From c7f5e1124878a982e6d139d3730d6dc74e40dcbc Mon Sep 17 00:00:00 2001 From: Vinay Pamnani <37223378+vinaypamnani-msft@users.noreply.github.com> Date: Wed, 29 Mar 2023 15:50:10 -0400 Subject: [PATCH] Mo changes --- ...e-active-directory-integration-with-mdm.md | 4 +- ...ver-side-mobile-application-management.png | Bin 65626 -> 20709 bytes ...rver-side-mobile-application-management.md | 27 +++-- ...-in-your-organization-modern-management.md | 75 +++++++------- .../push-notification-windows-mdm.md | 92 ++++++++++-------- 5 files changed, 98 insertions(+), 100 deletions(-) diff --git a/windows/client-management/azure-active-directory-integration-with-mdm.md b/windows/client-management/azure-active-directory-integration-with-mdm.md index 228f7aa0bb..6b68056cbc 100644 --- a/windows/client-management/azure-active-directory-integration-with-mdm.md +++ b/windows/client-management/azure-active-directory-integration-with-mdm.md @@ -36,7 +36,7 @@ There are several ways to connect your devices to Azure AD: In each scenario, Azure AD authenticates the user and the device. It provides a verified unique device identifier that can be used for MDM enrollment. The enrollment flow provides an opportunity for the MDM service to render its own UI, using a web view. MDM vendors should use the UI to render the Terms of Use (TOU), which can be different for company-owned and bring-your-own-device (BYOD) devices. MDM vendors can also use the web view to render more UI elements, such as asking for a one-time PIN. -In the out-of-the-box scenario, the web view is 100% full screen, which gives the MDM vendor the ability to paint an edge-to-edge experience. With great power comes great responsibility! It's important that MDM vendors who integrate with Azure AD respect the Windows design guidelines. This step includes using a responsive web design and respecting the Windows accessibility guidelines. For example, include the forward and back buttons that are properly wired to the navigation logic. More details are provided later in this article. +In Windows 10, the web view during the out-of-the-box scenario is displayed as full-screen by default, providing MDM vendors with the capability to create a seamless edge-to-edge user experience. However, in Windows 11 the web view is rendered within an iframe. It's important that MDM vendors who integrate with Azure AD respect the Windows design guidelines. This step includes using a responsive web design and respecting the Windows accessibility guidelines. For example, include the forward and back buttons that are properly wired to the navigation logic. More details are provided later in this article. For Azure AD enrollment to work for an Active Directory Federated Services (AD FS) backed Azure AD account, you must enable password authentication for the intranet on the ADFS service. For more information, see [Configure Azure MFA as authentication provider with AD FS](/windows-server/identity/ad-fs/operations/configure-ad-fs-and-azure-mfa). @@ -93,7 +93,7 @@ The MDM application uses keys to request access tokens from Azure AD. These keys An on-premises MDM application is different than a cloud MDM. It's a single-tenant application that is present uniquely within the tenant of the customer. Customers must add the application directly within their own tenant. Also, each instance of an on-premises MDM application must be registered separately and have a separate key for authentication with Azure AD. -To add an on-premises MDM application to the tenant, use the Azure AD service, specifically under **Mobility (MDM and MAM)** > **Add application**. Administrators can configure the required URLs for enrollment and Terms of Use. +To add an on-premises MDM application to the tenant, use the Azure AD service, specifically under **Mobility (MDM and MAM)** > **Add application** > **Create your own application**. Administrators can configure the required URLs for enrollment and Terms of Use. Your on-premises MDM product must expose a configuration experience where administrators can provide the client ID, app ID, and the key configured in their directory for that MDM application. You can use this client ID and key to request tokens from Azure AD when reporting device compliance. diff --git a/windows/client-management/images/implement-server-side-mobile-application-management.png b/windows/client-management/images/implement-server-side-mobile-application-management.png index 88555f2d3b45a454ecd31b12919cfed6c7d17167..822b7f7ea05711fd86d91e9543b0be3ba7692e53 100644 GIT binary patch literal 20709 zcmd43cT`i`);^5oh#VC>qN38QV4A&**3)HV);-_6N%~5vn%A;)SO>jv>AXyNkIIbnWTV$P z>vJ+Pm5Ez~Zof#+<@_%@KxJg)Ti1Tp5&hoZlaaX=YWe%Qn;|aqW2}-RktpWuJAg zJh1M1aU$Z5QSTpnGIFtw2_uHvkB!2&UmfF@tKXusg3F4Vz0rss7uc%cmuQ=Ta>v?- z1CHLPAP(RXcvd<$85NZl73pwa=Kss^;UGaGVl@i5tY8d59LoI>ryE29O2WCLP*P<@ zspm_;34|TLV#Q;oPv-0T2;;|PmqXy}Zo@`OonJ6eGy`f(1n}PrgltkHP&lFRK*3ct zpLB(q0?rEb897^9XG~LV{-vZh@HFNNsie3E5gBeOM@f~KvhrI1w>$+Zj z2xRo+EF^&dmUnOq1aY@tBT9l2y$PF=gfxaNC5o-N%_u&`uJ&@yyM@4Qf!dE>0CW(} zd@~u9^(`tN4#Pu_p1U9(1`8JmLc$n<$49-788grgv<`$kUV+W9&5ULJH*bW>+*(H5 z;T4L6`A)f7n5CJY*f=L;5a~cZ$%@J_Wyt6#x2T*=5uS7sYa-y8;VBkym&twbK=}g* zaJ!6*lSTyZw-7-Y`cWPDr!P0h4*|8mr>u7&cV`E<_%mS|zKeiAS^K&6%@K8&pSVvw z7{%5rZ$>R+8tq(AJM45`tRVJoFf)+#&j{K~PsH^pgJ7glqj^+u13AY`bTe4wi!>+) zx~F=NJ;=QGwuaOl_FxPiGUChv1C6biLmf$)p!55=2b{2-XXK`rPksN=cb<1D@H~F} z`j!fcj%2}0GL*KQICcp|cM(*hrp1gT>93se!OvA>Oih#Eld(j z@=?iRt3t2iu~_JbB+1eP^D`slY1~~84Y6<4&Z;o z5#Z+76WOsSa`W;48s>+DZJqcw5z+8`-QF!S{tiL%^ul1jTe<$k?Z}Z>_OPqYc_R|V zn|P#(8sE22qrl*}x}@r!Lyp?HV9blqL%Fj@U>SV97r>*R-!QX)$x#&uHzkzBH3#tEla|(0?HmZ;AviT(mQ3*+WrH| z^Q8V9x!K$_LcV#g8Ec(ex*=0|;h9jh%og{0$WcI*YY~Xh2~szdKNkGr%po3Yb3sqF4#gpxXJgJoovTq6a_eZ8#IKF$#JQB0vKA! z#~aWiqX}x#ZHN|7?&^EK^4ECEFYKp*htmtbmvjyrq!ZbnFcDi}uW)os?E51s)yLAg zA7ytKdv2b#CEHU0gCG}fi@Ex#L5fyeYy@s3m{=HLOg$AF{2SQg3$r!JU%d;qC?99$ zmN?P4nLbjZw4;<;Q4n^^5C4{I zOqEQ%4`VCc*o<1@)43FIuqIQJ6olU6)c0CnLHQY2-fmry$-rZuhWu1BQA=u)& zJN;OJ!r=wZMC4Nl;~f@pSBHraFQ(LN`aMiC1=`gWD_yxk37T|3x>BAvymK7MtKNU$ z6w=zA0O}%s#{rhSji(Tw$&cz?dvsCjrI(jJm(L@b4a$-5kh^6Tg%nNTx7!nNlk}1g z+P#&vhat+{B4r2$3%P0A`rhd;M0CSK_&;?Vv^kM8= zwp)pEDnXu|i6;k3=Y_V~=s(<}-W3Kooz~K%fDS$Ou|R>9MRJ?muWO|qNJO}Q9l&f` zmVMSVX#&|yKcJ;R92TA5Ou{rM>}m~y&IgW(U>)H4A{EW9O3}&TO*Z0pHj*@l({hvH z1Qi2;P<`vINH`&iP;oc+74dP-j5~epl$Cu#JR^wkAV?w)NKV^JZn%>~w|0xnmyWbJ zeddR#adX(7JXX?)*4XscjnEl^P$5Rf39A}mysG&NRP;L}@o;u0mv|(bsX0~UjQ!#* zmNR*=M3^M%C*etwSLz=;4yCL2w{3zRIA8|co3=k!V#+fd zN>@buEh55F;0xFzqytpf;0K6WJ_H+h56;kBs!nG2apo0!zS^%?y#iLj(4nFC!T zj$B5k;7=gz`BiHHIlNHiL*8#)>$DC|T*%ewkc3i%vxD~bET;z0U_qn|&m%+QDr zw#huE?PnpD)k2O+E%yujp^VH2eUr(s{nDWR#8qC#=(hA_Yv~7M5_U;nvfWIVdF*~c zPxh6~5hu+!;uuTfe{Jn4!{_0N}ZzT9VAAk!h8)?6R&V!JA8^Sy&&K*Ow3!q#xxhJEs z{=+(y!>>C@MorC9N44_I{R2w8(EKC|nca__Z(Vf{u~44aKPPG&LN@%-L>~KzqwCL zv1&kwM}<{}ts-O9?-k?)U+ssrt8|Oz%5fhyp%`-X9UVa7Vr0$jjtQ06I=rh(hF39V z)m>oh_2&#!Ms4(T>2`(^Y&*FQptG5NKQU_AuZc5NbKB8F57^9H@3ft|8Px5X69PT0 zXft1b*zBCqyiJMQ8JqVs#poq7-iGt`&p<1MA|8K!$G#iplcNC=qbJXa6giJ#C#!PJ zdG}Q)r%YH9iD;e9cwO3A%Xvi$Y?%7ACmLrr>(et6*^qTp^m|iTFpH|2n{0KNd(L_F zB_hB+E`pcwJg;AJ1AT^;54PzUO}{K?TM7Zi$61R^5)J^B`uXq1u`_0U?q{4kyOHw0 z62$>rUCy2}(4l%nsnx?nP@R|9PP5DeIr3o|2;=3JyRTE-rIY>Mq^G8}Kj1uJkeYak z979*TO^<&^-p+bboHe3b_ZGqorHtUF$&XAysx-!TAWQr^%Pu2Hq`x{|><(+*jmP|c zWBjMu?nyz`?Y4fz)A>dT_e{03>RX~G-mcADzJvQ>qP~bdjqUg3SC@mzElNR%(O7no zKs5nvqFbJ9o##|~Djir8X&sd?9_+)zR5!PuG}gon;EWC#f@g zUv-|E&ZlW|B)%!n#?9u7z$)t}?rDDzkAEH^rwosPuHLX6% zc14E7<))Y5z4-U_cXw1etUjm(L9_!0+e>_%UTA0DYMN^JAV-r^0}$(zp_G=M`M z+7x%8BA4n%4C37zZ(J;kS8|E;J;iIdO?=~`ykN}%_!wOrVv}kzOnob6RK$26M+MmX zQNL=c5OHkeuBGZT{vV-@(^xi3c0iDafl$~t1zCmd=jM?s9sGKzC4x_zl^jg0<+teK z2Sw8@-3PP%lsnoUM#A;=de2rx-kNv6nw+%hnMzq_rDBnXELbH(!>Qv{ht{TI^wBeA zov@gb-sJugo1@rm(p9pu(ZD4O0*2+li>^Lw%W}EfQ$$iKAHzHRd>V46mX!ed1&a4V zhBR)1_5t&CGYqY`1w$v=-9cR9SFd+KyYWZWBO%KaPg1p8*I>J~LoPaaWz>^$beU4; zK%Oe(eIkL(!{#}(hqREu$ysHTOGGGQz6I?gei8@gjss=NM7bU<`H-e;x#`HzXIZKN7m`*_iIJV}g z=%ka07*_0CM~QA-cdl1!dRY!7m4UGWTMS=(Nd?roglRj2J&^ktFJ@?TOc7GyO6_tX z8N&0;wR#o`sW&`yi@uxq9CEmTX{&AJV-icyRUYiF|JH?MbK6$GjDIxQ8slA37w2mV zW;qgiMLl|q;aWn<)U3%)$PdyHh(GOi@JX1Y^5Kr2DNOn0v)~;aZN-srmC;q(V%5@= zmO~o?eIG}Y=L_vkUpgWeqo2%ZcHi?$BKNQQYp<$^v!%DHiM79N{B8K;6k`PN&OR3q z{Oxw{YJrxiF(s_A+3`C)4M>4yv^0gx-coL)TZiL;gV=7g7qTk`G4`_;qcp#r9@A6~ z?t^h5hSdvUupia+8d-ATBd_}36#7%)cdPQxP_l!_S%oH%)1CaYA zP4B&Twephv$11ywt}|(ja*t$GQJ=(PxAl5ss;*zFOGLwLnuYoo_sh)z@+ixLTJESC zgtlLzNBeRI{0$x=Hv6`czKyf!{*h!H>bn{AJy7+L@(fOZ%>o-j0;+X^Xfnyp+?;S# zP4j9_C!you)K(0)bBNyPY|$iJ?mWPoN_luEHn2UkpKoX16<|yJ9T&g8PnTox>z%>= zAZS7Z_qROq)M%T5rXtr6ZA&KBv3{6r^_UHtUPvm5Yob#IQwMbUA|&06;zYiQ$}M&` z!vYpsc{dvcFqOKLU!bmrQm+xvcJy$P0;M=)(m=9NH8#K@=@qiixpen^jq^PXJ`_=MD3s5}v2oDdVWD7@zs5h7-dCOvY(8*F4dzR3PHt?8WK_S}0Tg?aTG zm-`)o*V|q6|9t=Bg3=#PdFz|bnNE0b<)OJA6GhtPYVGDhYw#@D!sd#U+}iPPm@U~< zm(Y*k{|s>4AoJbma~QfwR_#~mJ0?W33Lifm25qzd^GNV`$pyd_%+?^DjLcV=|Ha|) zM}dOcqhJ?gkzjmY>7Uc_{A)UoBd%UW1CZH+GBQT;%j24?C$Z=CWUsv_lv0r@Z!Pe$ zJG$2G{11q_?sW7&k!)!@#ZQ#qDEb)O$O>m>wH~DS*ZLS98)Mq!;s_2>7P}d9eC^Z`}@6*-1G=5;uA;zPi&RTWo;)VU`EM?VTR<0R* z$NC0^32EA6c{U9lU@&(iz0*jFV$H9Vi0%XihthsTd>QVpnj68!JzD&Fy~fzll^=b7 z8lZpC@i3J6d*gI?$MaT-oKoKn+0x6HXYyu%bVxfvXXx6A=z~ zspYYPH!Q9YTcvfqVUs~{6tfHk4M7q3*S7UbthT&jF(<%-L;`t zJ?%46w9RC|@ZEl5N!IDU0H$gO>>5|&v`_HV5N?E7ioUcu+)UdIp>3*AF?H4i4%OKS zGM|-_v0sv4rPS4yCKjzVrQ4zb-nRmWYt z??=`r*S!RM(AtghlNDO29^ zGhc8<)v7QLm0=52V>=pB^N@I-U|+=80&Y{m*kse46-{tzX(4o>(D@=~HF$pa;H|NT z=+GaZr40#{m|`B?sIZ(f?^jY<^rhe7W$;9Kk?-o0-0YsQfP#X z*cY~;x~!C8beoQ8Nyu|4vzd+WpTkh6S4ek#n@4<$62$e3nGgFi&alZ<51f<8fmu7b zKFismJ;x}(j{-?G5L#*7?-FGdc!CH-o`n?OAylZXtQyvm+#-ATi zts7al@_4Yr#*FU^0k!ufEY7^(kh8a>@ zND|;aF`x|0tOTsgJPkPT5E?nA!BHW$RYV!z74Q4Vi#0AUWTZYx{*AG|S~8kNAH`+A zy+QRi7uV-D49==3@w|s0I_CiEECWdSHm$}qbG5`yh$;5lWk^=znrpqszM99Qe_6AV z!voqiLK7I_JHXKD0m9J*^cic$q9~*f*I2L^IxMc#?sON`&V+3*x5micXb;hS$h{BE z8Q}Y%GBAE+^A%&!Lj0#!3rrBGGyU{4(~Tedb} zwr*hc3mubZ50sYhRWN7PvFkc(D~X?jW+WnlV~VkP{Q&U z?zsc5mU_h_9+GhGTW(5dCi7YhR!30#m3yHMtOrNWdRRl$NfXTGZXCgvg1IQR4>P|& z87zlPAM!=@i7EZYWu({@e~90EJ#s|I}Xe71$r3ylEsHl zRO+nmOU1?|AEN{c^5YeKvhtxt_*1u7`_y~Vq5>;_xT-0i6d!y+#ZFwzl=tF3&3TK} zF1v3UG#Y>o^(yuY&SCB_EpI4zVxCrZ$)`F1(fH)L?UqsDGGibpqh%Bcu3#~I&15Yc zuv@8&3y?cTAbsQ~p+OWsopukUe3fH#O2BL&k}Rs3ODY4r@{{O{hHtgJdt;$cCcj>s z@|6xB!w;?*28Z1WQzcIsA@CLWZi5nU$G~j`Wgkh!LL@?%03XgRP}nUpx=xH?&jva* zEaM(jTXVmtC=)D9QS#J8204zuA{6cARn0BsxzOuFbYZ+U&cMRAH{O3R-mj+pFbZzA z<=Va{r`E)7X4Jz=!2S9Y{0_v0Vc%NreN;|B^EmR^h+5Cv)!}lWoH4m<;qYWqO;KHq zbG~(4PzFvmB_QA+u^4|EW^VBB2|`mw(7`RLkM4gCfm*j((z2ANSLHC2EOp;&wH)_L z&Z7ahWH+l?2gj_aLJ7@tS1ZSrdIOsMRoRTnd7TyB!$_nlFU>>*_WXAE1zWUS;;!3b zw$gx4oL$NwV)uoS1xvfzee74FPAFDT)jFR~4e(cP0@ay2(waz8Bb)4`-ALHmd3^lz zLuev87VBuo>1HQTF`5vg9u&6QT`-98KstkIwR*&r0;3&$MHx- ziJe11xkGnjT)7+8+P3-l{IQRtv&;i4oLl_vpPAaWE~g*`BOj@nZXGumXh1BB2xZ16 zyu3jEnl-DdJX?aX9YNx(>--Y;4|u7>J)JovdR5+h-_Y2FTifO21qL3&3?eD3-DP~+ zo$cqY7e>$Tz%~XgxrY|ZPh@tSEG#d)_*c3S$bR(J>TP`F{_*6>3GZ#k1V7j5qvYK? z6HLkLx_&R+6gTWLBcn7J;NA6ssTAx&S-9Th*>D@I>ENT>_0nI5s-EUwj!y0j8rHz@ zG^gz`oteq^gg*g|2If80BWG$J9RK6{UHyxhr?UcXcQYDc_6~YPaoJnimCYnj`;k8w zk{)wQqDk3-bn^J;@`WtQEk*U6bHco>rtZ&c?&nOvlxt;UywBv6Z2KB<%( zIJuMe!Vz6++B$C@*TJGmR((}X%s&Kt1om9N-=uS z0j_Rx7_BBOc`z|DM=5ik^5)I-6J8pndK0IHf$-(S8w1rpdNleZJ=OufwGNY`d)199 zFT7n?X1CG*D=P(5X3SLJdgi9LH+_u=BOuGd#5tIJ z1MldTCbXH9pB7s7Z-SC%Y`!R61O4eZS6^5ED>S>XK8a8F6V$ z_MQKndaxw$s70#T#knP78mQv&Y5h~!ycdD(0+qyAU z^Q)2}EXYF;IM0KarqJxcRL@%P#WQHhqb63K)_}szVK&qTr}SX#dHfgstb}iD$P{vt z_6R(Pc+&(TTAt?_j`IT@Pn4ZZk8N>&v}p9?^S#sK!uqm3X7C8P6ScG*!x)xpA%b|) z?|Az!ploFgi&I10u;F!ivR43};m$d_6)^R3^JH`#$ofiPsV*jMzq zMJ{AZEvD#mC?w0w;Zhh@fsO#G@NYV)^NUwB2N-N4j$8MNNU!}a;S}xRwbbkLoxYS& zcwk28!b=f5G+WV!$LGA(B_(`ol6P%>_M#KE3z}#g(ykIzV=TxR(dLeD|R6O@UG8v`ULF_b`5?KrvAd7u#1B>VBBSl^v zFww^}<=MCV*m9~rqU}{;BCMFoxL3kvaKZtNxt&~Ctw$$*)ucVl$k0=8a!l04U~|Q# z>bA?(&3<=kT7Dba+0kYa$+Ivxnl!p@k`Q`!a6|6GemFXiI_fq>;PmY5JfIm^o72UBv4ZzZ2`@BI(SjE&fDeCGBfKjE-#EWa;>AR_6~_!T{+4} zeB~C`Q)>l!MT6}l%WP7a63k!N??~Tt96lzshN=T4fYT8 z5)DIC-UkUnXfR?`zHNNY=>>Pw_hSpPSM?0m%|U;xVB~J$AH=`+1vx8>)3qi7ipydBoK0vAQ)-!Y`?1|*ZA1iJ?FjJ`}t*e57sVO6) z-=#!sp~-l=7@W}P2)Cs@xU04MAKY`LLx$g6EjjTN_t@S#p0}k{fWn{bGc7FIu7(p6 z_LgblL~3^rS56TH>gg-_nMvtbN~s;iZvN15ZkQRi3gy>y8$MPWR%X_420`tE@xyGN zuN%{_ogZWq(~P7<)rrN35_@{s#+;RL2=Reb>jm$c&sSO|yP zjv5Qyx0WKo;bnqvky#gvsArPn2Bd`g-u|=ws&HKE)#SIEGS#=sW*LdRKMp{R(kO;a z1)F}yt3j{o4R&LxpVM}w1s;6raSK~w!hM%vd3hwb7+?hvd~zBDizZGy*rsjlq=!aA zOB2`+f!b>ZdGF=-FkBOBhH~cb(`dh2iSTV+b;RL2Mo;&o^bxzkwj#CUhf^R7Wtqu_ zU&n0YdggbG{z$Kk|MUn^?D6zZCuzm)HH3y6pP$_^(p5(o`l^J0i*YekqUM)X!myWG zMZ%&W=5XcP&N8Yj0wb)<6Su+(X75pkS9INZJjP%gE@qj@y*o;#9&#XYxR^F(k$Tz; zEiq1kVI_5w06mhb1+t~ZuTwSfjeGhNZ|+N*&>cvJE#YAa{VH6A+zr0pHLs?EaQ;YyiOGhuJzDTeB&YOa45ydzvh_=t-qW1v5=Xy>%5e(w!nOl~8nK@F~66xrbC zxwQk&7q2)qhYMntdvVCJCeXK`O}1+rkX^EApRagmF|-zK^OUm;BcW0}W~A1c@}dw0 zRhkQJ{@JGJz11lKO^-}=5%x1xUx9LhJG+(s8WeMz4Fkoe4eS*+|}Z@ zPrnX7l7$MQ$PlkrJsukG&#Bz!hlin!`V2t>d^xz<}D8N$~6nD&s=Z*&c2ur8dnqm*4b!DvvrH57k~;MY!(+j&kyf|pYwcVnzIh!03&o*B=& z(p>d5foGyQqU{vv6DQz>`SPQEt8-Zvd0NnTiod7;yi%)WEEx?I!XNfja?h)K_4u{> zz$N#X$0Qa(T0nJgG?e>L+)Ock*BoU&b~rCDjW-!_rAN{p8}K3 z%{dzF0s?}pW8C&nopbH@#vlxW0^J+a-Pe;h3qz zvTX0~hW6mfw9?fNXtd^B{ukJPNqKO4m-o5A<4(&O4Nu^`PpuBIw5@V~F1yt1>oR6u z)bmqKI*`zHJU3nULsq^b{j^B;?v~tV*a}G6|7Q+%I9@*Cd@g$5D&>uU=j5fBX->$p7&| zM$4|^3*1?-7{Q%o_0E=(aDI{*3{IERS%=CvqpjiL69$leSS3j{q9JN{&$ZYoU3Hjx zp4h$M_055Hm`Y@(1WI&~^oN z5}tj*v2HSa${V}QJqM=xNL1(NCnHs!RJ-fdO%$sQVRyCu*cZWDAg609&`GPD66F4$ zV{aE6+8_peV#@%!Ms zfi$9AciLv@?!Pf8NgNHe4yV772H+X_wGN6}^3E@WYvjnb;D^hi?