ddf.md b/windows/client-management/mdm/devicemanageability-ddf.md index cecd7dd921..59cd0e48a0 100644 --- a/windows/client-management/mdm/devicemanageability-ddf.md +++ b/windows/client-management/mdm/devicemanageability-ddf.md @@ -1,7 +1,7 @@ --- title: DeviceManageability DDF file description: View the XML file containing the device description framework (DDF) for the DeviceManageability configuration service provider. -ms.date: 04/10/2024 +ms.date: 06/19/2024 --- @@ -42,7 +42,7 @@ The following XML file contains the device description framework (DDF) for the D 10.0.14393 1.0 - 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x88;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xBC;0xBF;0xCA;0xCB;0xCD;0xCF;0xD2; + 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x77;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x87;0x88;0x88*;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xB4;0xBC;0xBD;0xBF;0xCA;0xCB; diff --git a/windows/client-management/mdm/devicepreparation-ddf-file.md b/windows/client-management/mdm/devicepreparation-ddf-file.md index 06ec069113..be9a944b76 100644 --- a/windows/client-management/mdm/devicepreparation-ddf-file.md +++ b/windows/client-management/mdm/devicepreparation-ddf-file.md @@ -1,7 +1,7 @@ --- title: DevicePreparation DDF file description: View the XML file containing the device description framework (DDF) for the DevicePreparation configuration service provider. -ms.date: 04/10/2024 +ms.date: 06/19/2024 --- @@ -40,7 +40,7 @@ The following XML file contains the device description framework (DDF) for the D 99.9.99999 1.0 - 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x88;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xBC;0xBF;0xCA;0xCB;0xCD;0xCF;0xD2; + 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x77;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x87;0x88;0x88*;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xB4;0xBC;0xBD;0xBF;0xCA;0xCB; diff --git a/windows/client-management/mdm/devicestatus-ddf.md b/windows/client-management/mdm/devicestatus-ddf.md index 2eaff3d375..ae20b8e258 100644 --- a/windows/client-management/mdm/devicestatus-ddf.md +++ b/windows/client-management/mdm/devicestatus-ddf.md @@ -1,7 +1,7 @@ --- title: DeviceStatus DDF file description: View the XML file containing the device description framework (DDF) for the DeviceStatus configuration service provider. -ms.date: 04/10/2024 +ms.date: 06/19/2024 --- @@ -39,7 +39,7 @@ The following XML file contains the device description framework (DDF) for the D 10.0.10586 1.0 - 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x88;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xBC;0xBF;0xCA;0xCB;0xCD;0xCF;0xD2; + 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x77;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x88;0x88*;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xB4;0xBC;0xBD;0xBF;0xCA;0xCB; diff --git a/windows/client-management/mdm/devinfo-ddf-file.md b/windows/client-management/mdm/devinfo-ddf-file.md index ff9195ba0d..b2d6f8ed7f 100644 --- a/windows/client-management/mdm/devinfo-ddf-file.md +++ b/windows/client-management/mdm/devinfo-ddf-file.md @@ -1,7 +1,7 @@ --- title: DevInfo DDF file description: View the XML file containing the device description framework (DDF) for the DevInfo configuration service provider. -ms.date: 04/10/2024 +ms.date: 06/19/2024 --- @@ -41,7 +41,7 @@ The following XML file contains the device description framework (DDF) for the D 10.0.10586 1.0 - 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x88;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xBC;0xBF;0xCA;0xCB;0xCD;0xCF;0xD2; + 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x77;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x87;0x88;0x88*;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xB4;0xBC;0xBD;0xBF;0xCA;0xCB; diff --git a/windows/client-management/mdm/diagnosticlog-ddf.md b/windows/client-management/mdm/diagnosticlog-ddf.md index 9603fc932a..eef6af498d 100644 --- a/windows/client-management/mdm/diagnosticlog-ddf.md +++ b/windows/client-management/mdm/diagnosticlog-ddf.md @@ -1,7 +1,7 @@ --- title: DiagnosticLog DDF file description: View the XML file containing the device description framework (DDF) for the DiagnosticLog configuration service provider. -ms.date: 04/10/2024 +ms.date: 06/19/2024 --- @@ -39,7 +39,7 @@ The following XML file contains the device description framework (DDF) for the D 10.0.10586 1.2 - 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x88;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xBC;0xBF;0xCA;0xCB;0xCD;0xCF;0xD2; + 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x77;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x87;0x88;0x88*;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xB4;0xBC;0xBD;0xBF;0xCA;0xCB; diff --git a/windows/client-management/mdm/dmacc-ddf-file.md b/windows/client-management/mdm/dmacc-ddf-file.md index 331ce57c5d..a0fee28b12 100644 --- a/windows/client-management/mdm/dmacc-ddf-file.md +++ b/windows/client-management/mdm/dmacc-ddf-file.md @@ -1,7 +1,7 @@ --- title: DMAcc DDF file description: View the XML file containing the device description framework (DDF) for the DMAcc configuration service provider. -ms.date: 04/10/2024 +ms.date: 06/19/2024 --- @@ -40,7 +40,7 @@ The following XML file contains the device description framework (DDF) for the D 10.0.10586 1.0 - 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x88;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xBC;0xBF;0xCA;0xCB;0xCD;0xCF;0xD2; + 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x77;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x87;0x88;0x88*;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xB4;0xBC;0xBD;0xBF;0xCA;0xCB; diff --git a/windows/client-management/mdm/dmclient-ddf-file.md b/windows/client-management/mdm/dmclient-ddf-file.md index dd09a2d66f..c30288ba23 100644 --- a/windows/client-management/mdm/dmclient-ddf-file.md +++ b/windows/client-management/mdm/dmclient-ddf-file.md @@ -1,7 +1,7 @@ --- title: DMClient DDF file description: View the XML file containing the device description framework (DDF) for the DMClient configuration service provider. -ms.date: 04/10/2024 +ms.date: 06/19/2024 --- @@ -40,7 +40,7 @@ The following XML file contains the device description framework (DDF) for the D 10.0.10240 1.0 - 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x88;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xBC;0xBF;0xCA;0xCB;0xCD;0xCF;0xD2; + 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x77;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x87;0x88;0x88*;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xB4;0xBC;0xBD;0xBF;0xCA;0xCB; @@ -477,7 +477,7 @@ The following XML file contains the device description framework (DDF) for the D 10.0.10240 1.0 - 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x88;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xBC;0xBF;0xCA;0xCB;0xCD;0xCF;0xD2; + 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x77;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x87;0x88;0x88*;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xB4;0xBC;0xBD;0xBF;0xCA;0xCB; diff --git a/windows/client-management/mdm/email2-ddf-file.md b/windows/client-management/mdm/email2-ddf-file.md index 04e33d681e..a770191467 100644 --- a/windows/client-management/mdm/email2-ddf-file.md +++ b/windows/client-management/mdm/email2-ddf-file.md @@ -1,7 +1,7 @@ --- title: EMAIL2 DDF file description: View the XML file containing the device description framework (DDF) for the EMAIL2 configuration service provider. -ms.date: 04/10/2024 +ms.date: 06/19/2024 --- @@ -40,7 +40,7 @@ The following XML file contains the device description framework (DDF) for the E 10.0.10240 1.0 - 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xBC;0xBF;0xCA;0xCB;0xCD;0xCF;0xD2; + 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x77;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xB4;0xBC;0xBD;0xBF;0xCA;0xCB; diff --git a/windows/client-management/mdm/enterprisedesktopappmanagement-ddf-file.md b/windows/client-management/mdm/enterprisedesktopappmanagement-ddf-file.md index 3d361ec180..c3304851f0 100644 --- a/windows/client-management/mdm/enterprisedesktopappmanagement-ddf-file.md +++ b/windows/client-management/mdm/enterprisedesktopappmanagement-ddf-file.md @@ -1,7 +1,7 @@ --- title: EnterpriseDesktopAppManagement DDF file description: View the XML file containing the device description framework (DDF) for the EnterpriseDesktopAppManagement configuration service provider. -ms.date: 05/20/2024 +ms.date: 06/19/2024 --- @@ -40,7 +40,7 @@ The following XML file contains the device description framework (DDF) for the E 10.0.10586 1.0 - 0x4;0x1B;0x30;0x31;0x48;0x54;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xBC;0xBF;0xCA;0xCB;0xCD;0xCF;0xD2; + 0x4;0x1B;0x30;0x31;0x48;0x54;0x77;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xB4;0xBC;0xBD;0xBF;0xCA;0xCB; @@ -401,7 +401,7 @@ The following XML file contains the device description framework (DDF) for the E 10.0.10586 1.0 - 0x4;0x1B;0x30;0x31;0x48;0x54;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xBC;0xBF;0xCA;0xCB;0xCD;0xCF;0xD2; + 0x4;0x1B;0x30;0x31;0x48;0x54;0x77;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xB4;0xBC;0xBD;0xBF;0xCA;0xCB; diff --git a/windows/client-management/mdm/enterprisemodernappmanagement-ddf.md b/windows/client-management/mdm/enterprisemodernappmanagement-ddf.md index e60f2f2868..5b6b0433ae 100644 --- a/windows/client-management/mdm/enterprisemodernappmanagement-ddf.md +++ b/windows/client-management/mdm/enterprisemodernappmanagement-ddf.md @@ -1,7 +1,7 @@ --- title: EnterpriseModernAppManagement DDF file description: View the XML file containing the device description framework (DDF) for the EnterpriseModernAppManagement configuration service provider. -ms.date: 04/10/2024 +ms.date: 06/19/2024 --- @@ -39,7 +39,7 @@ The following XML file contains the device description framework (DDF) for the E 10.0.10586 1.0 - 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x88;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xBC;0xBF;0xCA;0xCB;0xCD;0xCF;0xD2; + 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x77;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x88;0x88*;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xB4;0xBC;0xBD;0xBF;0xCA;0xCB; @@ -2587,7 +2587,7 @@ The following XML file contains the device description framework (DDF) for the E 10.0.10586 1.0 - 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x88;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xBC;0xBF;0xCA;0xCB;0xCD;0xCF;0xD2; + 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x77;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x88;0x88*;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xB4;0xBC;0xBD;0xBF;0xCA;0xCB; diff --git a/windows/client-management/mdm/euiccs-ddf-file.md b/windows/client-management/mdm/euiccs-ddf-file.md index 36803e6131..09e6e5f725 100644 --- a/windows/client-management/mdm/euiccs-ddf-file.md +++ b/windows/client-management/mdm/euiccs-ddf-file.md @@ -1,7 +1,7 @@ --- title: eUICCs DDF file description: View the XML file containing the device description framework (DDF) for the eUICCs configuration service provider. -ms.date: 04/10/2024 +ms.date: 06/19/2024 --- @@ -43,7 +43,7 @@ The following XML file contains the device description framework (DDF) for the e 10.0.16299 1.0 - 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xBC;0xBF;0xCA;0xCB;0xCD;0xCF;0xD2; + 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x77;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xB4;0xBC;0xBD;0xBF;0xCA;0xCB; diff --git a/windows/client-management/mdm/firewall-ddf-file.md b/windows/client-management/mdm/firewall-ddf-file.md index 453ee21804..2fd47c663c 100644 --- a/windows/client-management/mdm/firewall-ddf-file.md +++ b/windows/client-management/mdm/firewall-ddf-file.md @@ -1,7 +1,7 @@ --- title: Firewall DDF file description: View the XML file containing the device description framework (DDF) for the Firewall configuration service provider. -ms.date: 04/10/2024 +ms.date: 06/19/2024 --- @@ -40,7 +40,7 @@ The following XML file contains the device description framework (DDF) for the F 10.0.16299 1.0 - 0x4;0x1B;0x30;0x31;0x48;0x54;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x88;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xBC;0xBF;0xCA;0xCB;0xCD;0xCF;0xD2; + 0x4;0x1B;0x30;0x31;0x48;0x54;0x77;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x88;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xB4;0xBC;0xBD;0xBF;0xCA;0xCB; diff --git a/windows/client-management/mdm/healthattestation-ddf.md b/windows/client-management/mdm/healthattestation-ddf.md index d68e4952d2..3b2c4265ae 100644 --- a/windows/client-management/mdm/healthattestation-ddf.md +++ b/windows/client-management/mdm/healthattestation-ddf.md @@ -1,7 +1,7 @@ --- title: HealthAttestation DDF file description: View the XML file containing the device description framework (DDF) for the HealthAttestation configuration service provider. -ms.date: 01/31/2024 +ms.date: 06/19/2024 --- @@ -40,7 +40,7 @@ The following XML file contains the device description framework (DDF) for the H 10.0.10586 1.0 - 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x88;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xBC;0xBF;0xCA;0xCB;0xCD;0xCF;0xD2; + 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x77;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x88;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xB4;0xBC;0xBD;0xBF;0xCA;0xCB; diff --git a/windows/client-management/mdm/language-pack-management-ddf-file.md b/windows/client-management/mdm/language-pack-management-ddf-file.md index af5086a30c..0d5661484f 100644 --- a/windows/client-management/mdm/language-pack-management-ddf-file.md +++ b/windows/client-management/mdm/language-pack-management-ddf-file.md @@ -1,7 +1,7 @@ --- title: LanguagePackManagement DDF file description: View the XML file containing the device description framework (DDF) for the LanguagePackManagement configuration service provider. -ms.date: 04/10/2024 +ms.date: 06/19/2024 --- @@ -42,7 +42,7 @@ The following XML file contains the device description framework (DDF) for the L 99.9.9999 1.0 - 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x88;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xBC;0xBF;0xCA;0xCB;0xCD;0xCF;0xD2; + 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x77;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x87;0x88;0x88*;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xB4;0xBC;0xBD;0xBF;0xCA;0xCB; diff --git a/windows/client-management/mdm/laps-ddf-file.md b/windows/client-management/mdm/laps-ddf-file.md index 8ed3954967..075ff51663 100644 --- a/windows/client-management/mdm/laps-ddf-file.md +++ b/windows/client-management/mdm/laps-ddf-file.md @@ -1,7 +1,7 @@ --- title: LAPS DDF file description: View the XML file containing the device description framework (DDF) for the LAPS configuration service provider. -ms.date: 04/10/2024 +ms.date: 06/19/2024 --- @@ -40,7 +40,7 @@ The following XML file contains the device description framework (DDF) for the L 10.0.25145, 10.0.22621.1480, 10.0.22000.1754, 10.0.20348.1663, 10.0.19041.2784, 10.0.17763.4244 1.0 - 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x88;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xBC;0xBF;0xCA;0xCB;0xCD;0xCF;0xD2; + 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x77;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x87;0x88;0x88*;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xB4;0xBC;0xBD;0xBF;0xCA;0xCB; diff --git a/windows/client-management/mdm/networkproxy-ddf.md b/windows/client-management/mdm/networkproxy-ddf.md index 77e03cd531..41f2ea80ba 100644 --- a/windows/client-management/mdm/networkproxy-ddf.md +++ b/windows/client-management/mdm/networkproxy-ddf.md @@ -1,7 +1,7 @@ --- title: NetworkProxy DDF file description: View the XML file containing the device description framework (DDF) for the NetworkProxy configuration service provider. -ms.date: 04/10/2024 +ms.date: 06/19/2024 --- @@ -40,7 +40,7 @@ The following XML file contains the device description framework (DDF) for the N 10.0.15063 1.0 - 0x4;0x1B;0x30;0x31;0x48;0x54;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x88;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xBC;0xBF;0xCA;0xCB;0xCD;0xCF;0xD2; + 