From d5a831a005c24f6a9e9ca53df7ef94594a8c9166 Mon Sep 17 00:00:00 2001 From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com> Date: Sun, 25 Feb 2024 06:51:26 -0500 Subject: [PATCH] updates --- .../_lock-down-windows-10-to-specific-apps.md | 524 ------------------ .../_lock-down-windows-11-to-specific-apps.md | 398 ------------- .../assigned-access/_setup-digital-signage.md | 65 --- .../assigned-access-quickstart-kiosk.md | 2 +- .../assigned-access/assigned-access-xsd.md | 10 +- .../{_kiosk-single-app.md => configure.md} | 235 ++++++-- .../create-assigned-access-configuration.md | 187 ++++++- .../assigned-access/images/auto-signin.png | Bin 13645 -> 0 bytes .../images/kiosk-fullscreen-sm.png | Bin 18044 -> 0 bytes .../assigned-access/images/sample-start.png | Bin 94324 -> 0 bytes .../images/set-assignedaccess.png | Bin 7012 -> 0 bytes .../configuration/assigned-access/index.md | 12 + .../assigned-access/kiosk-policies.md | 124 ++--- .../assigned-access/kiosk-shelllauncher.md | 21 - .../shell-launcher-quickstart-kiosk.md | 2 +- .../assigned-access/shell-launcher-xsd.md | 8 +- windows/configuration/assigned-access/toc.yml | 2 + 17 files changed, 455 insertions(+), 1135 deletions(-) delete mode 100644 windows/configuration/assigned-access/_lock-down-windows-10-to-specific-apps.md delete mode 100644 windows/configuration/assigned-access/_lock-down-windows-11-to-specific-apps.md delete mode 100644 windows/configuration/assigned-access/_setup-digital-signage.md rename windows/configuration/assigned-access/{_kiosk-single-app.md => configure.md} (52%) delete mode 100644 windows/configuration/assigned-access/images/auto-signin.png delete mode 100644 windows/configuration/assigned-access/images/kiosk-fullscreen-sm.png delete mode 100644 windows/configuration/assigned-access/images/sample-start.png delete mode 100644 windows/configuration/assigned-access/images/set-assignedaccess.png diff --git a/windows/configuration/assigned-access/_lock-down-windows-10-to-specific-apps.md b/windows/configuration/assigned-access/_lock-down-windows-10-to-specific-apps.md deleted file mode 100644 index 02a9a77810..0000000000 --- a/windows/configuration/assigned-access/_lock-down-windows-10-to-specific-apps.md +++ /dev/null @@ -1,524 +0,0 @@ ---- -title: Set up a multi-app kiosk on Windows 10 -description: Learn how to configure a kiosk device running Windows 10 so that users can only run a few specific apps. -ms.topic: how-to -ms.date: 11/08/2023 ---- - -# Set up a multi-app kiosk on Windows 10 devices - -A kiosk device typically runs a single application, and users are prevented from accessing any features or functions on the device outside of the app. - -The assigned access feature is intended for dedicated devices, like kiosks. When the multi-app assigned access configuration is applied on the device, [certain policies](kiosk-policies.md) are enforced system-wide, impacting other users on the device. Deleting the kiosk configuration removes the assigned access lockdown profiles associated with the users, but it can't revert all the enforced policies (for example, the Start layout). To clear all the policy settings enforced by Assigned Access, you must reset Windows. - -## Configure a kiosk in Microsoft Intune - -To configure a kiosk in Microsoft Intune, see: - -- [Windows client and Windows Holographic for Business device settings to run as a dedicated kiosk using Intune](/intune/kiosk-settings) -- [Windows client device settings to run as a kiosk in Intune](/intune/kiosk-settings-windows) - -## Configure a kiosk using a provisioning package - -Process: - -1. [Create XML file](#create-xml-file) -1. [Add XML file to provisioning package](#add-xml) -1. [Apply provisioning package to device](#apply-ppkg) - -Watch how to use a provisioning package to configure a multi-app kiosk. - -> [!VIDEO https://www.microsoft.com/videoplayer/embed/fa125d0f-77e4-4f64-b03e-d634a4926884?autoplay=false] - -### Create XML file - -#### Profile - -There are two types of profiles that you can specify in the XML: - -- **Lockdown profile**: Users assigned a lockdown profile will see the desktop in tablet mode with the specific apps on the Start screen. -- **Kiosk profile**: Starting with Windows 10 version 1803, this profile replaces the KioskModeApp node of the [AssignedAccess CSP](/windows/client-management/mdm/assignedaccess-csp). Users assigned a kiosk profile won't see the desktop, but only the kiosk app running in full-screen mode. - -A lockdown profile section in the XML has the following entries: - -- [**Id**](#id) -- [**AllowedApps**](#allowedapps) -- [**FileExplorerNamespaceRestrictions**](#fileexplorernamespacerestrictions) -- [**StartLayout**](#startlayout) -- [**Taskbar**](#taskbar) - -A kiosk profile in the XML has the following entries: - -- [**Id**](#id) -- [**KioskModeApp**](#kioskmodeapp) - -##### Id - -The profile **Id** is a GUID attribute to uniquely identify the profile. You can create a GUID using a GUID generator. The GUID just needs to be unique within this XML file. - -```xml - - - -``` - -##### AllowedApps - -**AllowedApps** is a list of applications that are allowed to run. Apps can be Universal Windows Platform (UWP) apps or Windows desktop applications. Starting with Windows 10 version 1809, you can configure a single app in the **AllowedApps** list to run automatically when the assigned access user account signs in. - -- For UWP apps, you need to provide the App User Model ID (AUMID). [Learn how to get the AUMID](./find-the-application-user-model-id-of-an-installed-app.md), or [get the AUMID from the Start Layout XML](#startlayout). -- For desktop apps, you need to specify the full path of the executable, which can contain one or more system environment variables in the form of `%variableName%`. For example, `%systemroot%` or `%windir%`. -- If an app has a dependency on another app, both must be included in the allowed apps list. For example, Internet Explorer 64-bit has a dependency on Internet Explorer 32-bit, so you must allow both `"C:\Program Files\internet explorer\iexplore.exe"` and `"C:\Program Files (x86)\Internet Explorer\iexplore.exe"`. -- To configure a single app to launch automatically when the user signs in, include `rs5:AutoLaunch="true"` after the AUMID or path. You can also include arguments to be passed to the app. For an example, see [the AllowedApps sample XML](#apps-sample). - -When the multi-app kiosk configuration is applied to a device, AppLocker rules will be generated to allow the apps that are listed in the configuration. Here are the predefined assigned access AppLocker rules for **UWP apps**: - -1. Default rule is to allow all users to launch the signed package apps. -1. The package app blocklist is generated at runtime when the assigned access user signs in. Based on the installed/provisioned package apps available for the user account, assigned access generates the blocklist. This list will exclude the default allowed inbox package apps, which are critical for the system to function. It then excludes the allowed packages that enterprises defined in the assigned access configuration. If there are multiple apps within the same package, all these apps will be excluded. This blocklist will be used to prevent the user from accessing the apps that are currently available for the user but not in the allowed list. - - > [!NOTE] - > You can't manage AppLocker rules that are generated by the multi-app kiosk configuration in [MMC snap-ins](/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/hh994629(v=ws.11)#BKMK_Using_Snapins). Avoid creating AppLocker rules that conflict with AppLocker rules that are generated by the multi-app kiosk configuration. - > - > Multi-app kiosk mode doesn't block the enterprise or the users from installing UWP apps. When a new UWP app is installed during the current assigned access user session, this app will not be in the deny list. When the user signs out and signs in again, the app will be included in the blocklist. If this is an enterprise-deployed line-of-business app and you want to allow it to run, update the assigned access configuration to include it in the allowed app list. - -Here are the predefined assigned access AppLocker rules for **desktop apps**: - -1. Default rule is to allow all users to launch the desktop programs signed with Microsoft Certificate in order for the system to boot and function. The rule also allows the admin user group to launch all desktop programs. -1. There's a predefined inbox desktop app blocklist for the assigned access user account, and this blocklist is adjusted based on the desktop app allowlist that you defined in the multi-app configuration. -1. Enterprise-defined allowed desktop apps are added in the AppLocker allowlist. - -The following example allows Groove Music, Movies & TV, Photos, Weather, Calculator, Paint, and Notepad apps to run on the device, with Notepad configured to automatically launch and create a file called `123.text` when the user signs in. - -```xml - - - - - - - - - - - -``` - -##### FileExplorerNamespaceRestrictions - -Starting in Windows 10 version 1809, you can explicitly allow some known folders to be accessed when the user tries to open the file dialog box in multi-app assigned access by including **FileExplorerNamespaceRestrictions** in your XML file. Currently, **Downloads** is the only folder supported. This behavior can also be set using Microsoft Intune. - -The following example shows how