|6=9=a<)zjqx++lh z$>&bsJ)rNbLu+;2g>(cBS7>k>;%ZsIAoOH0XjReaE2C)>F0XgDJuhhb z8tDpC9y&jFw~Xe1Qr|pxJlap8cOKhNLY1tSF7y#&>`U)B?Fe2-DaPvfrCJ^!f>)84 z>@BsiDh*$(Dz!;Mmm0p~O)LHC;z^;tPP(9?c*A{zbU#J5ri2ZZ*KNej!a3; zL;sllpmmM}$S{~F-%MZPoYYGVANz>=wF5ep{$Yl>J$IE3Q^wC5_x#pnYnp+Phx|&< z%f&&)05dSE25vsSf?yu&SG^p9=uR;S#Y5I6{0SKWmybX8I=W&vK6QKAo~`cRdni{! zwzOcWfQ_Fr5G5_zIVdAf6X6UlMH+x`D(Xh=-)#iVO95bNr48R8OkSyLfH#*Ue80J& z*M=V%SraWsF9NjQ@YbZ9=~d&8dQ=20H+RGdT(6q~u(ACfZxRZw-T|)pex-$;tn?9A z_(`b*8JXAX{;wY5gkmm%wLm3Mo5g(QSe!0?$Xp_1k3mW1#E(^(7x<+s&NHpOY41QA z&Tf%b?63zXrn(KObG}skm}sRCI1k`Yzg=LHqza(LSYW>SW7vzoHTAu9a?>*M@vic& zZ@J@Px@I29g>f4LoD6yk-}zZd)qV0ZYh^(_tM#2ZrolK6fOi-&gF^{g7-JG1nJ_P| zlL+1}poPPz8T?8i!ExXqEEU&j@VQpzJimTT`7ZOP?mbB=4cxek=Ow8SQzRGx70k0X zm@9|B^nT^NAs=IfW_&SzY$4V1y?@1`bO7fWnp4a7;PD`0o%7^KNT^hj=)wn3r5gHS z>FpIyrcEpZXFB^POH?}82g#q4pqpm|CpXD_KPi>aefaNH$;ZdmM3FZxh%b;zesWTZ zE|l-mhSxQUNcfTFC53=_Kk(1D3*IOWr9SXUKC5%j_abAd9Nj_>)t@sSQXEEae;~2# zZeEz2Da0{@JMBomg9(&ov#zk^Nz2WXfT%TMY@IW5lNsFcDC(lkXR_(TbwQLVuy7W| zc_+jy5K;3k0;c2}g3psoi=+Rkh8NC*A4!C0(YFexi|?II$c;&aOiVB~T3)d$`uRHK zZ#zGDjOeF>ndMwJ{-hS<#-F8B+bz8cAc4CtOjA@@sL+RXB`#OIj9OLz3ip?#1RBYj z@zgP&sUf?U)2tp&z$h0Yc!g;0#AxhdOk{%-+a>CnSZRz}Fi@VD?I#>)oblQtSq$aY zVk8%W1x)wNiPF{NvGudP%;U}~s8lW&RuV?1H`iz<6;kT>Wd7^JO}k+P<% zxgWF6qC7k0Kr;eYRx1M0n5{eD@uT&u`1SVP&R}D|@o}=T-IqCCj}nC=H)5H=tTvSX z`zAF&*UgU6_C_vC3Dj{UU+`K-@EQMDLt^(ym}Wmo`gQOl6Kl1ZP6+L99#YWcu@)VF z>q1dQ4FC4YZ>(5Et1TDl-0_D{F$Cc=H6#3Zp&YJzIGv!U`02=V8#C*~bt@b|ask=G zc*hM6f4UCE8OX~XhMu`Ht4l^pOii5h()9PcuanW~lon&%#C{{ATMpDHlq5~uS>5Jl z8{6gFq1^ooJG{xOt`iR3yX1YU)_wi4#?_Rp?H#Z^z<6Neym*8by8+hiDOovij&Ozt zL*JP9K3?TQ(Etsuvlbt`AV%`wsF_o;>^-@+?w@H9Ugy%p(8qtv;Q`8>D(DYHceZ!l z=z@BqQmc2Pc3`*Qx5!84m)ps{3Wt|>MYju*6Rm%DFG#mr?{&eWz7aKYDJGlaR6A_x5peS^+y{zsr!M%^GlgB(ug87> zd*yRe(47i;OEAjr^Ru^e!>(xibS5p0^aVs1H^s@(Mf_o4!V^bXXtTNQEJyfhv?;YU zIG}VRhiz^^1?ws4`wKLGOvu%ts>*UJ1TrSgz8eq~GnNSNF4-+8bLs9$q&c;WMqSwT z2jYd!`uFlA)8xYLO>CFV^~*cMH%|v92sztpqukGIgdUiRbq~Be$RW>CIJLKp>PoFHX!}dQW@r#EaeA|jE_#IyRB&^OSdC$&gMMK@nuF)Q5O{!5 zI!jU~S309-wb(;N+Yo*lb5+^%5%6DmCqmDc-vYi~X=j=`=`l!0)`a;AbaT;8`{(Cy z;(nveV7ZsqaQRL9M8D&8LFW32E%wd3vCr%=%QK=FSGC!>#HU>iqp{DH_Bh9e8){gN_a(d8D=u!0cFT1c%X-=ZSe z5y|V9O<*VeNA2NkyHxm2yvheitdKHk@vg|TN~&Ga|0?u3`#I@6FK#C~eA&`I4HN7% z<*!4=k|i|F+g59m_T1DBQc*j51Ma!2d^RzR)l431fO`GhqP={YX9o6u0DI~E!_qiv zEo}92*L|;&O3}Msp?cF^zd~nkfmdlsJB`Gp-}j;4SpC@rW_IL~2EvJNLRggheoY#f z&b%s&T?Pqu*e~lwt+$K*M~fN!hWz&ze+Ff0T?#lRiE#6PG)#!wtA*9TbE@8l{!7!o z7H`=(fikfd^<*plh*E;%j!I~|c!Yx;w(X4Eu!Lw2gSZukna1AOce;w7*VRNwWjHc2 zryu`s46hf(k+NesY2aCWu;7>7Ye(u^hskEp_yz^39O(6a#lHU`0h=t6f;{5%3)U0q z{_x8`CGP*4x&4O{9(Y`;Y%fI5=FX%gRoBdXZW0ZGa1`C}Izdkz-dL+@+x(i`KVhIF zf+sCMTvXTc%U%TzeEJR-`SNCmyGH^V)0DEuGL5n3i3={w+y=OAne&_2!ZA*vAFR!5 z-2*}%fEF9$_6=qr(BV#gN!tDyu{mwN%6dIc_`FrxBPdf|^>0-Gp<{5fLSL;W{y@l} zH2SqF*Wr@HLw&Ii?o_zLhkuRaP1ZW)mqj*=Ya;LOTj(^7Z1_7G6DOqJBV(8HZxZx7 zTOQ~S<=p=0C77G-hFx(8J6vaU})lB(`< zs-;(U1~TZL!FgOhi}}o9h#2MXLab$>2gv(+(4^lY8=41^--!3((CNggLKfxZ-zs6L zdwy`_`Qr~K$L*43t7x!pVW-X-#yB)iiqcXUHzRmXi{@ZGQmPNenfgf7P{+R-^j~ZL_>gJ&Z)BK$6X#smL6tN&BkBI3djj)4 z0&a#^yWNTVS%G^X)i03InX%x-evZRpOUr^X$*rT~rmH;pCZ+ITzcm>3?Y2(3RQHl| zD4o3488xgUT~4m^hqHCJP2C-9X(}WXA821RR&}-byybwuCEVcHhgCPEkw&s=UG$M? zOU09s(yk+r43ObWZ<0ot^jY@>iBW%qDQiC3fLj7#wH zO6|gmo1=5%+Adb|$lR{~?<($Y{#7vgEz2-S=SA2f(ZbvM^`+Ze!ZG(E>IZVR0f7TK zpLWene@W6j@ItU%hvJd7@eyyY9nmF%H(a)mpv^gMvcKzdH-A3%TAtmLr zx>%HM5>?hcCs$5gt@m#GBz}8WKy9g3df^j*alQMV@@-f4mQG3cS-UjN{1b=GQi`0C zHll@-myv@>euQbmKQ0Ah=FP5O`MXWmNtL;UUK@b=g|Ys08*@ zw3~bI`#1*7%tbLyJm_|G(_>kTf7*C>-L>;>`bUpAjZ5!jXVRyHDQlA-uH_OqS+&|* z55*OWepog{JyP%YP#;#ZYnAFKQzgbI;o}@4L>QEUha9BM}M^`zQb+u~)Q((FD)r-^!JRnG4zm-pzTx90#QC z5=>Nx+R?$NlXHidwX)W$d%{=)l{l9o^;~(#9wKq5AgJm0C36E`GVo4i{6Z14Pw-Cs zf`6;Lq#>)d_^Y~%gz)+V-|>)5B=vR>K03tuO%)21w=E;XhU&OAM} zNyhxQ#H8qqn=1{+6&usDqwb*$m#(NTXAShjf80wM5BCix2=EGfO!nNjrErvAhn-Rx zx#cX-QS|sLa|tl;QSW-E%c$H=js-YBSDZ=0l8BYe_S>^eHXcl4Sy}j{}`;nlbO@aSC?jUQI#N-I+j?#O<`u z42&67ur?Rr_PU!Jdk$$#2`Yb^s%j4_?F{5zug9LD9hn2>5}h`DP5);Xl9p`vo*~iM zRLRJ>qE&-Phq)W$M_EZW3Sjt#{1Y3IUI^W}9cV zA6Q7Lj{%pU-nF@biEQj_b6IT;-b*Y@VRo-H)L3(tMgD!EnA?SmZra)n^Uuzl^x%18 zz?2Z3MgsoQ2M@tq95w2lXO^^EWM7x)1D4YL`gBsF`ghZ0!}r$Nv(^>_my8d;Bkpox z&sXsD`ibs>z|loVvv#N0{x3Cggw%U)7I1Tm)tTYMpyve?f0y}2nr%xqD+8>$)+j^j zs#lu&`M&uHvvL=G;|vMVbktKz14+4t!P|%lt@ht&rDy0}A*wv@bZ{a>FJWL5iPttP z^Rh}zf+55mP8mbS?mvviki!+-U~k8s;TRgJ59&E>h;yk8jq%>c3K%BOF*CA(Tx}5) z??P3IoaKdO%}xm>3OH|iwv2pMIRRwSW~ZJbJ}t0V>i!wX#W)NM80ufWnL&vOtQ>Lm z-Bgw7Iv3@#H{bK5qs#bZ(BX`6PtCY%o*~fB7?8DNmPX$AHDEJFSUUcA`IQDgu<8cU zrfEjDZ8B>*s2>WZM)E%ZKjzwA>r*3h%B+Q|;$EA16XNNJ*)SFL^_ zG5rU|Ep!Y_z~82(W(`&!Ar827lBdCO5H+Sb)F~j5(_BpL%$%qAmz!U@fGX-g#a&lj zW~g=t`;?$j6xWPC)zTDL9{-Q0`t4F7>zr``oo^u;X=m061Oi#7Gk*yMWrKxN+5~Nd zD|;(aDonQicsKPR z#i}Mcxv&#``ybN5U}+!B&(Ji5<9F|N4f0{l7$T0(N=;;%n+HdsIUy-DB73%Sj>uWT zd1L$&nieR5($(7%LF*bFN;;F1aUwQoG$b3XBnZo-=YA2)EYMaV_fhgwCAbWhv;`b0 zR@pG%=b>(kA{S0^mPQbgRjwskSK1q6(Y)3hLj;tu+z@we`W-@mJH@XlBe|3X;4t>X zkyrjYDAKn!$Q7se-ay|LWS z5KP&1xKH#RuCDD$y;B8tmfprk*@8S?|-^pNiF;#dVwSWT7zu*M$O&$751p=T05e%lkLgUg(-?uf2P` zeMd{UVcu9r?5_Iz{3kmfvk#`LSI+{0>tk!5Y0{ORy5f(>MKy}7RAg$NxgwL7?QBDE zQL8F}H`dGinfm?<()%0w{MncCpO|T_XC>;XW$wO;KM$48gMT$t|F7}%(Oh-2>4hfY z4Q?|<_n-6V{(Bz3WTXQSLZdRN5>e$}a$wLlXYts74y^2P6<2KaGv1z>2b#ZQ<~IJW>H5&6*rmoLFTxn$ zH=A{av1FAO-8gw^sqz2ms125=4h3K&UK^AQDE92m}a3 z6bcwhBoN4gtX77gR!CS3GNphZh&Beo5*7=wkP0ILH3?x8#IOkwVt`0*a2coLhjymZ z_vL+f^X~TEJ@=mf{hfn&^@41aOr+XbzM#!bN@@`|Ce0{2DKufamZq}}ExMkFZxQKx ziZdd6Kkg4|GC)mde*QFifCT5uyHS*r4))i?MGY;rS-+@6m&g|Gc2%M}o)pEIGi;uy z?YlhbQ7Lc==z$oU_oM|&1lWW~ZN5~Sxa<|+MsIZaupGZH9&kq*nMPw1WN9p4LD2Q4t4XZi`=<*@O*Sppgn(zgDdNb$fw0*^_K~;37=x!>@_XI=!5-iJmhr@ zJCU)Qy>p+Tae5SxIP12?8`|ctn`Td5z2H#B@I%^HGz|qKLfurQq-i2H~dp^YjB=AFa)8S~Jgl-E9ESCrCQ zQ1JCqHR#&KyZz(a8!s zv>z*!0v~;dF}0O%$Zt=CL#gtzWvj+IG!!SRPS6*sOS1;$%QGi%q?|s&SdtuO&y1{( zdYo&pDz%hELb8@?mx;bzgo8*o|0cb|A{&nW0Bp&55Ve2wSuFQ>IOtF}L37+ffqY6xw^4e#$UBlcevl=J5t)Potr?Dtq@9h zVWu@#BX*l8_-i~eLw)8At4c+5<`^v1N>R5tlWW`7dr+@bas)-w%7!%cP^}*I?-`Rc zbDhn!(BuY^J9XwyHHG{N{^cz+TV^^I63rjM1cc%6VoZ4;s6mfzN8+K=%UzB2TLoSi zf-pSjw0gVVo`;));fcNvq@8Ti6v=wQ{IK=nND`;%+^_zS*~P<<(D;l_&$ES75zsy(%ln!%=w%|`?9EvQsi{}P`o<`IqG zHb!y_%)OQrrxlAJ(0S1%PJwogt7_mD+g2Le>`x+!jYLL5aft3YtRGFW0sI-YQ^OTd zctl?-F4Mj})dsR92BUeY3miis+HM+kFEC)dG*@zg2Ty01VBca(UzT>T<46tMx#ZT` z=ivd~OwY=S`aw8DMq(6h8PCO`fFLw_uPN}YThYOkd$*%3yLbDnLiZL#F3~ufyBBXO zjs(_JS0xRht@n8?!5=MXO>Muhk75-*2 zSs$~hT?UfxfuajBOveC?kljN%$Ovq8r_k-YHCiF1A(w2@Lek77&MkoO>G!n40Y~FM z{!S}=AH>>tAMvK#AQI6KTGTjVO}~NK-r?G>rxOdgf)Q_$5o}lEBG6#|poAt2yyIJDJ%!fR$8^i2){fC%`0R>}cp< zZs%lfYXgP`L-ZZ6!+zKWZSCA0%uUUlz{-)vH~}l-e^v)${f}F}Ihk74)@>S=8lF|`oOIYV2xdM(SRBH!>p?BU}J7$3f6^p5DeJ9 z{NLxD9Sn`ZZr}Y+|96|9t+lnWjT6}2SW+iogZj8l$=u1x7_9hwh71hs8<@Bdzmi+} z-*)qOlEK8xNBsMcCe6x3^+e^wda%zw!Niy&iPNkVBn^Dc;#22H-=}b1iKNJEkv)R;EUzgYXXS1pQ87_~fkemMR5@13L3hH9{-^Fx# zX2{C_?{fh;M0Wp;@bO79c!Xb;{~Lo{-wayo{~bQN8%9uY>*GQHJwOH<7ku%5kFx9e z|NT+d%2->Y0rz2)*yxZ(K^>*wL&-X{vBMn7^-q2K1I*m5pUlo$`v@KSMofSG%!O8X zD|qUkV~n}hd?C2^TruanMavhxK*!=UzD3c5pd{1{NgeN?9&3nCIP-Kno_?NNg!X#G zc%Za{Eq!qI2k&^HEyZ^J`LkMAzoessT^SM)Mac41fCbv3S>vJ969FZa*w)!$amz`t zWW5Hwu;ZIe4kuI7VoGL$lUTy#B$|$C9kDn8WlJG8dUVN=KR8tMV8G%x^xnTrOwTP0 z^(ruvX%dfX^T(+w1sNoavmlwMY)+pUdh98=FhOq7!c}|BtfVh|RNV15xZHk&J4GuJ z)oucW`C{sMe~Pw7Um@p+-} ziwak{s#E^SXNpJ9AU7TUQWV~TPw-Y)=2FV*xjAXz!^7>b=%zl|HDqa+A5^7TJo!uR z0qI|I^b6ePL~gdXsceFmBay1nz5o^rX0Q(1&F!Tkaz?`@=hpbAkaB6|dEoBi;6FJ* znn{f+TMjjHAzXF){^i^`%!ieoyes$T;Hi~FM*i$^eRC^AMNEpACK!^$Yfg4Z)jR!z z-N1ops&i`Da9t3s8!m+B3Xk&h8+;mm2{xbgDij&2VpX(5!pz!McuxtjUDv-=oeGGw zdNCF=J7T%W3XRsHde$FFbD}0LGh*1JA~U_aM}0~fx+)ZU3T%}!32Z!d-e);z-mu*< z*Zn8-`thkn3b{&(vC0*9X;yn=MdgX4to^f6wW9H|zGlNkg4tGu+`st$EK&T%)tJ`_%v{neA;mw2+Rm>A6SJANG3B#)8H^Jmd3k4Gw4irT;m*Y#Md!|O(h z#p#MOs^5OjakwliX_eui2HXGqYc%#O>aESbi0!p9YwPBqyF8XLuCj_FP5DG<1+{B{t zI1VhI^2AB07`1$M8LQm#q;@3~LdOKKkwaUs#AdCT*(*aJbc8t*eyAZXtB{4wmdhBQ zU=B7t4vK>a8>uUiGql+iPm12*>4QZdpYBb!<#9(*mnE%>Og)NCWfYcmI>C~IhAayE z+SJ!?LJX9~If>T&dQU$?yPVM?=toS=Y0yxhw>K~m0L{nIf>22 z-5%BDwOfn3zD|GPi5&e({D&YyUV}ZGedmX>7yeZ`GHprx;UxI7x}CBqV591As=`<)lYT5p_jD`{;#i<70soP0jYFSy0djn8Uk$1TqmG+|-v5Yom` z$kOt}&T;klLOlT?>Rz8hv0Y41QqgfMKbb-%6z?cB!nS;4SBzZJV>LIPChr`fL_7nd zo4KsyIjCD}WZmF&`!wHP$BWk|bt)rY74g1*ZsHqoB`P+yA%5RNeLElKGldT|sp%%wc(m;+1=_Oo}_x%1`x^xpxOKg|ZoZ z9ln#~sE+(KvZX(&Vv{(Ba}pg4HiQlh(Z+JV51N4DdG1eXWE7FWUaBSL{$wMeQK&x& zeySBswVU4Rq?SF8!d;f`5eiKT87Yy%keV&w?u5L^cfzEDXfRn#RoH*PLxbdqKmUs0 zppahO;g=Lv>XnjVz&u3wj2Ukn;k`sx9fM+0yrMRsQBZhn3#y*`Eak;<*#8@*`d0p5 zStFAubs9sY#jURMagl-eqAqTB9r0;EcBo99@a>djHk{K>Aye4-El6T0Z<|YQyHe=% z(xk8IM+e*leF+x7M5#Jcp~z5#<-ZYw#G5LVF?6G922v<;58A63b^7)-!b_aJ#Mj9> z=Q))J$V+?LBc*Nlydq{H$>{I=8nBj<1A6+@L$cb*MffvzGUC)E<8a$l2i$+%OO$2k z31LSHgneDGb+Q5i8E3U;9qq6qr+;^ti3LykmXzVQWS zC}hh}M+iY7hIlVGq`tUMt88B~$)ksQ5G>l1-N6kb{YLCJ!y2B${hc=~s*0+r+7RPh zYh0TwBV$*9nwp_le85^H4q}j-GiV`>gu;MEr~47ya^!E-Mm$9SH!<&0#Mp1^7@yfM zAaInsSM?5VbBM?t_=Uyg+J2&iGeME@V|eh~Z&S;6EHctt zB+g(JMnay6ZgOoi(ZKBT+HfyEKSZ94(^Wt;+4t?xf5|J{z79 z|6Wz7*U=P`+|L7dyx19BHI@$sauc`v;m4bzVOOtP!cC9X$lCp)`_;&`Q=$n3CL4Q4 z3S$oI;+gx75(@jFVK5pO2#s@n#PrV0bPb9OVqvAI)TZ`ir8cHzH&EfLifSq9EU&V> zs)9f}6UrQxT3St0UEgE4sk(N0FIO}Jt5-*{YLbRUIcEWV{q?*g70bn)o4S{pd}FDM z^si#P=s{dw${5^Ux$R_697F4y6OUv#M;M&2RFGk@1d6i@MtA79-#;xA^S_f@glw_I z^g~hzu3H%Y#vFmRKz)K2Et#4>QLl2ciZ?U(r$9PDDJ}zDgvb4a`k8J!MKC*BKaU>Y zs==+MdXSxN33ZfoOBz;@hM-DNj-{5l_Zgff{=nm~8_xXq&tF&UgN4>YsOeOfyWk?Y z(CVmTbAhf~k_9UP&;9O%Q3YYxf(8f!l$3_0Q>3xi^!Nwgg5yw}s)3&63HS$QUAky*f;$IWjNn$35Iak)jF5n-etBh$@ z&|~uFgE1L#>Wz;f)1r!{JL*Z1n{1e6?nhnUou z@;e0mqdejPDe_!I_BneORv1oXwM;CxiUoW`3b~@Orn!_V2{tva$1(+WRreTq>~Hrr zI(mh^Kal#TO92*4^(3 zcMrJ-{oVlyvwU~jBteLXOC*2T5+o;?WHb0f%udDrRX;rrmmj3xwmKNX7hN-_C? zif0wBNO#UpmZnimfRSy#?E{8IJDY6S* zz|5pM)MtTN(w7C|(S(H1rKlGl@lMKXB9G=ad_`Czm%j54X0! z=C>Ai+l$t1YMYwG;y~Dje-;RcEktR!REqCI3Pu?1xnN{YVr7<&^mK@Eb=p5sg^7^- zRTMyPtA_s-3^C|Gj&g=hTV7|b-n;Q*dHL(~1oZ+r`sZ**oc4zPm~SGIHHtIzh9UMZ z(=CTu)YUThyVBxo&ZjHQr|=OiOk2nBQa^O)4MDy^(89Bg+P{BsQT z?Ni|nC;zO$kz5P?qUwMSNbMjl@YNdbmH1>!e8*7jf(H|i-b02h{W(-X$1AT~iL$&K zg}IM+sxiqQWUPxIysV=0Elwm4ZTAm9!wE8>j#T?-s->$M*Cwg-c6UZPS=#EDvu1e( z9sM;-Gywwp(S@RPD8;aMoLZYl1ndGSyE8jmE;+iSNL-=XF1Z~2ncN*Ed}mVi0rQ&O z!xXCy!$Q()MU0raU1JRCKAf7Nfc4ZCntdts+T3$3Lw>$n4_>26hVHC>x>6t2VY;cQ zY4B>JZEa(tDgtKSbc{+_f5EM@%4BB2;^}9M%5-zKvZ)M^QjowjrEoJ#kV_H+Wtap` zs8ccWRJ8Pu_u)f42+ywZb|Tx?s^_us0NI`nJ?@J`w=Z+4^&|G$^^f$rCEhLhD} zUce=JQf#)Q*VI71Q)L{s%V#l}u4uLBE%Vx0@vQaiY1XZ3YgAxPa189q7i1Qwhr6^! z-bZm|$F(A(IvIyZD;383}dv(1r{1ZzaSa-#wCd zI_1jE?9vNZ46P$s0k6ECefF$bn?^8y#b6Bnc7>)~#+=AOLyUT z^#&s~`M&e^ZpX+}g;xiyw|j>Xo2DP4pESE&5m%H8%cEyQD$_nCe(kjw@X8LRbOGh$EJb!1+)FD@dy7H7(J0)Ev;nmgsk-x320~K#?E)r-qLd@7gkkd>bRRX zh>XLjLa&_>cW;ctIPnR7LW9Y&SeM>IBx6i@lcETRA_#wyd~6xs$2Irg4MQ`E1I=YV zJ83*K_iY!bI!d3hdx(O|ALYvilj|M#X|jsiS;5knooBX{t^0s?G)vD+uHAWrF#Osk zc5Q8%VZ@Y;W*cR1&dizm!bD+;($Y%snRS1egUg1ad-qJeIX%VT7zV1=pdVj46e+vE z9-i6uF}+HcBn}lFY1HCOv@F#o+bzK%9Eea6{!6|omb&z|1JtYWXt$RDo3cvz;8Bb+ z)6SYhT0LCZ7+nJnyaOw1!}9uS-lBDFP0Np>^?r=ZbsGKWVOI4ddlU1h=0FY?2e-os z+Ao1}2{n1YAuDzohVtK)b)Sg+iU*O$HcAomL^lI(d5gR4MVwedWO0}}S`a$Kfc%jx z_D%JbKTEUG#{Tg9YsY>2MRkosln}M>c9ZKnVl)BI&P;(M*vkQ1=l0X>>Az?1iA
BD#1D&X*}Q?Zb>!pYqafl{sm7y;u%otj zVSdP#1YhifH#6?^u~Xqf|86N|ufAMz9H_e)8G=fBR(77ZT1q`BrxYFvV&%-mSxUJg z>QNnf=O!q`jvm|Y{ao8-vtxW>0Y6Hb`#r}L^d_03X{Q_xTR3&fq~{vnQM_KzoY`{xJAI{%ZITW%dR7--c?D_1pF+p zNWZ5zOqzjt)@9t-ElzW_O3c_?UH(wl3b2Q5)zGWR$R$g>YkIFa`4@aUto@xV1|Q%jfN!2Fkl&T_)DSK)5o=W%2S0Tp7G5 z4&k~ZK0KUOtfRS{UM;JtCk{n}fjt-L;D@yTj+_Fg z*|#$>&PyGR4U&^}wSKfuZTfrJ1m3$Msi|x1jXa@NRO)N$Ro3^dE(Tj!og2;u)XgH2 zp7-PoB%EkI`iYmYdi==60MT9a-_5NrZ9(!o#l_`EyplH%*-gR~g>}J57z9L~S#P}b zr@dS!cN(}hPIf-k^5rd_*_{p`yq#3N*)}vbKDxf2Z(i*Uqxn4a64un#3RW%do;7Zo z0EvO`{f19e=t1`Vn6J9MeZ2Gi{yo$2aN^US`ucv~2c-93I#q+6uZ{0X{r$pWx!L5f zHPmI$8X#R~RHgg&(lT>#ocI!(jc^b>=i0po57@vigRuP6@!YE~qM?d@8CpjZcU+@d zP?HTaZmjV#LwX5CM37)Zrd3UCy|g^~zqkMus$L@s!11i647hQtYa2&5-afUQh?jp> zH5uoo44z`(=lLgeiBTpWujda(tJDWZ&@D^(U?EP!Eb^}lR>^9Cg>dBF6lO%(Zd(<< zFrT3Ne$;(w{j|2VQ?kdp8>Pb5QDh+3Q0_3F%)S6tpW>& zOli&r+I;VWC#pS7If8jDI#rSos#LQSbo>`m`$K~XWfHd?^*PARrNnxSungY&tiRO^ zL$P(^1C=wJizeO${dWzA=Rt>g()vDoOV=YSiS9EXLr>Gb8HZq%#cLzeF+mK1bNI*g zc55-TIgab;Pn#N=y;HO>PSU1vaVcSgK_Ja71Qo@VA8=yI)f>T~kcIy=(P@-vC=x3# zRU>jPqx5-6<%y(GHA0Cdx3}|9{LdJYCnjpWSV;&eZLHMP)Ip<+HXW}h&#&4Ox>}~U zW9kDL3GNI-yjHwx#&vuLf3Hzb*9nr7R?6?;cacX^YaL-Sg#L8=NY`tFNMziN{7lhX zEW{^(9svib_H`oSN@OI|c-CyL5iNk6CYb>PkDCt&XGJF{@mp=CmX_gZjW$;|S)Id3 zZ+l;yTE7zTdJV0&-dC#}-FmFGxuae1@I7=RJ;d`pqHTEHNN;#v@N9UT(&)Hte}?k^ zMCf(->7wlhaj{YxNPXAcUkL3^7icE3_@eJSh;{tCf3~__?4%pIyK_JeQ~QBt;ddikBsjTD4KY7o;TllH=h<7-5xH9Iv>Yvkx?qOTL7_U6GR+!-mJ~6wQEe@Oal&$p`gyxRmyhvC*jz5QgPu-LvmEdzeC5f za`$L(A=BF)Ln= z@$rp+mTgIA2{&5U4rj>o`m%<77z|xO5m%g0YT(THi6y=^yhMtT7!sU<$kQZZEd?61 zp%)H$>JP5^4aA7IC_majkKQFF_%ptldVl2+gEn3BVBjt$`uw71e$ynylU9p&^06Rb zY|rWf3)>-rt-Rvy;b33b;S1qo`pqZ~6&#K`uZTSA>Cj)^iVbeKb=t$Vlt&{WyaEjK zvZOQWsF*{2=si9BDOe(Dvo95Lcl0iJ{=x;C6KElItXfxQNh+TXVZ*k6>OiS;k(g_y zcfECoe7R>kG74JMIo}@4)ZbJ@hq9!eFt$2l_mCVJaVL^S7=Ui|{9d`~)N0q9HTx)x(wH!Qr9%RX^79%F539dMmfbzYriY1{3-W6-Xw# zz1}WT&F0l7O`G*;+O~i0y6=4V20~$@%{sBP;>RAD^nG(wQBi4f*oQ?T;NBXD#QQJz z-<_?pA09bzzMQCb?tFyV0n4iP4<9zK*N7N2-0*p}etW8V|DBQX^=+B&*)#;Y^J%{7 zVH?R8y6fqQbN4D`^X;zjWqtGYE3hR5l!tH9Ef*{8FE)7Ic70!>-7eI1bOtme8&~&N z>MdV(usXLIJ6~zOeECvdQ89gb%kFvix0)$SWUo>$;c!ow|F`j&vqw2K&31cD0p1aP zussUY)i!oA)>I`$j=dgt=KM4E*pr*EgHb8yPQF{QnAnZ}x$%WSnCg=k%8a3MdUvnc z7Pb}ApWSpUl>@a-kEr!mTDEf@qdM0vT0|y->Lu~vVeI?Cd~_C0ma9d|jC_m0D)&Km zMJlWGHDr^8fiWnUm#h}0xe zn1&Ig#{45K;=l9*7zIX-aj@lve3IkX~gEP3#<5kVn+|d7aCvfU>DOv ziij)|AT+(X#WP{8lvhA|nhcFU3+iaM3`xEpft$J{UpDl+eBzQhGQl)W;Nd0}KO*ay z;tKO7k?m4nLR%V3Bro6RF_%mk;jEOe<-K)eOss4=!Zk}JlhFI5=^qdAss6zL zeuqA5CbFozs289gPZGbac_t+#JpkUoNWit>ec|1wp~ZVJQ{XI;M}&ummv27ucymZK zYmj72O+&*#5KX0UJ0rQ`id6YOEdX8hpFdrm7wxJj^~pLOp+H8DJ>+oDG^{Y@CUAUz z^9FoTO-pNUqurC+?eb^szSYp$hg03|_+#btPe;et$)h`R?<*JHU#m0yw%rkfV5)E!8Y*h1)pFc$+X8Bu z$?7%B?+bGOTBwaN#nCuTlieo<}zE94Y=i zb96UG;bEFQ?>M~L^=?2E`Fn1f{rP@wYC@qV$8`6K6bA=uP}1pu$pxL@f?dQP{|d@d zLC$~HZZM24i;kg~PLP!%B$;v|(?f7a+AI%>47bt=m7amz(NR1LP6p$bBx*SJs2%;@ zR`#TpZPdgv2k*<#_clt~wl`eMGAeF2J0we*-WmMH&dy0Q<{e^aImzx zx_iApn$F{y^!