0x4;0x1B;0x30;0x31;0x48;0x54;0x77;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x88;0x88*;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xB4;0xBC;0xBD;0xBF;0xCA;0xCB; diff --git a/windows/client-management/mdm/networkqospolicy-ddf.md b/windows/client-management/mdm/networkqospolicy-ddf.md index 0a77596722..abcaba4547 100644 --- a/windows/client-management/mdm/networkqospolicy-ddf.md +++ b/windows/client-management/mdm/networkqospolicy-ddf.md @@ -1,7 +1,7 @@ --- title: NetworkQoSPolicy DDF file description: View the XML file containing the device description framework (DDF) for the NetworkQoSPolicy configuration service provider. -ms.date: 04/10/2024 +ms.date: 06/19/2024 --- @@ -40,7 +40,7 @@ The following XML file contains the device description framework (DDF) for the N 10.0.19042 1.0 - 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x88;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xBC;0xBF;0xCA;0xCB;0xCD;0xCF;0xD2; + 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x77;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x88;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xB4;0xBC;0xBD;0xBF;0xCA;0xCB; diff --git a/windows/client-management/mdm/nodecache-ddf-file.md b/windows/client-management/mdm/nodecache-ddf-file.md index 80a2ad5119..996cc4512c 100644 --- a/windows/client-management/mdm/nodecache-ddf-file.md +++ b/windows/client-management/mdm/nodecache-ddf-file.md @@ -1,7 +1,7 @@ --- title: NodeCache DDF file description: View the XML file containing the device description framework (DDF) for the NodeCache configuration service provider. -ms.date: 04/10/2024 +ms.date: 06/19/2024 --- @@ -40,7 +40,7 @@ The following XML file contains the device description framework (DDF) for the N 10.0.15063 1.1 - 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x88;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xBC;0xBF;0xCA;0xCB;0xCD;0xCF;0xD2; + 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x77;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x87;0x88;0x88*;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xB4;0xBC;0xBD;0xBF;0xCA;0xCB; @@ -294,7 +294,7 @@ The following XML file contains the device description framework (DDF) for the N 10.0.10586 1.0 - 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x88;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xBC;0xBF;0xCA;0xCB;0xCD;0xCF;0xD2; + 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x77;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x87;0x88;0x88*;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xB4;0xBC;0xBD;0xBF;0xCA;0xCB; diff --git a/windows/client-management/mdm/office-ddf.md b/windows/client-management/mdm/office-ddf.md index 7714d02e5e..d9dd3ecaa7 100644 --- a/windows/client-management/mdm/office-ddf.md +++ b/windows/client-management/mdm/office-ddf.md @@ -1,7 +1,7 @@ --- title: Office DDF file description: View the XML file containing the device description framework (DDF) for the Office configuration service provider. -ms.date: 04/10/2024 +ms.date: 06/19/2024 --- @@ -40,7 +40,7 @@ The following XML file contains the device description framework (DDF) for the O 10.0.15063 1.0 - 0x4;0x1B;0x30;0x31;0x48;0x54;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xBC;0xBF;0xCA;0xCB;0xCD;0xCF;0xD2; + 0x4;0x1B;0x30;0x31;0x48;0x54;0x77;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xB4;0xBC;0xBD;0xBF;0xCA;0xCB; @@ -211,7 +211,7 @@ The following XML file contains the device description framework (DDF) for the O 10.0.15063 1.0 - 0x4;0x1B;0x30;0x31;0x48;0x54;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xBC;0xBF;0xCA;0xCB;0xCD;0xCF;0xD2; + 0x4;0x1B;0x30;0x31;0x48;0x54;0x77;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xB4;0xBC;0xBD;0xBF;0xCA;0xCB; diff --git a/windows/client-management/mdm/passportforwork-csp.md b/windows/client-management/mdm/passportforwork-csp.md index d9bd9dba10..421f8f7ac5 100644 --- a/windows/client-management/mdm/passportforwork-csp.md +++ b/windows/client-management/mdm/passportforwork-csp.md @@ -1,7 +1,7 @@ --- title: PassportForWork CSP description: Learn more about the PassportForWork CSP. -ms.date: 04/10/2024 +ms.date: 06/19/2024 --- @@ -25,7 +25,6 @@ The following list shows the PassportForWork configuration service provider node - ./Device/Vendor/MSFT/PassportForWork - [{TenantId}](#devicetenantid) - [Policies](#devicetenantidpolicies) - - [DisablePostLogonCredentialCaching](#devicetenantidpoliciesdisablepostlogoncredentialcaching) - [DisablePostLogonProvisioning](#devicetenantidpoliciesdisablepostlogonprovisioning) - [EnablePinRecovery](#devicetenantidpoliciesenablepinrecovery) - [EnableWindowsHelloProvisioningForSecurityKeys](#devicetenantidpoliciesenablewindowshelloprovisioningforsecuritykeys) @@ -158,55 +157,6 @@ Root node for policies. - -#### Device/{TenantId}/Policies/DisablePostLogonCredentialCaching - - -| Scope | Editions | Applicable OS | -|:--|:--|:--| -| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview | - - - -```Device -./Device/Vendor/MSFT/PassportForWork/{TenantId}/Policies/DisablePostLogonCredentialCaching -``` - - - - -Disable caching of the Windows Hello for Business credential after sign-in. - - - - - - - -**Description framework properties**: - -| Property name | Property value | -|:--|:--| -| Format | `bool` | -| Access Type | Add, Delete, Get, Replace | -| Default Value | False | - - - -**Allowed values**: - -| Value | Description | -|:--|:--| -| false (Default) | Credential Caching Enabled. | -| true | Credential Caching Disabled. | - - - - - - - - #### Device/{TenantId}/Policies/DisablePostLogonProvisioning diff --git a/windows/client-management/mdm/passportforwork-ddf.md b/windows/client-management/mdm/passportforwork-ddf.md index 0c1cf45b97..ce26cce768 100644 --- a/windows/client-management/mdm/passportforwork-ddf.md +++ b/windows/client-management/mdm/passportforwork-ddf.md @@ -1,7 +1,7 @@ --- title: PassportForWork DDF file description: View the XML file containing the device description framework (DDF) for the PassportForWork configuration service provider. -ms.date: 04/10/2024 +ms.date: 06/19/2024 --- @@ -39,7 +39,7 @@ The following XML file contains the device description framework (DDF) for the P 10.0.10586 1.2 - 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x88;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xBC;0xBF;0xCA;0xCB;0xCD;0xCF;0xD2; + 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x77;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x87;0x88;0x88*;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xB4;0xBC;0xBD;0xBF;0xCA;0xCB; @@ -565,7 +565,7 @@ If you do not configure this policy setting, Windows Hello for Business requires 10.0.10586 1.2 - 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x88;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xBC;0xBF;0xCA;0xCB;0xCD;0xCF;0xD2; + 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x77;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x87;0x88;0x88*;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xB4;0xBC;0xBD;0xBF;0xCA;0xCB; @@ -885,45 +885,6 @@ If you disable or do not configure this policy setting, the PIN recovery secret - - DisablePostLogonCredentialCaching - - - - - - - - False - Disable caching of the Windows Hello for Business credential after sign-in. - - - - - - - - - - - - - - 99.9.99999 - 1.6 - - - - false - Credential Caching Enabled - - - true - Credential Caching Disabled - - - - UseCertificateForOnPremAuth diff --git a/windows/client-management/mdm/personaldataencryption-ddf-file.md b/windows/client-management/mdm/personaldataencryption-ddf-file.md index f4f4cd55fc..5b3b1d0111 100644 --- a/windows/client-management/mdm/personaldataencryption-ddf-file.md +++ b/windows/client-management/mdm/personaldataencryption-ddf-file.md @@ -1,7 +1,7 @@ --- title: PDE DDF file description: View the XML file containing the device description framework (DDF) for the PDE configuration service provider. -ms.date: 04/10/2024 +ms.date: 06/19/2024 --- @@ -39,7 +39,7 @@ The following XML file contains the device description framework (DDF) for the P 10.0.22621 1.0 - 0x4;0x1B;0x48;0x54;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x88;0xAB;0xAC;0xBC;0xBF;0xCD;0xCF;0xD2; + 0x4;0x1B;0x48;0x54;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x87;0x88;0x88*;0xAB;0xAC;0xB4;0xBC;0xBD;0xBF; diff --git a/windows/client-management/mdm/personalization-csp.md b/windows/client-management/mdm/personalization-csp.md index bf0dff0947..3f8030bbfc 100644 --- a/windows/client-management/mdm/personalization-csp.md +++ b/windows/client-management/mdm/personalization-csp.md @@ -1,7 +1,7 @@ --- title: Personalization CSP description: Learn more about the Personalization CSP. -ms.date: 04/10/2024 +ms.date: 06/19/2024 --- @@ -9,8 +9,6 @@ ms.date: 04/10/2024 # Personalization CSP -[!INCLUDE [Windows Insider tip](includes/mdm-insider-csp-note.md)] - The Personalization CSP can set the lock screen, desktop background images and company branding on sign-in screen ([BootToCloud mode](policy-csp-clouddesktop.md#boottocloudmode) only). Setting these policies also prevents the user from changing the image. You can also use the Personalization settings in a provisioning package. @@ -38,7 +36,7 @@ The following list shows the Personalization configuration service provider node | Scope | Editions | Applicable OS | |:--|:--|:--| -| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview | +| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 [10.0.22621.3235] and later | @@ -77,7 +75,7 @@ This represents the status of the Company Logo. 1 - Successfully downloaded or c | Scope | Editions | Applicable OS | |:--|:--|:--| -| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview | +| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 [10.0.22621.3235] and later | @@ -116,7 +114,7 @@ An http or https Url to a jpg, jpeg or png image that needs to be downloaded and | Scope | Editions | Applicable OS | |:--|:--|:--| -| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview | +| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 [10.0.22621.3235] and later | diff --git a/windows/client-management/mdm/personalization-ddf.md b/windows/client-management/mdm/personalization-ddf.md index 6c5af077dd..5f6b982951 100644 --- a/windows/client-management/mdm/personalization-ddf.md +++ b/windows/client-management/mdm/personalization-ddf.md @@ -1,7 +1,7 @@ --- title: Personalization DDF file description: View the XML file containing the device description framework (DDF) for the Personalization configuration service provider. -ms.date: 04/10/2024 +ms.date: 06/19/2024 --- @@ -42,7 +42,7 @@ The following XML file contains the device description framework (DDF) for the P 10.0.16299 1.0 - 0x4;0x1B;0x30;0x31;0x48;0x54;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x88;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xBC;0xBF;0xCA;0xCB;0xCD;0xCF;0xD2; + 0x4;0x1B;0x30;0x31;0x48;0x54;0x77;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x87;0x88;0x88*;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xB4;0xBC;0xBD;0xBF;0xCA;0xCB; @@ -101,7 +101,7 @@ The following XML file contains the device description framework (DDF) for the P - A http or https Url to a jpg, jpeg or png image that neeeds to be downloaded and used as the Lock Screen Image or a file Url to a local image on the file system that needs to be used as the Lock Screen Image. + A http or https Url to a jpg, jpeg or png image that needs to be downloaded and used as the Lock Screen Image or a file Url to a local image on the file system that needs to be used as the Lock Screen Image. @@ -148,7 +148,7 @@ The following XML file contains the device description framework (DDF) for the P - A http or https Url to a jpg, jpeg or png image that neeeds to be downloaded and used as the Company Logo or a file Url to a local image on the file system that needs to be used as the Company Logo. This setting is currently available for boot to cloud shared pc mode only. + A http or https Url to a jpg, jpeg or png image that needs to be downloaded and used as the Company Logo or a file Url to a local image on the file system that needs to be used as the Company Logo. This setting is currently available for boot to cloud shared pc mode only. @@ -162,7 +162,7 @@ The following XML file contains the device description framework (DDF) for the P - 99.9.99999 + 10.0.22621.3235 2.0 @@ -189,7 +189,7 @@ The following XML file contains the device description framework (DDF) for the P - 99.9.99999 + 10.0.22621.3235 2.0 @@ -217,7 +217,7 @@ The following XML file contains the device description framework (DDF) for the P - 99.9.99999 + 10.0.22621.3235 2.0 diff --git a/windows/client-management/mdm/policies-in-policy-csp-admx-backed.md b/windows/client-management/mdm/policies-in-policy-csp-admx-backed.md index d24e808921..773526f0c6 100644 --- a/windows/client-management/mdm/policies-in-policy-csp-admx-backed.md +++ b/windows/client-management/mdm/policies-in-policy-csp-admx-backed.md @@ -1,7 +1,7 @@ --- title: ADMX-backed policies in Policy CSP description: Learn about the ADMX-backed policies in Policy CSP. -ms.date: 04/10/2024 +ms.date: 06/19/2024 --- @@ -1663,6 +1663,7 @@ This article lists the ADMX-backed policies in Policy CSP. - [TS_NoSecurityMenu](policy-csp-admx-terminalserver.md) - [TS_START_PROGRAM_2](policy-csp-admx-terminalserver.md) - [TS_SERVER_ADVANCED_REMOTEFX_REMOTEAPP](policy-csp-admx-terminalserver.md) +- [TS_SERVER_REMOTEAPP_USE_SHELLAPPRUNTIME](policy-csp-admx-terminalserver.md) - [TS_DX_USE_FULL_HWGPU](policy-csp-admx-terminalserver.md) - [TS_SERVER_WDDM_GRAPHICS_DRIVER](policy-csp-admx-terminalserver.md) - [TS_TSCC_PERMISSIONS_POLICY](policy-csp-admx-terminalserver.md) @@ -2210,6 +2211,7 @@ This article lists the ADMX-backed policies in Policy CSP. - [AllowSaveTargetAsInIEMode](policy-csp-internetexplorer.md) - [DisableInternetExplorerApp](policy-csp-internetexplorer.md) - [EnableExtendedIEModeHotkeys](policy-csp-internetexplorer.md) +- [AllowLegacyURLFields](policy-csp-internetexplorer.md) - [ResetZoomForDialogInIEMode](policy-csp-internetexplorer.md) - [EnableGlobalWindowListInIEMode](policy-csp-internetexplorer.md) - [JScriptReplacement](policy-csp-internetexplorer.md) diff --git a/windows/client-management/mdm/policies-in-policy-csp-supported-by-group-policy.md b/windows/client-management/mdm/policies-in-policy-csp-supported-by-group-policy.md index b48e301116..74c2d24c74 100644 --- a/windows/client-management/mdm/policies-in-policy-csp-supported-by-group-policy.md +++ b/windows/client-management/mdm/policies-in-policy-csp-supported-by-group-policy.md @@ -1,7 +1,7 @@ --- title: Policies in Policy CSP supported by Group Policy description: Learn about the policies in Policy CSP supported by Group Policy. -ms.date: 05/20/2024 +ms.date: 06/19/2024 --- @@ -805,6 +805,7 @@ This article lists the policies in Policy CSP that have a group policy mapping. - [ConfigureDeadlineNoAutoRebootForFeatureUpdates](policy-csp-update.md) - [ConfigureDeadlineNoAutoRebootForQualityUpdates](policy-csp-update.md) - [AllowOptionalContent](policy-csp-update.md) +- [AlwaysAutoRebootAtScheduledTimeMinutes](policy-csp-update.md) ## UserRights diff --git a/windows/client-management/mdm/policies-in-policy-csp-supported-by-surface-hub.md b/windows/client-management/mdm/policies-in-policy-csp-supported-by-surface-hub.md index 17bb6fddc6..a51aba5851 100644 --- a/windows/client-management/mdm/policies-in-policy-csp-supported-by-surface-hub.md +++ b/windows/client-management/mdm/policies-in-policy-csp-supported-by-surface-hub.md @@ -1,7 +1,7 @@ --- title: Policies in Policy CSP supported by Windows 10 Team description: Learn about the policies in Policy CSP supported by Windows 10 Team. -ms.date: 01/18/2024 +ms.date: 06/19/2024 --- @@ -315,6 +315,7 @@ This article lists the policies in Policy CSP that are applicable for the Surfac - [AllowOptionalContent](policy-csp-update.md#allowoptionalcontent) - [AllowTemporaryEnterpriseFeatureControl](policy-csp-update.md#allowtemporaryenterprisefeaturecontrol) - [AllowUpdateService](policy-csp-update.md#allowupdateservice) +- [AlwaysAutoRebootAtScheduledTimeMinutes](policy-csp-update.md#alwaysautorebootatscheduledtimeminutes) - [BranchReadinessLevel](policy-csp-update.md#branchreadinesslevel) - [ConfigureFeatureUpdateUninstallPeriod](policy-csp-update.md#configurefeatureupdateuninstallperiod) - [DeferFeatureUpdatesPeriodInDays](policy-csp-update.md#deferfeatureupdatesperiodindays) diff --git a/windows/client-management/mdm/policy-csp-admx-terminalserver.md b/windows/client-management/mdm/policy-csp-admx-terminalserver.md index 0b5853336a..9209e4e647 100644 --- a/windows/client-management/mdm/policy-csp-admx-terminalserver.md +++ b/windows/client-management/mdm/policy-csp-admx-terminalserver.md @@ -1,7 +1,7 @@ --- title: ADMX_TerminalServer Policy CSP description: Learn more about the ADMX_TerminalServer Area in Policy CSP. -ms.date: 01/18/2024 +ms.date: 06/19/2024 --- @@ -4109,6 +4109,56 @@ This policy setting allows the administrator to configure the RemoteFX experienc + +## TS_SERVER_REMOTEAPP_USE_SHELLAPPRUNTIME + + +| Scope | Editions | Applicable OS | +|:--|:--|:--| +| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 10, version 2004 [10.0.19041.1202] and later