to allow user access to the Downloads folder in the common file dialog box. - -> [!TIP] -> To grant access to the Downloads folder through File Explorer, add "Explorer.exe" to the list of allowed apps, and pin a file explorer shortcut to the kiosk start menu. - -```xml - - - - - - ... - - - - - - - ... - - - - - -``` - -`FileExplorerNamespaceRestriction` has been extended in current Windows 10 Prerelease for finer granularity and easier use. For more information and full samples, see [Assigned access XML reference](kiosk-xml.md). By using new elements, you can configure whether a user can access the Downloads folder or removable drives, or have no restrictions at all. - -> [!NOTE] -> - `FileExplorerNamespaceRestrictions` and `AllowedNamespace:Downloads` are available in namespace `https://schemas.microsoft.com/AssignedAccess/201810/config`. -> - `AllowRemovableDrives` and `NoRestriction` are defined in a new namespace `https://schemas.microsoft.com/AssignedAccess/2020/config`. - -- When `FileExplorerNamespaceRestrictions` node isn't used, or used but left empty, the user won't be able to access any folder in a common dialog. For example, **Save As** in the Microsoft Edge browser. -- When Downloads is mentioned in allowed namespace, user will be able to access Downloads folder. -- When `AllowRemovableDrives` is used, user will be to access removable drives. -- When `NoRestriction` is used, no restriction will be applied to the dialog. -- `AllowRemovableDrives` and `AllowedNamespace:Downloads` can be used at the same time. - -##### StartLayout - -After you define the list of allowed applications, you can customize the Start layout for your kiosk experience. You can choose to pin all the allowed apps on the Start screen or just a subset, depending on whether you want the end user to directly access them on the Start screen. - -The easiest way to create a customized Start layout to apply to other Windows client devices is to set up the Start screen on a test device and then export the layout. For detailed steps, see [Customize and export Start layout](../start/customize-and-export-start-layout.md). - -A few things to note here: - -- The test device on which you customize the Start layout should have the same OS version that is installed on the device where you plan to deploy the multi-app assigned access configuration. -- Since the multi-app assigned access experience is intended for fixed-purpose devices, to ensure the device experiences are consistent and predictable, use the *full* Start layout option instead of the *partial* Start layout. -- There are no apps pinned on the taskbar in the multi-app mode, and it's not supported to configure Taskbar layout using the `` tag in a layout modification XML as part of the assigned access configuration. -- The following example uses `DesktopApplicationLinkPath` to pin the desktop app to start. When the desktop app doesn't have a shortcut link on the target device, [learn how to provision .lnk files using Windows Configuration Designer](#lnk-files). - -The following example pins Groove Music, Movies & TV, Photos, Weather, Calculator, Paint, and Notepad apps on Start: - -```xml - - - - - - - - - - - - - - - - - - - - - - ]]> - -``` - -> [!NOTE] -> If an app isn't installed for the user, but is included in the Start layout XML, the app isn't shown on the Start screen. - -![What the Start screen looks like when the XML sample is applied.](images/sample-start.png) - -##### Taskbar - -Define whether you want to have the taskbar present in the kiosk device. For tablet-based or touch-enabled all-in-one kiosks, when you don't attach a keyboard and mouse, you can hide the taskbar as part of the multi-app experience if you want. - -The following example exposes the taskbar to the end user: - -```xml - -``` - -The following example hides the taskbar: - -```xml - -``` - -> [!NOTE] -> This is different from the **Automatically hide the taskbar** option in tablet mode, which shows the taskbar when swiping up from or moving the mouse pointer down to the bottom of the screen. Setting **ShowTaskbar** as **false** will always keep the taskbar hidden. - -##### KioskModeApp - -**KioskModeApp** is used for a [kiosk profile](#profile) only. Enter the AUMID for a single app. You can only specify one kiosk profile in the XML. - -```xml - -``` - -> [!IMPORTANT] -> The kiosk profile is designed for public-facing kiosk devices. We recommend that you use a local, non-administrator account. If the device is connected to your company network, using a domain or Microsoft Entra account could potentially compromise confidential information. - -#### Configs - -Under **Configs**, define which user account will be associated with the profile. When this user account signs in on the device, the associated assigned access profile will be enforced. This behavior includes the allowed apps, Start layout, taskbar configuration, and other local group policies or mobile device management (MDM) policies set as part of the multi-app experience. - -The full multi-app assigned access experience can only work for non-admin users. It's not supported to associate an admin user with the assigned access profile. Making this configuration in the XML file will result in unexpected or unsupported experiences when this admin user signs in. - -You can assign: - -- [A local standard user account that signs in automatically](#config-for-autologon-account) (Applies to Windows 10, version 1803 only) -- [An individual account, which can be local, domain, or Microsoft Entra ID](#config-for-individual-accounts) -- [A group account, which can be local, Active Directory (domain), or Microsoft Entra ID](#config-for-group-accounts) (Applies to Windows 10, version 1803 only). - -> [!NOTE] -> Configs that specify group accounts cannot use a kiosk profile, only a lockdown profile. If a group is configured to a kiosk profile, the CSP will reject the request. - -##### Config for AutoLogon Account - -When you use `` and the configuration is applied to a device, the specified account (managed by Assigned Access) is created on the device as a local standard user account. The specified account is signed in automatically after restart. - -The following example shows how to specify an account to sign in automatically. - -```xml - - - - - - -``` - -Starting with Windows 10 version 1809, you can configure the display name that will be shown when the user signs in. The following example shows how to create an AutoLogon Account that shows the name "Hello World". - -```xml - - - - - - -``` - -On domain-joined devices, local user accounts aren't shown on the sign-in screen by default. To show the **AutoLogonAccount** on the sign-in screen, enable the following Group Policy setting: **Computer Configuration > Administrative Templates > System > Logon > Enumerate local users on domain-joined computers**. (The corresponding MDM policy setting is [WindowsLogon/EnumerateLocalUsersOnDomainJoinedComputers in the Policy CSP](/windows/client-management/mdm/policy-csp-windowslogon#windowslogon-enumeratelocalusersondomainjoinedcomputers).) - -> [!IMPORTANT] -> When Exchange Active Sync (EAS) password restrictions are active on the device, the autologon feature does not work. This behavior is by design. For more informations, see [How to turn on automatic logon in Windows](/troubleshoot/windows-server/user-profiles-and-logon/turn-on-automatic-logon). - -##### Config for individual accounts - -Individual accounts are specified using ``. - -- Local account can be entered as `machinename\account` or `.\account` or just `account`. -- Domain account should be entered as `domain\account`. -- Microsoft Entra account must be specified in this format: `AzureAD\{email address}`. **AzureAD** must be provided _as is_, and consider it's a fixed domain name. Then follow with the Microsoft Entra ID email address. For example, `AzureAD\someone@contoso.onmicrosoft.com` - -> [!WARNING] -> Assigned access can be configured via WMI or CSP to run its applications under a domain user or service account, rather than a local account. However, use of domain user or service accounts introduces risks that an attacker subverting the assigned access application might gain access to sensitive domain resources that have been inadvertently left accessible to any domain account. We recommend that customers proceed with caution when using domain accounts with assigned access, and consider the domain resources potentially exposed by the decision to do so. - -Before applying the multi-app configuration, make sure the specified user account is available on the device, otherwise it will fail. - -> [!NOTE] -> For both domain and Microsoft Entra accounts, it's not required that target account is explicitly added to the device. As long as the device is AD-joined or Microsoft Entra joined, the account can be discovered in the domain forest or tenant that the device is joined to. For local accounts, it is required that the account exist before you configure the account for assigned access. - -```xml - - - MultiAppKioskUser - - - -``` - -##### Config for group accounts - -Group accounts are specified using ``. Nested groups aren't supported. For example, if user A is member of Group 1, Group 1 is member of Group 2, and Group 2 is used in ``, user A won't have the kiosk experience. - -- Local group: Specify the group type as **LocalGroup** and put the group name in Name attribute. Any Microsoft Entra