~{APL?+v!nWb&59HW}h6ZfJV8srbbsH>8nrMJzn8@I=vbMe&p{n{* zQ_}| zbv?fIz?k+tt6x;p(AWV+WIt?jI!4`mJ$GGRTQf2=^xw7v@F%Tihd^7On>4TI)y>L; zzV>z=0&ce-aiFou$#@V(F|LRka(~z}T4i+Q&1{1%aGi{6C`ZN$b@3SgQ zpx*9p)}`4GQsacXabprK`uw=$kF6kI$293>GMo*&M3osgL_TdVZOT5Z zlwpJ_0$MN@kf<*d<}dxmKp{9jLXB(U9TbWbQ`ocL?|z_j%;+RxDRbmRZGhm9uj8Sg zm=VZv88n}mU}MtV+wXX2W-JirG8M@2gB+ctX>PWQFLY`HL< zdgsOxtyGC3S66DI11k7~G!*w+tyAsxESR@&Jf0!3+4TIufLq?G#@THs3?rKNa zX1zsOIslBaziRWs(ax^x;DFRU(-F83!LZipn??BkFsRk;k$7`BIeU8BYp4?iN^O!$jc`pR8=Sa~4nZ+88%a{?s)MJ*~K_B&mu?xj_n0g8Zxc zCArM~#kBR|!hUb{2PDXiQL1#C{^6BWG>tA`K_!{Rlt~i+NNs{WE#&x>b@7=SZiIXD zBuHPb&@Zzhim)Q4Od*m**v3Mx15Iy7d5lw}~8m0{#$HBR7~3*MzIcf!Vs z5r2?ctv0;MU1rN)E|pp{MkD!gkh9O73NAw~<)=bqOKcB!P-b_7*$pyhGNWN!+1!8I z)s7q6@eUfMe&#j&!!%HUGprT7-3|8chLw7+N7KR=1TuEi75u@ynTxFnB`ibqwN2b@ z?!M{F`r1BfoHN3)e+iNWM#ehD$Y6vTZzFjk3iC3=LkNNh6LK2)q46q(a~b-A%$_pw z%WE6QGcGp*(0>b4Q&ZcW6<8MIF3@QkBzQjg^PZlbnlT)Vr81>+xkdq9^M?E3*A4Ic z|3DTvy0)&Yx8tm9AfjCY{rE>;^pQQ6YfT?(`JS18lzKRkk+*qqb5d4SQ&R&TfTMJC zbJKR&1K0L^-U@VB@j%t-+WD;gvHUmVY|TEeoInyz=Wq&j{?3{dkzQ=)w0uUu2 z@m6)daZYdms3tOWdVSLCt2Zkv>(cV_Ht=#!`wO0?@hHd^vC$i%ptdJ5E#c?nAmPo4Gj3T7u38|hS^2{v`Xa!n?KB6{sb-bRR zkj_=UejH;pP?NSaD>{sM22e@y*#sa>1OBwSy88F;-xv^#rKKe>nv07I&^Z~i|Xsz8dnM^iw%BE3WTiX~2tAIlSZWHVnHJVJv#K$)o?fYWr z^Lna#6KU(^f8lk=1^Ac!-QVTXjkL5hz@veZSWQQ#aPjnOD>89+UEwdIVgrZCw*ySJ zjrWkVNV1f*SoP7JHSW{J%IYQ`BGA#DvDoU|j zuawIEGedrY&iDS)uGZs1_-Q%aq`ch3N`P#+ZbT1ZM{up=nJ%_Y0sOc;rF|c|aza61 zN(S@5Azgc}L>y{^IOPaxiD^b#KTaJ{li1MNH)ADE?Bd;b?^7(Jc8-q688$WX)qMKI zcV!8>t|$9~f28>I;MCTfdv5q)dQ=d`3JZ=$aM$t^0H5AHYNO}i|6G{u??bdg~1v7>)y3TU0eP4SG-?Hv6><1}!Hy8yu(c|VUjQojJ zf2S7Ic^>YfnE(D(`rs9SBHNm%fNp3fKy}Q>jlC;>fO&9?1hvreqlY zQwG}=lRG>(KbMc+etvS(P?@ng6iii-eOG**EX+1&;ca=t zKjJ}QME4TDKymB;MQp*q**vw`MZ^M}zqp38SOpYSQx}_#+3|y3O|6aIHbcrtaMAse!?(5n;9Yehkh++EExkIlf=<)UT?q|RpIA8sz5r(EM&b9 zD&6=9;XXJ@mxq1peRXYDUk3~(RK%D$W_fC%(87_%FszAqFa##vaZX>Z978L1SDBvl zyK7ijOoPI;{X~;pzPiM3lBV3Tqi;~(3kcKhjl_dEg~P$q)TB(XTOiWW#l-d6Z`dI% zN4GY4^G9HFbfv!8(H7^2{*;D4w4Qjs3O;g^|4bnvy^N z{D14qn1hQ3fh0Aw3T!D@S;Z8gd{_(5xt8TkUC3dM6YMNjM9sC1Fh`X)nb`zY9rw?N z`0F-}3bzpqKa$mm57u`;zThc#VTpkFV?L|K&53b7dE z^kIpBog2hU3do))323sGguB7VhsTM8ZEy`*%I~F3Is@%Jd$|bpTY=}1juFq{{-VOG za=2wII3SHh9_RjEZGszRNU6c%*x*oTqJw;m-3U&Bb1>39wZnO;2Y(*~De8t6MRrog z8v47`3}koZNq-^bP()PaQnZ_EJnnMzOYf!2vJQJB9`brb0n#* z;aD|Oqz`VyTx{9*{uxR%i`@hR-w?uRF{v=~dI7m<59Xj56-?!}BNOj6^rjYH9R;l7 zY=te-&gpeKS4%&E|l@PS0j~~zt1Gs-_!>wXMfolgA zES=Ax%NDMF?cve)a{p@K%xoN3YRtseJzJ>?YFE51`Yps=zbk*AcmfK5gQWdC5=<+d zO=dUUQ_5p}(z6IzofS5jI_h)RwHVP$@h( zG1GTTp~$|H)J*(`E2ujbtL5I5bGeffx&3PfWA18p@%nN!$Tl@CwSGQrM>7-a;(8z z%J|Ow;&$2ER5$e0*>|Pkwx+da%HUgK=yQ*~#~Us;UV=te9xik`*#9Z;=Sz#k%{_5* zVdgw_OKf8Q2zR!`m-gT=#4qQSHswOsl31sDtS7sac{uDlByf1x@$wd<0a^`tZF5ri z;UmGqSs3w9m_0=a@P}qN40B_SH0Oq^69#_7oFsjs!igCtk6m>Y_R+N+3JchThnYs} zq;lW2KyL}nkRK=9CC~`eZXF^2xk38$U4@CvH3OQ5qHgGyK*(Hp*LPs=(l%y&7vWlCQ;<6WZ znedJAD$YFd?Zqh4NSOA^q4=vGC=-HdW+w%aK~y)1!N*g$S)U1{_*34?6opYAAn}|c zX$L=XLETlzHD1g^`4ohaQ?oSJg)x~r3Cu))Q>>k$sF7b45|EKi1TO%+*F#8|9Ek|G zQs+TBFi&Iq|6=GjXyb3AFx;jH5iF0xRisqpckUeqY1q5R)(TY@j4uv^bSd7Zkw~K4 zrum96m5VK+Kq3l;G-#1o$`4kYHph0&%cy&2(atInmM1J`;$E9Zr+P`-Ha?Bbi!GcS%-s`?V{v6NQ|GNT*D{Q|&errw~Y8%us;OQk$TUi}qWI zObXR1lfXct_!z77ca3p=L#K?jA5ExA$+>ykq~+jmmRp&|L!$%A0t41%-zRoO1b%pl zYi8_n(tYN2u`O<*Z<^oy!*a-#OFW8W?ZV=Ol1LOPC?YXpXI3trCT8i1<7X_*9PN#{ z`ky5A>Zj4#MP3XjVKRt4S$bTL(mO0zKDQw)Ql(F*45nD2jKAJqv$2bl7xjG$pdRah zAD-O`9|TH_V0ufK;{LBsEe5RcA*DViF`z-5dFnwmzU;2uHmKn9->LI*czM}{CiZ^^ zqKeF^&>U4C>*0I#Lmyela+o5-Qo%NM^B>y&A@pVQQuIEb5OvlJRpj6CB(X10pzF%- zUZD;NEfo`78lDsrLCW>yZ5l>qnIu|DK@`-lNOUk5LAdhgnjr zrQMTZ!%t(r6mZ_hN+IZ#kS>j{fA?dVegn=BF0ZB@HQQLSKxx!Ef)P_RYA_})E=WO) z`zGJIXp~;v1HBI4s4NJXCM)MUh*G+Ya$EVET0I$LrHmO(Vd=%5pX{vR_l|`g=Tfcd z2azg{Zh(x?fIB`*JAGWUql8&gI=pKZt&aC^Il=T@eBIuHjAy4g#p?Nq7N1QeAunSC zEx%dB6;EGG&yq(=aM5?mm8<;llxBCweg4lt{W-oH>LTjpcsHk#7X4Uk?mzq$R+S-M!q2A`?7*i&&eA1R37#)6CJ; zt?kjs@@*HU^c{ZBzovwdu2(hYpq(_e=77+k^lwOlO@zfJJkdmc*>ivog2a&2-Y@56 zwUn38ZgE{oE1oeryDIv|Sv4VQykN@|hpjKlJhA;ihc z;FME`Xu4B}-5JuR)UeF?51C`%n^WOl+4BsXm2?if_6Tdwnyuf8x^e z=^V0Li4G%!xr$LmTZqO?d0uFE!awKShW;HH_~BqUx&j0DrfR-V^TKh*EsHdfu?6Da zSk%wp6@vhVDi>u4xyK2gi3P-KJ#Y{^&Re^^o#U)RmO-8Ty<`49&h%Jd)cVAz)+c=K zc3ifvcCBsjA(c1EO(Xj*&uT1!yYx^|w+8++@H{R5tQ1W_s^y>A2PJCa zI~?dKJoC}|YP9Fly1I?ehN}#iKet6X&AqZaN-+fUpcV}mClpS2oEevrAkJ1ChJR1n zS6`JV9CcNqD;KRuSwF|oVV9l0yleipe{=r`lRk*%Zz_oay~>Jz-keQjr)UPfCO%NR zF+!$m?#0eylT!DB$7rsd@<}7Rx^Tp!!{JH#!LQfi7GIRJX{}BuUG$Mt zt~5GL$>TTk-tX$Fm?KBZc@Lt0bem89e0uu!S5y=?=0HZlWq!aVnsl_;Z0WaSPj8bZ)Ysr; z@j*lASa<*-6nEEd*Vg5Q$f18;)bU9T?C)2oF1t|fpl8L}Y5wn6qgUj|$pwL;S^cw~ z&k+of-(7+8j2&{=D4E1i#;tZ`3W0ePKl8D1-Na?GQ8@>YPKjxW??5k@V}FlTj2wO(}@_~ zJgq*<#6@#aOfeH2rMh}xZg0^=A#gqV&3KAEK%U>aro)tW#2?IX_Kn8&LDgA@^BQaV@ znaXj|jk|J41mh_O1d9E+=N?rWXN-ev0>N?kXThMNpF>n0J>Og-1456R0Ak9b9x=l= z$xN8|Kuhdek*@JR^FP$yNS(EQQjb1+-9{1p^8j`Yb+2c%W2Hsb@=b|_a%V0%a_mV{ zHU8~d#g%KH)z_e2B7l-L0H~%bw}{dj0IdZ`R7pumWo;7}Ybh#|Gf>|D9ZF@#y$W2y z_NPPZQ3h3_yk}7Xl!qg*5}yp0*Vp$4#!u6=wfA2hZ$hd8r9n4;7Vs{Os|A3RwYhn? zLbGvcW212P*bYF37Zw-A;{vYS#>UgwI2;e)%gV|yKH(t-e_$a1DF?80awwI-NQ4fr zPXM=vk|7h!EUm7tzTFcDrz}yXz5}jQQc3I{4iXfioWTrL0cG0bNDU1G^9G&h80FKc z`zXE+j1(D(fQg0G?Dfc~o}>&SP5MrpL^E0wW+z-@R#C8emRqW50#GM4Ev<@kbPnqdixX%6UzG~ z(tFnzLa(ko(P%X_wd{Eddw{j{`IkrdA!Dl4X_o+`aKKk`-Ske*diz)O&w~eGFa3HC zClD_>o@w7-JKtU34s73oJ|IgZz87Rec)HFPhXRF97@;8t!w>7&iY1ETaoK<-&OhuD z$FOw2_IdCR>J@kF&rs+OhTiu5&h~Nr!bh}m)!5s+U15Y+oq0eCrRQPzrj1iY`)fEM ziatBO!_9$orEcfM+8RE9!v4LuxM|&djq>-008q8ZNr2wE*(H2Wx!?570@#5VW1P{^ z(U+&i&VybgzCB=x$HvE%55Gil>vnDeurHTZr%%TCxOB@pEihPw$aexhpD{gpFhB6+ zGZ!kBdK*OE;SR?QPhPKgZ>7Zkf&w({WMEg~%Z5Nd1NxI-L7g_2NS&%L0n`J^EqsaM z6Ps04izBLGiUnOHEXpU_y{q4=@g4i00LH=NRbaA!o|J& zzatc2Zm8+#Zh+9?-S{a|yuY0R0EhC;1BZ=WETqz(|0$^K69$6BDz^ zeisT*O&HkQ$9{0+F0BZVH|GFNbJ2cJ04xU}LrMiU?%8T1Rh;MH#8&`M{}5ZaUv7N@ z`0DMQ{_qb--tB@S3_OMPabWZ6w@7YFYwIW=q|BR!M#%xlqr!vrb!`B12T;q(xvmxu zjxr6_|BkPl3O_n%L!p@q1o7zt@+#Ac3LQvD{q*RModM8FZEk0{z%vd2dB_KekeG-8 z5CiKr$-Ymr?-agIMZOZP>j#~0i|-?8wjIL&><&x{v$Xrm1H=9K`ffq8jsg2-vd{mt z0QA^@nwvTHvkFTAf4f?-tg;6PGT_?`V0XN~Ueq=;3;-nQO0VnfiA2a@;d#SHy0oK9odJpDf9soz!r+eF>TUuJ$vIVxB8!$hc zfVkx`kMHR_unnldU4fPNdD$g&1Y#VmR#VscIjw5t%lpSaE5KV!E%eTa$8*WPqr_C# z0?8-UFW2-}dknZZ-M6hrr93k78NLa>=R~DM9bMs_g@i_#Yc{l=EjEBG3&ico!s{Ud zX_6f`kW$HFf8-1iD-)}iJ2HfUp*E*Wfu*``Oma-teyC}h0gb_jdr?zwxf6)TeYhg; z^IxV9S+4!T7!L2_9vWpL?7l_vKRX|KiO~=llKp#A#J0 zVm^4~5xj_epB?+y^8!Udu@dFj*qGgR&u837sBsg3q7kiH%+shi(4Pf~4=5O;uQ!3j zp?m2s2+0dT(BP%>l=|2TRf|AO1%fkbkbZ|ZT2cmj5N3G4fjer%PYCN$_9X&}P23`h zE`E(E9dhY*`9pv)pR-^ADCsV&EZ+%WXE-{Vzn4iA2*iN^`^Y|HyAGXnR7;%@x-fv0 z0}#DxrPlU`*aG-Alf2InK#YHR;ZCO2Hqh7CKLPtPD?9G2?a@xq32@~fac=PKjkn`s z_nFspGIRe!Bm~esa9FeeSpNv@t`e29556Fc%~qj8rDWdXWuMM>`(QlngVhH%IN(el zvOa*Rdgz$6WB-5Hdh4jFqHb?k5RsBDk?s;{4&B`$0us_8(jnd5-QB5lhop2$cO%^( zAn!Up_xbMq;~PWAP|i7f@3YoibI$dP1(Z_<_e3Fsvu?Y>ZE0zNYMpYlnb_Fax>MLp zf$E46&<#>-f2^&n&bO2F>;Nm8IzkN!P{F)qbz|etzCH=!zbM_&dXK+9K&4T+vj^+< z0-#WX1TkgCem?%CPOCtx0uv49*-?nv-+a%MG@(_~(V>VA2Ur#mJ&*HfFbx- zub^`UXc^B_KN6eGzKEsAW+3N(0vfQv>uXMAWaI~+e}vAfixrT}A4AowOjsT_)Ue#Y;>f0;@il{H?C-5*N4{I->#Ijw}aNXzG+YxKe z?l!lZuUEf5TzEPjIi;zW1)SXX*bal60g_z1*#U9&2IwhWygEn`fPBKh+#Hb%4sKR6z|M*qk$M`oIy&{ibUAY?30_;axyi7D(iP`2tlQk4akyLAXS1L-4Wa zsV9NqL!;}J1+hZpW-_ny@hQ-^WPn1BfU?&_P@NRpnXbcOmR=m1(l_Jb12(1?OAa8NCPY$sZ!8dM6< zCxS!@CmbDgBPYmA23M!`cC35GjQuMpnoto#gY_!B%51srw_S6oXCTpmMkZc{3WVat zUmXx$^YfbEhoEhQiW=O3oU-+9C#^|#8>F4l^z{+0)veXPN2|BLzIlqb>Fy3DFqBtT z+TCA&ktvweK;^~qy!6OY6ntbKb4j8^1eXI^$FsZLEc?F?E>NlO-wUt5V}O^m0iS?! zh1%Nry5F9cbZP;*5ws+$Pk(Qq_XRl$jP>o`n+}kx^3}_r@}g7l7rme5Up53S8(1=i zV3|H$b^OKC^Sq-v>39;b?s(*^si`r{b9}X}l5&@#xllm_5~#A5(6?o>-)J@*>_FZ` z@K&pir$FV;YqJ8WSp0Q}R6fzQ6^MJutxvUGs5)QO)9GP$r9yB?3x*Do^h}+c5&@qM zo>fzqTeN1r>s`WE-Z$RkX6(0TQC`EK6oaK^Q8x%G{5ksC_D~Y2#72&e3E(r(A+5y$ zf@^abU61Dx7BW2LW?>A89EUCxASA3eIN;e`~;@$@Q@MIgMlfX*0a7h&|WPi z;-5n=&FcGhm0pW3tbi&0)FI;aK^Ol0fT%*R@-iluq5 zklwt(W(JHcbhfJ7+cS6j+&~IJ^!0{b0CZ$fwN?N!-nm#88i@cHVzAGN4$28Yhc+N! zcp+$-ALwzQ!Uzyp(6%2WwVZj&4G1cTP(wOZCf(MbP(O-#SZ{AHOAdEpFhn`tBg2ox%+_;xcBrmK+MdqSToc4W8lHl2X~*y(4d`R?D(@e7U&t=$2DMVn#(CNxQSGXs-Lccj?H1H^VpaC{Moq;h1B0+$yF)2D7n>7eUS8gZOR$3}*xr`wlpY>umSo5uto#;< zW4j7pH0Z--=Ab3O5H)Ek-T{M;$Qk#iD;R@A23|H0^M?6(iPx%u2 zU>IkXKV)9LN~L?tEp7;J_Z?D^`9{T@WO*|B9AQ~5DVB)bTRP5)qqr{H>OqmSGuvD> zh}9o5nc{jAjSw7LAS-FP!N2^&p8CpHg&W6urP!o6nzT-=4bJhwADt7<5|qx@akCIw z6n*rR&jxqu5FJ$dmI6{v?si_{JJh4R$D-tst2&9J$Y)1){V&?2pExKFyLro0J?k3VqyJwl!K@gpgD zY6bPL6l%B^wkes$lh>+*;*P9UR%yKkRq3b-N!~*&Nx!8jMZ$S`SGRn>YTTCM2WDWC z+l;%orU$2~uRVTO!;iCCFiIn?>zGr)jUQ&T~ z6B~n>WbUSa%AE^6TSZskur2Q026a%(hS9a3Z1+Hl;XcH?Ly_S(Bkm9jYeiZZ`X+^< zqAU9*rOj`+^yIIMZxBZp8#`E$mw=f*wYiytEyl}4XOxfM7FN#qVnD~ZtsKkg()m?n{3)V`SY^A@1{9sE3P=$ zv}}ITIF%;s?DiC!>RDF~P_bpo&hkoHZv&< zC<-3a`as}kU$ATWVG_K(l#OeUGUkQ{{b5DKD>pna^^qC1Nuk3p*EKWIiY%~8Z8fTO zwd4Yo>);Deab>*XMV-`8kp*|Yq~W8V{V`vGN_J-qbd&d z69lF#ZI-(~%DMK{B$*A2?~S6kWEuc&n?YK z2_pA(<4fnr%_+C*?P$JR76X@YaT)11yT9b%$3ss)bdHi{LF zmFu5qcW)_~T?o+*&TTMnM$X++u9sa?PbT!2$%r||C}(`!>NQ@Do=++{ObvflPLJl# zqFx-?lukPBRqmNO&dlmFek^oe?r(dLc7%!Ksa`a2QHk7iV|U4On6yq+c&^^5sY_3- z_%Vv-2)kEn!iRT&eAGdR3H8|9_Dr3S48$hm=^pyuxXb=}KHhTgnpXB?Wi`cSxwEr; zwv?$8TZ)Lcpj)zid{^<+jRh>CbCt86qU3JuRav`A`s+GY<4N!5zutl6y}wOMHd*u< zTmQ}p`Zhb3d5mM)i*_;mn4RWL!7nk}?`yh7zy?AW6?zvwK54S{{*VSNt*%bUmlj^$ zC^;DLB4fV~eCe;!Hg0!R4H#44a+33x4{b0vIQF+7?zauj4c2>HeHyZX@RhXagG<@4 z=fzWbJ?cF%)Y#jPwMZ95s?x00!p9xgnaP>G64`6DP@Je^zFG+lm<>ZzrV09pr>B^h zM6a$3u{0XXs>vMq+QY@vs|L=QG zPmJ)~U`QmQ?i}}l~YXFKOVE+_WTB5&q|^*lu;Sj z-=hfVG?%_nc(iNfy{8^VUW`PZI&TO~!}gxc?%lgWlrZU^z3@;U%Wzv60Ym(bY|^&T z?Vj_<*L!N-{L(*5L=gq-qf_!LCs_)TCSjN9rNwcz!V$x1Lr?k8R&UPuq9~;S;@K3< z5L#^j@9u{|8z(Z*=(59KpvF`iu0dbf&4o z7oj8{3paMrx725#>`K<7QBr8Y8+N5g6Hx4;i=ABf81-h}L9Ky_h$>;G{DZVsjV`jj zjCD3UBtWd)zw-XMi{GRr zo@11rYf$Jm>v$1eh@l&Itf?F=k0oSFxC>jb=YZ24S-7KPyDXvh`iBO#gfceFnv1T$ zHw;UOt=CE8;aXt45179=5C%aa(QvfH$xIVDzOWuB%S6cYMq;9E?vf9!p6UO0GRi#2{t4Lx)6ELrk$3>RXn~nX558htRmu%FIL`*7a>p0P7FO zy$*_tLSPV4|3E;hX5Zx-#`<~2r`mu-lAy`LcZLgD$|jXso^r@uuqru8V}hlQ)?jjR zhr&inFl}UtKHREx8s#V;Mk?Ir(Y;cMB&6DGeIXqEEpN|89;p%%8L|n%GZc?eBZLFE z0khpVBVj&VRYB|*#uF?Ip%w0{)%B@Yl2H5x?q_$Wxa|ic)zY`Jhl{SA5Fk>C93||2aiR; zR%FbKj~)p2+MPFTwP-1uzR@6}|81yOR&+V7gLhp(2fXcT1>Pl&ksw3mT<5+zCYmUW z9^Ry=j6Gr10FK6ZnXUV6%968RB!XF{nTO6Y)VFkQb~u=(X2q^4{Gb^C*4hxXT^yu50jHi)&`5!;dJKp}bXd97P+{cts=NqZkasMnSt#0cUhSw0C0eX5(D(G01|?Vk=t~mOlk)HnJH2JttG5NDft4%#RMu4F-_%ci<`6*dPaHqWu5SN!Ql0CyM0at8jdyc`28?FE0EZ zWjPh2sQ1Skz*GPW{(3VL*jL=PD;7K^ zTrQ{!R6+of&A)nM?K_$J_fu!zH7D5aIPlz~zEqr!@h0*tu;HBh5BtJrto zF{>z%2{)!ea-9#B6H~20hc0lQ`lH3OV|&^2NebG{Ix3jv=e`x0jTWG(+Y$K z)HBi0Ac+nKB|ZwlRuJHOrdb{m;NmZqxE{6hASR#P!qW6sKY2XD(8`x+_u1?GX=D2M zG0oxHNw}9WLlf)_$pePr1&v@)1D@q4SpUOGeE@)@zz~p#iXaSz5LnjKKELP5KpmN3 z%y3F`yEz7H34oS|M@Q=rRKdr6#XAs_U4VoGMq$rxV7`!qLS%ps1a3M2c?1FU2kd}> zvj~LC_Hp9=t_i$2*cCJBwGS^^cZ`6YxGmwuylEDIEcE^(VBXGfUdaLA0RU5M0p9TY ziU&X#IaB+m&{G`z^?w40;VS^1Kz;cS96Yr@esBeN3n;$=2&rhmpaIIKAMDJtJpa(O zpIpp(Jg9Y9SE%K(;Q4ufi8@qm7c+eMM3YVm# zn*E%~32-s~PbwY)sW_6NW+EuGV4KSG>$ZnlEcBuIW&x_r%El&Ip>D{GPg<}AeA4bW zEvrzo4T$mVx*afEP}d=#HJ~nAK#@W@6#$_DyFw~R9$-i+4|bZiNRRO9fh_?rGEl(i z^v6pOcu#*YsVsh${1tmf# zQA7cWq^YO38zlHZ1`-Mw*<9M(#iO0aE$!I?Z6;NwB>Nn#3U#`qAs2#JaC@i?{XaMv zba4Ru6+e)j;FWi4RJP`cQD#$rPMry0paEx_%S?Id?mkO%>dx0s6@rx?Ek!ne;;?sk zG?A4-g&`@L8Q*ah$#!n1+`ibh3;4xW=D!{durF|6Lqs$xfW=+5;o|Z} z!r>w|At$ms_W~jaOghbC;E)Gs@&zOkU<5!Ur(3gz(hET0!N_EsxCcRrRp`1AQ|@`XC3$*2>-aAMB}qJbKqzSfN_N6*%UnK})&LwK z0+=RtAlT25gRr) zf&4FloN>Qb7cHNpFOH;;-bkiJX#y}V$ifeR2ctw11*V+m`4kM@%=v)S|IdLLz%Rab zF(zmVj0+%gftw5<+|Ymn$>!|j>F)`Y0s>!nsf5*KT`n{lBvU9R>3Lm~1?Ahin2iAZ ze&Y3X4~16&69vr%s6o&L51eK8U<3hjS9vgL#tx-N7#J9yf!fMSh*D{oA&cJx#{`YPdn)?8&18zi@AOk1d37l|VH_l%Dt51)sn~;A8H7r|!Xn`_l zfXKOYZL699(?KNVd`|0+&ThdW(?0fn)pYy_1ACjF`gokpZ z7v2g=JfjC&S^$^sJtwy>C2XXOjHwKx(0L%up0_yfdt?2*p`qWiVQ6CmGs1+;annCr zjUJSYBs5FFDUu?h;AW-AG=vz3iyFge;43pfHf5qO^M8&M)k67Khk&=C|3^@1+gFW zJQ6_3133#wJ09-Fymqpl?y^8rAxf7J)(5k3iJ@jdLCCefCq!RTA@+_ zP+bAI+X$2!V9E_Ejaep6^U@(?a93Ip>NUbtShhToF*2Lv(e(P`N4_#<>Sb!O#_p@( zgYV4}vN3`ghndQ;ptMRN9{w)L-*xcEg=<4I#t1ci23@j5)Zy;jnKl6yuvad?{(9bO z2?7LsS=-INS0GYFTb2v8nJ%D5VSv@n<(va*7=U>}hiZGg#0?zcv`Iq%E1#THAx272 znLN3HQedE!12IG6Tm&dbzyyHt14IVkr2vn=O`(E^hX>LiR0jd2g&$7@Zr7dzFc}~V zAoH)?3xtJ*HN~ly{hEwPRAJ@flFXa<1lVcN5kM_%U;zNk)2ss8k%5{4E)AOF`vGnR z0`*GuvZg!;s4009KQC6BDu)1v?0m9PFtx7)3IP-=2T2L^H!h(ufa(SnMOkLTq7Lk+ zLAM2jEVKzS(7yZeH1tY^=JOzNpdTq}P>;UZy*twfb)%^w(5Bi>-0!L#w{f(Jp%;9q<4tBQHp#1OX{<5g! zi}@xkfviNIaQ*`>&QX=@u^J8jIXJTCqTK)#EvaTX4=!4Mx+Ym=z(UeRCAPSUb$wW4QZWyQ1_#EhaW1J(o3Ou z*b!6x9iI6OKMAIwynOz5dsk2r;m1M%@>mNuz+I@sWCq$=oXt;;&Kf}086F+UVeiq* zFfYMTp~c?xCy7JruHXWnrfF(FkO4170e`#^dkX=>No zRGIcc3lPDNkB_Yz&zY|@Qm#>hL^mLXS``WzrVzr&_eQjyRAI&q#BVp${=m>65s5q0 zb2i!EbM}OGUP$HQ=WrmGmDQ?`c^^bmxj%>Dk=-hr6rx8R4Y^taFpvi0DyMoUzn4PB zw~|=60?b-msTkaJ#aMp`qB8wJ8FjJ`Of)#!3*}-`voGa02;LGpKMYC}_CgF!ef;W< z4#C8m;qX@WG5P(s6zD#!Yi%yeCpY#noE6hr2M-zUD+t(9DJ?R)~g;5zU-}VYq zX8Yz@x#xy?MlQ_1a1N#JNW%FddmWRHQjXGY z!qGX7^(Q#k?ky*au|Jn7;8tgqUs=?<)DEH)@^}!S;!OUim^G`Y%#{(ajUU(6_O~0b z3|AI+OZm2GOrK-iQws){kgM5TbZyCwN7Rs?+QU^qwKI=4I%iaPk%22u~37g7H@hCs@!D(-59^|bT>bioR%f|oJI4- zVDaVg$K7de8|u~e?QPNB-0(xuQ8+DJ^k4IoF&(DV;ksFuCxJ~QX?hx@k+~CR$;thJ zf?&YnSY1|_F)*>rtN1=DWITUqvK8pKrpp=m=e=i2Zx~{QV&Jd-9c85c9ph?%XNEhj zWxg#M^{LU&H9?j2cuwK-x%VFp<9?X3WZ)7)8wt-e6U&i<3XP*yLICv|xD3$lU@)?# zw9bRb%Ji4yen>Qp!m$A$Q%~*XyP!5G&Lg>Pe9Y^v0%bLzZ=Yh=dFvnJUE@3n&ArwC z`7v|uh}t}Jo=R3RWlFCB_j@^N`7A~Z&2%S?S2ja6y-1KDSwH@i@IOtxw&_Vivav>T z(>Npm?S1j{rNI1~wm83k_mrsmTaH-NXUpg0{8-Fq3zE{MGGmCw)^`}?dcmWM{>65}{kG3kzB+@iX+aot znA@~+nY@wY)0QsnyWMoSHd94_j(p894ThMjAersl)~rJKpnRsbtx!PraDD~aXqlRmFj2>~zr{E&2yl`0Kw&hh7@o8}a{p zQzBL%7@PlmfClCN=k`_U%>R8x18#i)W&h`5Zwytt_&@&lm2`gUC^Ql#A2Ds2!k^m1Qh*}`8eZV(GlZaXe+eBPxpN3 znUj6L6wU}w_Yp^HTPSjAw*GtzJH-5P{3OuO*nY7KuqRTS zFE0|vjI5#yPE4$lqs`PjopUe{V%iz}rCwt#N z5|50ZF-r>$7b{HhQblPA`BJC|x0Wo=!gT4c(EECxFHWn^k_|pyjbfc@>aLD>|2VCj6E|Q z!0qstmiR6?v|-q1h)Wp(Wd~Q2{!