✅ Windows 10, version 2009 [10.0.19042.1202] and later
✅ Windows 10, version 21H1 [10.0.19043.1202] and later
✅ Windows 11, version 21H2 [10.0.22000] and later | + + + +```Device +./Device/Vendor/MSFT/Policy/Config/ADMX_TerminalServer/TS_SERVER_REMOTEAPP_USE_SHELLAPPRUNTIME +``` + + + + + + + + + + + +**Description framework properties**: + +| Property name | Property value | +|:--|:--| +| Format | `chr` (string) | +| Access Type | Add, Delete, Get, Replace | + + + + +[!INCLUDE [ADMX-backed policy note](includes/mdm-admx-policy-note.md)] + +**ADMX mapping**: + +| Name | Value | +|:--|:--| +| Name | TS_SERVER_REMOTEAPP_USE_SHELLAPPRUNTIME | +| ADMX File Name | TerminalServer.admx | + + + + + + + + ## TS_SERVER_VISEXP diff --git a/windows/client-management/mdm/policy-csp-deliveryoptimization.md b/windows/client-management/mdm/policy-csp-deliveryoptimization.md index f9f05c2927..6e3f949a36 100644 --- a/windows/client-management/mdm/policy-csp-deliveryoptimization.md +++ b/windows/client-management/mdm/policy-csp-deliveryoptimization.md @@ -1,7 +1,7 @@ --- title: DeliveryOptimization Policy CSP description: Learn more about the DeliveryOptimization Area in Policy CSP. -ms.date: 01/18/2024 +ms.date: 06/19/2024 --- @@ -1500,20 +1500,8 @@ The default value 0 (zero) means that Delivery Optimization dynamically adjusts - -Set this policy to restrict peer selection via selected option. - -Options available are: - -0 = NAT. - -1 = Subnet mask. - -2 = Local discovery (DNS-SD). - -The default value has changed from 0 (no restriction) to 1 (restrict to the subnet). - -These options apply to both Download Mode LAN (1) and Group (2). + +Set this policy to restrict peer selection via selected option. Options available are: 1=Subnet mask, 2 = Local discovery (DNS-SD). These options apply to both Download Mode LAN (1) and Group (2). diff --git a/windows/client-management/mdm/policy-csp-internetexplorer.md b/windows/client-management/mdm/policy-csp-internetexplorer.md index 8985e0fd66..54422578ac 100644 --- a/windows/client-management/mdm/policy-csp-internetexplorer.md +++ b/windows/client-management/mdm/policy-csp-internetexplorer.md @@ -1,7 +1,7 @@ --- title: InternetExplorer Policy CSP description: Learn more about the InternetExplorer Area in Policy CSP. -ms.date: 05/20/2024 +ms.date: 06/19/2024 --- @@ -985,6 +985,60 @@ Note. It's recommended to configure template policy settings in one Group Policy + +## AllowLegacyURLFields + + +| Scope | Editions | Applicable OS | +|:--|:--|:--| +| ✅ Device
✅ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview | + + + +```User +./User/Vendor/MSFT/Policy/Config/InternetExplorer/AllowLegacyURLFields +``` + +```Device +./Device/Vendor/MSFT/Policy/Config/InternetExplorer/AllowLegacyURLFields +``` + + + + + + + + + + + +**Description framework properties**: + +| Property name | Property value | +|:--|:--| +| Format | `chr` (string) | +| Access Type | Add, Delete, Get, Replace | + + + + +[!INCLUDE [ADMX-backed policy note](includes/mdm-admx-policy-note.md)] + +**ADMX mapping**: + +| Name | Value | +|:--|:--| +| Name | AllowLegacyURLFields | +| ADMX File Name | inetres.admx | + + + + + + + + ## AllowLocalMachineZoneTemplate diff --git a/windows/client-management/mdm/policy-csp-remotedesktopservices.md b/windows/client-management/mdm/policy-csp-remotedesktopservices.md index 1af96611e4..bb9986b0c4 100644 --- a/windows/client-management/mdm/policy-csp-remotedesktopservices.md +++ b/windows/client-management/mdm/policy-csp-remotedesktopservices.md @@ -1,7 +1,7 @@ --- title: RemoteDesktopServices Policy CSP description: Learn more about the RemoteDesktopServices Area in Policy CSP. -ms.date: 04/10/2024 +ms.date: 06/19/2024 --- @@ -439,7 +439,7 @@ By default, Remote Desktop allows redirection of WebAuthn requests. | Scope | Editions | Applicable OS | |:--|:--|:--| -| ✅ Device
✅ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview | +| ✅ Device
✅ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.20348.2400] and later
✅ Windows 11, version 21H2 [10.0.22000.2898] and later
✅ Windows 11, version 22H2 [10.0.22621.3374] and later
✅ Windows 11, version 23H2 [10.0.22631.3374] and later
✅ Windows Insider Preview | @@ -493,7 +493,7 @@ By default, Remote Desktop allows redirection of WebAuthn requests. | Scope | Editions | Applicable OS | |:--|:--|:--| -| ✅ Device
✅ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview | +| ✅ Device
✅ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.20348.2400] and later
✅ Windows 11, version 21H2 [10.0.22000.2898] and later
✅ Windows 11, version 22H2 [10.0.22621.3374] and later
✅ Windows 11, version 23H2 [10.0.22631.3374] and later
✅ Windows Insider Preview | diff --git a/windows/client-management/mdm/policy-csp-update.md b/windows/client-management/mdm/policy-csp-update.md index e8dfe5371f..796984d07c 100644 --- a/windows/client-management/mdm/policy-csp-update.md +++ b/windows/client-management/mdm/policy-csp-update.md @@ -1,7 +1,7 @@ --- title: Update Policy CSP description: Learn more about the Update Area in Policy CSP. -ms.date: 02/14/2024 +ms.date: 06/19/2024 --- @@ -18,6 +18,7 @@ ms.date: 02/14/2024 Update CSP policies are listed below based on the group policy area: - [Windows Insider Preview](#windows-insider-preview) + - [AlwaysAutoRebootAtScheduledTimeMinutes](#alwaysautorebootatscheduledtimeminutes) - [ConfigureDeadlineNoAutoRebootForFeatureUpdates](#configuredeadlinenoautorebootforfeatureupdates) - [ConfigureDeadlineNoAutoRebootForQualityUpdates](#configuredeadlinenoautorebootforqualityupdates) - [Manage updates offered from Windows Update](#manage-updates-offered-from-windows-update) @@ -100,6 +101,68 @@ Update CSP policies are listed below based on the group policy area: ## Windows Insider Preview + +### AlwaysAutoRebootAtScheduledTimeMinutes + + +| Scope | Editions | Applicable OS | +|:--|:--|:--| +| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview | + + + +```Device +./Device/Vendor/MSFT/Policy/Config/Update/AlwaysAutoRebootAtScheduledTimeMinutes +``` + + + + + +- If you enable this policy, a restart timer will always begin immediately after Windows Update installs important updates, instead of first notifying users on the login screen for at least two days. + +The restart timer can be configured to start with any value from 15 to 180 minutes. When the timer runs out, the restart will proceed even if the PC has signed-in users. + +- If you disable or don't configure this policy, Windows Update won't alter its restart behavior. + +If the "No auto-restart with logged-on users for scheduled automatic updates installations" policy is enabled, then this policy has no effect. + + + + + + + +**Description framework properties**: + +| Property name | Property value | +|:--|:--| +| Format | `int` | +| Access Type | Add, Delete, Get, Replace | +| Allowed Values | Range: `[15-180]` | +| Default Value | 15 | + + + +**Group policy mapping**: + +| Name | Value | +|:--|:--| +| Name | AlwaysAutoRebootAtScheduledTime | +| Friendly Name | Always automatically restart at the scheduled time | +| Element Name | work (minutes) | +| Location | Computer Configuration | +| Path | Windows Components > Windows Update > Manage end user experience | +| Registry Key Name | Software\Policies\Microsoft\Windows\WindowsUpdate\AU | +| ADMX File Name | WindowsUpdate.admx | + + + + + + + + ### ConfigureDeadlineNoAutoRebootForFeatureUpdates diff --git a/windows/client-management/mdm/policy-csp-windowsai.md b/windows/client-management/mdm/policy-csp-windowsai.md index 85b838a4c2..8f672a114e 100644 --- a/windows/client-management/mdm/policy-csp-windowsai.md +++ b/windows/client-management/mdm/policy-csp-windowsai.md @@ -1,7 +1,7 @@ --- title: WindowsAI Policy CSP description: Learn more about the WindowsAI Area in Policy CSP. -ms.date: 06/13/2024 +ms.date: 06/19/2024 --- @@ -142,6 +142,9 @@ This policy setting allows you to control whether Windows saves snapshots of the ## TurnOffWindowsCopilot +> [!NOTE] +> This policy is deprecated and may be removed in a future release. + | Scope | Editions | Applicable OS | |:--|:--|:--| diff --git a/windows/client-management/mdm/printerprovisioning-ddf-file.md b/windows/client-management/mdm/printerprovisioning-ddf-file.md index 21cb02133b..4aa2087423 100644 --- a/windows/client-management/mdm/printerprovisioning-ddf-file.md +++ b/windows/client-management/mdm/printerprovisioning-ddf-file.md @@ -1,7 +1,7 @@ --- title: PrinterProvisioning DDF file description: View the XML file containing the device description framework (DDF) for the PrinterProvisioning configuration service provider. -ms.date: 04/10/2024 +ms.date: 06/19/2024 --- @@ -40,7 +40,7 @@ The following XML file contains the device description framework (DDF) for the P 10.0.22000, 10.0.19044.1806, 10.0.19043.1806, 10.0.19042.1806 1.0 - 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x88;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xBC;0xBF;0xCA;0xCB;0xCD;0xCF;0xD2; + 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x77;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x87;0x88;0x88*;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xB4;0xBC;0xBD;0xBF;0xCA;0xCB; diff --git a/windows/client-management/mdm/reboot-ddf-file.md b/windows/client-management/mdm/reboot-ddf-file.md index a1c58cf7c1..3bca6f69a4 100644 --- a/windows/client-management/mdm/reboot-ddf-file.md +++ b/windows/client-management/mdm/reboot-ddf-file.md @@ -1,7 +1,7 @@ --- title: Reboot DDF file description: View the XML file containing the device description framework (DDF) for the Reboot configuration service provider. -ms.date: 04/10/2024 +ms.date: 06/19/2024 --- @@ -40,7 +40,7 @@ The following XML file contains the device description framework (DDF) for the R 10.0.14393 1.0 - 0x4;0x1B;0x30;0x31;0x48;0x54;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x88;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xBC;0xBF;0xCA;0xCB;0xCD;0xCF;0xD2; + 0x4;0x1B;0x30;0x31;0x48;0x54;0x77;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xB4;0xBC;0xBD;0xBF;0xCA;0xCB; diff --git a/windows/client-management/mdm/rootcacertificates-ddf-file.md b/windows/client-management/mdm/rootcacertificates-ddf-file.md index 5ae45109b0..2a8292e9f6 100644 --- a/windows/client-management/mdm/rootcacertificates-ddf-file.md +++ b/windows/client-management/mdm/rootcacertificates-ddf-file.md @@ -1,7 +1,7 @@ --- title: RootCATrustedCertificates DDF file description: View the XML file containing the device description framework (DDF) for the RootCATrustedCertificates configuration service provider. -ms.date: 04/10/2024 +ms.date: 06/19/2024 --- @@ -40,7 +40,7 @@ The following XML file contains the device description framework (DDF) for the R 10.0.10586 1.0 - 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x88;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xBC;0xBF;0xCA;0xCB;0xCD;0xCF;0xD2; + 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x77;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x87;0x88;0x88*;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xB4;0xBC;0xBD;0xBF;0xCA;0xCB; @@ -1067,7 +1067,7 @@ The following XML file contains the device description framework (DDF) for the R 10.0.10586 1.0 - 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x88;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xBC;0xBF;0xCA;0xCB;0xCD;0xCF;0xD2; + 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x77;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x87;0x88;0x88*;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xB4;0xBC;0xBD;0xBF;0xCA;0xCB; diff --git a/windows/client-management/mdm/secureassessment-ddf-file.md b/windows/client-management/mdm/secureassessment-ddf-file.md index c4e5cf2830..d45d5f6b92 100644 --- a/windows/client-management/mdm/secureassessment-ddf-file.md +++ b/windows/client-management/mdm/secureassessment-ddf-file.md @@ -1,7 +1,7 @@ --- title: SecureAssessment DDF file description: View the XML file containing the device description framework (DDF) for the SecureAssessment configuration service provider. -ms.date: 04/10/2024 +ms.date: 06/19/2024 --- @@ -40,7 +40,7 @@ The following XML file contains the device description framework (DDF) for the S 10.0.15063 1.0 - 0x4;0x1B;0x30;0x31;0x48;0x54;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xBC;0xBF;0xCA;0xCB;0xCD;0xCF;0xD2; + 0x4;0x1B;0x30;0x31;0x48;0x54;0x77;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xB4;0xBC;0xBD;0xBF;0xCA;0xCB; diff --git a/windows/client-management/mdm/sharedpc-ddf-file.md b/windows/client-management/mdm/sharedpc-ddf-file.md index 710f837864..0baa724281 100644 --- a/windows/client-management/mdm/sharedpc-ddf-file.md +++ b/windows/client-management/mdm/sharedpc-ddf-file.md @@ -1,7 +1,7 @@ --- title: SharedPC DDF file description: View the XML file containing the device description framework (DDF) for the SharedPC configuration service provider. -ms.date: 04/10/2024 +ms.date: 06/19/2024 --- @@ -40,7 +40,7 @@ The following XML file contains the device description framework (DDF) for the S 10.0.14393 1.0 - 0x4;0x1B;0x30;0x31;0x48;0x54;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xBC;0xBF;0xCA;0xCB;0xCD;0xCF;0xD2; + 0x4;0x1B;0x30;0x31;0x48;0x54;0x77;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xB4;0xBC;0xBD;0xBF;0xCA;0xCB; diff --git a/windows/client-management/mdm/supl-ddf-file.md b/windows/client-management/mdm/supl-ddf-file.md index 3f4964bf42..fed441c564 100644 --- a/windows/client-management/mdm/supl-ddf-file.md +++ b/windows/client-management/mdm/supl-ddf-file.md @@ -1,7 +1,7 @@ --- title: SUPL DDF file description: View the XML file containing the device description framework (DDF) for the SUPL configuration service provider. -ms.date: 04/10/2024 +ms.date: 06/19/2024 --- @@ -42,7 +42,7 @@ The following XML file contains the device description framework (DDF) for the S 10.0.10240 1.0 - 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xBC;0xBF;0xCA;0xCB;0xCD;0xCF;0xD2; + 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x77;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xB4;0xBC;0xBD;0xBF;0xCA;0xCB; diff --git a/windows/client-management/mdm/vpnv2-ddf-file.md b/windows/client-management/mdm/vpnv2-ddf-file.md index 601a0363a7..7454dd4105 100644 --- a/windows/client-management/mdm/vpnv2-ddf-file.md +++ b/windows/client-management/mdm/vpnv2-ddf-file.md @@ -1,7 +1,7 @@ --- title: VPNv2 DDF file description: View the XML file containing the device description framework (DDF) for the VPNv2 configuration service provider. -ms.date: 04/10/2024 +ms.date: 06/19/2024 --- @@ -39,7 +39,7 @@ The following XML file contains the device description framework (DDF) for the V 10.0.10586 1.0 - 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x88;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xBC;0xBF;0xCA;0xCB;0xCD;0xCF;0xD2; + 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x87;0x88;0x88*;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xB4;0xBC;0xBD;0xBF;0xCA;0xCB; @@ -3265,7 +3265,7 @@ The following XML file contains the device description framework (DDF) for the V 10.0.10586 1.0 - 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x88;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xBC;0xBF;0xCA;0xCB;0xCD;0xCF;0xD2; + 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x87;0x88;0x88*;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xB4;0xBC;0xBD;0xBF;0xCA;0xCB; diff --git a/windows/client-management/mdm/wifi-ddf-file.md b/windows/client-management/mdm/wifi-ddf-file.md index a43971553f..d1e6f1f167 100644 --- a/windows/client-management/mdm/wifi-ddf-file.md +++ b/windows/client-management/mdm/wifi-ddf-file.md @@ -1,7 +1,7 @@ --- title: WiFi DDF file description: View the XML file containing the device description framework (DDF) for the WiFi configuration service provider. -ms.date: 04/10/2024 +ms.date: 06/19/2024 --- @@ -39,7 +39,7 @@ The following XML file contains the device description framework (DDF) for the W 10.0.10586 1.0 - 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x88;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xBC;0xBF;0xCA;0xCB;0xCD;0xCF;0xD2; + 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x77;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x87;0x88;0x88*;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xB4;0xBC;0xBD;0xBF;0xCA;0xCB; @@ -322,7 +322,7 @@ The following XML file contains the device description framework (DDF) for the W 10.0.10586 1.0 - 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x88;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xBC;0xBF;0xCA;0xCB;0xCD;0xCF;0xD2; + 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x77;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x87;0x88;0x88*;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xB4;0xBC;0xBD;0xBF;0xCA;0xCB; diff --git a/windows/client-management/mdm/windowsdefenderapplicationguard-ddf-file.md b/windows/client-management/mdm/windowsdefenderapplicationguard-ddf-file.md index 83c52f17cc..b4460e2d71 100644 --- a/windows/client-management/mdm/windowsdefenderapplicationguard-ddf-file.md +++ b/windows/client-management/mdm/windowsdefenderapplicationguard-ddf-file.md @@ -1,7 +1,7 @@ --- title: WindowsDefenderApplicationGuard DDF file description: View the XML file containing the device description framework (DDF) for the WindowsDefenderApplicationGuard configuration service provider. -ms.date: 04/10/2024 +ms.date: 06/19/2024 --- @@ -40,7 +40,7 @@ The following XML file contains the device description framework (DDF) for the W 10.0.16299 1.1 - 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xBC;0xBF;0xCA;0xCB;0xCD;0xCF;0xD2; + 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x77;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xAF;0xB4;0xBC;0xBD;0xBF;0xCA;0xCB; diff --git a/windows/client-management/mdm/windowslicensing-ddf-file.md b/windows/client-management/mdm/windowslicensing-ddf-file.md index a8bb624a6b..571ba992b0 100644 --- a/windows/client-management/mdm/windowslicensing-ddf-file.md +++ b/windows/client-management/mdm/windowslicensing-ddf-file.md @@ -1,7 +1,7 @@ --- title: WindowsLicensing DDF file description: View the XML file containing the device description framework (DDF) for the WindowsLicensing configuration service provider. -ms.date: 04/10/2024 +ms.date: 06/19/2024 --- @@ -40,7 +40,7 @@ The following XML file contains the device description framework (DDF) for the W 10.0.10586 1.0 - 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xBC;0xBF;0xCD;0xCF;0xD2; + 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x77;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x87;0x88*;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xB4;0xBC;0xBD;0xBF; diff --git a/windows/client-management/mdm/wirednetwork-ddf-file.md b/windows/client-management/mdm/wirednetwork-ddf-file.md index ddb1f28855..c3aebaeba0 100644 --- a/windows/client-management/mdm/wirednetwork-ddf-file.md +++ b/windows/client-management/mdm/wirednetwork-ddf-file.md @@ -1,7 +1,7 @@ --- title: WiredNetwork DDF file description: View the XML file containing the device description framework (DDF) for the WiredNetwork configuration service provider. -ms.date: 04/10/2024 +ms.date: 06/19/2024 --- @@ -39,7 +39,7 @@ The following XML file contains the device description framework (DDF) for the W 10.0.17763 1.0 - 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xBC;0xBF;0xCA;0xCB;0xCD;0xCF;0xD2; + 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x77;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xB4;0xBC;0xBD;0xBF;0xCA;0xCB; @@ -118,7 +118,7 @@ The following XML file contains the device description framework (DDF) for the W 10.0.17763 1.0 - 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xBC;0xBF;0xCA;0xCB;0xCD;0xCF;0xD2; + 0x4;0x1B;0x30;0x31;0x48;0x54;0x62;0x63;0x64;0x65;0x77;0x79;0x7A;0x7D;0x7E;0x81;0x82;0x8A;0x8B;0xA1;0xA2;0xA4;0xA5;0xAB;0xAC;0xB4;0xBC;0xBD;0xBF;0xCA;0xCB; From 1813f6a2db60e07f8db185e33db285a98ab287f8 Mon Sep 17 00:00:00 2001 From: "Vinay Pamnani (from Dev Box)" Date: Fri, 21 Jun 2024 11:21:29 -0600 Subject: [PATCH 20/36] PassportForWork applicability change --- windows/client-management/mdm/passportforwork-csp.md | 4 ++-- windows/client-management/mdm/passportforwork-ddf.md | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/windows/client-management/mdm/passportforwork-csp.md b/windows/client-management/mdm/passportforwork-csp.md index 421f8f7ac5..fe7da7ac06 100644 --- a/windows/client-management/mdm/passportforwork-csp.md +++ b/windows/client-management/mdm/passportforwork-csp.md @@ -1,7 +1,7 @@ --- title: PassportForWork CSP description: Learn more about the PassportForWork CSP. -ms.date: 06/19/2024 +ms.date: 06/21/2024 --- @@ -163,7 +163,7 @@ Root node for policies. | Scope | Editions | Applicable OS | |:--|:--|:--| -| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview | +| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.20348.2402] and later
✅ Windows 10, version 2004 [10.0.19041.4239] and later
✅ Windows 11, version 21H2 [10.0.22000.2899] and later
✅ Windows 11, version 22H2 [10.0.22621.3374] and later
✅ Windows Insider Preview | diff --git a/windows/client-management/mdm/passportforwork-ddf.md b/windows/client-management/mdm/passportforwork-ddf.md index ce26cce768..d80b42baec 100644 --- a/windows/client-management/mdm/passportforwork-ddf.md +++ b/windows/client-management/mdm/passportforwork-ddf.md @@ -1,7 +1,7 @@ --- title: PassportForWork DDF file description: View the XML file containing the device description framework (DDF) for the PassportForWork configuration service provider. -ms.date: 06/19/2024 +ms.date: 06/21/2024 --- @@ -870,7 +870,7 @@ If you disable or do not configure this policy setting, the PIN recovery secret - 99.9.99999 + 99.9.99999, 10.0.22621.3374, 10.0.22000.2899, 10.0.20348.2402, 10.0.19041.4239 1.6 @@ -895,7 +895,7 @@ If you disable or do not configure this policy setting, the PIN recovery secret False - Windows Hello for Business can use certificates to authenticate to on-premise resources. + Windows Hello for Business can use certificates to authenticate to on-premise resources. If you enable this policy setting, Windows Hello for Business will wait until the device has received a certificate payload from the mobile device management server before provisioning a PIN. From b479ad21d698cc0c14792b947a3d6ebf6d4e801e Mon Sep 17 00:00:00 2001 From: "Vinay Pamnani (from Dev Box)" Date: Fri, 21 Jun 2024 11:23:52 -0600 Subject: [PATCH 21/36] Fix bookmark link --- windows/client-management/mdm/personalization-csp.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/client-management/mdm/personalization-csp.md b/windows/client-management/mdm/personalization-csp.md index 3f8030bbfc..d455b2968a 100644 --- a/windows/client-management/mdm/personalization-csp.md +++ b/windows/client-management/mdm/personalization-csp.md @@ -1,7 +1,7 @@ --- title: Personalization CSP description: Learn more about the Personalization CSP. -ms.date: 06/19/2024 +ms.date: 06/21/2024 --- @@ -14,7 +14,7 @@ ms.date: 06/19/2024 The Personalization CSP can set the lock screen, desktop background images and company branding on sign-in screen ([BootToCloud mode](policy-csp-clouddesktop.md#boottocloudmode) only). Setting these policies also prevents the user from changing the image. You can also use the Personalization settings in a provisioning package. > [!IMPORTANT] -> Personalization CSP is supported in Windows Enterprise and Education SKUs. It works in Windows Professional only when SetEduPolicies in [SharedPC CSP](sharedpc-csp.md) is set, or when the device is configured in [Shared PC mode with BootToCloudPCEnhanced policy](clouddesktop-csp.md#boottocloudpcenhanced). +> Personalization CSP is supported in Windows Enterprise and Education SKUs. It works in Windows Professional only when SetEduPolicies in [SharedPC CSP](sharedpc-csp.md) is set, or when the device is configured in [Shared PC mode with BootToCloudPCEnhanced policy](clouddesktop-csp.md#deviceboottocloudpcenhanced). From aaf60592b355688eca14612a68a95d344cf3f86f Mon Sep 17 00:00:00 2001 From: "Vinay Pamnani (from Dev Box)" Date: Fri, 21 Jun 2024 12:08:42 -0600 Subject: [PATCH 22/36] Applicability updates --- windows/client-management/mdm/defender-csp.md | 4 +- windows/client-management/mdm/firewall-csp.md | 38 +++++++++---------- windows/client-management/mdm/laps-csp.md | 32 ++++++++-------- .../mdm/policy-csp-internetexplorer.md | 8 ++-- .../mdm/policy-csp-privacy.md | 12 +++--- .../mdm/policy-csp-remotedesktopservices.md | 6 +-- 6 files changed, 48 insertions(+), 52 deletions(-) diff --git a/windows/client-management/mdm/defender-csp.md b/windows/client-management/mdm/defender-csp.md index 89c079aeea..198570987e 100644 --- a/windows/client-management/mdm/defender-csp.md +++ b/windows/client-management/mdm/defender-csp.md @@ -1,7 +1,7 @@ --- title: Defender CSP description: Learn more about the Defender CSP. -ms.date: 06/19/2024 +ms.date: 06/21/2024 --- @@ -367,7 +367,7 @@ Control whether network protection can improve performance by switching from rea | Value | Description | |:--|:--| | 1 | Allow switching to asynchronous inspection. | -| 0 (Default) | Don't allow asynchronous inspection. | +| 0 (Default) | Don’t allow asynchronous inspection. | diff --git a/windows/client-management/mdm/firewall-csp.md b/windows/client-management/mdm/firewall-csp.md index 53b060e0f5..549c2cbc81 100644 --- a/windows/client-management/mdm/firewall-csp.md +++ b/windows/client-management/mdm/firewall-csp.md @@ -1,7 +1,7 @@ --- title: Firewall CSP description: Learn more about the Firewall CSP. -ms.date: 01/18/2024 +ms.date: 06/21/2024 --- @@ -9,8 +9,6 @@ ms.date: 01/18/2024 # Firewall CSP -[!INCLUDE [Windows Insider tip](includes/mdm-insider-csp-note.md)] - The Firewall configuration service provider (CSP) allows the mobile device management (MDM) server to configure the Windows Defender Firewall global settings, per profile settings, and the desired set of custom rules to be enforced on the device. Using the Firewall CSP the IT admin can now manage non-domain devices, and reduce the risk of network security threats across all systems connecting to the corporate network. @@ -3465,7 +3463,7 @@ This value represents the order of rule enforcement. A lower priority rule is ev | Scope | Editions | Applicable OS | |:--|:--|:--| -| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 [10.0.22621.2352] and later
✅ Windows Insider Preview [10.0.25398] | +| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.25398] and later
✅ Windows 11, version 22H2 [10.0.22621.2352] and later | @@ -3805,7 +3803,7 @@ VM Creator ID that these settings apply to. Valid format is a GUID. | Scope | Editions | Applicable OS | |:--|:--|:--| -| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 [10.0.22621.2352] and later
✅ Windows Insider Preview [10.0.25398] | +| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.25398] and later
✅ Windows 11, version 22H2 [10.0.22621.2352] and later | @@ -3954,7 +3952,7 @@ This value is the action that the Hyper-V Firewall does by default (and evaluate | Scope | Editions | Applicable OS | |:--|:--|:--| -| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 [10.0.22621.2352] and later
✅ Windows Insider Preview [10.0.25398] | +| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.25398] and later
✅ Windows 11, version 22H2 [10.0.22621.2352] and later | @@ -3992,7 +3990,7 @@ This value is the action that the Hyper-V Firewall does by default (and evaluate | Scope | Editions | Applicable OS | |:--|:--|:--| -| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 [10.0.22621.2352] and later
✅ Windows Insider Preview [10.0.25398] | +| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.25398] and later
✅ Windows 11, version 22H2 [10.0.22621.2352] and later | @@ -4042,7 +4040,7 @@ This value is used as an on/off switch. If this value is false, Hyper-V Firewall | Scope | Editions | Applicable OS | |:--|:--|:--| -| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 [10.0.22621.2352] and later
✅ Windows Insider Preview [10.0.25398] | +| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.25398] and later
✅ Windows 11, version 22H2 [10.0.22621.2352] and later | @@ -4092,7 +4090,7 @@ This value is the action that the Hyper-V Firewall does by default (and evaluate | Scope | Editions | Applicable OS | |:--|:--|:--| -| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 [10.0.22621.2352] and later
✅ Windows Insider Preview [10.0.25398] | +| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.25398] and later
✅ Windows 11, version 22H2 [10.0.22621.2352] and later | @@ -4142,7 +4140,7 @@ This value is the action that the Hyper-V Firewall does by default (and evaluate | Scope | Editions | Applicable OS | |:--|:--|:--| -| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 [10.0.22621.2352] and later
✅ Windows Insider Preview [10.0.25398] | +| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.25398] and later
✅ Windows 11, version 22H2 [10.0.22621.2352] and later | @@ -4289,7 +4287,7 @@ This value is an on/off switch for loopback traffic. This determines if this VM | Scope | Editions | Applicable OS | |:--|:--|:--| -| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 [10.0.22621.2352] and later
✅ Windows Insider Preview [10.0.25398] | +| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.25398] and later
✅ Windows 11, version 22H2 [10.0.22621.2352] and later | @@ -4327,7 +4325,7 @@ This value is an on/off switch for loopback traffic. This determines if this VM | Scope | Editions | Applicable OS | |:--|:--|:--| -| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 [10.0.22621.2352] and later
✅ Windows Insider Preview [10.0.25398] | +| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.25398] and later
✅ Windows 11, version 22H2 [10.0.22621.2352] and later | @@ -4377,7 +4375,7 @@ This value is used as an on/off switch. If this value is false, Hyper-V Firewall | Scope | Editions | Applicable OS | |:--|:--|:--| -| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 [10.0.22621.2352] and later
✅ Windows Insider Preview [10.0.25398] | +| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.25398] and later
✅ Windows 11, version 22H2 [10.0.22621.2352] and later | @@ -4427,7 +4425,7 @@ This value is the action that the Hyper-V Firewall does by default (and evaluate | Scope | Editions | Applicable OS | |:--|:--|:--| -| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 [10.0.22621.2352] and later
✅ Windows Insider Preview [10.0.25398] | +| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.25398] and later
✅ Windows 11, version 22H2 [10.0.22621.2352] and later | @@ -4477,7 +4475,7 @@ This value is the action that the Hyper-V Firewall does by default (and evaluate | Scope | Editions | Applicable OS | |:--|:--|:--| -| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 [10.0.22621.2352] and later
✅ Windows Insider Preview [10.0.25398] | +| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.25398] and later
✅ Windows 11, version 22H2 [10.0.22621.2352] and later | @@ -4526,7 +4524,7 @@ This value is an on/off switch for the Hyper-V Firewall enforcement. | Scope | Editions | Applicable OS | |:--|:--|:--| -| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 [10.0.22621.2352] and later
✅ Windows Insider Preview [10.0.25398] | +| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.25398] and later
✅ Windows 11, version 22H2 [10.0.22621.2352] and later | @@ -4564,7 +4562,7 @@ This value is an on/off switch for the Hyper-V Firewall enforcement. | Scope | Editions | Applicable OS | |:--|:--|:--| -| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 [10.0.22621.2352] and later
✅ Windows Insider Preview [10.0.25398] | +| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.25398] and later
✅ Windows 11, version 22H2 [10.0.22621.2352] and later | @@ -4614,7 +4612,7 @@ This value is used as an on/off switch. If this value is false, Hyper-V Firewall | Scope | Editions | Applicable OS | |:--|:--|:--| -| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 [10.0.22621.2352] and later