accounts that are added to the local group won't have the kiosk settings applied. - - ```xml - - - - - ``` - -- Domain group: Both security and distribution groups are supported. Specify the group type as ActiveDirectoryGroup. Use the domain name as the prefix in the name attribute. - - ```xml - - - - - ``` - -- Microsoft Entra group: Use the group object ID from the Azure portal to uniquely identify the group in the Name attribute. You can find the object ID on the overview page for the group in **Users and groups** > **All groups**. Specify the group type as **AzureActiveDirectoryGroup**. The kiosk device must have internet connectivity when users that belong to the group sign-in. - - ```xml - - - - - ``` - - > [!NOTE] - > If a Microsoft Entra group is configured with a lockdown profile on a device, a user in the Microsoft Entra group must change their password (after the account has been created with default password on the portal) before they can sign in to this device. If the user uses the default password to sign in to the device, the user will be immediately signed out. - - - - - -### Add XML file to provisioning package - -Before you add the XML file to a provisioning package, you can [validate your configuration XML against the XSD](kiosk-xml.md#xsd-for-assignedaccess-configuration-xml). - -Use the Windows Configuration Designer tool to create a provisioning package. [Learn how to install Windows Configuration Designer.](../provisioning-packages/provisioning-install-icd.md). - -> [!IMPORTANT] -> When you build a provisioning package, you may include sensitive information in the project files and in the provisioning package (.ppkg) file. Although you have the option to encrypt the .ppkg file, project files are not encrypted. You should store the project files in a secure location and delete the project files when they are no longer needed. - -1. Open Windows Configuration Designer. By default: `%systemdrive%\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Imaging and Configuration Designer\x86\ICD.exe`. - -1. Choose **Advanced provisioning**. - -1. Name your project, and select **Next**. - -1. Choose **All Windows desktop editions** and select **Next**. - -1. On **New project**, select **Finish**. The workspace for your package opens. - -1. Expand **Runtime settings** > **AssignedAccess** > **MultiAppAssignedAccessSettings**. - -1. In the center pane, select **Browse**. Locate and select the assigned access configuration XML file that you created. - - ![Screenshot of the MultiAppAssignedAccessSettings field in Windows Configuration Designer.](images/multiappassignedaccesssettings.png) - -1. _Optional: If you want to apply the provisioning package after device initial setup and there's an admin user already available on the kiosk device, skip this step._ Create an admin user account in **Runtime settings** > **Accounts** > **Users**. Provide a **UserName** and **Password**, and select **UserGroup** as **Administrators**. With this account, you can view the provisioning status and logs if needed. - -1. _Optional: If you already have a non-admin account on the kiosk device, skip this step._ Create a local standard user account in **Runtime settings** > **Accounts** > **Users**. Make sure the **UserName** is the same as the account that you specify in the configuration XML. Select **UserGroup** as **Standard Users**. - -1. On the **File** menu, select **Save.** - -1. On the **Export** menu, select **Provisioning package**. - -1. Change **Owner** to **IT Admin**, which will set the precedence of this provisioning package higher than provisioning packages applied to this device from other sources, and then select **Next.** - -1. Optional. In the **Provisioning package security** window, you can choose to encrypt the package and enable package signing. - - - **Enable package encryption** - If you select this option, an auto-generated password will be shown on the screen. - - - **Enable package signing** - If you select this option, you must select a valid certificate to use for signing the package. You can specify the certificate by clicking **Browse** and choosing the certificate you want to use to sign the package. - -1. Select **Next** to specify the output location where you want the provisioning package to go when it's built. By default, Windows Imaging and Configuration Designer (ICD) uses the project folder as the output location. - - Optionally, you can select **Browse** to change the default output location. - -1. Select **Next**. - -1. Select **Build** to start building the package. The provisioning package doesn't take long to build. The project information is displayed in the build page and the progress bar indicates the build status. - - If you need to cancel the build, select **Cancel**. This action cancels the current build process, closes the wizard, and takes you back to the **Customizations Page**. - -1. If your build fails, an error message will show up that includes a link to the project folder. You can scan the logs to determine what caused the error. Once you fix the issue, try building the package again. - - If your build is successful, the name of the provisioning package, output directory, and project directory will be shown. - - - If you choose, you can build the provisioning package again and pick a different path for the output package. To do this action, select **Back** to change the output package name and path, and then select **Next** to start another build. - - If you're done, select **Finish** to close the wizard and go back to the **Customizations Page**. - -1. Copy the provisioning package to the root directory of a USB drive. - - - -### Apply provisioning package to device - -Provisioning packages can be applied to a device during initial setup (out-of-box experience or "OOBE") and after ("runtime"). For more information, see [Apply a provisioning package](../provisioning-packages/provisioning-apply-package.md). - -> [!NOTE] -> If your provisioning package doesn't include the assigned access user account creation, make sure the account you specified in the multi-app configuration XML exists on the device. - -### Use MDM to deploy the multi-app configuration - -Multi-app kiosk mode is enabled by the [AssignedAccess configuration service provider (CSP)](/windows/client-management/mdm/assignedaccess-csp). Your MDM policy can contain the assigned access configuration XML. - -If your device is enrolled with an MDM service that supports applying the assigned access configuration, you can use it to apply the setting remotely. - -The OMA-URI for multi-app policy is `./Device/Vendor/MSFT/AssignedAccess/Configuration`. - -## Considerations for Windows Mixed Reality immersive headsets - -With the advent of [mixed reality devices (video link)](https://www.youtube.com/watch?v=u0jqNioU2Lo), you might want to create a kiosk that can run mixed reality apps. - -To create a multi-app kiosk that can run mixed reality apps, you must include the following apps in the [AllowedApps list](#allowedapps): - -```xml - - - - -``` - -These apps are in addition to any mixed reality apps that you allow. - -**Before your kiosk user signs in:** An admin user must sign in to the PC, connect a mixed reality device, and complete the guided setup for the Mixed Reality Portal. The first time that the Mixed Reality Portal is set up, some files and content are downloaded. A kiosk user wouldn't have permissions to download and so their setup of the Mixed Reality Portal would fail. - -After the admin has completed setup, the kiosk account can sign in and repeat the setup. The admin user may want to complete the kiosk user setup before providing the PC to employees or customers. - -There's a difference between the mixed reality experiences for a kiosk user and other users. Typically, when a user connects a mixed reality device, they begin in the [Mixed Reality home](/windows/mixed-reality/discover/navigating-the-windows-mixed-reality-home). The Mixed Reality home is a shell that runs in "silent" mode when the PC is configured as a kiosk. When a kiosk user connects a mixed reality device, they'll see only a blank display in the device, and won't have access to the features and functionality available in the home. To run a mixed reality app, the kiosk user must launch the app from the PC Start screen. - - - -## Provision .lnk files using Windows Configuration Designer - -First, create your desktop app's shortcut file by installing the app on a test device, using the default installation location. Right-click the installed application, and choose **Send to** > **Desktop (create shortcut)**. Rename the shortcut to `.lnk` - -Next, create a batch file with two commands. If the desktop app is already installed on the target device, skip the first command for MSI install. - -```PowerShell -msiexec /I ".msi" /qn /norestart -copy .lnk "%AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\.lnk" -``` - -In Windows Configuration Designer, under **ProvisioningCommands** > **DeviceContext**: - -- Under **CommandFiles**, upload your batch file, your .lnk file, and your desktop app installation file. - - > [!IMPORTANT] - > Paste the full file path to the .lnk file in the **CommandFiles** field. If you browse to and select the .lnk file, the file path will be changed to the path of the target of the .lnk. - -- Under **CommandLine**, enter `cmd /c *FileName*.bat`. - -## Other methods - -Environments that use WMI can use the [MDM Bridge WMI Provider to configure a kiosk](kiosk-mdm-bridge.md). diff --git a/windows/configuration/assigned-access/_lock-down-windows-11-to-specific-apps.md b/windows/configuration/assigned-access/_lock-down-windows-11-to-specific-apps.md deleted file mode 100644 index 5e81e2c9c4..0000000000 --- a/windows/configuration/assigned-access/_lock-down-windows-11-to-specific-apps.md +++ /dev/null @@ -1,398 +0,0 @@ ---- -title: Set up a multi-app kiosk on Windows 11 -description: Learn how to configure a kiosk device running Windows 11 so that users can only run a few specific apps. -ms.date: 05/12/2023 -appliesto: -- ✅ Windows 11 - -ms.topic: how-to ---- -# Set up a multi-app kiosk on Windows 11 devices - -> [!NOTE] -> The use of multiple monitors is supported for multi-app kiosk mode in Windows 11. - -An assigned access multi-app kiosk runs one or more apps from the desktop. People using the kiosk see a customized Start that shows only the apps that are allowed. With this approach, you can configure a locked-down experience for different account types. A multi-app kiosk is appropriate for devices that are shared by multiple people. Here's a guide on how to set up a multi-app kiosk. - -> [!WARNING] -> The assigned access feature is intended for corporate-owned fixed-purpose devices, like kiosks. When the multi-app assigned access configuration is applied on the device, [certain policies](kiosk-policies.md) are enforced system-wide, and will impact other users on the device. Deleting the kiosk configuration will remove the assigned access lockdown profiles associated with the users, but it cannot revert all the enforced policies (such as Start layout). A factory reset is needed to clear all the policies enforced via assigned access. - -> [!TIP] -> Be sure to check the [configuration recommendations](kiosk-prepare.md) before you set up your kiosk. - - - -#### Profile - -There are two types of profiles that you can specify in the XML: - -- **Lockdown profile**: Users assigned a lockdown profile will see the desktop in tablet mode with the specific apps on the Start screen. -- **Kiosk profile**: Starting with Windows 10 version 1803, this profile replaces the KioskModeApp node of the [AssignedAccess CSP](/windows/client-management/mdm/assignedaccess-csp). Users assigned a kiosk profile won't see the desktop, but only the kiosk app running in full-screen mode. - -A lockdown profile section in the XML has the following entries: - -- [**Id**](#id) -- [**AllowedApps**](#allowedapps) -- [**StartPins**](#startpins) -- [**Taskbar**](#taskbar) - -A kiosk profile in the XML has the following entries: - -- [**Id**](#id) -- [**KioskModeApp**](#kioskmodeapp) - -##### Id - -The profile **Id** is a GUID attribute to uniquely identify the profile. You can create a GUID using a GUID generator. The GUID just needs to be unique within this XML file. - -```xml - - - -``` - -##### AllowedApps - -**AllowedApps** is a list of applications that are allowed to run. Apps can be Universal Windows Platform (UWP) apps or Windows desktop applications. Starting with Windows 10 version 1809, you can configure a single app in the **AllowedApps** list to run automatically when the assigned access user account signs in. - -- For UWP apps, you need to provide the App User Model ID (AUMID). [Learn how to get the AUMID](./find-the-application-user-model-id-of-an-installed-app.md), or [get the AUMID from the Start Layout XML](#create-the-xml-file). -- For desktop apps, you need to specify the full path of the executable, which can contain one or more system environment variables in the form of `%variableName%`. For example, `%systemroot%` or `%windir%`. -- If an app has a dependency on another app, both must be included in the allowed apps list. For example, Internet Explorer 64-bit has a dependency on Internet Explorer 32-bit, so you must allow both `"C:\Program Files\internet explorer\iexplore.exe"` and `"C:\Program Files (x86)\Internet Explorer\iexplore.exe"`. -- To configure a single app to launch automatically when the user signs in, include `rs5:AutoLaunch="true"` after the AUMID or path. You can also include arguments to be passed to the app. For an example, see [the AllowedApps sample XML](#apps-sample). - -When the multi-app kiosk configuration is applied to a device, AppLocker rules will be generated to allow the apps that are listed in the configuration. Here are the predefined assigned access AppLocker rules for **UWP apps**: - -1. Default rule is to allow all users to launch the signed package apps. -1. The package app blocklist is generated at runtime when the assigned access user signs in. Based on the installed/provisioned package apps available for the user account, assigned access generates the blocklist. This list will exclude the default allowed inbox package apps, which are critical for the system to function. It then excludes the allowed packages that enterprises defined in the assigned access configuration. If there are multiple apps within the same package, all these apps will be excluded. This blocklist will be used to prevent the user from accessing the apps that are currently available for the user but not in the allowed list. - - > [!NOTE] - > You can't manage AppLocker rules that are generated by the multi-app kiosk configuration in [MMC snap-ins](/previous-versions/windows/it-pro/windows-server-2012-R2-and-2012/hh994629(v=ws.11)#BKMK_Using_Snapins). Avoid creating AppLocker rules that conflict with AppLocker rules that are generated by the multi-app kiosk configuration. - > Multi-app kiosk mode doesn't block the enterprise or the users from installing UWP apps. When a new UWP app is installed during the current assigned access user session, this app will not be in the deny list. When the user signs out and signs in again, the app will be included in the blocklist. If this is an enterprise-deployed line-of-business app and you want to allow it to run, update the assigned access configuration to include it in the allowed app list. - -Here are the predefined assigned access AppLocker rules for **desktop apps**: - -1. Default rule is to allow all users to launch the desktop programs signed with Microsoft Certificate in order for the system to boot and function. The rule also allows the admin user group to launch all desktop programs. -1. There's a predefined inbox desktop app blocklist for the assigned access user account, and this blocklist is adjusted based on the desktop app allowlist that you defined in the multi-app configuration. -1. Enterprise-defined allowed desktop apps are added in the AppLocker allowlist. - -The following example allows Photos, Weather, Calculator, Paint, and Notepad apps to run on the device, with Notepad configured to automatically launch and create a file called `123.text` when the user signs in. - -```xml - - - - - - - - - -``` - - -##### KioskModeApp - -**KioskModeApp** is used for a [kiosk profile](#profile) only. Enter the AUMID for a single app. You can only specify one kiosk profile in the XML. - -```xml - -``` - -> [!IMPORTANT] -> The kiosk profile is designed for public-facing kiosk devices. We recommend that you use a local, non-administrator account. If the device is connected to your company network, using a domain or Microsoft Entra account could potentially compromise confidential information. - -#### Configs - -Under **Configs**, define which user account will be associated with the profile. When this user account signs in on the device, the associated assigned access profile will be enforced. This behavior includes the allowed apps, Start layout, taskbar configuration, and other local group policies or mobile device management (MDM) policies set as part of the multi-app experience. - -The full multi-app assigned access experience can only work for non-admin users. It's not supported to associate an admin user with the assigned access profile. Making this configuration in the XML file will result in unexpected or unsupported experiences when this admin user signs in. - -You can assign: - -- [A local standard user account that signs in automatically](#config-for-autologon-account) (Applies to Windows 10, version 1803 only) -- [An individual account, which can be local, domain, or Microsoft Entra ID](#config-for-individual-accounts) -- [A group account, which can be local, Active Directory (domain), or Microsoft Entra ID](#config-for-group-accounts) (Applies to Windows 10, version 1803 only). - -> [!NOTE] -> Configs that specify group accounts cannot use a kiosk profile, only a lockdown profile. If a group is configured to a kiosk profile, the CSP will reject the request. - -##### Config for AutoLogon Account - -When you use `` and the configuration is applied to a device, the specified account (managed by Assigned Access) is created on the device as a local standard user account. The specified account is signed in automatically after restart. - -The following example shows how to specify an account to sign in automatically. - -```xml - - - - - - -``` - -Starting with Windows 10 version 1809, you can configure the display name that will be shown when the user signs in. The following example shows how to create an AutoLogon Account that shows the name "Hello World". - -```xml - - - - - - -``` - -On domain-joined devices, local user accounts aren't shown on the sign-in screen by default. To show the **AutoLogonAccount** on the sign-in screen, enable the following Group Policy setting: **Computer Configuration > Administrative Templates > System > Logon > Enumerate local users on domain-joined computers**. (The corresponding MDM policy setting is [WindowsLogon/EnumerateLocalUsersOnDomainJoinedComputers in the Policy CSP](/windows/client-management/mdm/policy-csp-windowslogon#windowslogon-enumeratelocalusersondomainjoinedcomputers).) - ->[!IMPORTANT] ->When Exchange Active Sync (EAS) password restrictions are active on the device, the autologon feature does not work. This behavior is by design. For more informations, see [How to turn on automatic logon in Windows](/troubleshoot/windows-server/user-profiles-and-logon/turn-on-automatic-logon). - -##### Config for individual accounts - -Individual accounts are specified using ``. - -- Local account can be entered as `machinename\account` or `.