#)rMJOjG1wt4_MbN_F_)5IJ&X$|z{1rAhH6^p` zvWb!LJs+jGEth<&G^uc$(LKb)s5hS3#AGERz(aCFm6Y{0cYRwww~^}V2MXD7XhpCe!i$(In4!%E7eZ(3#bG?0JN30}32Yww$u*&Hb)zrD+<_LBcjg{v)KTf_ z$(es_R5u3mUMK%CQEtFZn!q~2!+4oV=x)Bu1zkny&lGaJ*$gZwze@Z~VhTp&FrFXS z4Vo9@xtNqdO+oL&pqMf)xu=${-VHR`%6si5ha)K{_gT?)wfYryul5SJg7-|5lwSyX z>He5Wp*$CZs&eWhP7;?J%iBvHEhoDVh5lkBblE-AMHEF7wMK(7;o@I=e*I_QbM1Iu zq?0-qQvcc8m1Fx#eV-}sMmX{jzek9A3$+Kqkts1$H+%Gf7fV}gk50?B%YbK?dop~5 z8O;D&}Fd&QXg09=p#f-27e=qo)d9GCSRYRy^J;ANN+Fc|{6GG;)(O)`XHhgHevYrry6w1mU!RmXhhU^B;fs z4}R0BHu#$_nY0Q+RT1%@b(cS-r&Y}2MfapC6<|@JOWFP4JY*o3#QaK%UF_3^M%jf! zix>i%!(NF^`QrK88FOnPe<5SoX_&6VxzBHd6AHHq^)`~(vob!5W&4VKZe(Gi})V5e-9$_?>U*9w)xM#z`TV4))N z$L>L-eQUF%jLK0#r5sO6^orGS6x)|s8fz_)5~7le6%xv!u$GfR9o{v4YL}g478pZq zBO%H_&Vp3jm+$*lnHgU~%{}CVCtFot9VM<$BG~v_f^UwD4#(`kLziW5Bs>k)_qLo| zBJp4$^mzBU0RQ&DA4*f$zB12Z&=09XAAJfdsV=Ba355v}7LdB|f1}33h8z^&5M5&_ zv9PzQrK4`DIZ&CAzfzI0nd0>A6K5Vr4jbRZ2l$zQjjV2TsLuh)3^K{jUk zP+aN!ukyBzLxp00sL)g4f-)XCXRVh^oe}tHvNgZi+g2(l-JqlT4@k{DL!d)&{5_t) zFPzJjiOrA{RT z&U*}UL`}9%~-5B2uS3_2N5;iyC$Jb0yGi?_G^}A-QqLk+kNdz zQLPGs3fGhsW+TIIq6OL%#c)fl4Wq{jZ@BCQ7<5BUw6zSrO;JVaTh&Xw0~_echv7+)x~hvNW2Hv zyzC$9ol@<$DVvLs&k)@{WR*KNcf=CUgyzhP!t+HYfo)nl=n)R{Rc2afZ%c*%iPssP zP;S|)OJs?jhPFqT#q zcgMJ_a~P;(F6`5-)xR=_-`)P@tcqnEdFjs|^mH;qJnQ-;HNx8>`*shUogTS$rPcXs zS?BN3P+DuXU0~mvU5!i128t1qV{4X1HxlO~!lYUC;`fs|RBu|`mKtxO>yS;&W`y+;;2>id8xAQ^@BFNdVNHL3!|{}ADy91L^Q1_MIU)-yzCC6_ zdIHC&?B5rkTE^;vc+++G6;~_l8i*!NP%&8bOWx;hxz@Ib!YZ<^BF*gwTwZhNmhVyf zX6Sc~_Te6U{0PxHeGJ1h)79$3@ExBxlwjelGMOW>`8K6rsG0NX(4S@bIJ)95V;5R* zt9R1{kO>EHkHXHj>2Nv+E}it3OQyCgdtA=oqWv)i8or`58^eYm5(zO8Z#Dvri7>2s zH&K)BWHR(-;=ym<=l5#}`w=?ijO%;O2VcA1d(?B*&q-5$;d|($xaJG&R5B;Ftk>*l zi3~TKQ6KwWKbW29#SVXZF**65-dZU;rX-gnz-%JgLrtDnRn5^v_-UJE9U^_ zW1Gi<8wPR#!Qi_bWwA;ld*+@A-*#-V6#JlWubVL&IJ$*;%F#r2DCBu@{k1T~35aMw znA#P{NlH-K`fl=afkwMKQi4oCg%;%dOkiYdR_Cq zwR7BlZuyNJNLs+2kVUIiDOsjYE+f(`{G#X=Y4S}>d-q|%P;2!b`4a05c~GB42(mp> zhSb@w-G;Ao$oupGrL!qIsd=m)H-0N5SvhxVmjq%n@#+s-;j_`WUk9@2EiG^T6*}wN zHvX;OW7=@Dw`T7~v;N1A2)tIO716#)mXN(t%-rIX`9}u1VLjUz@qI~6hoF!c%hj`3 zy8y^(u=ZY0s6u)1XK6iT@^{&Mi}?chO7C6{XQYTC3rle-b=lg!VY_WNp_z7faYoyR z8?N0+c}FuGUwRuNQ3|JsEE9Ywi^CvREFDPDpl0BykLXoAw_=8MbXTh*Ua^u}nuFI@ z%qT8RPN|>-)6k<-^c<_!TcZ(@06*zCQ7Oq4xNa3>vYf-s8)ZY8gO1`aswm{=@JYtF zUV1#U`xj!DY{zk7mO&!R_Sz@-Hv)CgO(`-|?%@Z~*F%iojcybOV_=9+G?Au%A2?{} z_Dq@bb+f?anbI$wzj9$JLp0~Vzs3v^qY9JbH=>G;8L!^h@CD^;vYt}ew!vZeXDV*V z=Jt@4Oc&P@sL7x=qY|-mtmbKzC|z}aZoKqq_s%)MxJ#Y0M=Uj7()sb%M(X`%^8Q}B zS=zBttoT8-gIEjs>MV98pZ?=#PS=JD%5ook-We=~`U`h@!lhwY2C~SQW76&QrTS2$ zSSOgFn9|-6E6fk6+EEJ862|Kla(7JJPl<<15}e=33)tKi+F#G;&@p8akV0(c%+S6j z3-N}}A6%aez6y*KdTBhGF4(;!_Zo-$&>`^W5vFL7uN}WrLScChC7dt?Y4L}U1tO3o zhNp*yU+&L(GFoU26I%WQYk<-WWN`a}e8w02uX$W*W#=fxw5V6%VzRI<`3_@b6z?%%> zv?G{OFv1ng9~oHYFvK2FrJIHiwc|{v)RxL-4eQdCGWb7$`ejUk>Z?(kp1q zlPT}pTK(du_xWV+5ho}{mhsm+TWx0}1s4aATt=hxURz++$dG2ersW3VbJ(7~n44+b zdZZDBjoJIMVlkGbMT%qReJ4VAKX_J~e%3vl$;S-ZP`V7X-RKP0B?HASTcU=gyNALE z-afQ*NMu~HlQpyEXCnh2I-OyTknl4N{0qeZDW|Z8Vpwd(dkNa7rQ!a*)(be^QY2*HSK1 zhqR1;%K6RQqP?5`CQnVIqB8mBM-1x7Hhq|}^amt$T-ZRzh|R{~hSKyiqEvh0vRpaB zz#ax{4`Jots9>LUMH-(F<7dRw4az;CxX^ zi-JLe`J4^chrK$N$`f<=?&#EmDsY&@VXh*&cj`C0%AIPpq_21cD7f0C_Eea9-|MwZ zB@kdG5^4$2R(N@bBzkjr@nhrNN6Sa6*f%#3PIoLIuqN?^>b^4!@}(S6quE^wG}Ne~ z{?TgjUBWd>r5m;M?4NOV_=CJ1uq|?KyNj6)kV6Y0Ga`7ZTzHvmy3cVZw>;w<^^0CD ze8m{wbVK}Pfs1FdkxiHy?qX^z99baWUqcYrC7FkDXH&`;;iNucd>P>|-e{h&VcF3q z_^Ye>9ZEmd+9bILr)*yD`B(p$KjM4|UcA_YykzV$ol0~fIl?@Ulq?MTNy=7{H3+M` ze;G%&elP<^gq=`0sfzh)TFHEK-e+AJSOH`sv03V$e=3aj*5WAV0#QChMG0w8itZfg zRaKxEok2nHdtV14_kMZBzXXA{VzHEsk$$_bQY?e^xOuPrS(FLaU6`oG#!fb|Dx|v* z6s5pBlZNVF(`6)n3yrId_1z_PNd2l|Qcxn-@AZxs*R~u%`{g@^037IW z?TO+-)#xl!14ia^?F>X^=i3YO%tnKaB{2qVvKlOF*8!ZnnoB0WNJDhkS#C35i|OLX zy}96@>{}(ZB1klE*D@={EGejk%@gVv5}fW{2$eZ_QHQmP)>m1|8&D$p-+f~iW{8kc zv8C%N{-Q-!J85oSW!XHF5~RdP{_%m2I&4&d7`dQYQ*1@9M(Qu0U?aJnMBY@raaKw+ z>*7gV$eluJYQ02bO2>qDG|84EV&i7(ElI!rh_f(}wyEyZ2UF|UV-tsN6YA_83wT35 zvIlR9z9jYp&=1?{XAyOZZsyw5D7rXUvFws(eB0l)Uz@B8ciBwD^2f0mOPpd@8z;q< z684q&?1Kqgi=ToQRBqz1Fn!l6Ca29Se!Zf9Fdks+c${uDCElEGTY*^-ErM(GNng|q zGlMkxr>~H-;t9_p2}@~2>R2?=o1bvYSix^9RAGY9Q}(vAA@uYWG}*U~d;`7*jVyZ0 zmwg+|FkDU17&g_njsxxGeMdZ*_44p6Bpk#>3#58J&yFIIsoAEIz0;OLN11LdEM2dU zyn0Sf&W`xot@Zwdl*mO#WE$rvU1Z>)u4PwqhaNH4g^s{+%>2gl+2q#Zv~dOO!126Y z>7Py_$_|k&EBW8L11!6A9mu05Nq6&JTSz6oh_N%+^2>$hMH;Hc9BmKzBJ_?C)i-SV zlo(BHf#bn+MO@;|XJRy@s(8vqPqi}RS_QAh;Ic>k(=yR*&JhXe$>1g(r#1`J1V$LG zXWk;gp3u@3^ew1ajwv6r`J->1g9#*M+eiSt{nm1`yI?+D6mOi#55l&smKi<(+t z`^>}m{jT_vX;sC}wb8<_k8FQ3i0As-#9g&*u}TxIhWm1jkZ4zmea;s zb)a^u{Jpm>Wn>wD)ACoj1Hc{`0NV~jY?D?mn~CenPm$bkUKA6pv))_2eK<1I%-ak3 z*bo$!_KeGc+t;#r(y{EHb|CZU2o-EJUnud7iT@Hd>6!FSvLlSk=AF}G zP>L<=68 zFV>lAQDo+uGivsi@JqOh2EN0q`5bW_I^DIKtS*)KUe@lb=Z3TrS@IJ<*cM69(oF1A zzu)#mY}@ZPdOGcND$;8Lipm>I3Ux(Y6>|}yQ}|e>U??NIl+)RG$?cR#KD?Ilgz@_5 zb0)mI(7vTyK6m=V{ZZny@IuVL!%_rC|@Z@HjwLY);KGomQ z#;9YfL{Z=*$vIv|Hlt2uO2gdLl3Pytq~Wf3+(Gc|*di76Be#VR|_!0uX$`hqT1a~R&A3W?q@3S=7I*vi{h-X`o+ke zcEqHw(YeA|z#2XQMduF(1D6~pz{afuV;3r_E)HubIaAFbYNLT+PMWVvlAhFgS+qhK zk{lvgVNTIRFi*|<3JwvvpM*E##y_HNmeEb zkeX0im)jM}v2RF{Y>e~MH67?Wv_{%!pU=+AOxlb63CZs;;N}dQS7%x|7y8_FTa>iI zPM!S7z`3LR%411^kn?G4;OM(!*EHG|B1^vnad$Id3o@o?)=+k~Xod$^vk(X|BeC+3 z2Xe?iohP~uK1fL6@cvP3)-%j_s#8!jw{!Q1bf9K>X7FI4g|1eO@5Jp-gTXmUA%TPQ zl8rBthG_4!(UE`PASuE?W)&_NE5c#&5+{$)t|VD1z*m{uHFPRp+J261x6O{wonm>zSf&`-`yOE$6a z14kk82J${g1i3bZ!L(n(h%0o5uXi;~(Ir-|cxf`JQlgH9LO!Har z^p3O2de0-c+hDE2{hV(%%*6vpi6&AjPHiKTT=>+`_scz|QYlbvsgX_uWiuN-vF6Sp zYz`RyVMS<^HZ9$27Pk0HKiM;)pNp8Te4e7l6CLoNztoknQ!Ix?-fJALG4x(>y)K2* zr6f~Lj0Y>8dPqmvBJyPO76v_B!mPzxC=5RuVVzY5j<*RdNYj)cN4`-dJaPmE`S|;$ z-JC;B`M`Z5kA*Lz&y_}()(f$0*X+$&N<;#iU}aLu{Z9xl(N3Z{<;p9+;?u198OkO( z8=)>%Rs~X-XG*hoP3%V$rEC{Cj=xPT+PvKM8M3yh2@5B@dNp{m9JLutILo~Q5zI(> zXytnQYGBBznrpVh+^xWeR(h&MMlyP@yi_t4osJ_hw+karS7P;&p|GDoZI6?g)sHwt znlMBCUg{%VwA9<^l*Kr-m7jz=Vnqp(q!qZib)Sl-^2dnDaSWs8PJb>AiX^%~CR?+b zYzfE4B#Gv+(B+sS`!`JwgT zFZCOALfMyuLs%?ybGkEFkNO+(qPlo8-N2pK5MQbnFOk=6Bzb+m#ix zl$G6B9cl~vJd>Z)VvG_qA9bP9n@ikv66kj)S-m$Iby+oxc&o`)i#vtw9FmWK2{$3+ zoOjcfs7<~@&RSiK^a?$e7W31tJ?i-TroPyOyRC~=gIc8?c-Kjakl#isnphw8uNkJA z#`H}5Il5n){^|PrHn=uhNy$O?OE$CWjxZ;=Vw|BrXm_;(*(joUXslf9z8F)g(D}#b z!>fD|l2%)r+IQS9KvaH9jt!qdNFmQUdHloF@4ah!i1H3M_VSuV#XvQqqW9aA`KOD1 zi?4;+=f>frI0AI~x?g_ao~lxJ)8t`DRoBWUQsIvk74gLieV=E$ZTGXB(WFYT85M z1%xXURuLi#a!y`jmRv|S*VIK&zjPUA^^uML{NhVSQSHDl>@PzI)H=56vTrQd6eDn=|4RogY!KW6fx@QBb-({} z{dl+Ce$r{%xXAx!gzNM4%f~R3)UVT@zL&=LrEaJg?olBQq5+MIe&Mpn8!3Ov3$@B@ zegrhiRx8D6DQz13DN;p4RgVUyWu{3`J-laFc8YX3qr)-2|;p;kYu%6+W%~Ax%mC8Oe;m{CM z#XklT4r+zyH)aR15LCPp#%JMY8!&J~@p+thIaivd*JC!9Zc>jkh*6iTV?s;SvuEgX z8s=BNWxIp<1)|9B?C&7V^v}sD1gEFaz>Y|-oB)73+btGG>luJxq+oA9vD(H`| ziq;&)0J@P2iMAl43)`K0@IzXD)E2%lgHO~!s-j%bG9yJ;-~Q|y%9|s-%0JtodrBE5 zs?9<8qJ;C9>+0-rJ%bhQY~PU*4APMg@_(P72$zpg zrWNPRmO}j{2{X2JmVRgJPAcoC)a+?q|0s`|)pWe})TM0*A!5g1L1BENt5E%$7}(J&MTQGh6lw+1cWG zU-$R-{L$-m=gwzb*Lj`eJ&xm}JcSB-(PA=(z(gO{l-aUeL~x_$tpYJQcE1xLY_&2u zd8|v>+V731RQ6^w`p(Nq6S-HdU;EDLZ$9hfdXH7aAl2n}o*tpqk9F&UJ4G1%74=3C za}k@hy}zd{-uOvCbGqBqi3uC~md#h^5|I(zQ|WqTk*Z_es7et+Khd^__AN>ug=WeB zw0x|HpA!EqGQTSFItsI!$hi+kvhS8cn$Kw5V()WdU8@gq?1oxoO)~Omd!skYc0crK z9b0kk99)$dB978Fcytz{g7TscWSwolI`GxH;SF~nLlx(mD2>XD*O$CO>f?Xj&f>E+ zp^{1&-OGRC9=+w{xAXR=-Ny;`>ya_OGr&Vz5Hi3;CvW`z&^1xn=aiU`y>$VazGVlvfHOYtt=Hsq+lyX$&V$jR-kQ)nwR+o{~TAp8EB_vq`Y`>fxb)> zKT385vm~9|HBvP;pwt16@tW-Qf3|*m7+9jWt?6d7Zexi_*$M?dz02{Hpo*gm%hq|f%Nc45eQIW}BHR=6EoAEc)q3h}2rxtUk9m0<7TQtz-_yK6jgzu+sY8r&WB)@ADTz zi!%S(U~-hBcL`p4NA%5HCHW8(Qe7DBmnwDNZj+Slmp z(K*N-NXAOdv6uyGCyjs0Wo>9&QjTNjeA+dG|5JhJ?G^OkQ8L+2QCP8ij_5g^6+eY> zWL}w61>93q_2c;HS^WyPUfxO&F6yrvKd*Gr81m zSPXtYqzji+JcWUo7UlPbL3ThFs8_0T(F~$2fvQ+VJh~ehVt=z-B+Zo2sUPo|-#JbV zDe2-k4pnpuW|x|RQk4$ikY2wI;Rp%&r!Pb{LFgW<2NEP)u2k*wt0A&b20a$kfu?^R!!Z)WI(m>%dC1Bz~|i#K0n%un*I zU<#$D1uP#t7MfR6^E>|i=5Ak)eJ&Yo_T!?UZX&ZyN2&3tsCx%Ih7u7S6H4+|(pdTL zh`q_93&=MLW97Z$N5O!D(n*LhG0_&7T>PhOSL);@G4OKma7CM#C-)k6nD6k%Hys}| z@AoMB%Ni_VqMCjccauKiYrBp~ilbxxa$1#^&4G#~L&N?F3%(SA47C+EdLVIGji|L% z2fA#-_#o3gDou_1wcJh7>}9cN!C_|#%EQMiIqx4X?le*xUzB`nZ3=wYBmC3wyS3Zp zqMqPcvYY6SaqSp}5og>;R5O$AllWW-(EyI58I>E(a`&-<&)?uE78i5oO1*8t7R%oI zeK*NF$#?IMm&VlaLs#6Z18+a4XJBB^F?6e{o(kmxNQXw7rS0@-*hnQ$ zT8(pXYmQ{$Ku*%Z!A%6vr>kpdZeCSGB+H_b=Eas{6{6lnn9oo9GfB5dD&Fj`;A79( zc08|zaaI}8xkVN;OkHm_W!AmbJ61`PlLc~gflvqU;Os1cj{z_?^jT??Xv3^Dg*ZM2 za}Gxve!Ii2Ui^9q6*V<|4#043sU$m4(nIfNvvkA{Uk$1=tEQQ)2hbq$=cO&-kqMfD zxvYHyWD5>{L%OE7SIv%huU_V!eB5xiG;R*t;Z|c&=LmPZV#)e@v{MI)jljr<4)A9CbBXEeO)zfr3<^K91iGr^#cUn{;Kx+b9_8b%AlG_IP|!{qJc zq}cZXZ-|Y!x@^yLZpXfsrR7XYp$Q(kEhSSCWhzC?V|XLG*QLd_XwVd;N~{-CIw3OG z(Vb9NBjfQRi5Z78!}RL-w9t~Jb-EOO8UMq^1ql=(Z&jqg_@g$GftONm3|HsS=G{|L z?SB6CwB2^8`R*Wt@7`0L+`~in!kFV?c}9nhbtja^wc!4rFQVC`?43XJvt@+jM^kQ2 z+^m{P9AkEGk~C<;9&@XYHpqPj$qKJbnb0l83G`S@j1}zPiaL z67z@Zz$%<4A%V2{=&`dg|76S`JDWjuvhpJG@Z5f*mo=3I6OSWgYsu$tSTZF1`b2we zQm;X<+W>=y>EUtHxH^}h_&Sb}-+bQ_$r)C4{wpANGP8QS=M{mAhxCm0ZUDJUu=jYj z{?hB5V{U6w?;_pjlFzlO>Ll-SF&*jPNnJDnB;&b(=jmD=LNo%KX zv+3>X;6^*Ad`ub-y3`flrvuycMd#|DUK`_!O@&|%2_8>PVzJtV+7#ixrHg!K z`=C{Zn+jUhY!hissqa7JX4M+F!$ba*ktE5GgF(C2>AR*hYvbV-uTgoYx(E8TbEBho z8}}YLN05tYDV;mSkhYVSJzndD83Zy z_;tSiThYd+xATJ1tR(RX|82+J#A{WrT%&?Gdz&99j|s*1^*-cT%@TXJ!Ex8qc6wrU z!8jb7WM#;7)`_FDMv5sDS{QgC^J?(AOA=?}sQ60r-Z1y@-^BM4^8dy6vEU z7!Yv?chAJc1P!!#{(Q5ZF&rqj!#%KhiSz?05Me($P&xrg6KQ>gE+A+gyzHHsp@K%Y zy5oh=3SB6o|A5FAEi7*25Ch_n4f;(Ppraa^|A=jB;o0dm-ygiMVul0H5VS3?xe7AK zhIDe#i9nZWNp-n=ytyUU;j35tLJ5_)Q}uTHZ-P^rFr6~f7qmjS9L^|%2Tl^Ee7@ol zT{V00l>{+iUOV%j8=Y}e}U z%CDE$^g_JVaCm*m^-$BKJWGdH*y9!6iSr_w5cPC8=c^;PZ;wOw#D$2KVi>ODhGjp& zVY(jU$14*zkGT`p$j2%CSSU*tvqRz~X3BmtWA%n0>jSkN<5Ss4{>Ng&Or2si-+!)J z7B&yN`Ij%oxD_bBI8{*MNg&_XF_8ouJ-R0UbuHcZ#+C0Y$X0h}R z#JWWl0FZH0S*xVv^wmU*G(;s2ZPQQe-P}5smKcCuz<~n|WYG1;!Nb!!K28coCxCY% zYDNU^HZ(*CJ*&{+S_Xp;V5VZI+`K$!l?R=tSGsL=H#F*h^*DOKUblm;Ypw6|&joq| zp?B~%&}V!5_J0y*#NZ80ir|a9f?yQNiC=8Cnd zW&be@DDT|a-7vUJLYhs1d=0#E=mF&t#TPP+Z4e|i8ITPbO!{%O8<2ThDlDAGiZ>}h z^iA>S^(ZD5os^}u+h{iUA<~gG0|a5V4^^@zL+PBr(&yNTJ9^fgwA5|r@ysVf<31v7$?Uq zRcL?UFls*-`lXtiLNoZafajj&_#3=iS18}`-mPt}MY~G<+iJ(`$Ityxh3ZxJqfx4R zg^x(%209JPc={Hc!*#Dl#0bkq)8U6H_c%Hf1QHM=iu5+AOB5RM|N5P^``bBU?Et4& z^D4U~VF;SSO=rV@V`0(+fi#RVvxg&Yyrx$OqSOo3*xmZWwFp-A<4i;gTAPf`NR~{x*mQ#ZXKNEwpe{(~YxS6!t8GNz zE~l2c6IxD)$!&e3F9CakE8v>vovxqWyWETJ5VLV^y2OI0#9YSoHfc)=t(Gr8(;?d-XxW=QScmjeVjc$7HJ7TB56Y~i74L5N&N~8uK@)r=l+A-}uPBS0v5gfQ;?nVB^q{*ZSCz=)lU_OX?ujgSu(k%_EI>8|3=-vA$beOMTFqrB{ zQMN<(dz$B-EHV&)#;UEO12mG7y1E_^56$%G@0 zEaHF%04goO$^rimTLi>|jQEiGBi!MYVEEMmbU^52Ddsa$3?tFkY% z?Awz~hBNbbc4IP$$>wkmnZ09V*UJZ@cpsz`+wqwSr4)+Rzy@-HyPiL z|04aOW!uUzL8*=R{nv@t$60Oc<<1IqYng|>#Xqt!)4jhn?sbuies3jG)-!aaHT4?X znYT!$oE84DZ`g*-|47AxiO@8INr6W$H^n+zVdN?ogQL)#0>j!hstMB{7xPyx9OUML z++GY_fA)?}KNp|u#*+Lpreo2Qu^Yx$g7LGt*wYvp2&sLa{1$x@^vLgrrl3sa+k9MB zb8F>NPZHDTLHWI#o3XRr#7?ffOXXQqg~{#C&rI0Z!d21>oD!N2U7KDQI65yu=abI1 zMS=v4D^bMZqnBi@nOK+`Aw3^n7G<}TiWM+*VG}g9n-+XGSDlqY)hhgGi$m}3on-2! zf5*7YeeV{ldW{I;u#k|E364S+!4Y_ML3!_ZU`X!(I>2 z7%+BWo7qN+z_43dFc9)M0A>pcSP&Wwtp5&_<#lz>G5GkYfhh~;7yykN9=eu7gZpYx z^^7r4Zo#_D1;tzll%Cz^L>{5A0La(TF&gls0r&{H0>QPzCSt*z3SsZeZj)r&K>I$x z{0p9vQp=)5%O?z7&EGcvgF_r{)K|h!55tundiK+YykP5N=ir&BveJ2b+?dt%i&8kq zC|)L?=YB}$%9?!_CYA0Qex~}kp6&v{iHoiYRmOlDk1U!(Ab#rpS`Jl4#f#KlOQQkZ zp--~b@%Okz{oj+b;GpnKgf`li)xR|f^e2)R)g}#NOqQzX{R84zr6&{WO6K7mKbuGkgLMn*Y2y5Z2igaY zUS~HF1jnPuXeDo=*d{o07<&6+Ss!wxmc9Bs5LW8I&|%BSO}|YY^Z#oBVwFV_%p06~ zX2Kr}kB5vuQW)Q0`aJ#Em}^%htzU&5ws+~nq)F{qPALP*UKk;dlJ6YiMPMGjR@gkS z;@%)FZu6d{Cs5qE=0?Thr*5iwN8-un#{IpI43(+d@jsS~A)J&OE=Ktf%g9j9U5>WgzYx6v?iDb~Yg{+UVK=t6W(8*AS)(wP z`gAbI)1X2O{b4XM-Mt%>DfYPE1gI?VR|F}H2E&eoU4LnA?hP!X4Kin(A|lG*OMvq) zLb(B&I|3VrO{#1(hp;g2((}qPvoGze+x3kzEkZUsT>f^?KM{v#8mP`m{Vp8j zwJO504Di#{ZYJU(#3-m@kbf8Z&;?JWkahs0sX2j4CxwHGMPX8$E-I?b?5jkiL=Gw@ z)AWY~4X2x_n{(%%QcgE_x3};81xn1H%3D>Gm~RtXAM%n0$h`l%6GlfQ$k+NBhhajM z!=FHAR{Skhr~Zu$u~WIysYYDVc)ORgQ(9qW%&k_p`s^=I)Yyjg{r1U(m=pJ$m=2 zV*Y_sPXG;pA6sN!(bJ43e+SqHc8ye*uJHHk*W-{jaTpsrMl&eE5Hn58)h{M7&4=a8 zk{b;c$4mf*$H$)3D+8GXW*V@ws}+s_LI<%C^L}{tMLjr$A6X2a*L#wgAb>qMCB&)% zR9}Rqn=3arHz74uQckvf!W4MpFqVLwLSPTa?zhovqc3=n(=m|i;J3;x`azWpm@WXK zSB$zZOj^}LkO?-5vfzn=hXJ5g$WjW2B4k2_sSXYs;6Iu0GrU+7xuA!`6oBR7?cQZd zKWZ_M5q0wP3srue$-~(=*qFid>@M)coXlYpJE6mrm-pT`l{&^OzFhVM6;mB!UrfH* z<2d?3FQx_4iYX*oF(hT@S97!yR~s%mD!^X$(H|~G3_0DK9ZRNJDVd`*r~oli-yFM~ z*SSsNA$4?eTh5nH7TVqvVPdkDy9hq+U$;(e8F)(e`>J1sWH^f2k>b-_wu7n|K2|U> z70S8_KE{1Uvg_dt+@q^F&r3oryvCh{lgRP)_2cDLC>zU0D(g-?AW9vH{@0Jld+337OJn1aogib>0fgNo)kidQ=7yqcuA zr*MYQW8bKol(kGod5N08H1fzqBQkaM;MP~y9@Ka_h zYpM7{pKQY)W}_pSDatp6=u_3NHfhTIme-CXy4c844pysq?GPMV#FXay?Rasxy5B!X z=DHer1(E-axAl>%CSNUn1!H`v$a=%y8^?!dY*?J@W`BVSBrVjcY;YrV$XHLj@}<$jugWx%Zzht7ANUz3i$dr+^!f6y1#lLSu>i)7ZI zo9Rz~AvPQ){ep`GSrfJwA0%NHTL1D>et(@Z&{i27Zz$kyaX)|A`{ZNMgch2v7#l4SO~w7d4~zqmwBepr zVW#`}%1n$Idngxb_O(SzHx+lfyK;eaL7h`pBJsib&QYyP?tcTGkZw?fRee3Y&e@I2 zYdYFn&2e}vexxEQ{J~WL+mY?h*VwYPxH7iZBVw*w2?|rQIfrCwWJW@v+?Ar#P%&Un zhwSe7PnIwKGCMpF8{HRzlVYWAkz2PH@kWX;+vld=R06z$cE)9a9B+en9iq97UN~Z{ zo%ydubBYfQ(96wUXZ{nB6aVeEpJyrkoiu!j`k>&mm!EANV*flD8?fUY-(l2KKA*to zV>}?GlM^6&$n_yTgq$Sn&Y-{VgQ{+ee#KC-32B*VHgRTOEKlPsS+3q0hqqC0r#7S| z3{fDug?^MO#lMC5I z#<0A*l}#9+5})Ip>%kpaA zL@jzVGRE~Lri8Oa=}2c@*Ue5=G~(`)@G6^3tj?=RM`f2B7>7qOGrmW6W|C3!Re#HJ zZ9n5jcmKwgWE=||(>xqLDdaQWBg%CCN%o6y%V+;W&}cYz{e3PkT~FNk>tA!HW?`Zo zLg}%b3B#xBsQI33<0o?!_lp@~4}6@?x-+uNBGFO=6vpWeth^Zuf8~V`-&;292%y#U z6K5HhQ$56s+*K7VvO`rceBskk8#s_74?g2~L3f^FwpA+px3F_;?d&{ONp<~t5OM2e ztBFqlk>yn}(L@gh!R^orOe?eNc=8H20#=1vit5G_Z(_T;qc8KtW87Sltc|;UU74au zfym0Ai{-j_=Evd^mE^?655iH0MbjF-mQB8XHdY!f*lMB`{63nw%xyWgS*n&U|0?=G&iY#KLl0S(FT-cQo0lG-|k1u2M6! zyE&)4f1ybD+RazF`-n7|@-EtXB2CL)ox9O~Xm~^?wfG#HJJAtg4MD7~j^`_%pw1M% z1?FELNk?}Euend&y#C_7Ypx*9koGlcy0_o#MSA~u+y9GhT}#dUjZS<$@T)?