✅ Windows Insider Preview [10.0.25398] | +| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.25398] and later
✅ Windows 11, version 22H2 [10.0.22621.2352] and later | @@ -4664,7 +4662,7 @@ This value is the action that the Hyper-V Firewall does by default (and evaluate | Scope | Editions | Applicable OS | |:--|:--|:--| -| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 [10.0.22621.2352] and later
✅ Windows Insider Preview [10.0.25398] | +| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.25398] and later
✅ Windows 11, version 22H2 [10.0.22621.2352] and later | @@ -4714,7 +4712,7 @@ This value is the action that the Hyper-V Firewall does by default (and evaluate | Scope | Editions | Applicable OS | |:--|:--|:--| -| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows 11, version 22H2 [10.0.22621.2352] and later
✅ Windows Insider Preview [10.0.25398] | +| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.25398] and later
✅ Windows 11, version 22H2 [10.0.22621.2352] and later | diff --git a/windows/client-management/mdm/laps-csp.md b/windows/client-management/mdm/laps-csp.md index e48b4b6d54..0e5e7d5b2d 100644 --- a/windows/client-management/mdm/laps-csp.md +++ b/windows/client-management/mdm/laps-csp.md @@ -1,7 +1,7 @@ --- title: LAPS CSP description: Learn more about the LAPS CSP. -ms.date: 05/20/2024 +ms.date: 06/21/2024 --- @@ -55,7 +55,7 @@ The following list shows the LAPS configuration service provider nodes: | Scope | Editions | Applicable OS | |:--|:--|:--| -| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.20348.1663] and later
✅ Windows 10, version 1809 [10.0.17763.4244] and later
✅ Windows 10, version 2004 [10.0.19041.2784] and later
✅ Windows 11, version 21H2 [10.0.22000.1754] and later
✅ Windows 11, version 22H2 [10.0.22621.1480] and later
✅ Windows Insider Preview [10.0.25145] | +| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.20348.1663] and later
✅ [10.0.25145] and later
✅ Windows 10, version 1809 [10.0.17763.4244] and later
✅ Windows 10, version 2004 [10.0.19041.2784] and later
✅ Windows 11, version 21H2 [10.0.22000.1754] and later
✅ Windows 11, version 22H2 [10.0.22621.1480] and later | @@ -94,7 +94,7 @@ Defines the parent interior node for all action-related settings in the LAPS CSP | Scope | Editions | Applicable OS | |:--|:--|:--| -| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.20348.1663] and later
✅ Windows 10, version 1809 [10.0.17763.4244] and later
✅ Windows 10, version 2004 [10.0.19041.2784] and later
✅ Windows 11, version 21H2 [10.0.22000.1754] and later
✅ Windows 11, version 22H2 [10.0.22621.1480] and later
✅ Windows Insider Preview [10.0.25145] | +| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.20348.1663] and later
✅ [10.0.25145] and later
✅ Windows 10, version 1809 [10.0.17763.4244] and later
✅ Windows 10, version 2004 [10.0.19041.2784] and later
✅ Windows 11, version 21H2 [10.0.22000.1754] and later
✅ Windows 11, version 22H2 [10.0.22621.1480] and later | @@ -134,7 +134,7 @@ This action invokes an immediate reset of the local administrator account passwo | Scope | Editions | Applicable OS | |:--|:--|:--| -| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.20348.1663] and later
✅ Windows 10, version 1809 [10.0.17763.4244] and later
✅ Windows 10, version 2004 [10.0.19041.2784] and later
✅ Windows 11, version 21H2 [10.0.22000.1754] and later
✅ Windows 11, version 22H2 [10.0.22621.1480] and later
✅ Windows Insider Preview [10.0.25145] | +| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.20348.1663] and later
✅ [10.0.25145] and later
✅ Windows 10, version 1809 [10.0.17763.4244] and later
✅ Windows 10, version 2004 [10.0.19041.2784] and later
✅ Windows 11, version 21H2 [10.0.22000.1754] and later
✅ Windows 11, version 22H2 [10.0.22621.1480] and later | @@ -179,7 +179,7 @@ The value returned is an HRESULT code: | Scope | Editions | Applicable OS | |:--|:--|:--| -| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.20348.1663] and later
✅ Windows 10, version 1809 [10.0.17763.4244] and later
✅ Windows 10, version 2004 [10.0.19041.2784] and later
✅ Windows 11, version 21H2 [10.0.22000.1754] and later
✅ Windows 11, version 22H2 [10.0.22621.1480] and later
✅ Windows Insider Preview [10.0.25145] | +| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.20348.1663] and later
✅ [10.0.25145] and later
✅ Windows 10, version 1809 [10.0.17763.4244] and later
✅ Windows 10, version 2004 [10.0.19041.2784] and later
✅ Windows 11, version 21H2 [10.0.22000.1754] and later
✅ Windows 11, version 22H2 [10.0.22621.1480] and later | @@ -219,7 +219,7 @@ Root node for LAPS policies. | Scope | Editions | Applicable OS | |:--|:--|:--| -| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.20348.1663] and later
✅ Windows 10, version 1809 [10.0.17763.4244] and later
✅ Windows 10, version 2004 [10.0.19041.2784] and later
✅ Windows 11, version 21H2 [10.0.22000.1754] and later
✅ Windows 11, version 22H2 [10.0.22621.1480] and later
✅ Windows Insider Preview [10.0.25145] | +| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.20348.1663] and later
✅ [10.0.25145] and later
✅ Windows 10, version 1809 [10.0.17763.4244] and later
✅ Windows 10, version 2004 [10.0.19041.2784] and later
✅ Windows 11, version 21H2 [10.0.22000.1754] and later
✅ Windows 11, version 22H2 [10.0.22621.1480] and later | @@ -269,7 +269,7 @@ This setting has a maximum allowed value of 12 passwords. | Scope | Editions | Applicable OS | |:--|:--|:--| -| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.20348.1663] and later
✅ Windows 10, version 1809 [10.0.17763.4244] and later
✅ Windows 10, version 2004 [10.0.19041.2784] and later
✅ Windows 11, version 21H2 [10.0.22000.1754] and later
✅ Windows 11, version 22H2 [10.0.22621.1480] and later
✅ Windows Insider Preview [10.0.25145] | +| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.20348.1663] and later
✅ [10.0.25145] and later
✅ Windows 10, version 1809 [10.0.17763.4244] and later
✅ Windows 10, version 2004 [10.0.19041.2784] and later
✅ Windows 11, version 21H2 [10.0.22000.1754] and later
✅ Windows 11, version 22H2 [10.0.22621.1480] and later | @@ -314,7 +314,7 @@ Note if a custom managed local administrator account name is specified in this s | Scope | Editions | Applicable OS | |:--|:--|:--| -| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.20348.1663] and later
✅ Windows 10, version 1809 [10.0.17763.4244] and later
✅ Windows 10, version 2004 [10.0.19041.2784] and later
✅ Windows 11, version 21H2 [10.0.22000.1754] and later
✅ Windows 11, version 22H2 [10.0.22621.1480] and later
✅ Windows Insider Preview [10.0.25145] | +| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.20348.1663] and later
✅ [10.0.25145] and later
✅ Windows 10, version 1809 [10.0.17763.4244] and later
✅ Windows 10, version 2004 [10.0.19041.2784] and later
✅ Windows 11, version 21H2 [10.0.22000.1754] and later
✅ Windows 11, version 22H2 [10.0.22621.1480] and later | @@ -376,7 +376,7 @@ If not specified, this setting defaults to True. | Scope | Editions | Applicable OS | |:--|:--|:--| -| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.20348.1663] and later
✅ Windows 10, version 1809 [10.0.17763.4244] and later
✅ Windows 10, version 2004 [10.0.19041.2784] and later
✅ Windows 11, version 21H2 [10.0.22000.1754] and later
✅ Windows 11, version 22H2 [10.0.22621.1480] and later
✅ Windows Insider Preview [10.0.25145] | +| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.20348.1663] and later
✅ [10.0.25145] and later
✅ Windows 10, version 1809 [10.0.17763.4244] and later
✅ Windows 10, version 2004 [10.0.19041.2784] and later
✅ Windows 11, version 21H2 [10.0.22000.1754] and later
✅ Windows 11, version 22H2 [10.0.22621.1480] and later | @@ -701,7 +701,7 @@ If not specified, this setting will default to 1. | Scope | Editions | Applicable OS | |:--|:--|:--| -| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.20348.1663] and later
✅ Windows 10, version 1809 [10.0.17763.4244] and later
✅ Windows 10, version 2004 [10.0.19041.2784] and later
✅ Windows 11, version 21H2 [10.0.22000.1754] and later
✅ Windows 11, version 22H2 [10.0.22621.1480] and later
✅ Windows Insider Preview [10.0.25145] | +| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.20348.1663] and later
✅ [10.0.25145] and later
✅ Windows 10, version 1809 [10.0.17763.4244] and later
✅ Windows 10, version 2004 [10.0.19041.2784] and later
✅ Windows 11, version 21H2 [10.0.22000.1754] and later
✅ Windows 11, version 22H2 [10.0.22621.1480] and later | @@ -807,7 +807,7 @@ This setting has a maximum allowed value of 10 words. | Scope | Editions | Applicable OS | |:--|:--|:--| -| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.20348.1663] and later
✅ Windows 10, version 1809 [10.0.17763.4244] and later
✅ Windows 10, version 2004 [10.0.19041.2784] and later
✅ Windows 11, version 21H2 [10.0.22000.1754] and later
✅ Windows 11, version 22H2 [10.0.22621.1480] and later
✅ Windows Insider Preview [10.0.25145] | +| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.20348.1663] and later
✅ [10.0.25145] and later
✅ Windows 10, version 1809 [10.0.17763.4244] and later
✅ Windows 10, version 2004 [10.0.19041.2784] and later
✅ Windows 11, version 21H2 [10.0.22000.1754] and later
✅ Windows 11, version 22H2 [10.0.22621.1480] and later | @@ -855,7 +855,7 @@ This setting has a maximum allowed value of 365 days. | Scope | Editions | Applicable OS | |:--|:--|:--| -| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.20348.1663] and later
✅ Windows 10, version 1809 [10.0.17763.4244] and later
✅ Windows 10, version 2004 [10.0.19041.2784] and later
✅ Windows 11, version 21H2 [10.0.22000.1754] and later
✅ Windows 11, version 22H2 [10.0.22621.1480] and later
✅ Windows Insider Preview [10.0.25145] | +| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.20348.1663] and later
✅ [10.0.25145] and later
✅ Windows 10, version 1809 [10.0.17763.4244] and later
✅ Windows 10, version 2004 [10.0.19041.2784] and later
✅ Windows 11, version 21H2 [10.0.22000.1754] and later
✅ Windows 11, version 22H2 [10.0.22621.1480] and later | @@ -927,7 +927,7 @@ Passphrase list taken from "Deep Dive: EFF's New Wordlists for Random Passphrase | Scope | Editions | Applicable OS | |:--|:--|:--| -| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.20348.1663] and later
✅ Windows 10, version 1809 [10.0.17763.4244] and later
✅ Windows 10, version 2004 [10.0.19041.2784] and later
✅ Windows 11, version 21H2 [10.0.22000.1754] and later
✅ Windows 11, version 22H2 [10.0.22621.1480] and later
✅ Windows Insider Preview [10.0.25145] | +| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.20348.1663] and later
✅ [10.0.25145] and later
✅ Windows 10, version 1809 [10.0.17763.4244] and later
✅ Windows 10, version 2004 [10.0.19041.2784] and later
✅ Windows 11, version 21H2 [10.0.22000.1754] and later
✅ Windows 11, version 22H2 [10.0.22621.1480] and later | @@ -983,7 +983,7 @@ If not specified, this setting defaults to True. | Scope | Editions | Applicable OS | |:--|:--|:--| -| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.20348.1663] and later
✅ Windows 10, version 1809 [10.0.17763.4244] and later
✅ Windows 10, version 2004 [10.0.19041.2784] and later
✅ Windows 11, version 21H2 [10.0.22000.1754] and later
✅ Windows 11, version 22H2 [10.0.22621.1480] and later
✅ Windows Insider Preview [10.0.25145] | +| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.20348.1663] and later
✅ [10.0.25145] and later
✅ Windows 10, version 1809 [10.0.17763.4244] and later
✅ Windows 10, version 2004 [10.0.19041.2784] and later
✅ Windows 11, version 21H2 [10.0.22000.1754] and later
✅ Windows 11, version 22H2 [10.0.22621.1480] and later | @@ -1031,7 +1031,7 @@ This setting has a maximum allowed value of 64 characters. | Scope | Editions | Applicable OS | |:--|:--|:--| -| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.20348.1663] and later
✅ Windows 10, version 1809 [10.0.17763.4244] and later
✅ Windows 10, version 2004 [10.0.19041.2784] and later
✅ Windows 11, version 21H2 [10.0.22000.1754] and later
✅ Windows 11, version 22H2 [10.0.22621.1480] and later
✅ Windows Insider Preview [10.0.25145] | +| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.20348.1663] and later
✅ [10.0.25145] and later
✅ Windows 10, version 1809 [10.0.17763.4244] and later
✅ Windows 10, version 2004 [10.0.19041.2784] and later
✅ Windows 11, version 21H2 [10.0.22000.1754] and later
✅ Windows 11, version 22H2 [10.0.22621.1480] and later | @@ -1089,7 +1089,7 @@ If not specified, this setting will default to 3 (Reset the password and logoff | Scope | Editions | Applicable OS | |:--|:--|:--| -| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.20348.1663] and later
✅ Windows 10, version 1809 [10.0.17763.4244] and later
✅ Windows 10, version 2004 [10.0.19041.2784] and later
✅ Windows 11, version 21H2 [10.0.22000.1754] and later
✅ Windows 11, version 22H2 [10.0.22621.1480] and later
✅ Windows Insider Preview [10.0.25145] | +| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.20348.1663] and later
✅ [10.0.25145] and later
✅ Windows 10, version 1809 [10.0.17763.4244] and later
✅ Windows 10, version 2004 [10.0.19041.2784] and later
✅ Windows 11, version 21H2 [10.0.22000.1754] and later
✅ Windows 11, version 22H2 [10.0.22621.1480] and later | diff --git a/windows/client-management/mdm/policy-csp-internetexplorer.md b/windows/client-management/mdm/policy-csp-internetexplorer.md index 54422578ac..61083dafc6 100644 --- a/windows/client-management/mdm/policy-csp-internetexplorer.md +++ b/windows/client-management/mdm/policy-csp-internetexplorer.md @@ -1,7 +1,7 @@ --- title: InternetExplorer Policy CSP description: Learn more about the InternetExplorer Area in Policy CSP. -ms.date: 06/19/2024 +ms.date: 06/21/2024 --- @@ -7772,7 +7772,7 @@ High Safety enables applets to run in their sandbox. Disable Java to prevent any | Scope | Editions | Applicable OS | |:--|:--|:--| -| ✅ Device
✅ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.20348.2227] and later
✅ Windows 10, version 2004 [10.0.19041.3758] and later
✅ Windows 11, version 22H2 [10.0.22621.2792] and later
✅ Windows Insider Preview [10.0.25398.643] | +| ✅ Device
✅ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.20348.2227] and later
✅ [10.0.25398.643] and later
✅ [10.0.25965] and later
✅ Windows 10, version 2004 [10.0.19041.3758] and later
✅ Windows 11, version 22H2 [10.0.22621.2792] and later | @@ -8847,7 +8847,7 @@ High Safety enables applets to run in their sandbox. Disable Java to prevent any | Scope | Editions | Applicable OS | |:--|:--|:--| -| ✅ Device
✅ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.20348.2227] and later
✅ Windows 10, version 2004 [10.0.19041.3758] and later
✅ Windows 11, version 22H2 [10.0.22621.2792] and later
✅ Windows Insider Preview [10.0.25398.643] | +| ✅ Device
✅ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.20348.2227] and later
✅ [10.0.25398.643] and later
✅ [10.0.25965] and later
✅ Windows 10, version 2004 [10.0.19041.3758] and later
✅ Windows 11, version 22H2 [10.0.22621.2792] and later | @@ -17418,7 +17418,7 @@ High Safety enables applets to run in their sandbox. Disable Java to prevent any | Scope | Editions | Applicable OS | |:--|:--|:--| -| ✅ Device
✅ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.20348.2227] and later
✅ Windows 10, version 2004 [10.0.19041.3758] and later
✅ Windows 11, version 22H2 [10.0.22621.2792] and later
✅ Windows Insider Preview [10.0.25398.643] | +| ✅ Device
✅ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.20348.2227] and later
✅ [10.0.25398.643] and later
✅ [10.0.25965] and later
✅ Windows 10, version 2004 [10.0.19041.3758] and later