\account` or just `account`. -- Domain account should be entered as `domain\account`. -- Microsoft Entra account must be specified in this format: `AzureAD\{email address}`. **AzureAD** must be provided *as is*, and consider it's a fixed domain name. Then follow with the Microsoft Entra ID email address. For example, `AzureAD\someone@contoso.onmicrosoft.com` - -> [!WARNING] -> Assigned access can be configured via WMI or CSP to run its applications under a domain user or service account, rather than a local account. However, use of domain user or service accounts introduces risks that an attacker subverting the assigned access application might gain access to sensitive domain resources that have been inadvertently left accessible to any domain account. We recommend that customers proceed with caution when using domain accounts with assigned access, and consider the domain resources potentially exposed by the decision to do so. - -Before applying the multi-app configuration, make sure the specified user account is available on the device, otherwise it will fail. - -> [!NOTE] -> For both domain and Microsoft Entra accounts, it's not required that target account is explicitly added to the device. As long as the device is AD-joined or Microsoft Entra joined, the account can be discovered in the domain forest or tenant that the device is joined to. For local accounts, it is required that the account exist before you configure the account for assigned access. - -```xml - - - MultiAppKioskUser - - - -``` - -##### Config for group accounts - -Group accounts are specified using ``. Nested groups aren't supported. For example, if user A is member of Group 1, Group 1 is member of Group 2, and Group 2 is used in ``, user A won't have the kiosk experience. - -- Local group: Specify the group type as **LocalGroup** and put the group name in Name attribute. Any Microsoft Entra accounts that are added to the local group won't have the kiosk settings applied. - - ```xml - - - - - ``` - -- Domain group: Both security and distribution groups are supported. Specify the group type as ActiveDirectoryGroup. Use the domain name as the prefix in the name attribute. - - ```xml - - - - - ``` - -- Microsoft Entra group: Use the group object ID from the Azure portal to uniquely identify the group in the Name attribute. You can find the object ID on the overview page for the group in **Users and groups** > **All groups**. Specify the group type as **AzureActiveDirectoryGroup**. The kiosk device must have internet connectivity when users that belong to the group sign-in. - - ```xml - - - - - ``` - - > [!NOTE] - > If a Microsoft Entra group is configured with a lockdown profile on a device, a user in the Microsoft Entra group must change their password (after the account has been created with default password on the portal) before they can sign in to this device. If the user uses the default password to sign in to the device, the user will be immediately signed out. - - \ No newline at end of file diff --git a/windows/configuration/assigned-access/_setup-digital-signage.md b/windows/configuration/assigned-access/_setup-digital-signage.md deleted file mode 100644 index f159299653..0000000000 --- a/windows/configuration/assigned-access/_setup-digital-signage.md +++ /dev/null @@ -1,65 +0,0 @@ ---- -title: Set up digital signs on Windows -description: A single-use device such as a digital sign is easy to set up in Windows 10 and Windows 11 (Pro, Enterprise, and Education). -ms.date: 09/20/2021 -ms.topic: article ---- - -# Set up digital signs - -Digital signage can be a useful and exciting business tool. Use digital signs to showcase your products and services, to display testimonials, or to advertise promotions and campaigns. A digital sign can be a static display, such as a building directory or menu, or it can be dynamic, such as repeating videos or a social media feed. - -For digital signage, simply select a digital sign player as your kiosk app. You can also use [Microsoft Edge in kiosk mode](/DeployEdge/microsoft-edge-configure-kiosk-mode) or the Kiosk Browser app, and configure it to show your online content. - ->[!TIP] ->Kiosk Browser can also be used in [single-app kiosks](kiosk-single-app.md) and [multi-app kiosk](lock-down-windows-10-to-specific-apps.md) as a web browser. For more information, see [Guidelines for web browsers](guidelines-for-assigned-access-app.md#guidelines-for-web-browsers). - -Kiosk Browser must be downloaded for offline licensing using Microsoft Store for Business. You can deploy Kiosk Browser to devices running Windows 11, and Windows 10 version 1803+. - ->[!NOTE] ->If you haven't set up your Microsoft Store for Business yet, check out [the prerequisites](/microsoft-store/prerequisites-microsoft-store-for-business) and then [sign up](/microsoft-store/sign-up-microsoft-store-for-business). - -This procedure explains how to configure digital signage using Kiosk Browser on a device running Windows client that has already been set up (completed the first-run experience). - -1. [Get **Kiosk Browser** in Microsoft Store for Business with offline, unencoded license type.](/microsoft-store/acquire-apps-microsoft-store-for-business#acquire-apps) -1. [Download the **Kiosk Browser** package, license file, and all required frameworks.](/microsoft-store/distribute-offline-apps#download-an-offline-licensed-app) -1. [Install Windows Configuration Designer.](~/provisioning-packages/provisioning-install-icd.md) -1. Open Windows Configuration Designer and select **Provision kiosk devices**. -1. Enter a friendly name for the project, and select **Finish**. -1. On **Set up device**, select **Disabled**, and select **Next**. -1. On **Set up network**, enable network setup: - - Toggle **On** wireless network connectivity. - - Enter the SSID, the network type (**Open** or **WPA2-Personal**), and (if **WPA2-Personal**) the password for the wireless network. -1. On **Account management**, select **Disabled**, and select **Next**. -1. On **Add applications**, select **Add an application**: - - For **Application name**, enter `Kiosk Browser`. - - For **Installer path**, browse to and select the AppxBundle that you downloaded from Microsoft Store for Business. After you select the package, additional fields are displayed. - - For **License file path**, browse to and select the XML license file that you downloaded from Microsoft Store for Business. - - The **Package family name** is populated automatically. - - Select **Next**. -1. On **Add certificates**, select **Next**. -1. On **Configure kiosk account and app**, toggle **Yes** to create a local user account for your digital signage: - - Enter a user name and password, and toggle **Auto sign-in** to **Yes**. - - Under **Configure the kiosk mode app**, enter the user name for the account that you're creating. - - For **App type**, select **Universal Windows App**. - - In **Enter the AUMID for the app**, enter `Microsoft.KioskBrowser_8wekyb3d8bbwe!App`. -1. In the bottom left corner of Windows Configuration Designer, select **Switch to advanced editor**. -1. Go to **Runtime settings** > **Policies** > **KioskBrowser**. Let's assume that the URL for your digital signage content is contoso.com/menu: - - In **BlockedUrlExceptions**, enter `https://www.contoso.com/menu`. - - In **BlockedUrl**, enter `*`. - - In **DefaultUrl**, enter `https://www.contoso.com/menu`. - - Set **EnableEndSessionButton**, **EnableHomeButton**, and **EnableNavigationButtons** to **No**. - - >[!TIP] - >For more information on kiosk browser settings, see [Guidelines for web browsers](guidelines-for-assigned-access-app.md#guidelines-for-web-browsers). - -1. On the **File** menu, select **Save**, and select **OK** in the **Keep your info secure** dialog box. -1. On the **Export** menu, select **Provisioning package**. -1. Change the **Owner** to **IT Admin**, and select **Next**. -1. On **Select security details for the provisioning package**, select **Next**. -1. On **Select where to save the provisioning package**, select **Next**. -1. On **Build the provisioning package**, select **Build**. -1. On the **All done!