`*~%r} zu3+92X0|VWpxqOKkAnaL7Dz*B!;=zEk_s=COkUV_L)4ViD{ zFy>wDJ5rR>VOG$Izm*<{ADOoISNccJ^EX4i--UXm@OmU{GrUxBs7&#m8rQ4FUQ0W( zG5H+*+k;RjkoUSW%F~EmlpgQAPQsU+C#izLY1$*L|CxDV_GCwkM@$@!aPnS#+aOoS z54GBG(HKJ+r>tD&;m0vCrF)%&&zr%q$~rY=Q$F|WVZcz<2qS5y7r35 z#-vPFW-fDVQuZ%O(C<HI=|N3uke6A_ahgb(K}y^Kw>PsK!ah~YlN1p zmhSJDEU*=11@8BUvb_Duz2e_*w!ka5&=oWvV0M?~H7?;92TP%AZiPzX4Bw z+!VjJZ+Puv!i&Z?J!CkOiE;8>y;*@b>YSI9ol~(3lnW$lHX*x5Grpg znOs^hRt)AyXiOLTPGPR1WK!O#XEVdCqdIea;RC(60GBWK=m+^1DjjC3t4W4BwoZAE zqfWlvyeawM2W^|0(%g54mtm&JQZ;g-4Wixksnz{ZtdLA<92Zo* zAHcREot)A#z1sdNM93TBjL+dbb0h00P~~b<)=|d=oeGnEU%w(tAbt}Q&#i?hwy1-W zl7JqvSu{r<-lc)U@B2aGIOfl-O?tnm&izYlSz*7f_QF2HWTO8`qpHFMgL+q@fRkjm ztZw3)x*x~sH?NFlG_)j0D80qNLBB=$)1l}=GUa`%r|z!bGBxnZj?DbGnOaX<1S0f* zjXY1|erPG4s2DQnFKE_#(7NLM@T5{T^Yz`xX3Ws%Ie~0;Wj{vQHPD8dQIanzpK=kC zy(h~}PgFGKkn>C!I^tPG5Lb#4|6K91`# zWB^QK+~T3WD7eXz-9_uaj8eHbSa$Z3eb1SK(fc)fHEZhFl0;7%w)TXS>GFP((4dVl zhZF~8NP%>O0Nq)_Jn!vamKAGwZ{$a{`c4!+BRr5cLc(+97b3)Gi zs=3Bu{GRYp>wJLqH-!Z1F^i_LJ9(^FBj0^jt}||Zzbf>kws@x_Ywo(w%7xFCLp=`8 zq&BOS-RE!b&}cOrzGFKEa`rwI%M?mHdz&m$oNhM6(N#jK$0vu9^7fFro&6_m#D{Q# z`)d5$kREY6K2F{hvWfnQyZaJVM`1(FxRcCl&eYgkmX6&e%)@t&&}lnQR=sdvbV5mt1$u1-Vi6v&8Yn!mGboZuK2 z9~!eQF+!|yJoMhcKZ_-|tI_t!{39n}C< zkOJB~oH+EO`?_JZrsiksZP zB}VBEE4o%j(-;o=ju-W^I|RABM|un33^|4`h5~f*Z%S$s0mfcTPK{d^j{L0{TcI)m z8W~Ml*GME+KG|@$x7DvRY2-hhw?-8Z-?(u@!@gPTotpgIA8{p-lEYP5$(U}u_Q8Yn zqv>0b4YLB>j73V5E7{at|2z|=nj593)V6}2@xA^$xTl-dF0|&BH5F;AC0s=jI#?Ck z?=j>+eSP^Ng`52-wB+?KuV$(C&TuEl#Ibq~=66hKg|=5ao}|Co%Q1JBiZ}NsyniBc z*8aeWz{^ZS+**%K`DaB(+iB(b>zwNS%Z1ljIGgZjD8sXTpg-M+)i=MZtFNwk4+-Z`o$7J?>wPv@}cXqvG1FP?tv7`f(x(L(CKeTJfaw@BK*{}jr5 z97;DW4_`>*WXHDF+dh*1UB)KP0;pH+2^2ApLU zJ;S*BTC2lRplrx+3p9GinM>m$icj3`e0EYVl8q66M%vCPh7#((x1Rsj=v{2t@z$XW ztn3W3eyX4HTh~WxFTOggyCT{4CJu&>%p0sZxJq9sidJ;uMzIJXfsy|GIuC_1rRl=4jaKiinlE@?F27Jm@PBi%E(-OIn_54e zN3lF*jyD_9p&}ZqXAZ$K2DM}e-RVE!f8GtGWBv3RS)F%(a_2xybQRCf@EuyMcYN`+ zyr%HzA24E&JD}18Nr^O76h@on;UO;n_$*-7xp;+@=5D@n!N2ZNZflOg#&=x zS0M2G=cy?vO90pnxh|b}Py!%P;@)0P zUS8M8&f?E+!dd0vv(Y?O8gZQRNaI_2v=Xr_qvrmdo)>NtBsh%20F#>5+1W|-?}CzY z4FhYWC#srTF=+HEfKFim9=yKOzt7PIgDYhJRjnQXm?2X_*UbecG{o*_l{B>JN=8lX z!+h<_uebWe?Tw9BrfsV^GUQki6B3wLb{H-jR2a+Q9>Mo_BSvCE(RA#8ZdTi|L!57x z9g50V+krxgAu5r?glOXaGZxf)CPFwF(*y@mog(0HaFQVoMYuA!xVXo_Y}X0^eLWQW zKmZcd&5#zf5IG}*X!in;;!Poyr{F6As|XSEqC2Q%7M5bS0eFL zsDIkuG(Dz^GJ_A#wiR;B%(mLXDG;lz>5CU3+YtSPH+@4(C_rvG*B6&- zC5q+i!HOos0<|5hfHj9i_U^Ena+Dbvkc1(03IR^w^PaEzT-=3l5dg^3JhlYN*s{P& z4LN$4@xXZK#jL?5O9-L=iJ2K-l9xZlJNqXL$~o6sWJ-jKnWtZj7o|70+U1E%mk&OD7GKX9OAQt;e}NBKmsR- z+WVbqNCSAH^QLY0k%Z;wGdq>Sk^fwa5Br7Gj^m3UC%#@-j9|ZkfQ|(Bi|h8VV2~im zBUT{JOiQ5}ySlJIPRWVnj6h2P6;EJxFe2SsNw(YTd$f)4xDnR1FLTI$0#h*ZMyQ4q zY8CGxC~HU#J=(JBf=MWC_0|i$yq^f}e&YZzzmQMbgA^B0J0~p7fRAsOg%L#_-X>mP z*T-E8=5~-nOG`_`9iF<&GBG{1xU=&fvIUTVO-xE6SH-&r(y*l`%b; z#jA1NC0txIK|CmH;mS3&RZ>}lbL%68aQQR-6CEH(`#`~cuwWop3|{N2<1!YE(f@OW zf8o#*hN>-CrEWzPM$kZ-Et8owQxOsx5I{!K6)+V4ml30rB}7c)aA{^wN2{Ss2GN5c zc3&tbM9N!0`Kv-)3XFZY2_2BbKs>l0yI+9f93z-NIB>2M%6$hP!LM&Fh*hyE#SJXT z@Bqvoxx(W?_s$rky$JLlVCKii{Gi1^`18EHZD3`6uL`ze0e=2DWIj5qZdiuY3I`4% zP(dbMC|S7Qc0Ys;3cs+Z`ANP{zNjRnrd}0+NHx?rRwpDSEj*e%!9{$;S&_oVHa115 zGB?ti`me;S2U185hr(*ZgVKzpJr#HQ3sAjCXkcyf*I+kfu zVKhEw`U>fFetvK~G|-U3S42?!Kw^ir3arg=8_|%=5LoKHU`G0PG`k8@_)_u3dhxNl z?Wq?C(vevlTjL8Xh)}W7(jqaaoTHwBTcvy7`?#4pngJ7%Z)Dxv^7PdAu zi4iEwPtLsL1vw^6P%vH9fM@{nQw)k~aK&IE_`lr#?KN4L9kA3GwMA+mA^KgP{e0!Q zVPLm3pNNQvMCOZ1T>`ef64Mv>H5r_fbFz|;!z`s-aD}Kw>54Drk3TeWSrSA9?sV$t{e=mk_LFUj9$(gjj+E)ryBZwoQykCE%XJY@?_u4jC zE|F&riV5oe4#^`Bc#vPimiPEic|WA`VGV{t0VooL>XsXCz~hhvYCcL1}!=G_>d(SQg={F1Cv=oa&p$l3&j2c#Rf1Tg+)e|L(LZ0 z;$aelLM{;Xf-e_djoF|t^2^u;=i|q{$H#62YilW|sh9#GbcpC?ex4R)IjD9ZmIRql zFzoF#wX{G8(RkzqnLy4q4lqm)4-+H9qTwzRlO=C5lGFo9J$4ZfsA<){a~%$>BP*s285} zJC#q`$PPFqr?KCiqp?V;)Usc#K%-wadDh>bV{_%x=Oko%wZqc}yDN0xMk!mtCP;w< zbD&_!nE!RMpYqrvO~3z>Gz=4%FeAPH(j)os>DpKBNb!!45F2W=HI#%vtmNCbE+|?5 zpHl`}S2S5#VYz8bXyPk^Wv1R<6#r@A2&`_UrKNNQ#q{i8kJ@yFN|8VlZ+r}x!eD!Z zf^w1-}<`xzuF^2xsnmP5J;jw_jNUG5!N_Q5EGf|v_UFl)3ug^x?1->w_9l5(p{ZVb_dFg54B?lbfG9 zu7>m=N1LXx+f6B%T8I9NxM_Ru&?6Zlu85Nc=5%3EP1{DoqqAgMn6F5VAu4M7{Jx?z z)ANY}E~)*jxI)32J)H*)NmF2RfkgPxKf2?O&vEL{$12C-(j9Rxz!s)o926VPffGcv zk~KnL_*A1w5aMGY^OlcNCzlT$%xd6l)}Txm8E*; ztE;y?%zAFuN5{6x$}1%&Bdta$6cnoRm8*XAMqXjT&_z)hbp7|B+)|=|Gb*+hH3sVH z5@RLWkkH2`a(Foms*^z;iD*}@4LV4`mWim{fgoV6?BWq|?sw1Wd@N1P(XN7flsYUi zp`RWA<4}cC1IISRnkfk|A)_8jNn4* zLeP87K7jtqm$Y|l-oYsH^PJl_!=|s}%L}n>H`kIcQaWw_~f3j+K2O{hY+Eyz<%i-?ipkR|&};j`{&3Mb7o?2ThwZrz@>tmwnG>&d<0N z?}`47%-iC+6WJbz_SY2UH;;_lwUF_%oSV^>sr+iY|zPpevL#ANH-!p>%Y zp&MIe*2f3Ofl`ap(YwjtKqMsdlg(x7<&2#HiHA#fme2Ot;&h8kchYRGFqOAR{Y{^g z8M@z*S$LVsA5B=dGhhj1p)NaD9K5`fTTtF%UBt3i_f0_Muvk#psEg1bop|Yf@4-I5qFUzA zP^7ADrb;iCUhLw$#mh5wX(Q5T3!Q_K54kLoWVspEqt-<(2UDkuz1S7`-}TM*GMcqL!p9L?k`<8mMnP~^kepy#m`S_0~%k>{_g=+@sC}G@KNrmT+-LZ(%&nF*O za!^_CI8Ys-nSyreoAXno{w!y!{Y4*zZi{SPY}4%=MNGPAScgCGaWd(VP#>$KaF357 zxn^Xen&eZnlfffO`fc`m9o4C5=s!%MXJf6{$uFuP|TqQuE% zxy({_{J#9$^!6=`+c86Cp}5O^KD;9CK%S9mImKF03zO=)xdg9;{91$WF8SUn#ZJ1v z-ZaQ~n5SE=@0uK39E;?}Os43q-1l(tT^`%lAU?1E$2FUGdb4}G!B#Zomh(Yk?!h>} zi1=Z)$(K-JAEV+(GcV(gm#tu>>Aa$$J2&vjob$>ypO&0rC?8L0ZEx+!&8{1PG;@1# z_t4-3tA&Rxs`x`CWfmyNJpNU!AT~1oqH{g4^B6HYp5o?>oM~xfl56n$*So=ZVh&q%}HAf+*HT z(zmoaWO&ao`F;E!v=3ryunX4x?kUH~;ZY$KYSC@c*-0x#poyV!vEjY0G(NqJ1ReHvhXi`If5g zhFrk0wQJfc@v^@YvE<0-%dTWqEK>G4=6>K9VK%+b{57*}A}8@-HCm+FQ#*o0y~?%c ziOa=F!$Z4&e|@k&{RtiYMrc((U2=#&FUd8kiT>sF#{=}f$xhxJjS@n8VP#AAnc@4T z7fD6dN8BRuk@Xin4M)al{AyMbb#*(pYhrG;$NVg&3O%SOcs5zzBiN6vY{RDfC|P-L zD!+4KqTDF$=R1@ijSx0l%?&FCC=s1g(3ulv?^h*#+*iLUTH~Hp;O4(5s<{8q*^dV0 zXCHQQ^N=8*zuP2)Z_pKf(zG9;Jr__OC}^8sSgU-iJi=KNA4Amb0{_b0x?_c2UY7(l zO`>@?DADv>T@bsak3(g`+LzUm46jAgLqs0qX($pzaE?Bo8I;=NP4tbq?VDf3Pe11$mbOd|g zO!w0P7PbMYMm(O=+JXvm7?0ZWSMI!QzefdSZ7EpP*7w1gczNV=X;)T8RRq^aE3h*D zas$G@W-bRhuaXE(aHeG4C0Byx`uz^t+C>>dWOzmuE~X%2R9CkY01omLNR%KZH; zrsE!VClcAKDWl?926HMyW0P)~xV-vpwQK9r__0fD-o;n*Rddtgvt}h$brA}2-m{Ae z@5i$1et)wa3ZAhm6RO<3Gxotu6X$jJvXu!3>_@!PER-Ix!>vvucC>LnOkufV5thNs z=BpXt>y)Np+(8hYtGn_t}rvM=N!zS4jvs?*3~OdeIcP zT8Ph}|D#bNY&7x_%8zAm{eGe-J~U-lzI08gf0=&nEtIDyA+WjdaC_nAi-t>Vdo~!r zcvV!UY@W;Tu3Ei9*M2B!5BSz5CTB8VU1It&^zB-EXw^3gXV=tI?*;xe$Kuh3{VDg1 zefLv?SG#FUyz6J@tk*jKNQ8YeE7@}Vf<5&O`&bs6UxX!dYvzKj@L4K}Xx$Zz8A2B2 z4tUVm*(~IK2sAE5&+1q=lB>Iv^O0H)>Jr43K66hqDPqKF?rMrP(=kijFTWekx#S)( z`Yq(lFZkn*?{c{qq`f~Xhx$BXIovF~P46PV^m(9nKZOG)?{qzKHgt{#mD{#1`?Qz$ zvC(Mpw$t>fYxHr7$7e>q=v^iJ01MxQxiltt^ONU>?rEIl;ZH~3b0^zYnSN9mO?A_U zOqupqIj^VnuP)skR>$^@zffh{h0((2NlnOQ0q>j%>`mY(Dx!rI9-|seEU6MKEwZs+ z7{d7|m|Kx7Tne&>(F{xOeTE#+F9I#X&GYZ!w8!}tYG%p9uS=?^XX3dTi+$PZf}JEZ zk7%4JMF*Id%T`Y@%0{c1TwlF|9cTUQc|Ocx8f=;KX>{;O-Q_hJM3xRWlW~Hs_7xR7 zK|kL@b|e2Cr^^}KpdfG;6eH2$kj%LlWnm-eNrae(10-99xR>Fe51~FN^L0BI(SoYl zY-TKox79$51R|405S1+Zc87{;@8WD53D#!BB5k+Tv);+@3SJo|EFpfN%PSrOqpdn! z*`Ot~3|e`%uF;=sQ&CYN{aYZ;Tx zf4_q~k+!y>3zN?PNvh08B&GJhlmenPrHp-;4H9OgSqySd;o;$V3&!3|%#y$Fe}_pH z9yue}2iT^VwWvr$t)9>S6WKxJx9vzE>0;jJANxXf=a#>o_ipHA5Cxy`G9n{J%%*VZ zXQ6rLzy6(ekqgcb>;}2aScsnSKcjT9&%X^wSp0+x8qRe@)VzX7sYT8v`j3+vPLkzl zK%~5DcX?=sn7fexQ62>NNO6?@tS+Jwm_wj67NnP#NTl7i8n7D>I(FQgtdzDjc;%jJ zrK@wxLQ*j)7vf!p9EPu6kreTO9+p8CHsw&`e6bTGV!t`bgR~(Ta?By(QTNr4AHCh$9OoYH_Os*BVp+wgDG4q~6s^Id3J^j{|`^uM};Jo*G$4`d+x55i>Vqu0#QTwkCMvDRzzVf zl|=yYJ%}AO2jP{DI>Nx$cVE5*qX*i{R*__-Z1hf%omVKRXpy)x7}g;nV2o&JAufd|x+Q%r{1U+>~KNB>aOIY_J zZA<^xx&(I+GHei!J{~FdZteHEaH{`*&Anw*lyCGdOd}-?10qTYGvp8o2vP#l&A?DH zjC6xYOG}q@mmu9O-O?b8v`Q)^@k0br&pn?1I$zG$_kGvP;sfhp;(qSfdq4ZSuDws< zT)R4%Yjdz?z`u6Kb(9d1||GPZgI7=rP>y?S)fUH)m7@z*LwMEm?BJ)3Vu!zy@Seu&IiYoY z!x{!_DOR9$N0f{xe`s4O@P^KE-AfOE~=;$pTUylL&12xF2e{I9TJb=ek zEbxcj_uf*V%98Y-pXhbJ?~g!|8(5oEdRNdy7UavZMiAI^u#(mQ%jDZ*OXS- z@o#X_fjOZW5dwzf#CyU5UKam>tZljiC?mi&p1x(nV`QDPZN!IRo;%6FYIeb4J_EhQ zkH7c)p&Z^6%4QU7XlfdC72n#K%*Kk=_{M?qw=8TLG{y#cr+e{e>=2SlVLew1wSXS5 zwJ{U}I?p%oRVt|H(53F5gEqkeGC%t$v5NM}|2VNY8uk*_oPPtHlwSeB+hLCnNJ?Y% z#bCb(m~{*;RAQZ6)tr@gp#-pCY74-&f=|8%l^GskHS3`G0;p<|jMXYPH#hUVbOx9h z>1nOW5cW76W7|vv=+;0)K@c=w1}dz@)zvB*$S-6QHgk{d-|qi25!hE?3Bdxyj-Y|) z^dHEJZAuLcP`>{u379X?%pH6!RvOB}Vo_bKU;%Du)X#K0LpPdJg@=0IW(P>00Dprw zroii5n$+zrDRxRFZN~6y;`;U)*zwXd-wgnGcM98f++wEqgL7j;$1v#q8+bYX6gVAT z!O z176){w*m04tqK4!^vV4G0Dc>f20zFXcQhPtA(dV$_#ZmdQWLN-3OF7c2A+eN7!N~@{!_+d zRmA`S#kR5r2ppXv&{kGiqs_sF1GWo%D|Sy|QO$8-a9b6owkQbAE9?XVVD^#%d;G;& zu;>TC{s27%6dBQP6qL*bRYMv9?jBCYSh3Z1$Nv~N@OtwO79juL{YwCR4LJ7=;Qv_2 zM3fmDpV&8pRRZtEnbK_ms8u`tQ&1ZM4DIX1FVF*=5={@bT4t zEm+||0MKfyx`8+YEbuS{h$Ds}SU?e|tV4ue0e~>ZCGgiu>OGHufZW=ELx)svGZ3Ny zstOi^2NVmyKLVf%wog5$O2tyax^L$0B^tTW53j090!hsgAuw7H-vG-7>>uFi)R=dT z0SXN`pn7;GG3t3h7kLWaeO*txsHQgEAsKSFGYDFOC6-9Bo{d%3&N(*M1?fodRw!P+ zaTON%!z;HWvL$$WNtjDtG2$&{>1h?-^!(#}W{o+~O%Oqf$5(E3Nvl*hrvXeE>~p{* z`QmCc+eVn;~O5@A5^50Mm3TRjXhMSP$fn!Gd9oK@lQg zxh=uM)YtccHGmHTW{@(=h;22%A>Yi}>Ng79iX-yLOD=`QDHTTxIy}gxQ|z0X0)ch} zI4OW|0G4vl%`{#y^owhx&@1OwwX9MsBLR$VQ6_K?#0>yq1@~CADFe|15>yt<=m(#X#ArN|C%YJ|7{5|}nt$H%IQ29S|YFpjzw|g^!nD~0@``^6O1%udd)AmI^ zCyHeTi~CZA?os`s;3@2LtIDz-JrG>?mq$G{A5WOJJJ%*gW9Lmiq>T_g1S7?pc5jBHVDH^f1j!(O5Hk>8X)c@Ba!9Ixa?i1DPlo<6;7 z$lV+or*rQzUo*XoNYec2D)Zs7v$6(+=LzEJ1K!v@=9LT73nsY1ltas>Mo&4L&CY9~ zU*GrhwW3L~bA|Q@OBp+K=yG{je+%U!Y+trCVbC&Yx-?n4qiq#kl= zM}tBZ58Yy*s$=K5Mr2Jy)k5l3O@goZox9EYKvdC_&uVKgoAFvp1PRu`QlXv&px4d>&4Cm+|`l}nOUBPx%x8mWThWkB+J)693OsEv|nSF zSaHeUJ!(Q{neCugS)0EvStZ<)=c{?1(p(^_vuaWDZnV2YYxWk60(F#uf^Dnwk>uN% zhrQ5Jf}Fo%-+wX<0E?#ey5r-hhxMw@GznN?x!<^7ewK3$N7v@n&a=O9;F*wLb!=#_ zmwUU!PR;?O^BGyD9m*68@P5T!pT|3u z6GUtNj1Ec`j$1Ml7gln{Xk=A=oTp1rl_rRf9S_3Jl8J=f%qdPqWCNgJ8SD&C{FPnVt>=~nMtV)K3d7WGzH z8TP@CHw6?hth6qI%+d@)#EcOrqwSxSWGzdEa#T|f{# zJAZZO=`kAa+O$btS^k;3YAMr`yJu&YQRLlkRvh!><*33wm=@=AQ=}e0r^dc%G4ld} z6dm)yts3HCyk#ghGr99J^zy;fx^^1af5_x_I6hQeSg_^zLG^-@oVd z-;M+e3-#yAMvzvAL{;e7(W0fu0tPg zN)?m$o$PB48=j_jy$*NxBezr^Mi;nQ(Zo~#{c(Taprt)#a5kOxk{LTC&l|aTbDq6V zw>Q?Jq;~Bmi%8h`$;XW{Yx6O*5BTLXX!6)Z zi=*Q|?la`Ef;=iCk&E0fsdSo0XL~D|hSx)e4gq`)zK?{sN6Gc&s95q1JbV$oljf2N zgO6@0^pXg&~7W3NFHR#E>{Rtg|W#a{5{?v*3EF)QU+rKq^<7G2gQ*@lE%1 zyoiCS8pz~Qh1C+lO3t5W?s_|6lfzVDB2ieYh5bw7F+tA15cz4OFI`%5z93o9@itgw zY}6bAw*hkxUPU06Ap(Ysy>xeiiT(4xOH@1L)UN+7-SBwze|=m(cJ8s?K!BS1fBWOU zkQJs>bP=CNdWLhy{GX9<_+xH+S3t-h+C-JTMbI0gIz~BJ6m@Mbq88d^r&02_E&gxE z_{XeTx@if=EP^rxyYE)$FI8OIjO8u6Q*!fHo)29t@uWzKl2RZqGg5HIaKe8%;*T~t z2;s=Yrh_3(`ET9|Hz*2ckNqP z;G$q8|Ak(Bvy|$;*coP{)(gXL!EyA-$3RK%R&6Em5bE7qc03etUej2!Bk8#&=qpg2 zeVZ4ASGJ7c?yjKi$vz@W33y*YNxS{0DL$EO z{I?r(j)qq9OxvwR`Mamzv3j3b=fo)BJ$1aw;9E}J7dfV2-RDW$Q}ENN%w|Gzc93S zgXUp|>8%|jwd5mSM>`2o^*d>Sf@xT21jQ=;4sWWbHKpE(R1{*+xSA5O)1=)(%Q!8N zV?gp2`QHI7f8m?kWpr}3WVOj3@y^7o2H}OPfMu_3Dh*^mkAq3I$XLg8bSC@(m!%5= zn)`y>Tv?N1x}4Zi8*(7@D>FMqxPDxtG<@RbyMIRvA8e2EtTijuk#D+CBsoTF^!i{& zvwd@a`R`l(zG8J%ZlkN5fsbi_AFW$+|7bkWC|JEl3Vtq#y{s&U2#$76=!i(>(U_NL zpMBrYo##ffJGEbjY34usT17TAEu~4;as7MsMGMV_^NNZ>UcY|NY!#!a0@e(`DRcO7 z#bS8w^{14TX}p)R7S1-`(ew8Hn4`6)BgMvKG2S(QFDGlS%CC0Zh5JRxd#{vF?HsNR z8c0R$>K*)#TmcA7EwV*NPdD{^Jk4?uGyJxpKXrWUJ$ntsHbE2rq1}sy#;dZ9wfTg> zJDHU3*-&|hOwOd7m$(iN3?s?6i$$_L?ER?Sfm!K4n^>ZCWq_*UQWN}~a2fOcSfsdw zH?N>T_h7_GtpG3O^mOWdd_Mz}&KP#F&eL>LXiJ?l@|RY+e1Fgz1v%(UtWEH5fSvS+h?!>DtoIHyt*SHUBYYBgL9T?|2C`Ud>L%2ez-h ziW;yxBPH5|UyE=kRQJb<=;#WcorTAXaj{fwJA3#zH@@+k--blof6H%R>gIi}c_sWvNj$3mS# zS}6>KboE6AJj_T!@xR!Rd;a4=`+D_koM5D6B2d2UzkkE8<~g7Q8K!_8>e37^|4iMg-c ztU|v&_06od(fp(w(%Vr)dya)tK}0QqYhw^}k8{L;5Q5LKN+DCnplACW(sAq0qWJl1 zXyjwV7dZQ-u9>s~4~{?JsRmjU-qjj+W}D0%v{wJfb2mc~_sOPajo zI?%_TF40-gymAe0D;mB6yeb2_j@8np-ni2cc2~q`zdd_()N>pJDy2yKXhG#kOnr0{ zJeK5!fovIFd$5k&J<9>x*QEo{Q8#uSd{w0Uc8?)czDd_gY;8VjY_2R9+DN*gq#Vq< zmdX@!Q?wrMw(aSuc6Fx0J^TIP-ZTc~Nlx99|Mc0;7p4BW_5QPQkor~pl9S98#5OZd z!9j=KcK#_>U<(U>pKA~ceZf9yuO9F531;)3P8?SU`8|^?YaGdDNN~X4k=biHF;Y{#iYjT zdUG-4V*C_I%ABqWjViqq0c(N0~q2_h#*rIR-s>uq*r>AP&S+PU-lRPnZJNB`n4GAx|_; z-TH2+QM>TBM$(0`5fpkHSus6pr@c#HHSrQots|kmHMRNC74%D}>aSBBKsEOh3Dl^= z;Kr!vtP}Ni3HoR|w-!lAqlb8D^NeLVEsb#07CyK3OZm5(Mx^TP%K}Jh-u${J6 zOt&^I(V8*y?bX5ds}(%x8VTS#qB})9j#;DrJaR@X*9atldfZnDG!v%SE(?=h7zPc)) z_{MX?G-;@`eOu86(GM8|j8Znm%IS27Mtv&FpxC(bi^Q%viFiq_hXDRfC8pLF7j0{| zl3E^a*#%Ff8#yLHcv^O$W|JuSK_DhH# z8jV+t_s~uD4Sn&%>m5QB7AjacKVN1&9fCS68fvj|iog3>ox;w!y*;3JtqXsOINQ`d zf}mtbkk4S%mE7xxpJ`9)z$=5TaWiI2yW>g}yMTsHrss&0S|t)5k~<*ewe6om1Ccdq)Dh`@Z~PtL^$j zTHD>x=bZvzA=XRp2}`<@=5&OeDEjDtrM@+A6pV50MNFSXudBGyw;;{d_o`y0X2xSm zy?^f7T%hv5xDFn6MI6|`GV6^92T*c7=`>H+COIudN83GJ2iMpiN8s|`PNWo$k0*M* zLNXph6094m`=&eSpt!zphob%5 zB4KEXxr?Q!*WIReIxZJKt(XBVe>2!Ge7kRyD*nq4^Rc~-dt~$x;oDQ@38sVxR_Qai ztB)Y=`=|u?_}AUU^qOg*I+=+!FZi=>raK$!xA;nVPC{w_sxVo}Z(vB&rW|v-lIoeh2XUapTHV(9$PyUu^CD}ahFf(uO=-bg% z$6?uW-L)P35&DQ|llon;5R#)bUBMCGi6dU6CwKPO*p??z7F|_QJi`|V{Z)ctxYlLVFoXNhuCPCh9Kx$eJ+w8P$TQhzJNN|^?aXgspv)p> zJDg~uR)MEZ^%`%bI7jAF_sDuEagK?(g^y1ZdfR^$zQ* z+oQficfSnaPFjbKr!%yBiEa${x{3-PyzCgCU8gSA89TNOQsD==WBA+C;~ z^-*^?OMQT=GV2IPg3k$(HWb~Rr}it3t;Z0!Ma+)6vk9A;o3KMauP&3iRl%8waNK&A z$9URFgdXmMn)sD*qFC-nGDy~~K3mm2_~CJM#8MaNJqnM7-2P!}8rjyFQLs#rHdRf# zA0*>+$CC6hvjU%)_!D8)`D$JaKt^sT5mn|L$Lb)gy(?Ls^;)IV}4rxY? zf0!5|9brXEWW}_?W5{ab;@4aqv+VYsUt3m0Lp~d^`5jg&X?x^GXJDWA^Uwf>6xlvd zb7E_VE&p6DAY5wD5+k80}SrJtubK@dVGEyBo>x zR=!$?mc-p3t|-XgUcDphl7Ws+5x;R`lj;`l(RYeEw+Wp1l32gZ(fSZDVy!~;>G zFL;C3sd+R=#_=elFwZwKl$qjv16~k~{}%y!5<$$VqE6Q#%ALJ$1~Rh5l$7w_(gSS+ z;=GVujvud>)|3YAc`aS-Xv0hEB>W;Ccep9=k^++L=_mbo@$W|T|FSGnBjAzChObop z{wz6u+B>J^hechB&kD8w`vrTHT;JZ(zdjIA=0CB#C+tvpTV2S)RWw9SRmLz@l2}(NPN!t_bl2p}edeVD(D43B?<4PsbR=7%p`LB%r=WI#-S_G!qK6d`1XH@Y&4ku{eGg zSzYJ4$zS~C!Cnwyk049}%nfE+TMbNmSa~d!d z?N@U&V&smW7E5m5E9?Ah;gz7JuJrJ0LyiLZ6vlu_BVpKo zS4~LPh3zSc%tM&p)X1#HhVI^$+b6Dng9sm$=5in0 zCTEgaEk=>6RTFj~Xq(yl*_tLYlsK&2V5J}Lz%@r4`I^1$%2irvXVo5NNWCrjT(X_9 zm8x;`X2R%Pijq(fDtnN?mJp?e!ep(o{*Vy&mn~LCni%g`7U}57Hs12EWnZS4v?t)V zKyEj2Jl2P#HE)dRDy%9;nrJX&<35C!X{!G{zCrrfi*4sxUV(*~fx(g)6&dd_)r!