✅ Windows 11, version 22H2 [10.0.22621.2792] and later | diff --git a/windows/client-management/mdm/policy-csp-privacy.md b/windows/client-management/mdm/policy-csp-privacy.md index 5094419e31..4713b9e21b 100644 --- a/windows/client-management/mdm/policy-csp-privacy.md +++ b/windows/client-management/mdm/policy-csp-privacy.md @@ -1,7 +1,7 @@ --- title: Privacy Policy CSP description: Learn more about the Privacy Area in Policy CSP. -ms.date: 01/18/2024 +ms.date: 06/21/2024 --- @@ -9,8 +9,6 @@ ms.date: 01/18/2024 # Policy CSP - Privacy -[!INCLUDE [Windows Insider tip](includes/mdm-insider-csp-note.md)] - @@ -2929,7 +2927,7 @@ If an app is open when this Group Policy object is applied on a device, employee | Scope | Editions | Applicable OS | |:--|:--|:--| -| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview [10.0.25000] | +| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.25000] and later | @@ -3005,7 +3003,7 @@ If an app is open when this Group Policy object is applied on a device, employee | Scope | Editions | Applicable OS | |:--|:--|:--| -| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview [10.0.25000] | +| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.25000] and later | @@ -3070,7 +3068,7 @@ If an app is open when this Group Policy object is applied on a device, employee | Scope | Editions | Applicable OS | |:--|:--|:--| -| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview [10.0.25000] | +| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.25000] and later | @@ -3135,7 +3133,7 @@ If an app is open when this Group Policy object is applied on a device, employee | Scope | Editions | Applicable OS | |:--|:--|:--| -| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ Windows Insider Preview [10.0.25000] | +| ✅ Device
❌ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.25000] and later | diff --git a/windows/client-management/mdm/policy-csp-remotedesktopservices.md b/windows/client-management/mdm/policy-csp-remotedesktopservices.md index bb9986b0c4..6a06309613 100644 --- a/windows/client-management/mdm/policy-csp-remotedesktopservices.md +++ b/windows/client-management/mdm/policy-csp-remotedesktopservices.md @@ -1,7 +1,7 @@ --- title: RemoteDesktopServices Policy CSP description: Learn more about the RemoteDesktopServices Area in Policy CSP. -ms.date: 06/19/2024 +ms.date: 06/21/2024 --- @@ -439,7 +439,7 @@ By default, Remote Desktop allows redirection of WebAuthn requests. | Scope | Editions | Applicable OS | |:--|:--|:--| -| ✅ Device
✅ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.20348.2400] and later
✅ Windows 11, version 21H2 [10.0.22000.2898] and later
✅ Windows 11, version 22H2 [10.0.22621.3374] and later
✅ Windows 11, version 23H2 [10.0.22631.3374] and later
✅ Windows Insider Preview | +| ✅ Device
✅ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.20348.2400] and later
✅ [10.0.25398.827] and later
✅ Windows 11, version 21H2 [10.0.22000.2898] and later
✅ Windows 11, version 22H2 [10.0.22621.3374] and later
✅ Windows 11, version 23H2 [10.0.22631.3374] and later
✅ Windows Insider Preview | @@ -493,7 +493,7 @@ By default, Remote Desktop allows redirection of WebAuthn requests. | Scope | Editions | Applicable OS | |:--|:--|:--| -| ✅ Device
✅ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.20348.2400] and later
✅ Windows 11, version 21H2 [10.0.22000.2898] and later
✅ Windows 11, version 22H2 [10.0.22621.3374] and later
✅ Windows 11, version 23H2 [10.0.22631.3374] and later
✅ Windows Insider Preview | +| ✅ Device
✅ User | ✅ Pro
✅ Enterprise
✅ Education
✅ Windows SE
✅ IoT Enterprise / IoT Enterprise LTSC | ✅ [10.0.20348.2400] and later
✅ [10.0.25398.827] and later
✅ Windows 11, version 21H2 [10.0.22000.2898] and later
✅ Windows 11, version 22H2 [10.0.22621.3374] and later
✅ Windows 11, version 23H2 [10.0.22631.3374] and later
✅ Windows Insider Preview | From 6d00f714b067749e4d999274305036135ddc2fcc Mon Sep 17 00:00:00 2001 From: Cern McAtee Date: Fri, 21 Jun 2024 14:03:41 -0700 Subject: [PATCH 23/36] Update whats-new-microsoft-store-business-education.md --- .../whats-new-microsoft-store-business-education.md | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/store-for-business/whats-new-microsoft-store-business-education.md b/store-for-business/whats-new-microsoft-store-business-education.md index 964efc7788..6069bb6ad8 100644 --- a/store-for-business/whats-new-microsoft-store-business-education.md +++ b/store-for-business/whats-new-microsoft-store-business-education.md @@ -8,7 +8,7 @@ ms.author: cmcatee author: cmcatee-MSFT manager: scotv ms.topic: conceptual -ms.date: 01/11/2024 +ms.date: 06/21/2024 ms.reviewer: --- @@ -20,6 +20,12 @@ ms.reviewer: ## Latest updates for Store for Business and Education +**June 2024** + +The Microsoft Store for Business and Microsoft Store for Education portals will retire on August 15, 2024. For more information about this change, see [Update to Intune integration with the Microsoft Store on Windows](https://techcommunity.microsoft.com/t5/windows-it-pro-blog/update-to-intune-integration-with-the-microsoft-store-on-windows/ba-p/3585077) and [FAQ: Supporting Microsoft Store experiences on managed devices](https://techcommunity.microsoft.com/t5/windows-management/faq-supporting-microsoft-store-experiences-on-managed-devices/m-p/3585286). If you are using offline licensing, you can use the [WinGet Download command](/windows/package-manager/winget/download) to continue to access offline apps and license files. + +## Previous releases and updates + **January 2024** **Removal of private store capability from Microsoft Store for Business and Education** @@ -28,8 +34,6 @@ The private store tab and associated functionality was removed from the Microsof We recommend customers use the [Private app repository, Windows Package Manager, and Company Portal app](/windows/application-management/private-app-repository-mdm-company-portal-windows-11) to provide a private app repository within their organization. -## Previous releases and updates - [May 2023](release-history-microsoft-store-business-education.md#may-2023) - Tab removed from Microsoft Store apps on Windows 10 PCs. From d8728692327c72fc3db0ab5a96a8c55812e52d56 Mon Sep 17 00:00:00 2001 From: Cern McAtee Date: Fri, 21 Jun 2024 14:51:43 -0700 Subject: [PATCH 24/36] Update whats-new-microsoft-store-business-education.md --- .../whats-new-microsoft-store-business-education.md | 4 ---- 1 file changed, 4 deletions(-) diff --git a/store-for-business/whats-new-microsoft-store-business-education.md b/store-for-business/whats-new-microsoft-store-business-education.md index 6069bb6ad8..4af32aae83 100644 --- a/store-for-business/whats-new-microsoft-store-business-education.md +++ b/store-for-business/whats-new-microsoft-store-business-education.md @@ -14,10 +14,6 @@ ms.reviewer: # What's new in Microsoft Store for Business and Education -> [!IMPORTANT] -> -> - The retirement of Microsoft Store for Business and Microsoft Store for Education has been postponed. We will update this notice when a new retirement date is announced. You can continue to use the current capabilities of free apps until that time. For more information about this change, see [Update to Intune integration with the Microsoft Store on Windows](https://techcommunity.microsoft.com/t5/windows-it-pro-blog/update-to-endpoint-manager-integration-with-the-microsoft-store/ba-p/3585077) and [FAQ: Supporting Microsoft Store experiences on managed devices](https://techcommunity.microsoft.com/t5/windows-management/faq-supporting-microsoft-store-experiences-on-managed-devices/m-p/3585286). - ## Latest updates for Store for Business and Education **June 2024** From 2dbf84843f4a450ef63ce58c5d1d384c9b8a90ca Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Sun, 23 Jun 2024 08:50:25 -0400 Subject: [PATCH 25/36] Updates --- windows/security/docfx.json | 5 +++++ .../deploy/hybrid-cert-trust-adfs.md | 16 ++-------------- .../deploy/hybrid-cert-trust-enroll.md | 2 +- .../deploy/hybrid-cert-trust-pki.md | 2 +- .../deploy/hybrid-cert-trust.md | 2 +- .../includes/certificate-template-auth.md | 2 +- .../certificate-template-enrollment-agent.md | 2 +- .../deploy/on-premises-cert-trust-adfs.md | 19 ++++--------------- .../deploy/on-premises-cert-trust-enroll.md | 2 +- .../deploy/on-premises-cert-trust.md | 4 +--- .../hello-for-business/deploy/toc.yml | 10 +++++----- 11 files changed, 23 insertions(+), 43 deletions(-) diff --git a/windows/security/docfx.json b/windows/security/docfx.json index 2e3135282a..af2b39bffc 100644 --- a/windows/security/docfx.json +++ b/windows/security/docfx.json @@ -167,6 +167,11 @@ "✅ Windows Server 2019", "✅ Windows Server 2016" ], + "identity-protection/hello-for-business/**/*.md": [ + "✅ Windows 11", + "✅ Windows 10", + "✅ Windows Server 2025 (preview)" + ], "identity-protection/smart-cards/**/*.md": [ "✅ Windows 11", "✅ Windows 10", diff --git a/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-adfs.md b/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-adfs.md index 94167d36b9..d17d8078a4 100644 --- a/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-adfs.md +++ b/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-adfs.md @@ -1,7 +1,7 @@ --- title: Configure Active Directory Federation Services in a hybrid certificate trust model description: Learn how to configure Active Directory Federation Services (AD FS) to support the Windows Hello for Business hybrid certificate trust model. -ms.date: 03/12/2024 +ms.date: 06/23/2024 ms.topic: tutorial --- @@ -52,19 +52,7 @@ Sign-in a domain controller or management workstation with _Domain Admin_ equiva 1. Restart the AD FS server > [!NOTE] -> For AD FS 2019 in a hybrid certificate trust model, a PRT issue exists. You may encounter this error in the AD FS Admin event logs: *Received invalid Oauth request. The client 'NAME' is forbidden to access the resource with scope 'ugs'*. To remediate this error: -> -> 1. Launch AD FS management console and browse to **Services > Scope Descriptions** -> 1. Right click **Scope Descriptions** and select **Add Scope Description** -> 1. Under name type `ugs` and select **Apply > OK** -> 1. Launch PowerShell as an administrator -> 1. Obtain the *ObjectIdentifier* of the application permission with the `ClientRoleIdentifier` parameter equal to `38aa3b87-a06d-4817-b275-7a316988d93b`: -> ```PowerShell -> (Get-AdfsApplicationPermission -ServerRoleIdentifiers 'http://schemas.microsoft.com/ws/2009/12/identityserver/selfscope' | ?{ $_.ClientRoleIdentifier -eq '38aa3b87-a06d-4817-b275-7a316988d93b' }).ObjectIdentifier -> ``` -> 1. Execute the command `Set-AdfsApplicationPermission -TargetIdentifier -AddScope 'ugs'`. -> 1. Restart the AD FS service -> 1. On the client: Restart the client. User should be prompted to provision Windows Hello for Business +> For AD FS 2019 and later in a certificate trust model, a known PRT issue exists. You may encounter this error in AD FS Admin event logs: Received invalid Oauth request. The client 'NAME' is forbidden to access the resource with scope 'ugs'. For more information about the isse and its resolution, see [Certificate trust provisioning with AD FS broken on windows server 2019](../hello-deployment-issues.md#certificate-trust-provisioning-with-ad-fs-broken-on-windows-server-2019). ## Section review and next steps diff --git a/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-enroll.md b/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-enroll.md index 2891e83911..50ff10820c 100644 --- a/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-enroll.md +++ b/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-enroll.md @@ -1,7 +1,7 @@ --- title: Configure and enroll in Windows Hello for Business in hybrid certificate trust model description: Learn how to configure devices and enroll them in Windows Hello for Business in a hybrid certificate trust scenario. -ms.date: 03/12/2024 +ms.date: 06/23/2024 ms.topic: tutorial --- diff --git a/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-pki.md b/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-pki.md index 35d1ff0083..64fe6ba400 100644 --- a/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-pki.md +++ b/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-pki.md @@ -1,7 +1,7 @@ --- title: Configure and validate the PKI in an hybrid certificate trust model description: Configure and validate the Public Key Infrastructure when deploying Windows Hello for Business in a hybrid certificate trust model. -ms.date: 03/12/2024 +ms.date: 06/23/2024 ms.topic: tutorial --- diff --git a/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust.md b/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust.md index 58e8cc3e3d..bbb9a72759 100644 --- a/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust.md +++ b/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust.md @@ -1,7 +1,7 @@ --- title: Windows Hello for Business hybrid certificate trust deployment guide description: Learn how to deploy Windows Hello for Business in a hybrid certificate trust scenario. -ms.date: 03/12/2024 +ms.date: 06/23/2024 ms.topic: tutorial --- diff --git a/windows/security/identity-protection/hello-for-business/deploy/includes/certificate-template-auth.md b/windows/security/identity-protection/hello-for-business/deploy/includes/certificate-template-auth.md index aab8d0e4c9..4adf8b030a 100644 --- a/windows/security/identity-protection/hello-for-business/deploy/includes/certificate-template-auth.md +++ b/windows/security/identity-protection/hello-for-business/deploy/includes/certificate-template-auth.md @@ -61,4 +61,4 @@ CertUtil: -dsTemplate command completed successfully." ``` >[!NOTE] ->If you gave your Windows Hello for Business Authentication certificate template a different name, then replace `WHFBAuthentication` in the above command with the name of your certificate template. It's important that you use the template name rather than the template display name. You can view the template name on the **General** tab of the certificate template using the Certificate Template management console (certtmpl.msc). Or, you can view the template name using the `Get-CATemplate` ADCS Administration Windows PowerShell cmdlet on your certification authority. +>If you gave your Windows Hello for Business Authentication certificate template a different name, then replace `WHFBAuthentication` in the above command with the name of your certificate template. It's important that you use the template name rather than the template display name. You can view the template name on the **General** tab of the certificate template using the Certificate Template management console (certtmpl.msc). diff --git a/windows/security/identity-protection/hello-for-business/deploy/includes/certificate-template-enrollment-agent.md b/windows/security/identity-protection/hello-for-business/deploy/includes/certificate-template-enrollment-agent.md index b43c9f754a..0290c9b645 100644 --- a/windows/security/identity-protection/hello-for-business/deploy/includes/certificate-template-enrollment-agent.md +++ b/windows/security/identity-protection/hello-for-business/deploy/includes/certificate-template-enrollment-agent.md @@ -3,7 +3,7 @@ ms.date: 01/03/2024 ms.topic: include --- -### Configure an enrollment agent certificate template +## Configure an enrollment agent certificate template A certificate registration authority (CRA) is a trusted authority that validates certificate request. Once it validates the request, it presents the request to the certification authority (CA) for issuance. The CA issues the certificate, returns it to the CRA, which returns the certificate to the requesting user. Windows Hello for Business certificate trust deployments use AD FS as the CRA. diff --git a/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-adfs.md b/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-adfs.md index dc000be03a..766ebc53d4 100644 --- a/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-adfs.md +++ b/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-adfs.md @@ -1,7 +1,7 @@ --- title: Configure Active Directory Federation Services in an on-premises certificate trust model description: Learn how to configure Active Directory Federation Services (AD FS) to support the Windows Hello for Business on-premises certificate trust model. -ms.date: 03/12/2024 +ms.date: 06/23/2024 ms.topic: tutorial --- @@ -16,20 +16,7 @@ Windows Hello for Business works exclusively with the Active Directory Federatio [!INCLUDE [adfs-deploy](includes/adfs-deploy.md)] > [!NOTE] -> For AD FS 2019 and later in a certificate trust model, a known PRT issue exists. You may encounter this error in AD FS Admin event logs: Received invalid Oauth request. The client 'NAME' is forbidden to access the resource with scope 'ugs'. To remediate this error: -> -> 1. Launch AD FS management console. Browse to ***Services > Scope Descriptions** -> 1. Right-click **Scope Descriptions** and select **Add Scope Description** -> 1. Under name type *ugs* and select **Apply > OK** -> 1. Launch PowerShell as an administrator and execute the following commands: -> -> ```PowerShell -> $id = (Get-AdfsApplicationPermission -ServerRoleIdentifiers 'http://schemas.microsoft.com/ws/2009/12/identityserver/selfscope' | ?