** screen, click the **Output location**. -1. Copy the .ppkg file to a USB drive. -1. Attach the USB drive to the device that you want to use for your digital sign. -1. Go to **Settings** > **Accounts** > **Access work or school** > **Add or remove a provisioning package** > **Add a package**, and select the package on the USB drive. diff --git a/windows/configuration/assigned-access/assigned-access-quickstart-kiosk.md b/windows/configuration/assigned-access/assigned-access-quickstart-kiosk.md index d0b6552de3..4f51dc73d3 100644 --- a/windows/configuration/assigned-access/assigned-access-quickstart-kiosk.md +++ b/windows/configuration/assigned-access/assigned-access-quickstart-kiosk.md @@ -7,7 +7,7 @@ ms.date: 02/05/2024 # Quickstart: Configure a kiosk with Assigned Access -When you configure Windows as a *kisok*, you assign a single application to run above the lock screen. This is useful for public-facing scenarios, such as a digital sign or a public browser. +When you configure Windows as a *kiosk* with Assigned Access, you configure a single application to run above the Windows lock screen. This is useful for public-facing scenarios, such as a digital sign or a public browser. This quickstart provides practical examples of how to configure a kiosk experience on Windows with Assigne Access. The examples describe the steps using the Settings app, a mobile device management solution (MDM) like Microsoft Intune, provisioning packages (PPKG), and PowerShell. While different solutions are used, the configuration settings and results are the same. diff --git a/windows/configuration/assigned-access/assigned-access-xsd.md b/windows/configuration/assigned-access/assigned-access-xsd.md index 14c16526a9..cdf7c9f01f 100644 --- a/windows/configuration/assigned-access/assigned-access-xsd.md +++ b/windows/configuration/assigned-access/assigned-access-xsd.md @@ -14,8 +14,8 @@ This reference article contains the latest Assigned Access XML schema definition The following is the XSD for Assigned Access in Windows 11: ```xml - [!VIDEO https://www.microsoft.com/videoplayer/embed/fa125d0f-77e4-4f64-b03e-d634a4926884?autoplay=false] + +An assigned access multi-app kiosk runs one or more apps from the desktop. People using the kiosk see a customized Start that shows only the apps that are allowed. With this approach, you can configure a locked-down experience for different account types. A multi-app kiosk is appropriate for devices that are shared by multiple people. Here's a guide on how to set up a multi-app kiosk. + +> [!WARNING] +> The assigned access feature is intended for corporate-owned fixed-purpose devices, like kiosks. When the multi-app assigned access configuration is applied on the device, [certain policies](kiosk-policies.md) are enforced system-wide, and will impact other users on the device. Deleting the kiosk configuration will remove the assigned access lockdown profiles associated with the users, but it cannot revert all the enforced policies (such as Start layout). A factory reset is needed to clear all the policies enforced via assigned access. + +> [!TIP] +> Be sure to check the [configuration recommendations](kiosk-prepare.md) before you set up your kiosk. + +### Provisioning package + +Before you add the XML file to a provisioning package, you can [validate your configuration XML against the XSD](kiosk-xml.md#xsd-for-assignedaccess-configuration-xml). + +Use the Windows Configuration Designer tool to create a provisioning package. [Learn how to install Windows Configuration Designer.](../provisioning-packages/provisioning-install-icd.md). + +> [!IMPORTANT] +> When you build a provisioning package, you may include sensitive information in the project files and in the provisioning package (.ppkg) file. Although you have the option to encrypt the .ppkg file, project files are not encrypted. You should store the project files in a secure location and delete the project files when they are no longer needed. + +1. Open Windows Configuration Designer. By default: `%systemdrive%\Program Files (x86)\Windows Kits\10\Assessment and Deployment Kit\Imaging and Configuration Designer\x86\ICD.exe`. + +1. Choose **Advanced provisioning**. + +1. Name your project, and select **Next**. + +1. Choose **All Windows desktop editions** and select **Next**. + +1. On **New project**, select **Finish**. The workspace for your package opens. + +1. Expand **Runtime settings** > **AssignedAccess** > **MultiAppAssignedAccessSettings**. + +1. In the center pane, select **Browse**. Locate and select the assigned access configuration XML file that you created. + + ![Screenshot of the MultiAppAssignedAccessSettings field in Windows Configuration Designer.](images/multiappassignedaccesssettings.png) + +1. _Optional: If you want to apply the provisioning package after device initial setup and there's an admin user already available on the kiosk device, skip this step._ Create an admin user account in **Runtime settings** > **Accounts** > **Users**. Provide a **UserName** and **Password**, and select **UserGroup** as **Administrators**. With this account, you can view the provisioning status and logs if needed. + +1. _Optional: If you already have a non-admin account on the kiosk device, skip this step._ Create a local standard user account in **Runtime settings** > **Accounts** > **Users**. Make sure the **UserName** is the same as the account that you specify in the configuration XML. Select **UserGroup** as **Standard Users**. + +1. On the **File** menu, select **Save.** + +1. On the **Export** menu, select **Provisioning package**. + +1. Change **Owner** to **IT Admin**, which will set the precedence of this provisioning package higher than provisioning packages applied to this device from other sources, and then select **Next.** + +1. Optional. In the **Provisioning package security** window, you can choose to encrypt the package and enable package signing. + + - **Enable package encryption** - If you select this option, an auto-generated password will be shown on the screen. + + - **Enable package signing** - If you select this option, you must select a valid certificate to use for signing the package. You can specify the certificate by clicking **Browse** and choosing the certificate you want to use to sign the package. + +1. Select **Next** to specify the output location where you want the provisioning package to go when it's built. By default, Windows Imaging and Configuration Designer (ICD) uses the project folder as the output location. + + Optionally, you can select **Browse** to change the default output location. + +1. Select **Next**. + +1. Select **Build** to start building the package. The provisioning package doesn't take long to build. The project information is displayed in the build page and the progress bar indicates the build status. + + If you need to cancel the build, select **Cancel**. This action cancels the current build process, closes the wizard, and takes you back to the **Customizations Page**. + +1. If your build fails, an error message will show up that includes a link to the project folder. You can scan the logs to determine what caused the error. Once you fix the issue, try building the package again. + + If your build is successful, the name of the provisioning package, output directory, and project directory will be shown. + + - If you choose, you can build the provisioning package again and pick a different path for the output package. To do this action, select **Back** to change the output package name and path, and then select **Next** to start another build. + - If you're done, select **Finish** to close the wizard and go back to the **Customizations Page**. + +1. Copy the provisioning package to the root directory of a USB drive. + + + +### Apply provisioning package to device + +Provisioning packages can be applied to a device during initial setup (out-of-box experience or "OOBE") and after ("runtime"). For more information, see [Apply a provisioning package](../provisioning-packages/provisioning-apply-package.md). + +> [!NOTE] +> If your provisioning package doesn't include the assigned access user account creation, make sure the account you specified in the multi-app configuration XML exists on the device. + +### Use MDM to deploy the multi-app configuration + +Multi-app kiosk mode is enabled by the [AssignedAccess configuration service provider (CSP)](/windows/client-management/mdm/assignedaccess-csp). Your MDM policy can contain the assigned access configuration XML. + +If your device is enrolled with an MDM service that supports applying the assigned access configuration, you can use it to apply the setting remotely. + +The OMA-URI for multi-app policy is `./Device/Vendor/MSFT/AssignedAccess/Configuration`. + +## Set up a single-app kiosk A single-app kiosk uses the Assigned Access feature to run a single app above the lock screen. When the kiosk account signs in, the app is launched automatically. The person using the kiosk cannot do anything on the device outside of the kiosk app. -![Illustration of a single-app kiosk experience.](images/kiosk-fullscreen-sm.png) - >[!IMPORTANT] >[User account control (UAC)](/windows/security/identity-protection/user-account-control/user-account-control-overview) must be turned on to enable kiosk mode. > @@ -75,49 +179,41 @@ When your kiosk is a local device that isn't managed by Active Directory or Micr - If you don't want the kiosk account to sign in automatically when the device restarts, then you must change the default setting before you configure the device as a kiosk. Sign in with the account that you will assign as the kiosk account. Open the **Settings** app > **Accounts** > **Sign-in options**. Set the **Use my sign-in info to automatically finish setting up my device after an update or restart** setting to **Off**. After you change the setting, you can apply the kiosk configuration to the device. - ![Screenshot of automatic sign-in