`R zhN?x`Qt=qs+tyTh*|k_Qq_cNaxdQoo`R&&P)W5Yqe1H3lD2>6ykx!A6IlhP?KYnD3 zQ1ljwTbZ2~jnZV8IY-e-TvRH10v#`f2J$?H%E&Ry)YR;=#p2uiAG6_R`eR|;pL5E%xQKG2HPahzPTs54NF1FkxIL%t)abkwZRH^n+<_gSf|L)Sf%(ubF&Lf+QInkiIcUWqvJaJGeNNV<|F zCJ+%8Q#UPVg_pYf90jfSYS72Mdwaxa&|!ZRT}lfZc0jzfdN;s;(9)`Nfo)J2Lo& z7kj)b16#fnV`;7f^VjX8(oZ){Kl>wOY1E0|hthHl8(VHG3%+#&`gSq#) z4zqx7K%119`j=00o?sXj+m=%;KIN{CQZB+Np$iuZlhaNcb>D8Esre6)cdKDlJh;HD z@1ma>kG>#v*yynl7cE8>MS(HKyKPAp+DBu*tEzFvf+j~n+KWzWex<^NtVkjX==j0~ z#Y)uJ^hw)0^<|`=R0mQ7ln{|2A988Gf|8m_u`ugl{54|w%Y~|Q%XniL1{Ea`;ck0y z9xvOf6+5G=3NlHRmYsmKHfbG*&1<0A(zwS;Mi+)#!S_AYBvhUjsuAS5d6P3(DZQj) z7-J@N{c^y)EZ}+w-AQs;b%9FG?lD*`d|m!Mav%eqt?K5^fM$m`2*}lrZxv zD7pX+)cqMIZ|~zDTHi`v@+m&OXf&2kyE}5|koKNXiL2m$XeR2t61zq3+_X$H+l2^> zX%`408wlyBzMX#SGloX*9o1BMRw#do?p+C)f!*2V7-TAWURdByQ|}WT&-J*b>I{~} z?p32$S*J*Z3#CuJ;u4IhmCP^Z<#sWZrmLb=g^Y@{ev(a>uj%CpFOen2Eu4!zBQL@4 zhq}vaw4dWCA`6=N9tZRM&KYB@b{%o%m-`ys#cWk4eGx%a>~7QipEr!M1V+p=WQu zQFjefb-1lsc;3V|lS}{M^(6a`e{}rIodXha6VjBq4O+{n`jXV~qJcU($C82*Pp}2A z_14X7RYkOxN)c8ChIW>Eq}86y4&1S2gn>x-FtSJ923PepK}l|1g8BD8THwYD$57i8R>y$vNFVx6639nGK}UPu<*Pq?x3mcCB@|Jw83xj(2Fe%41In}ZPCl6! z#LdpbF&hi<#4SsD=D*z}K9=cDEi)9A@g!fJRCyLlDM5Dzlv5 zk#kqgBrjmy(TIZO=R5(M2|VHt@*`_4p3R*Mx9|IH*7nF8dbV65ozBG9vMwEYC4^?( z7A_KmX${5$GG00*Wg&I&A7mKoJMC4YMt&6cB=)+E6qLUocTe9-LW`~u8u(@Yrk-d@ zl*9xni(u{89|;qnOSF+bZ5OcbA6+|Lh*iBRnrAO#U08)-O0R6jzcC*-)#UBmoL`5F ztwc=K(8{hOiFkq+1?#}1>UsM( z>$lrgV&`pMf0+2))IH{<^XIp!R=zhm=W-(VzBuQ{&|(a&& zoxYPYrqrj(e!k~tR`iLKA0-vTbGI_{hPW;A$kQ$!O|zWG3LU+v`ADgjQ}sVNe8Bq4 zr0hMp)iM25rrH0+5{Zzj>OxaL3~yI-&EvJ=QB#O!0*!BD{D2*wY9yo$QP zg=C<_HA@`r@+q6c2)|p)RZqCRaJW+H)gi&hZ#I#wSN81d*j3!kZRGy!e^`+z>Dkq} zK#M}eE%@g)p0QZZihO@N_!-@SW78CGQtH?~9fkAofzW3o$q%Q91!Windows 10 and later + - ✅ Windows 11 and later --- @@ -16,13 +19,15 @@ manager: aaroncz The Windows version of mobile application management (MAM) is a lightweight solution for managing company data access and security on personal devices. MAM support is built into Windows on top of Windows Information Protection (WIP), starting in Windows 10, version 1703. +[!INCLUDE [Deprecate Windows Information Protection](includes/wip-deprecation.md)] + ## Integration with Azure AD MAM on Windows is integrated with Azure Active Directory (Azure AD) identity service. The MAM service supports Azure AD-integrated authentication for the user and the device during enrollment and the downloading of MAM policies. MAM integration with Azure AD is similar to mobile device management (MDM) integration. See [Azure Active Directory integration with MDM](azure-active-directory-integration-with-mdm.md). MAM enrollment is integrated with adding a work account flow to a personal device. If both MAM and Azure AD-integrated MDM services are provided in an organization, a user's personal devices will be enrolled to MAM or MDM, depending on the user's actions. If a user adds their work or school Azure AD account as a secondary account to the machine, their device will be enrolled to MAM. If a user joins their device to Azure AD, it will be enrolled to MDM. In general, a device that has a personal account as its primary account is considered a personal device and should be enrolled to MAM. An Azure AD join, and enrollment to MDM, should be used to manage corporate devices. -On personal devices, users can add an Azure AD account as a secondary account to the device while keeping their personal account as primary. Users can add an Azure AD account to the device from a supported Azure AD-integrated application, such as the next update of Microsoft Office 365 or Microsoft Office Mobile. Alternatively, users can add an Azure AD account from **Settings > Accounts > Access work or school**. +On personal devices, users can add an Azure AD account as a secondary account to the device while keeping their personal account as primary. Users can add an Azure AD account to the device from a supported Azure AD-integrated application, such as the next update of Microsoft 365 apps. Alternatively, users can add an Azure AD account from **Settings > Accounts > Access work or school**. Regular non-admin users can enroll to MAM. @@ -34,15 +39,15 @@ To make applications WIP-aware, app developers need to include the following dat ``` syntax // Mark this binary as Allowed for WIP (EDP) purpose - MICROSOFTEDPAUTOPROTECTIONALLOWEDAPPINFO EDPAUTOPROTECTIONALLOWEDAPPINFOID - BEGIN - 0x0001 - END +MICROSOFTEDPAUTOPROTECTIONALLOWEDAPPINFO EDPAUTOPROTECTIONALLOWEDAPPINFOID + BEGIN + 0x0001 + END ``` ## Configuring an Azure AD tenant for MAM enrollment -MAM enrollment requires integration with Azure AD. The MAM service provider needs to publish the Management MDM app to the Azure AD app gallery. With Azure AD in Windows 10, version 1703, onward, the same cloud-based Management MDM app will support both MDM and MAM enrollments. If you've already published your MDM app, it needs to be updated to include MAM Enrollment and Terms of use URLs. The screenshot below illustrates the management app for an IT admin configuration. +MAM enrollment requires integration with Azure AD. The MAM service provider needs to publish the Management MDM app to the Azure AD app gallery. Starting with Windows 10, version 1703 and later, the same cloud-based Management MDM app in Azure AD will support both MDM and MAM enrollments. If you've already published your MDM app, it needs to be updated to include MAM Enrollment and Terms of use URLs. The screenshot below illustrates the management app for an IT admin configuration. :::image type="content" alt-text="Mobile application management app." source="images/implement-server-side-mobile-application-management.png"::: @@ -127,13 +132,3 @@ In the process of changing MAM enrollment to MDM, MAM policies will be removed f - EDP CSP RevokeOnMDMHandoff is set to false. If the MAM device is properly configured for MDM enrollment, then the Enroll only to device management link will be displayed in **Settings > Accounts > Access work or school**. The user can select this link, provide their credentials, and the enrollment will be changed to MDM. Their Azure AD account won't be affected. - -## Skype for Business compliance with MAM - -We've updated Skype for Business to work with MAM. The following table explains Office release channels and release dates for Skype for Business compliance with the MAM feature. - -|Update channel|Primary purpose|LOB Tattoo availability|Default update channel for the products| -|--- |--- |--- |--- | -|[Current channel](/deployoffice/overview-update-channels#BKMK_CB)|Provide pilot users and application compatibility testers the opportunity to test the next Deferred Channel.|March 9 2017|Visio Pro for Office 365
Project Desktop Client
Microsoft 365 Apps for business (the version of Office that comes with some Microsoft 365 plans, such as Business Premium.)| -|[Deferred channel](/deployoffice/overview-update-channels#BKMK_CBB)|Provide users with new features of Office only a few times a year.|October 10 2017|Microsoft 365 Apps for enterprise| -|[First release for deferred channel](/deployoffice/overview-update-channels#BKMK_FRCBB)|Provide pilot users and application compatibility testers the opportunity to test the next Deferred Channel.|June 13 2017|| diff --git a/windows/client-management/manage-windows-10-in-your-organization-modern-management.md b/windows/client-management/manage-windows-10-in-your-organization-modern-management.md index 37aae00014..b3940204c7 100644 --- a/windows/client-management/manage-windows-10-in-your-organization-modern-management.md +++ b/windows/client-management/manage-windows-10-in-your-organization-modern-management.md @@ -1,6 +1,6 @@ --- -title: Manage Windows 10 in your organization - transitioning to modern management -description: This article offers strategies for deploying and managing Windows 10, including deploying Windows 10 in a mixed environment. +title: Manage Windows devices in your organization - transitioning to modern management +description: This article offers strategies for deploying and managing Windows devices, including deploying Windows in a mixed environment. ms.prod: windows-client ms.localizationpriority: medium ms.date: 06/03/2022 @@ -10,15 +10,16 @@ ms.reviewer: manager: aaroncz ms.topic: overview ms.technology: itpro-manage +appliesto: + - ✅ Windows 10 and later + - ✅ Windows 11 and later --- -# Manage Windows 10 in your organization - transitioning to modern management +# Manage Windows devices in your organization - transitioning to modern management -Use of personal devices for work, and employees working outside the office, may be changing how your organization manages devices. Certain parts of your organization might require deep, granular control over devices, while other parts might seek lighter, scenario-based management that empowers the modern workforce. Windows 10 offers the flexibility to respond to these changing requirements, and can easily be deployed in a mixed environment. You can shift the percentage of Windows 10 devices gradually, following the normal upgrade schedules used in your organization. +Use of personal devices for work, and employees working outside the office, may be changing how your organization manages devices. Certain parts of your organization might require deep, granular control over devices, while other parts might seek lighter, scenario-based management that empowers the modern workforce. Windows offers the flexibility to respond to these changing requirements, and can easily be deployed in a mixed environment. You can shift the percentage of Windows devices gradually, following the normal upgrade schedules used in your organization. -Your organization might have considered bringing in Windows 10 devices and downgrading them to an earlier version of Windows until everything is in place for a formal upgrade process. This downgrade may appear to save costs due to standardization. But, you typically save more if you don't downgrade, and immediately taking advantage of the cost reductions Windows 10 can provide. Because Windows 10 devices can be managed using the same processes and technology as other previous Windows versions, it's easy for versions to coexist. - -Your organization can support various operating systems across a wide range of device types, and manage them through a common set of tools such as Microsoft Configuration Manager, Microsoft Intune, or other third-party products. This "managed diversity" enables you to empower your users to benefit from the productivity enhancements available on their new Windows 10 devices (including rich touch and ink support), while still maintaining your standards for security and manageability. It can help you and your organization benefit from Windows 10 much faster. +Your organization can support various operating systems across a wide range of device types, and manage them through a common set of tools such as Microsoft Configuration Manager, Microsoft Intune, or other third-party products. This "managed diversity" enables you to empower your users to benefit from the productivity enhancements available on their new Windows devices (including rich touch and ink support), while still maintaining your standards for security and manageability. It can help you and your organization benefit from Windows much faster. This six-minute video demonstrates how users can bring in a new retail device and be up and working with their personalized settings and a managed experience in a few minutes, without being on the corporate network. It also demonstrates how IT can apply policies and configurations to ensure device compliance. @@ -27,7 +28,7 @@ This six-minute video demonstrates how users can bring in a new retail device an > [!NOTE] > The video demonstrates the configuration process using the classic Azure portal, which is retired. Customers should use the new Azure portal. [Learn how use the new Azure portal to perform tasks that you used to do in the classic Azure portal.](/information-protection/deploy-use/migrate-portal) -This article offers guidance on strategies for deploying and managing Windows 10, including deploying Windows 10 in a mixed environment. It covers [management options](#reviewing-the-management-options-with-windows-10) plus the four stages of the device lifecycle: +This article offers guidance on strategies for deploying and managing Windows devices, including deploying Windows in a mixed environment. It covers [management options](#reviewing-the-management-options-with-windows-10) plus the four stages of the device lifecycle: - [Deployment and Provisioning](#deployment-and-provisioning) - [Identity and Authentication](#identity-and-authentication) @@ -36,55 +37,49 @@ This article offers guidance on strategies for deploying and managing Windows 10 ## Reviewing the management options with Windows 10 -Windows 10 offers a range of management options, as shown in the following diagram: +Windows offers a range of management options, as shown in the following diagram: :::image type="content" source="images/windows-10-management-range-of-options.png" alt-text="Diagram of the path to modern IT." lightbox="images/windows-10-management-range-of-options.png"::: -As indicated in the diagram, Microsoft continues to provide support for deep manageability and security through technologies like group Policy, Active Directory, and Configuration Manager. It also delivers a "mobile-first, cloud-first" approach of simplified, modern management using cloud-based device management solutions such as Microsoft Enterprise Mobility + Security (EMS). Future Windows innovations, delivered through Windows as a Service, are complemented by cloud services like