{ $_.ClientRoleIdentifier -eq '38aa3b87-a06d-4817-b275-7a316988d93b' }).ObjectIdentifier -> Set-AdfsApplicationPermission -TargetIdentifier $id -AddScope 'ugs' -> ``` -> -> 1. Restart the AD FS service -> 1. Restart the client. User should be prompted to provision Windows Hello for Business +> For AD FS 2019 and later in a certificate trust model, a known PRT issue exists. You may encounter this error in AD FS Admin event logs: Received invalid Oauth request. The client 'NAME' is forbidden to access the resource with scope 'ugs'. For more information about the isse and its resolution, see [Certificate trust provisioning with AD FS broken on windows server 2019](../hello-deployment-issues.md#certificate-trust-provisioning-with-ad-fs-broken-on-windows-server-2019). ## Review to validate the AD FS and Active Directory configuration @@ -40,6 +27,8 @@ Windows Hello for Business works exclusively with the Active Directory Federatio > - Confirm you added the AD FS service account to the KeyAdmins group > - Confirm you enabled the Device Registration service +[!INCLUDE [enrollment-agent-certificate-template](includes/certificate-template-enrollment-agent.md)] + ## Configure the certificate registration authority The Windows Hello for Business on-premises certificate-based deployment uses AD FS as the certificate registration authority (CRA). The registration authority is responsible for issuing certificates to users and devices. The registration authority is also responsible for revoking certificates when users or devices are removed from the environment. diff --git a/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll.md b/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll.md index f856919e78..2c9e551150 100644 --- a/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll.md +++ b/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll.md @@ -1,5 +1,5 @@ --- -ms.date: 03/12/2024 +ms.date: 06/23/2024 ms.topic: tutorial title: Configure Windows Hello for Business Policy settings in an on-premises certificate trust description: Configure Windows Hello for Business Policy settings for Windows Hello for Business in an on-premises certificate trust scenario diff --git a/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust.md b/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust.md index 92ee0befff..69b6ebb9fd 100644 --- a/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust.md +++ b/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust.md @@ -1,7 +1,7 @@ --- title: Windows Hello for Business on-premises certificate trust deployment guide description: Learn how to deploy Windows Hello for Business in an on-premises, certificate trust scenario. -ms.date: 03/12/2024 +ms.date: 06/23/2024 ms.topic: tutorial --- @@ -48,8 +48,6 @@ Windows Hello for Business must have a Public Key Infrastructure (PKI) when usin [!INCLUDE [web-server-certificate-template](includes/certificate-template-web-server.md)] -[!INCLUDE [enrollment-agent-certificate-template](includes/certificate-template-enrollment-agent.md)] - [!INCLUDE [auth-certificate-template](includes/certificate-template-auth.md)] [!INCLUDE [unpublish-superseded-templates](includes/unpublish-superseded-templates.md)] diff --git a/windows/security/identity-protection/hello-for-business/deploy/toc.yml b/windows/security/identity-protection/hello-for-business/deploy/toc.yml index 55964be416..9ae8643cf0 100644 --- a/windows/security/identity-protection/hello-for-business/deploy/toc.yml +++ b/windows/security/identity-protection/hello-for-business/deploy/toc.yml @@ -8,7 +8,7 @@ items: - name: Cloud Kerberos trust deployment href: hybrid-cloud-kerberos-trust.md - name: Key trust deployment - items: + items: - name: Requirements and validation href: hybrid-key-trust.md displayName: key trust @@ -19,7 +19,7 @@ items: href: ../hello-hybrid-aadj-sso.md displayName: key trust - name: Certificate trust deployment - items: + items: - name: Requirements and validation href: hybrid-cert-trust.md displayName: certificate trust @@ -41,7 +41,7 @@ items: - name: On-premises deployments items: - name: Key trust deployment - items: + items: - name: Requirements and validation href: on-premises-key-trust.md - name: Prepare and deploy Active Directory Federation Services (AD FS) @@ -49,10 +49,10 @@ items: - name: Configure and enroll in Windows Hello for Business href: on-premises-key-trust-enroll.md - name: Certificate trust deployment - items: + items: - name: Requirements and validation href: on-premises-cert-trust.md - - name: Prepare and Deploy Active Directory Federation Services (AD FS) + - name: Prepare and deploy Active Directory Federation Services (AD FS) href: on-premises-cert-trust-adfs.md - name: Configure and enroll in Windows Hello for Business href: on-premises-cert-trust-enroll.md From db7d53094ee86abc9092a0a065dab3ef4ba9f83b Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Sun, 23 Jun 2024 16:23:49 -0400 Subject: [PATCH 26/36] updates --- .../hello-for-business/deploy/includes/adfs-mfa.md | 4 +++- .../hello-for-business/deploy/on-premises-cert-trust-adfs.md | 1 + .../hello-for-business/deploy/on-premises-cert-trust.md | 2 -- 3 files changed, 4 insertions(+), 3 deletions(-) diff --git a/windows/security/identity-protection/hello-for-business/deploy/includes/adfs-mfa.md b/windows/security/identity-protection/hello-for-business/deploy/includes/adfs-mfa.md index a684145a1d..6adbe43c94 100644 --- a/windows/security/identity-protection/hello-for-business/deploy/includes/adfs-mfa.md +++ b/windows/security/identity-protection/hello-for-business/deploy/includes/adfs-mfa.md @@ -1,5 +1,5 @@ --- -ms.date: 01/03/2024 +ms.date: 06/23/2024 ms.topic: include --- @@ -8,6 +8,8 @@ ms.topic: include Windows Hello for Business requires users perform multifactor authentication (MFA) prior to enroll in the service. On-premises deployments can use, as MFA option: - certificates + > [!NOTE] + > When using this option, the certificates must be deployed to the users. For example, users can use their smart card or virtual smart card as a certificate authentication option. - non-Microsoft authentication providers for AD FS - custom authentication provider for AD FS diff --git a/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-adfs.md b/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-adfs.md index 766ebc53d4..8ae0f88a26 100644 --- a/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-adfs.md +++ b/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-adfs.md @@ -76,6 +76,7 @@ For detailed information about the certificate, use `Certutil -q -v [!div class="checklist"] > Before you continue with the deployment, validate your deployment progress by reviewing the following items: > +> - Configure an enrollment agent certificate template > - Confirm only the AD FS service account has the allow enroll permission for the enrollment agent certificate template > - Consider using an HSM to protect the enrollment agent certificate; however, understand the frequency and quantity of signature operations the enrollment agent server makes and understand the impact it has on overall performance > - Confirm you properly configured the Windows Hello for Business authentication certificate template diff --git a/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust.md b/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust.md index 69b6ebb9fd..20ea17f9cc 100644 --- a/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust.md +++ b/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust.md @@ -7,7 +7,6 @@ ms.topic: tutorial # On-premises certificate trust deployment guide - [!INCLUDE [apply-to-on-premises-cert-trust](includes/apply-to-on-premises-cert-trust.md)] [!INCLUDE [requirements](includes/requirements.md)] @@ -83,7 +82,6 @@ Sign in to the CA or management workstations with **Enterprise Admin** equivalen > - Configure domain controller and web server certificate templates > - Supersede existing domain controller certificates > - Unpublish superseded certificate templates -> - Configure an enrollment agent certificate template > - Publish the certificate templates to the CA > - Deploy certificates to the domain controllers > - Validate the domain controllers configuration From 19459e417da4ca89567d0883c5d318870fbca90b Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Mon, 24 Jun 2024 12:28:25 -0400 Subject: [PATCH 27/36] updates --- windows/security/docfx.json | 5 ----- .../deploy/on-premises-cert-trust-enroll.md | 2 ++ 2 files changed, 2 insertions(+), 5 deletions(-) diff --git a/windows/security/docfx.json b/windows/security/docfx.json index af2b39bffc..2e3135282a 100644 --- a/windows/security/docfx.json +++ b/windows/security/docfx.json @@ -167,11 +167,6 @@ "✅ Windows Server 2019", "✅ Windows Server 2016" ], - "identity-protection/hello-for-business/**/*.md": [ - "✅ Windows 11", - "✅ Windows 10", - "✅ Windows Server 2025 (preview)" - ], "identity-protection/smart-cards/**/*.md": [ "✅ Windows 11", "✅ Windows 10", diff --git a/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll.md b/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll.md index 2c9e551150..63391d32fc 100644 --- a/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll.md +++ b/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll.md @@ -75,6 +75,8 @@ The AD FS registration authority verifies the key used in the certificate reques The CA validates that the certificate is signed by the registration authority. On successful validation, it issues a certificate based on the request and returns the certificate to the AD FS registration authority. The registration authority returns the certificate to Windows where it then installs the certificate in the current user's certificate store. Once this process completes, the Windows Hello for Business provisioning workflow informs the user that they can use their PIN to sign-in through the Action Center. +> [!VIDEO 387edee6-45a2-421d-9ea7-0f5aa0f02289] + ### Sequence diagram To better understand the provisioning flows, review the following sequence diagram: From 1e0469f8454923e0f18415a1c8d870c13a103026 Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Mon, 24 Jun 2024 12:55:20 -0400 Subject: [PATCH 28/36] updates --- .../hello-for-business/deploy/on-premises-cert-trust-enroll.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll.md b/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll.md index 63391d32fc..f6cd340522 100644 --- a/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll.md +++ b/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll.md @@ -77,6 +77,8 @@ The CA validates that the certificate is signed by the registration authority. O > [!VIDEO 387edee6-45a2-421d-9ea7-0f5aa0f02289] +> [!VIDEO https://learn-video.azurefd.net/vod/player?id=771165c0-e37f-4f9d-9e21-4f383cc6590d] + ### Sequence diagram To better understand the provisioning flows, review the following sequence diagram: From 5163bf104f3a349bbe3fdc3c2d1156324e6772a7 Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Mon, 24 Jun 2024 14:34:52 -0400 Subject: [PATCH 29/36] updates --- .../hello-for-business/deploy/on-premises-cert-trust-enroll.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll.md b/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll.md index f6cd340522..4b378b308b 100644 --- a/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll.md +++ b/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll.md @@ -75,8 +75,6 @@ The AD FS registration authority verifies the key used in the certificate reques The CA validates that the certificate is signed by the registration authority. On successful validation, it issues a certificate based on the request and returns the certificate to the AD FS registration authority. The registration authority returns the certificate to Windows where it then installs the certificate in the current user's certificate store. Once this process completes, the Windows Hello for Business provisioning workflow informs the user that they can use their PIN to sign-in through the Action Center. -> [!VIDEO 387edee6-45a2-421d-9ea7-0f5aa0f02289] - > [!VIDEO https://learn-video.azurefd.net/vod/player?id=771165c0-e37f-4f9d-9e21-4f383cc6590d] ### Sequence diagram From f10e79fdb1c007176833c2e98ae56b633cb573ff Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Mon, 24 Jun 2024 15:12:49 -0400 Subject: [PATCH 30/36] updates --- .../hello-for-business/deploy/on-premises-cert-trust-enroll.md | 2 +- .../hello-for-business/deploy/on-premises-key-trust-enroll.md | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll.md b/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll.md index 4b378b308b..d46c68519a 100644 --- a/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll.md +++ b/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll.md @@ -73,7 +73,7 @@ After a successful key registration, Windows creates a certificate request using The AD FS registration authority verifies the key used in the certificate request matches the key that was previously registered. On a successful match, the AD FS registration authority signs the certificate request using its enrollment agent certificate and sends it to the certificate authority. -The CA validates that the certificate is signed by the registration authority. On successful validation, it issues a certificate based on the request and returns the certificate to the AD FS registration authority. The registration authority returns the certificate to Windows where it then installs the certificate in the current user's certificate store. Once this process completes, the Windows Hello for Business provisioning workflow informs the user that they can use their PIN to sign-in through the Action Center. +The CA validates that the certificate is signed by the registration authority. On successful validation, it issues a certificate based on the request and returns the certificate to the AD FS registration authority. The registration authority returns the certificate to Windows where it then installs the certificate in the current user's certificate store. > [!VIDEO https://learn-video.azurefd.net/vod/player?id=771165c0-e37f-4f9d-9e21-4f383cc6590d] diff --git a/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust-enroll.md b/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust-enroll.md index 34f55f78f3..5a3224a779 100644 --- a/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust-enroll.md +++ b/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust-enroll.md @@ -52,6 +52,8 @@ This information is also available using the `dsregcmd.exe /status` command from [!INCLUDE [user-experience](includes/user-experience.md)] +> [!VIDEO https://learn-video.azurefd.net/vod/player?id=771165c0-e37f-4f9d-9e21-4f383cc6590d] + ### Sequence diagram To better understand the provisioning flows, review the following sequence diagram: From 934cff5fd58697ee42bf9e7dcbe3588975ead611 Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Mon, 24 Jun 2024 15:37:47 -0400 Subject: [PATCH 31/36] updates --- .../deploy/on-premises-cert-trust-adfs.md | 13 +++++++++++++ .../deploy/on-premises-cert-trust.md | 2 +- .../deploy/on-premises-key-trust.md | 4 ++-- 3 files changed, 16 insertions(+), 3 deletions(-) diff --git a/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-adfs.md b/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-adfs.md index 8ae0f88a26..1d2b4c388f 100644 --- a/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-adfs.md +++ b/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-adfs.md @@ -29,6 +29,19 @@ Windows Hello for Business works exclusively with the Active Directory Federatio [!INCLUDE [enrollment-agent-certificate-template](includes/certificate-template-enrollment-agent.md)] +### Publish the certificate template to the CA + +Sign in to the CA or management workstations with **Enterprise Admin** equivalent credentials. + +1. Open the **Certification Authority** management console +1. Expand the parent node from the navigation pane +1. Select **Certificate Templates** in the navigation pane +1. Right-click the **Certificate Templates** node. Select **New > Certificate Template** to issue +1. In the **Enable Certificates Templates** window, select the *WHFB Enrollment Agent* template you created in the previous step. Select **OK** to