setting.](images/auto-signin.png) +## Configure a kiosk experience with Assigned Access using PowerShell cmdlets -## Set up a kiosk using Windows PowerShell +| App Type | OS| Account type| +|-|-| +|UWP| Windows Pro/Pro Edu and Ent/Edu|Local standard user| -App type: +To configure a device using the Windows PowerShell cmdlet: -- UWP +1. Sign in as administrator +1. [Create the user account](https://support.microsoft.com/help/4026923/windows-create-a-local-user-or-administrator-account-in-windows-10) for Assigned Access +1. Sign in as the Assigned Access user account +1. Install the required UWP app +1. Sign out as the Assigned Access user account +1. Sign in as administrator and from an elevated PowerShell prompt use one of the following commands: -OS: + ```PowerShell + #Configure assigned access by AppUserModelID and user name + Set-AssignedAccess -AppUserModelId -UserName -- Windows 10 Pro, Ent, Edu -- Windows 11 + #Configure assigned access by AppUserModelID and user SID + Set-AssignedAccess -AppUserModelId -UserSID -Account type: + #Configure assigned access by app name and user name + Set-AssignedAccess -AppName -UserName -- Local standard user - -![PowerShell windows displaying Set-AssignedAccess cmdlet.](images/set-assignedaccess.png) - -You can use any of the following PowerShell cmdlets to set up assigned access on multiple devices. - -Before you run the cmdlet: - -1. Sign in as administrator. -1. [Create the user account](https://support.microsoft.com/help/4026923/windows-create-a-local-user-or-administrator-account-in-windows-10) for Assigned Access. -1. Sign in as the Assigned Access user account. -1. Install the Universal Windows app that follows the assigned access/above the lock guidelines. -1. Sign out as the Assigned Access user account. -1. Sign in as administrator. - -To open PowerShell on Windows client, search for PowerShell, and find **Windows PowerShell Desktop app** in the results. Run PowerShell as administrator. - -- **Configure assigned access by AppUserModelID and user name**: `Set-AssignedAccess -AppUserModelId -UserName ` -- **Configure assigned access by AppUserModelID and user SID**: `Set-AssignedAccess -AppUserModelId -UserSID ` -- **Configure assigned access by app name and user name**: `Set-AssignedAccess -AppName -UserName ` -- **Configure assigned access by app name and user SID**: `Set-AssignedAccess -AppName -UserSID ` + #Configure assigned access by app name and user SID**: + Set-AssignedAccess -AppName -UserSID > [!NOTE] > To set up assigned access using `-AppName`, the user account that you enter for assigned access must have signed in at least once. -[Learn how to get the AUMID](./find-the-application-user-model-id-of-an-installed-app.md). +For more innformation: -[Learn how to get the AppName](/powershell/module/assignedaccess/set-assignedaccess) (see **Parameters**). +- [Learn how to get the AUMID](./find-the-application-user-model-id-of-an-installed-app.md) +- [Learn how to get the AppName](/powershell/module/assignedaccess/set-assignedaccess) To remove assigned access, using PowerShell, run the following cmdlet: @@ -125,7 +221,7 @@ To remove assigned access, using PowerShell, run the following cmdlet: Clear-AssignedAccess ``` -## Set up a kiosk using the kiosk wizard in Windows Configuration Designer +## Configure a kiosk experience using the kiosk wizard in Windows Configuration Designer App type: @@ -281,3 +377,64 @@ To change the default time for assigned access to resume, add *IdleTimeOut* (DWO > **IdleTimeOut** doesn't apply to the new Microsoft Edge kiosk mode. The Breakout Sequence of **Ctrl + Alt + Del** is the default, but this sequence can be configured to be a different sequence of keys. The breakout sequence uses the format **modifiers + keys**. An example breakout sequence would look something like **Shift + Alt + a**, where **Shift** and **Alt** are the modifiers and **a** is the key value. For more information, see [Microsoft Edge kiosk XML sample](/windows/configuration/kiosk-xml#microsoft-edge-kiosk-xml-sample). + + diff --git a/windows/configuration/assigned-access/create-assigned-access-configuration.md b/windows/configuration/assigned-access/create-assigned-access-configuration.md index d01b50ea6f..6bb8456db0 100644 --- a/windows/configuration/assigned-access/create-assigned-access-configuration.md +++ b/windows/configuration/assigned-access/create-assigned-access-configuration.md @@ -79,6 +79,23 @@ You can start your file by pasting the following XML code into a text editor, an ## Profiles node +There are two types of profiles that you can specify in the XML: + +- **Lockdown profile**: Users assigned a lockdown profile will see the desktop in tablet mode with the specific apps on the Start screen. +- **Kiosk profile**: Starting with Windows 10 version 1803, this profile replaces the KioskModeApp node of the [AssignedAccess CSP](/windows/client-management/mdm/assignedaccess-csp). Users assigned a kiosk profile won't see the desktop, but only the kiosk app running in full-screen mode. + +A lockdown profile section in the XML has the following entries: + +- [**Id**](#id) +- [**AllowedApps**](#allowedapps) +- [**StartPins**](#startpins) +- [**Taskbar**](#taskbar) + +A kiosk profile in the XML has the following entries: + +- [**Id**](#id) +- [**KioskModeApp**](#kioskmodeapp) + In the XML file, you define each profile with a globally unique identifier (GUID), which must be unique within the XML file. > [!TIP] @@ -122,7 +139,7 @@ Based on the purpose of the kiosk device, define the list of applications that a - To configure a single app to launch automatically when the user signs in, include `rs5:AutoLaunch="true"` after the AUMID or path. You can also include arguments to be passed to the app -Here are the predefined assigned access AppLocker rules: +When the multi-app kiosk configuration is applied to a device, AppLocker rules will be generated to allow the apps that are listed in the configuration. Here are the predefined assigned access AppLocker rules For UWP apps, @@ -227,12 +244,12 @@ Add your pinnedList JSON into the StartPins tag in your XML file. ``` +::: zone-end + > [!NOTE] > If an app isn't installed for the user, but is included in the Start layout XML, the app isn't shown on the Start screen. -::: zone-end - -### Taskbar +#### Taskbar Define whether you want to have the taskbar present in the kiosk device. For tablet-based or touch-enabled All-In-One kiosks, when you don't attach a keyboard and mouse, you can hide the taskbar as part of the multi-app experience if you want. @@ -247,8 +264,123 @@ The following example hides the taskbar: > [!NOTE] > This is different from the **Automatically hide the taskbar** option in tablet mode, which shows the taskbar when swiping up from or moving the mouse pointer down to the bottom of the screen. Setting **ShowTaskbar** as **false** will always keep the taskbar hidden. +### KioskModeApp + +**KioskModeApp** is used for a [kiosk profile](#profile) only. Enter the AUMID for a single app. You can only specify one kiosk profile in the XML. + +```xml + +``` + +> [!IMPORTANT] +> The kiosk profile is designed for public-facing kiosk devices. We recommend that you use a local, non-administrator account. If the device is connected to your company network, using a domain or Microsoft Entra account could potentially compromise confidential information. + ## Configs +Under `Configs`, define one or more user accounts and their association with a profile. + +When the user account signs in on the device, the associated Assigned Access profile is enforced along with policy settings that are part of the restricted user experience. + +You can assign: + +- A standard user account, which can be local, domain, or Microsoft Entra ID +- A group account, which can be local, Active Directory (domain), or Microsoft Entra ID + +Limitations: + +- Configs that specify group accounts cannot use a kiosk profile, only a restricted ser experience profile +- Apply the restrcited user experience to standard users only. It's not supported to associate an admin user with an Assigned Access profile + +:::row::: + :::column::: + ### AutoLogon Account + :::column-end::: + :::column::: + With `` you can configure an account created and managed by Assigned Access, to automatically sign in after a device restart. The account is a local standard user. + + The following example shows how to specify an account to sign in automatically, and the optional display name shown during sign-in: + + ```xml + + + + + + + ``` + + >[!NOTE] + > On Microsoft Entra joined and domain-joined devices, local user accounts aren't disaplyed on the sign-in screen by default. To show the **AutoLogonAccount** on the sign-in screen, enable the policy setting: + > + >- GPO: **Computer Configuration > Administrative Templates > System > Logon > Enumerate local users on domain-joined computers** + >- CSP: `WindowsLogon/`[EnumerateLocalUsersOnDomainJoinedComputers](/windows/client-management/mdm/policy-csp-windowslogon#windowslogon-enumeratelocalusersondomainjoinedcomputers) + + >[!IMPORTANT] + >When Exchange Active Sync (EAS) password restrictions are active on the device, the autologon feature doesn't work. This behavior is by design. For more informations, see [How to turn on automatic logon in Windows](/troubleshoot/windows-server/user-profiles-and-logon/turn-on-automatic-logon). + + :::column-end::: +:::row-end::: + +### Config for individual accounts + +Individual accounts are specified using ``. + +- Local account can be entered as `machinename\account` or `.