Microsoft Intune, Azure Active Directory, Azure Information Protection, Office 365, and the Microsoft Store for Business. +As indicated in the diagram, Microsoft continues to provide support for deep manageability and security through technologies like group Policy, Active Directory, and Configuration Manager. It also delivers a "mobile-first, cloud-first" approach of simplified, modern management using cloud-based device management solutions such as Microsoft Enterprise Mobility + Security (EMS). Future Windows innovations, delivered through Windows as a Service, are complemented by cloud services like Microsoft Intune, Azure Active Directory, Azure Information Protection, and Microsoft 365. ## Deployment and provisioning -With Windows 10, you can continue to use traditional OS deployment, but you can also "manage out of the box." To transform new devices into fully configured, fully managed devices, you can: +With Windows, you can continue to use traditional OS deployment, but you can also "manage out of the box". To transform new devices into fully configured, fully managed devices, you can: -- Avoid reimaging by using dynamic provisioning, enabled by a cloud-based device management service such as [Windows Autopilot](/mem/autopilot/windows-autopilot) or [Microsoft Intune](/mem/intune/fundamentals/). +- Avoid re-imaging by using dynamic provisioning, enabled by a cloud-based device management service such as [Windows Autopilot](/mem/autopilot/windows-autopilot) or [Microsoft Intune](/mem/intune/fundamentals/). - Create self-contained provisioning packages built with the Windows Configuration Designer. For more information, see [Provisioning packages for Windows](/windows/configuration/provisioning-packages/provisioning-packages). - Use traditional imaging techniques such as deploying custom images using [Configuration Manager](/mem/configmgr/core/understand/introduction). -You have multiple options for [upgrading to Windows 10](/windows/deployment/windows-10-deployment-scenarios). For existing devices running Windows 8.1, you can use the robust in-place upgrade process for a fast, reliable move to Windows 10 while automatically preserving all the existing apps, data, and settings. This process usage can mean lower deployment costs, and improved productivity as end users can be immediately productive - everything is right where they left it. You can also use a traditional wipe-and-load approach if you prefer, using the same tools that you use today. +You have multiple options for [upgrading to Windows 10 and Windows 11](/windows/deployment/windows-10-deployment-scenarios). For existing devices running Windows 10, you can use the robust in-place upgrade process for a fast, reliable move to Windows 11 while automatically preserving all the existing apps, data, and settings. This process usage can mean lower deployment costs, and improved productivity as end users can be immediately productive - everything is right where they left it. You can also use a traditional wipe-and-load approach if you prefer, using the same tools that you use today. ## Identity and authentication -You can use Windows 10 and services like [Azure Active Directory](/azure/active-directory/fundamentals/active-directory-whatis) in new ways for cloud-based identity, authentication, and management. You can offer your users the ability to **"bring your own device" (BYOD)** or to **"choose your own device" (CYOD)** from a selection you make available. At the same time, you might be managing PCs and tablets that must be domain-joined because of specific applications or resources that are used on them. +You can use Windows and services like [Azure Active Directory](/azure/active-directory/fundamentals/active-directory-whatis) in new ways for cloud-based identity, authentication, and management. You can offer your users the ability to **"bring your own device" (BYOD)** or to **"choose your own device" (CYOD)** from a selection you make available. At the same time, you might be managing PCs and tablets that must be domain-joined because of specific applications or resources that are used on them. You can envision user and device management as falling into these two categories: -- **Corporate (CYOD) or personal (BYOD) devices used by mobile users for SaaS apps such as Office 365.** With Windows 10, your employees can self-provision their devices: +- **Corporate (CYOD) or personal (BYOD) devices used by mobile users for SaaS apps such as Office 365.** With Windows, your employees can self-provision their devices: - - For corporate devices, they can set up corporate access with [Azure AD join](/azure/active-directory/devices/overview). When you offer them Azure AD Join with automatic Intune MDM enrollment, they can bring devices into a corporate-managed state in [*one step*](https://techcommunity.microsoft.com/t5/azure-active-directory-identity/windows-10-azure-ad-and-microsoft-intune-automatic-mdm/ba-p/244067), all from the cloud. + - For corporate devices, they can set up corporate access with [Azure AD join](/azure/active-directory/devices/overview). When you offer them Azure AD Join with automatic Intune MDM enrollment, they can bring devices into a corporate-managed state in [*one step*](https://techcommunity.microsoft.com/t5/azure-active-directory-identity/windows-10-azure-ad-and-microsoft-intune-automatic-mdm/ba-p/244067), all from the cloud. Azure AD join is also a great solution for temporary staff, partners, or other part-time employees. These accounts can be kept separate from the on-premises AD domain but still access needed corporate resources. - - Likewise, for personal devices, employees can use a new, simplified [BYOD experience](/azure/active-directory/devices/overview) to add their work account to Windows, then access work resources on the device. + - Likewise, for personal devices, employees can use a new, simplified [BYOD experience](/azure/active-directory/devices/overview) to add their work account to Windows, then access work resources on the device. - **Domain joined PCs and tablets used for traditional applications and access to important resources.** These applications and resources may be traditional ones that require authentication or accessing highly sensitive or classified resources on-premises. - With Windows 10, if you have an on-premises [Active Directory](/windows-server/identity/whats-new-active-directory-domain-services) domain that's [integrated with Azure AD](/azure/active-directory/devices/hybrid-azuread-join-plan), when employee devices are joined, they automatically register with Azure AD. This registration provides: + With Windows, if you have an on-premises [Active Directory](/windows-server/identity/whats-new-active-directory-domain-services) domain that's [integrated with Azure AD](/azure/active-directory/devices/hybrid-azuread-join-plan), when employee devices are joined, they automatically register with Azure AD. This registration provides: - - Single sign-on to cloud and on-premises resources from everywhere + - Single sign-on to cloud and on-premises resources from everywhere + - [Enterprise roaming of settings](/azure/active-directory/devices/enterprise-state-roaming-enable) + - [Conditional access](/azure/active-directory/conditional-access/overview) to corporate resources based on the health or configuration of the device + - [Windows Hello for Business](/windows/security/identity-protection/hello-for-business/hello-identity-verification) + - Windows Hello - - [Enterprise roaming of settings](/azure/active-directory/devices/enterprise-state-roaming-enable) - - - [Conditional access](/azure/active-directory/conditional-access/overview) to corporate resources based on the health or configuration of the device - - - [Windows Hello for Business](/windows/security/identity-protection/hello-for-business/hello-identity-verification) - - - Windows Hello - - Domain joined PCs and tablets can continue to be managed with the [Configuration Manager](/mem/configmgr/core/understand/introduction) client or group policy. - -For more information about how Windows 10 and Azure AD optimize access to work resources across a mix of devices and scenarios, see [Using Windows 10 devices in your workplace](/azure/active-directory/devices/overview). + Domain joined PCs and tablets can continue to be managed with [Configuration Manager](/mem/configmgr/core/understand/introduction) client or group policy. As you review the roles in your organization, you can use the following generalized decision tree to begin to identify users or devices that require domain join. Consider switching the remaining users to Azure AD. @@ -92,19 +87,19 @@ As you review the roles in your organization, you can use the following generali ## Settings and configuration -Your configuration requirements are defined by multiple factors, including the level of management needed, the devices and data managed, and your industry requirements. Meanwhile, employees are frequently concerned about IT applying strict policies to their personal devices, but they still want access to corporate email and documents. With Windows 10, you can create a consistent set of configurations across PCs, tablets, and phones through the common MDM layer. +Your configuration requirements are defined by multiple factors, including the level of management needed, the devices and data managed, and your industry requirements. Meanwhile, employees are frequently concerned about IT applying strict policies to their personal devices, but they still want access to corporate email and documents. You can create a consistent set of configurations across PCs, tablets, and phones through the common MDM layer. -**MDM**: MDM gives you a way to configure settings that achieve your administrative intent without exposing every possible setting. (In contrast, group policy exposes fine-grained settings that you control individually.) One benefit of MDM is that it enables you to apply broader privacy, security, and application management settings through lighter and more efficient tools. MDM also allows you to target Internet-connected devices to manage policies without using group policy that requires on-premises domain-joined devices. This provision makes MDM the best choice for devices that are constantly on the go. +- **MDM**: MDM gives you a way to configure settings that achieve your administrative intent without exposing every possible setting. (In contrast, group policy exposes fine-grained settings that you control individually.) One benefit of MDM is that it enables you to apply broader privacy, security, and application management settings through lighter and more efficient tools. MDM also allows you to target Internet-connected devices to manage policies without using group policy that requires on-premises domain-joined devices. This provision makes MDM the best choice for devices that are constantly on the go. -**Group policy** and **Configuration Manager**: Your organization might still need to manage domain joined computers at a granular level such as Internet Explorer's 1,500 configurable group policy settings. If so, group policy and Configuration Manager continue to be excellent management choices: +- **Group policy** and **Configuration Manager**: Your organization might still need to manage domain joined computers at a granular level using group policy settings. If so, group policy and Configuration Manager continue to be excellent management choices: -- Group policy is the best way to granularly configure domain joined Windows PCs and tablets connected to the corporate network using Windows-based tools. Microsoft continues to add group policy settings with each new version of Windows. + - **Group policy** is the best way to granularly configure domain joined Windows PCs and tablets connected to the corporate network using Windows-based tools. Microsoft continues to add group policy settings with each new version of Windows. -- Configuration Manager remains the recommended solution for granular configuration with robust software deployment, Windows updates, and OS deployment. + - **Configuration Manager** remains the recommended solution for granular configuration with robust software deployment, Windows updates, and OS deployment. ## Updating and servicing -With Windows as a Service, your IT department no longer needs to perform complex imaging (wipe-and-load) processes with each new Windows release. Whether on current branch (CB) or current branch for business (CBB), devices receive the latest feature and quality updates through simple - often automatic - patching processes. For more information, see [Windows 10 deployment scenarios](/windows/deployment/windows-10-deployment-scenarios). +With Windows as a Service, your IT department no longer needs to perform complex imaging (wipe-and-load) processes with each new Windows release. Whether on General Availability Channel or Long-Term Servicing Channel, devices receive the latest feature and quality updates through simple - often automatic - patching processes. For more information, see [Windows deployment scenarios](/windows/deployment/windows-10-deployment-scenarios). MDM with Intune provide tools for applying Windows updates to client computers in your organization. Configuration Manager allows rich management and tracking capabilities of these updates, including maintenance windows and automatic deployment rules. @@ -116,9 +111,9 @@ There are various steps you can take to begin the process of modernizing device **Assess the different use cases and management needs in your environment.