publish the selected certificate templates to the certification authority +1. If you published the *Domain Controller Authentication (Kerberos)* certificate template, then unpublish the certificate templates you included in the superseded templates list + - To unpublish a certificate template, right-click the certificate template you want to unpublish and select **Delete**. Select **Yes** to confirm the operation +1. Close the console + ## Configure the certificate registration authority The Windows Hello for Business on-premises certificate-based deployment uses AD FS as the certificate registration authority (CRA). The registration authority is responsible for issuing certificates to users and devices. The registration authority is also responsible for revoking certificates when users or devices are removed from the environment. diff --git a/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust.md b/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust.md index 20ea17f9cc..0240088385 100644 --- a/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust.md +++ b/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust.md @@ -61,7 +61,7 @@ Sign in to the CA or management workstations with **Enterprise Admin** equivalen 1. Expand the parent node from the navigation pane 1. Select **Certificate Templates** in the navigation pane 1. Right-click the **Certificate Templates** node. Select **New > Certificate Template** to issue -1. In the **Enable Certificates Templates** window, select the *Domain Controller Authentication (Kerberos)*, *Internal Web Server*, *WHFB Enrollment Agent* and *WHFB Authentication* templates you created in the previous steps. Select **OK** to publish the selected certificate templates to the certification authority +1. In the **Enable Certificates Templates** window, select the *Domain Controller Authentication (Kerberos)*, *Internal Web Server*, and *WHFB Authentication* templates you created in the previous steps. Select **OK** to publish the selected certificate templates to the certification authority 1. If you published the *Domain Controller Authentication (Kerberos)* certificate template, then unpublish the certificate templates you included in the superseded templates list - To unpublish a certificate template, right-click the certificate template you want to unpublish and select **Delete**. Select **Yes** to confirm the operation 1. Close the console diff --git a/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust.md b/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust.md index 0b7ef9d9a3..347471eeef 100644 --- a/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust.md +++ b/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust.md @@ -1,7 +1,7 @@ --- title: Windows Hello for Business on-premises key trust deployment guide description: Learn how to deploy Windows Hello for Business in an on-premises, key trust scenario. -ms.date: 03/12/2024 +ms.date: 06/24/2024 ms.topic: tutorial --- @@ -57,7 +57,7 @@ Sign in to the CA or management workstations with **Enterprise Admin** equivalen 1. Expand the parent node from the navigation pane 1. Select **Certificate Templates** in the navigation pane 1. Right-click the **Certificate Templates** node. Select **New > Certificate Template** to issue -1. In the **Enable Certificates Templates** window, select the *Domain Controller Authentication (Kerberos)*, and *Internal Web Server* templates you created in the previous steps. Select **OK** to publish the selected certificate templates to the certification authority +1. In the **Enable Certificates Templates** window, select the *Domain Controller Authentication (Kerberos)* and *Internal Web Server* templates you created in the previous steps. Select **OK** to publish the selected certificate templates to the certification authority 1. If you published the *Domain Controller Authentication (Kerberos)* certificate template, then unpublish the certificate templates you included in the superseded templates list - To unpublish a certificate template, right-click the certificate template you want to unpublish and select **Delete**. Select **Yes** to confirm the operation 1. Close the console From 08b4aaf082cde6f9ef50fdd959801110570092d7 Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Mon, 24 Jun 2024 15:58:09 -0400 Subject: [PATCH 32/36] updates --- .../deploy/includes/certificate-template-enrollment-agent.md | 4 ++-- .../hello-for-business/deploy/on-premises-cert-trust-adfs.md | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/windows/security/identity-protection/hello-for-business/deploy/includes/certificate-template-enrollment-agent.md b/windows/security/identity-protection/hello-for-business/deploy/includes/certificate-template-enrollment-agent.md index 0290c9b645..df1df5291f 100644 --- a/windows/security/identity-protection/hello-for-business/deploy/includes/certificate-template-enrollment-agent.md +++ b/windows/security/identity-protection/hello-for-business/deploy/includes/certificate-template-enrollment-agent.md @@ -12,7 +12,7 @@ The CRA enrolls for an *enrollment agent certificate*. Once the CRA verifies the > [!IMPORTANT] > Follow the procedures below based on the AD FS service account used in your environment. -#### Create an enrollment agent certificate for Group Managed Service Accounts (GMSA) +### Create an enrollment agent certificate for Group Managed Service Accounts (GMSA) Sign in to a CA or management workstations with *Domain Administrator* equivalent credentials. @@ -32,7 +32,7 @@ Sign in to a CA or management workstations with *Domain Administrator* equivalen 1. Select **OK** to finalize your changes and create the new template 1. Close the console -#### Create an enrollment agent certificate for a standard service account +### Create an enrollment agent certificate for a standard service account Sign in to a CA or management workstations with *Domain Administrator* equivalent credentials. diff --git a/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-adfs.md b/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-adfs.md index 1d2b4c388f..7446d01e92 100644 --- a/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-adfs.md +++ b/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-adfs.md @@ -57,7 +57,7 @@ Set-AdfsCertificateAuthority -EnrollmentAgent -EnrollmentAgentCertificateTemplat >[!NOTE] > If you gave your Windows Hello for Business Enrollment Agent and Windows Hello for Business Authentication certificate templates different names, then replace *WHFBEnrollmentAgent* and *WHFBAuthentication* in the above command with the name of your certificate templates. It's important that you use the template name rather than the template display name. You can view the template name on the **General** tab of the certificate template by using the **Certificate Template** management console (certtmpl.msc). Or, you can view the template name by using the `Get-CATemplate` PowerShell cmdlet on a CA. -### Enrollment agent certificate enrollment +### Enrollment agent certificate lifecycle management AD FS performs its own certificate lifecycle management. Once the registration authority is configured with the proper certificate template, the AD FS server attempts to enroll the certificate on the first certificate request or when the service first starts. From 0c85b22c56b11da1f3fb5ae9813804eef97ce0cf Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Mon, 24 Jun 2024 16:32:53 -0400 Subject: [PATCH 33/36] video updates --- .../deploy/on-premises-cert-trust-enroll.md | 10 ++++++++-- .../deploy/on-premises-key-trust-enroll.md | 6 ++++-- 2 files changed, 12 insertions(+), 4 deletions(-) diff --git a/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll.md b/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll.md index d46c68519a..13e2c77a6e 100644 --- a/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll.md +++ b/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll.md @@ -1,5 +1,9 @@ --- -ms.date: 06/23/2024 + +The following video shows the Windows Hello for Business enrollment steps after signing in with a password, using a custom MFA adapter for AD FS. + +> [!VIDEO https://learn-video.azurefd.net/vod/player?id=771165c0-e37f-4f9d-9e21-4f383cc6590d alt-text="Video showing the Windows Hello for Business enrollment steps after signing in with a password."] + ms.topic: tutorial title: Configure Windows Hello for Business Policy settings in an on-premises certificate trust description: Configure Windows Hello for Business Policy settings for Windows Hello for Business in an on-premises certificate trust scenario @@ -75,7 +79,9 @@ The AD FS registration authority verifies the key used in the certificate reques The CA validates that the certificate is signed by the registration authority. On successful validation, it issues a certificate based on the request and returns the certificate to the AD FS registration authority. The registration authority returns the certificate to Windows where it then installs the certificate in the current user's certificate store. -> [!VIDEO https://learn-video.azurefd.net/vod/player?id=771165c0-e37f-4f9d-9e21-4f383cc6590d] +The following video shows the Windows Hello for Business enrollment steps after signing in with a password, using a custom MFA adapter for AD FS. + +> [!VIDEO https://learn-video.azurefd.net/vod/player?id=771165c0-e37f-4f9d-9e21-4f383cc6590d alt-text="Video showing the Windows Hello for Business enrollment steps after signing in with a password."] ### Sequence diagram diff --git a/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust-enroll.md b/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust-enroll.md index 5a3224a779..85c263917f 100644 --- a/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust-enroll.md +++ b/windows/security/identity-protection/hello-for-business/deploy/on-premises-key-trust-enroll.md @@ -1,5 +1,5 @@ --- -ms.date: 03/12/2024 +ms.date: 06/23/2024 ms.topic: tutorial title: Configure Windows Hello for Business Policy settings in an on-premises key trust description: Configure Windows Hello for Business Policy settings for Windows Hello for Business in an on-premises key trust scenario @@ -52,7 +52,9 @@ This information is also available using the `dsregcmd.exe /status` command from [!INCLUDE [user-experience](includes/user-experience.md)] -> [!VIDEO https://learn-video.azurefd.net/vod/player?id=771165c0-e37f-4f9d-9e21-4f383cc6590d] +The following video shows the Windows Hello for Business enrollment steps after signing in with a password, using a custom MFA adapter for AD FS. + +> [!VIDEO https://learn-video.azurefd.net/vod/player?id=771165c0-e37f-4f9d-9e21-4f383cc6590d alt-text="Video showing the Windows Hello for Business enrollment steps after signing in with a password."] ### Sequence diagram From 6d0cd13b13e26939f67693380ca1ccdb05ba6539 Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Mon, 24 Jun 2024 17:25:54 -0400 Subject: [PATCH 34/36] update --- .../deploy/on-premises-cert-trust-enroll.md | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll.md b/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll.md index 13e2c77a6e..ce1d4a781d 100644 --- a/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll.md +++ b/windows/security/identity-protection/hello-for-business/deploy/on-premises-cert-trust-enroll.md @@ -1,9 +1,5 @@ --- - -The following video shows the Windows Hello for Business enrollment steps after signing in with a password, using a custom MFA adapter for AD FS. - -> [!VIDEO https://learn-video.azurefd.net/vod/player?id=771165c0-e37f-4f9d-9e21-4f383cc6590d alt-text="Video showing the Windows Hello for Business enrollment steps after signing in with a password."] - +ms.date: 06/23/2024 ms.topic: tutorial title: Configure Windows Hello for Business Policy settings in an on-premises certificate trust description: Configure Windows Hello for Business Policy settings for Windows Hello for Business in an on-premises certificate trust scenario From 2bceedce740e95ff7d46528282fafcb376465234 Mon Sep 17 00:00:00 2001 From: Nidhi Doshi <77081571+doshnid@users.noreply.github.com> Date: Mon, 24 Jun 2024 14:28:42 -0700 Subject: [PATCH 35/36] removed migration info mcc-isp.md removed migration info --- windows/deployment/do/mcc-isp.md | 22 ++++++++-------------- 1 file changed, 8 insertions(+), 14 deletions(-) diff --git a/windows/deployment/do/mcc-isp.md b/windows/deployment/do/mcc-isp.md index 87b1740400..ff0a665d2e 100644 --- a/windows/deployment/do/mcc-isp.md +++ b/windows/deployment/do/mcc-isp.md @@ -20,7 +20,7 @@ appliesto: # Microsoft Connected Cache for Internet Service Providers (early preview) > [!IMPORTANT] -> This document is for Microsoft Connected Cache (early preview). Microsoft Connected Cache for ISPs is now in Public Preview - for our early preview customers, we highly encourage you to migrate your cache nodes to our public preview. See [instructions on how to migrate](#migrating-your-mcc-to-public-preview) below. +> This document is for Microsoft Connected Cache (early preview). Microsoft Connected Cache for ISPs is now in Public Preview - for our early preview customers, we highly encourage you to onboard onto our Public Preview program. For instructions on signing up and onboarding please visit [Operator sign up and service onboarding for Microsoft Connected Cache](mcc-isp-signup.md). ## Overview @@ -441,6 +441,13 @@ If the test fails, for more information, see the [common issues](#common-issues) ## Common Issues +### Microsoft Connected Cache is no longer serving traffic +If you did not migrate your cache node then your cache node may still be on early preview version. +Microsoft Connected Cache for Internet Service Providers is now in Public Preview! To get started, visit [Azure portal](https://www.portal.azure.com) to sign up for Microsoft Connected Cache for Internet Service Providers. Please see [Operator sign up and service onboarding for Microsoft Connected Cache](mcc-isp-signup.md) for more information on the requirements for sign up and onboarding. +
+
+
+ > [!NOTE] > This section only lists common issues. For more information on additional issues you may encounter when configuring IoT Edge, see the [IoT Edge troubleshooting guide](/azure/iot-edge/troubleshoot). @@ -551,19 +558,6 @@ If you have an MCC that's already active and running, follow the steps below to 1. To finish configuring your MCC with BGP routing, continue from Step 10 of [Steps to Install MCC](#steps-to-install-mcc). --> -## Migrating your MCC to Public Preview - -> [!NOTE] -> Please note, if you reboot your server, the version that you are currently on will no longer function, after which you will be required to migrate to the new version. - -We recommend migrating now to the new version to access these benefits and ensure no downtime. - -To migrate, use the following steps: - -1. Navigate to the cache node that you would like to migrate and select **Download Migration Package** using the button at the top of the page. -1. Follow the instructions under the **Connected Cache Migrate Scripts** section within Azure portal. - :::image type="content" source="images/mcc-isp-migrate.png" alt-text="A screenshot of Azure portal showing the migration instructions for migrating a cache node from the early preview to the public preview." lightbox="images/mcc-isp-migrate.png"::: -1. Go to https://portal.azure.com and navigate to your resource to check your migrated cache nodes. ## Uninstalling MCC From e328c914d7a90c4e734bd7f097b80c0add073075 Mon Sep 17 00:00:00 2001 From: Aditi Srivastava <133841950+aditisrivastava07@users.noreply.github.com> Date: Tue, 25 Jun 2024 17:15:06 +0530 Subject: [PATCH 36/36] Pencil edit --- .../hello-for-business/deploy/hybrid-cert-trust-pki.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-pki.md b/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-pki.md index 64fe6ba400..ff9434bc73 100644 --- a/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-pki.md +++ b/windows/security/identity-protection/hello-for-business/deploy/hybrid-cert-trust-pki.md @@ -1,5 +1,5 @@ --- -title: Configure and validate the PKI in an hybrid certificate trust model +title: Configure and validate the PKI in a hybrid certificate trust model description: Configure and validate the Public Key Infrastructure when deploying Windows Hello for Business in a hybrid certificate trust model. ms.date: 06/23/2024 ms.topic: tutorial