** Are there groups of devices that could benefit from lighter, simplified management? BYOD devices, for example, are natural candidates for cloud-based management. Users or devices handling more highly regulated data might require an on-premises Active Directory domain for authentication. Configuration Manager and EMS provide you the flexibility to stage implementation of modern management scenarios while targeting different devices the way that best suits your business needs. -**Review the decision trees in this article.** With the different options in Windows 10, plus Configuration Manager and Enterprise Mobility + Security, you have the flexibility to handle imaging, authentication, settings, and management tools for any scenario. +**Review the decision trees in this article.** With the different options in Windows, plus Configuration Manager and Enterprise Mobility + Security, you have the flexibility to handle imaging, authentication, settings, and management tools for any scenario. -**Take incremental steps.** Moving towards modern device management doesn't have to be an overnight transformation. New operating systems and devices can be brought in while older ones remain. With this "managed diversity," users can benefit from productivity enhancements on new Windows 10 devices, while you continue to maintain older devices according to your standards for security and manageability. The CSP policy [MDMWinsOverGP](./mdm/policy-csp-controlpolicyconflict.md#mdmwinsovergp) allows MDM policies to take precedence over group policy when both group policy and its equivalent MDM policies are set on the device. You can start implementing MDM policies while keeping your group policy environment. For more information, including the list of MDM policies with equivalent group policies, see [Policies supported by group policy](./mdm/policy-configuration-service-provider.md). +**Take incremental steps.** Moving towards modern device management doesn't have to be an overnight transformation. New operating systems and devices can be brought in while older ones remain. With this "managed diversity," users can benefit from productivity enhancements on modern Windows devices, while you continue to maintain older devices according to your standards for security and manageability. The CSP policy [MDMWinsOverGP](./mdm/policy-csp-controlpolicyconflict.md#mdmwinsovergp) allows MDM policies to take precedence over group policy when both group policy and its equivalent MDM policies are set on the device. You can start implementing MDM policies while keeping your group policy environment. For more information, including the list of MDM policies with equivalent group policies, see [Policies supported by group policy](./mdm/policies-in-policy-csp-supported-by-group-policy.md). **Optimize your existing investments**. On the road from traditional on-premises management to modern cloud-based management, take advantage of the flexible, hybrid architecture of Configuration Manager and Intune. Co-management enables you to concurrently manage Windows 10 devices by using both Configuration Manager and Intune. For more information, see the following articles: @@ -130,5 +125,5 @@ There are various steps you can take to begin the process of modernizing device ## Related articles - [What is Intune?](/mem/intune/fundamentals/what-is-intune) -- [Windows 10 policy CSP](./mdm/policy-configuration-service-provider.md) -- [Windows 10 configuration service providers](./mdm/index.yml) +- [Policy CSP](./mdm/policy-configuration-service-provider.md) +- [Configuration service providers reference](./mdm/index.yml) diff --git a/windows/client-management/push-notification-windows-mdm.md b/windows/client-management/push-notification-windows-mdm.md index 712795c303..5e90998e48 100644 --- a/windows/client-management/push-notification-windows-mdm.md +++ b/windows/client-management/push-notification-windows-mdm.md @@ -1,10 +1,10 @@ --- title: Push notification support for device management description: The DMClient CSP supports the ability to configure push-initiated device management sessions. -MS-HAID: - - 'p\_phdevicemgmt.push\_notification\_support\_for\_device\_management' - - 'p\_phDeviceMgmt.push\_notification\_windows\_mdm' -ms.reviewer: +MS-HAID: + - 'p\_phdevicemgmt.push\_notification\_support\_for\_device\_management' + - 'p\_phDeviceMgmt.push\_notification\_windows\_mdm' +ms.reviewer: manager: aaroncz ms.author: vinpa ms.topic: article @@ -14,7 +14,6 @@ author: vinaypamnani-msft ms.date: 09/22/2017 --- - # Push notification support for device management The [DMClient CSP](mdm/dmclient-csp.md) supports the ability to configure push-initiated device management sessions. Using the [Windows Notification Services (WNS)](/previous-versions/windows/apps/hh913756(v=win.10)), a management server can request a device to establish a management session with the server through a push notification. A device is provided with a PFN for an application. This provision results in the device getting configured, to support a push to it by the management server. Once the device is configured, it registers a persistent connection with the WNS cloud (Battery Sense and Data Sense conditions permitting). @@ -27,58 +26,67 @@ Because a device may not always be connected to the internet, WNS supports cachi The following restrictions are related to push notifications and WNS: -- Push for device management uses raw push notifications. This restriction means that these raw push notifications don't support or utilize push notification payloads. -- Receipt of push notifications is sensitive to the Battery Saver and Data Sense settings on the device. For example, if the battery drops below certain thresholds, the persistent connection of the device with WNS will be terminated. Additionally, if the user is utilizing Data Sense and has exceeded their monthly allotment of data, the persistent connection of the device with WNS will also be terminated. -- A ChannelURI provided to the management server by the device is only valid for 30 days. The device automatically renews the ChannelURI after 15 days and triggers a management session on successful renewal of the ChannelURI. It's strongly recommended that, during every management session, the management server queries the ChannelURI value to ensure that it has received the latest value. This will ensure that the management server won't attempt to use a ChannelURI that has expired. -- Push isn't a replacement for having a polling schedule. -- WNS reserves the right to block push notifications to your PFN if improper use of notifications is detected. Any devices being managed using this PFN will cease to have push initiated device management support. -- On Windows 10, version 1511 as well as Windows 8 and 8.1, MDM Push may fail to renew the WNS Push channel automatically causing it to expire. It can also potentially hang when setting the PFN for the channel. +- Push for device management uses raw push notifications. This restriction means that these raw push notifications don't support or utilize push notification payloads. +- Receipt of push notifications is sensitive to the Battery Saver and Data Sense settings on the device. For example, if the battery drops below certain thresholds, the persistent connection of the device with WNS will be terminated. Additionally, if the user is utilizing Data Sense and has exceeded their monthly allotment of data, the persistent connection of the device with WNS will also be terminated. +- A ChannelURI provided to the management server by the device is only valid for 30 days. The device automatically renews the ChannelURI after 15 days and triggers a management session on successful renewal of the ChannelURI. It's strongly recommended that, during every management session, the management server queries the ChannelURI value to ensure that it has received the latest value. This will ensure that the management server won't attempt to use a ChannelURI that has expired. +- Push isn't a replacement for having a polling schedule. +- WNS reserves the right to block push notifications to your PFN if improper use of notifications is detected. Any devices being managed using this PFN will cease to have push initiated device management support. +- On Windows 10, version 1511 as well as Windows 8 and 8.1, MDM Push may fail to renew the WNS Push channel automatically causing it to expire. It can also potentially hang when setting the PFN for the channel. - To work around this issue, when a 410 is returned by the WNS server when attempting to send a Push notification to the device the PFN should be set during the next sync session. To prevent the push channel from expiring on older builds, servers can reset the PFN before the channel expires (~30 days). If they’re already running Windows 10, there should be an update available that they can install that should fix the issue. + To work around this issue, when a 410 is returned by the WNS server when attempting to send a Push notification to the device the PFN should be set during the next sync session. To prevent the push channel from expiring on older builds, servers can reset the PFN before the channel expires (~30 days). If they’re already running Windows 10, there should be an update available that they can install that should fix the issue. -- On Windows 10, version 1511, we use the following retry logic for the DMClient: - - If ExpiryTime is greater than 15 days, a schedule is set for when 15 days are left. - - If ExpiryTime is between now and 15 days, a schedule set for 4 +/- 1 hours from now. - - If ExpiryTime has passed, a schedule is set for 1 day +/- 4 hours from now. +- On Windows 10, version 1511, we use the following retry logic for the DMClient: + - If ExpiryTime is greater than 15 days, a schedule is set for when 15 days are left. + - If ExpiryTime is between now and 15 days, a schedule set for 4 +/- 1 hours from now. + - If ExpiryTime has passed, a schedule is set for 1 day +/- 4 hours from now. -- On Windows 10, version 1607, we check for network connectivity before retrying. We don't check for internet connectivity. If network connectivity isn't available, we'll skip the retry and set schedule for 4+/-1 hours to try again. - +- On Windows 10, version 1607, we check for network connectivity before retrying. We don't check for internet connectivity. If network connectivity isn't available, we'll skip the retry and set schedule for 4+/-1 hours to try again. ## Get WNS credentials and PFN for MDM push notification To get a PFN and WNS credentials, you must create a Microsoft Store app. -1. Go to the Windows [Dashboard](https://dev.windows.com/en-US/dashboard) and sign in with your developer account. +1. Go to the Windows [Dashboard](https://dev.windows.com/en-US/dashboard) and sign in with your developer account. - ![mdm push notification1.](images/push-notification1.png) -2. Create a new app. + ![mdm push notification1.](images/push-notification1.png) - ![mdm push notification2.](images/push-notification2.png) -3. Reserve an app name. +1. Create a new app. - ![mdm push notification3.](images/push-notification3.png) -4. Click **Services**. + ![mdm push notification2.](images/push-notification2.png) - ![mdm push notification4.](images/push-notification4.png) -5. Click **Push notifications**. +1. Reserve an app name. - ![mdm push notification5.](images/push-notification5.png) -6. Click **Live Services site**. A new window opens for the **Application Registration Portal** page. + ![mdm push notification3.](images/push-notification3.png) - ![mdm push notification6.](images/push-notification6.png) -7. In the **Application Registration Portal** page, you'll see the properties for the app that you created, such as: - - Application ID - - Application Secrets - - Microsoft Store Package SID, Application Identity, and Publisher. +1. Click **Services**. - ![mdm push notification7.](images/push-notification7.png) -8. Click **Save**. -9. Close the **Application Registration Portal** window and go back to the Windows Dev Center Dashboard. -10. Select your app from the list on the left. -11. From the left nav, expand **App management** and then click **App identity**. + ![mdm push notification4.](images/push-notification4.png) - ![mdm push notification10.](images/push-notification10.png) -12. In the **App identity** page, you'll see the **Package Family Name (PFN)** of your app. +1. Click **Push notifications**. -  + ![mdm push notification5.](images/push-notification5.png) + +1. Click **Live Services site**. A new window opens for the **Application Registration Portal** page. + + ![mdm push notification6.](images/push-notification6.png) + +1. In the **Application Registration Portal** page, you'll see the properties for the app that you created, such as: + +- Application ID +- Application Secrets +- Microsoft Store Package SID, Application Identity, and Publisher. + + ![mdm push notification7.](images/push-notification7.png) + +1. Click **Save**. + +1. Close the **Application Registration Portal** window and go back to the Windows Dev Center Dashboard. + +1. Select your app from the list on the left. + +1. From the left nav, expand **App management** and then click **App identity**. + + ![mdm push notification10.](images/push-notification10.png) + +1. In the **App identity** page, you'll see the **Package Family Name (PFN)** of your app.