\account` or just `account`. +- Domain account should be entered as `domain\account`. +- Microsoft Entra account must be specified in this format: `AzureAD\{email address}`. **AzureAD** must be provided *as is*, and consider it's a fixed domain name. Then follow with the Microsoft Entra ID email address. For example, `AzureAD\someone@contoso.onmicrosoft.com` + +> [!WARNING] +> Assigned access can be configured via WMI or CSP to run its applications under a domain user or service account, rather than a local account. However, use of domain user or service accounts introduces risks that an attacker subverting the assigned access application might gain access to sensitive domain resources that have been inadvertently left accessible to any domain account. We recommend that customers proceed with caution when using domain accounts with assigned access, and consider the domain resources potentially exposed by the decision to do so. + +Before applying the multi-app configuration, make sure the specified user account is available on the device, otherwise it will fail. + +> [!NOTE] +> For both domain and Microsoft Entra accounts, it's not required that target account is explicitly added to the device. As long as the device is AD-joined or Microsoft Entra joined, the account can be discovered in the domain forest or tenant that the device is joined to. For local accounts, it is required that the account exist before you configure the account for assigned access. + +```xml + + + MultiAppKioskUser + + + +``` + +### Config for group accounts + +Group accounts are specified using ``. Nested groups aren't supported. For example, if user A is member of Group 1, Group 1 is member of Group 2, and Group 2 is used in ``, user A won't have the kiosk experience. + +- Local group: Specify the group type as **LocalGroup** and put the group name in Name attribute. Any Microsoft Entra accounts that are added to the local group won't have the kiosk settings applied. + + ```xml + + + + + ``` + +- Domain group: Both security and distribution groups are supported. Specify the group type as ActiveDirectoryGroup. Use the domain name as the prefix in the name attribute. + + ```xml + + + + + ``` + +- Microsoft Entra group: Use the group object ID from the Azure portal to uniquely identify the group in the Name attribute. You can find the object ID on the overview page for the group in **Users and groups** > **All groups**. Specify the group type as **AzureActiveDirectoryGroup**. The kiosk device must have internet connectivity when users that belong to the group sign-in. + + ```xml + + + + + ``` + + > [!NOTE] + > If a Microsoft Entra group is configured with a lockdown profile on a device, a user in the Microsoft Entra group must change their password (after the account has been created with default password on the portal) before they can sign in to this device. If the user uses the default password to sign in to the device, the user will be immediately signed out. + + ## Full XML example ::: zone pivot="windows-11" @@ -303,12 +435,49 @@ The following example hides the taskbar: +### FileExplorerNamespaceRestrictions + +Starting in Windows 10 version 1809, you can explicitly allow some known folders to be accessed when the user tries to open the file dialog box in multi-app assigned access by including **FileExplorerNamespaceRestrictions** in your XML file. Currently, **Downloads** is the only folder supported. This behavior can also be set using Microsoft Intune. + +The following example shows how to allow user access to the Downloads folder in the common file dialog box. + +> [!TIP] +> To grant access to the Downloads folder through File Explorer, add "Explorer.exe" to the list of allowed apps, and pin a file explorer shortcut to the kiosk start menu. + +```xml + + + + + + ... + + + + + + + ... + + + + + +``` +> [!NOTE] +> - `FileExplorerNamespaceRestrictions` and `AllowedNamespace:Downloads` are available in namespace `https://schemas.microsoft.com/AssignedAccess/201810/config`. +> - `AllowRemovableDrives` and `NoRestriction` are defined in a new namespace `https://schemas.microsoft.com/AssignedAccess/2020/config`. - - - +- When `FileExplorerNamespaceRestrictions` node isn't used, or used but left empty, the user won't be able to access any folder in a common dialog. For example, **Save As** in the Microsoft Edge browser. +- When Downloads is mentioned in allowed namespace, user will be able to access Downloads folder. +- When `AllowRemovableDrives` is used, user will be to access removable drives. +- When `NoRestriction` is used, no restriction will be applied to the dialog. +- `AllowRemovableDrives` and `AllowedNamespace:Downloads` can be used at the same time. :::row::: :::column span="1"::: @@ -771,3 +940,7 @@ IT Admin now can specify user access to Downloads folder, Removable drives, or n To authorize a compatible configuration XML that includes elements and attributes from Windows 10 version 1809 or newer / Windows 11, always include the namespace of these add-on schemas, and decorate the attributes and elements accordingly with the namespace alias. For example, to configure the autolaunch feature that was added in Windows 10 version 1809 / Windows 11, use the following sample. Notice an alias r1809 is given to the 201810 namespace for Windows 10 version 1809 / Windows 11, and the alias is tagged on AutoLaunch and AutoLaunchArguments inline. + +## Single app Assigned Access XML example + +## Multi-app Assigned Access XML example diff --git a/windows/configuration/assigned-access/images/auto-signin.png b/windows/configuration/assigned-access/images/auto-signin.png deleted file mode 100644 index 260376199ecadc7ad234a071a4648483969e4a36..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 13645 zcmbuGWmJ?=`|gK^A%&3~V#panQo2KGXe6W?5hWE6RJuC{K~e`$K#&lW?ik9Xq*Fjr zKtj&;eZTzII$zFN{|_Rtobh>{z4v|J*YCO}&QM>I63PsPKp>RbTI$9S2%Z!8zJwGX zd}VQxqXU28`59}fLaImMo8SjRHx)e<2&6WJ{KA0<{7mMpW$6cjP<8+NgV*m>?hJuQ zENQE&m97c4C^(8v@pz8hHJF1?}81|-;niam|*)iza5(5R((@)HcFW-?s3{o-9#Y}}vI<&-+-!2@u)mUp96 z_l2Wo&=bXKBm&py{Pq?)%L<>$B9TZz!Akdu5&^SH_s>|$Fya_qz2{#V@6T*(Y@kfA z5_dnX3}p%ULK$WK-OKb}&{W&CD?0X&3Jbr*<%*{;iLV{+%osz|)zy!7W~6LB_=`+5 z`7E1N-MRfzE3G?*+A7A$@zKuo@9nxVViFQ7a208p-g&4G{+o_Gj*cNAAv)QDah)-d zk;*i$bh4)F?`FUcj*oAcVA0ObD`{Ms(nrI>?OKXFe(R&H?h~9VXTP_=V*CY<<@8`! z7)5YXEBA$509G$A`+jnJ`_;vtLq0UdduRG4G?7i=4iwUaH7dPjWMuU333KzzI>pNe z9hg>H`0OwB`mNzMKbINA!%#JT2L}1lVLafAQG6IeEqdW_wK|>u_Uogq?*<3$m&aE8 zWR#Q|lJ)qL108}4!nW$wcN$(lN#Wwy2z69%d;I&S_?W!f?Q~NlOq=oqQ=%M(Z=m>x z+j)Q1Z>+&1wp}p|_rBlZ`2`UR$4GikhPL=`egf-|uk_583I&UQ86AvXTwVS8;o&{PbD?r& zOxJ_CN7%`a0bby#Ha_?fk85-sd44mQQxt5Go&|^eFanYTn_^X>A-iT@o}hyjk=V@I zQm`nQ>PYkI{1*>kPz~emoh_KJ=qIu+STug<3zTx6n56Sq~zoo zD{h5P%-%U`56w6EM7(w#D-ingDCFw$B$Dm?c&D^uFoUnk8Z7V;Sm5pUCyY(b&_Kk! zZ_%{2|N&R1kTUTHPzK4BO|w`8xn-b z{&*@+o_?vadan{eoGc52_7a2#qtn2WfZb_9#zMueNMT}sVJ6FqH7Hahg2F^{XdleA z#3V9_zuPPl`4|V5JYOL=TP-AD>zj~WTS#yGb%8te8(VMNAN*vJ z^kmGM6pls0;z=MU7{`-eKlcBQ#WyXypMP3s*J2+~^X%&H#)i89D_wWB!&rfWSyxyB zgD|b0=X8CXf|j$hv%UQSxXcwARYOCXm`1Pp8%mj^;Gzm-{9J<@z?sDBP{5uB`&^#= zetrARba161l8xdo6WV8Iy1}VGd89x=F8Fx+tQ{S-)VW;P2?M8hFcqQpYqnYG>cUSz zx7bi#`9d7S$@PU7=|NI(g~#>Q&Aw7zbM>E|34m2R`lKt25VZMl^dev`4R_vI zVNy2tc&my_GudKOZezav>er8tRqEk1^z?lf;Dx<9d~9HI-)Z(;Rg0mryeri?bi6UK z{3Bq#;nUTvrV&^c|Lx~D@6k_(Y<;WxZX2AGPe#Yva`y9$?@=LXw77i-MBo~`q}QBv zqo-xivV(QY=~BXc$YD}eEJ5kF!E~O4#6;Mi2U;1tdM(1XXI3=Vuk(D7eE8F}IPtuv z)~TOa>OsrB?>7XVkgN{p*tI`x&C)`)o&S^#l>3%=^j{frAVs{f44I`r#t@+`MSNmYGLhy0E;uGeuKR-a-b7sD{ zI2;?!7OHDE7Lk|Fhrbr{LM#jVx*OrBz3Lo$p->EOGP}})g4HL-+m=SwA9}{6bLgny z(#rbo?(U!i*aa>U`R0cxx*07RC|w?b?QK?JtdVTn`uH~qNqHf+ZMk|JZJ;hwFSx8% zENid0pZ)z))^aB)h|cDv&Gf*m}5SCA5$qL@LqE3l0b2zn#Ah5y4OQD=$L7{fX3;_|8h9O86B zxqx5Xai5H@4|BgAJ-`f)qbH!YS3=gBo8N9de&ou5#)vf!DDfDw2 zuZ>8}Z-dh4nItN@oj#z+DDBM=t!Iw1u6H*w4Xeq}fim2ft+J9jJT{@Zc1`7KKgq(Y z^j6YFy5M!nn_hGIBU+%#jlGbINf^e6IyHEF?Mq~eVEc?*zW??0?H?Z=y1XL4&d)8` zF=?b(U!{>i|3da*$s`yGm}fq*jt8OQ@RJxt@tvFoZr=N*e)nZ)Xcc=_``@!ISnTjL zu~*Cft=~Vt=5n5qp^7dEBhVb5Z5upp%P#EfP-S$nT(ZIN0d8hRcOVVcc`3+$U=ggI?{I+55(rDVjNF-~6Qz`V#F7-ppb|G%9cD zZTny5n_FMsFo>JIHbtFpHQ?R;T5c54`|1s&0*FV%^?m;C&|) z#3rr+)doOUtUV(|((;eg+f$M12lE_7R+PF%Ctj(!G4ewDJ`_owBF-Wj#p!uz0#pq! z@!3LFU|G{Y8$I+j^b~vpUcS;H9CWzmvbe$W{9-YNU3OYK1Qe%jC8MUYg2zy34jdD1 zNuRq4V^ewWyx5tEGFhSARR4}ZAXHRTD&5bHHV2uMp0<2uvxsF{P#c#g#45WJiDXTR zZ1H(%#HdVw@hygmSwaiC@X7LS<>RHExHZB0DsaY0(eDk3?MsY!BW3*7dVV}PJv%FL z<}7_~A&4(2?(qdV_|k}x1dlaJn8rP`Y0yXHkwKe%CqAL73miXu1HPYA@$GIpqNp|a zg!AV|>HQkD^4L_iQC7Ck9Y8GPhzw-|7~~%jnZGsXF+Rx>p$@ zBu!pwU5jk?TQ4~x-4}}@i{&?~9H3n|Dbn?E?}3eHG<~CB64OFcc`05VeWvXizhA60 z)cukaKU2rkcIjHa&^#HUff|g0xhBSWKJyK)C)u+)|KP%c)rzUM2x)PAH-YN{ea+fJ9rHTM}ANlaV{>Rg6-;qfWz3F*j6 zt%2)$p?q$OqI}Nvg|E^>kd)oLxChhq6}3T2)E|_i@Ldr=$zZm^^DOl@s30B z;!x=fZVDY|WDJCvgIUl%x7bgWK>L&58iU*KzvsJowoKTLMm=Q-=K-3<&AXqmO!}hA zEa;ZfEEw*EgiTMtnn5m-_0*3LRY**el?b4_J=t9n$ zo2dJt#~z_R*b}yRd~MGgPDBf1!75)RIrTdf#c-0Vzekv9uMOuIG}hvO2&aVgAyQtwXTVuU(TCkC>rR8m;J64KC)MI-bxr(SRb{(BuC^2oTuy~YELaiq z_NjZduI`dEx(A5BXc8%>dO|1K119Iebd9r~=>$J6`Udgd5{-l!3xP$5wqHdehRC&e z6igVZ2I<;ONc7_JviRd8_dyA?%3u>Z>^|m&corRki-w(9N6g-dQ)0|^bC9nvvsL1! z*poAVLOB!6Jy*v;ObIuUMUDtjE#~x3Q|Kmc41EgEy=vl+mKx%>cZxEhRdc!St}Cet zbK(kBo<+DuY-M}wcESkFkhKF~Y;kPPRa-Ohopfm3>msjIxB7h-O#~Py}5rEm+%6m?%L--ILLiOb3$e5Jn}qibl zE`2W0GtZwrF{BeTa+ncv*3=@hUl|zugmm5XMC9$)rmBRGupH4Z58rup)lc#u7>h1F zr>}wez#J%}ZOYuP675Pl1Y@v(gMl)on0cU=q#^AH)LX~%S0u(Aw%a2pBN`)g49S^YmJAVl-o+}J4;SGTPw-3oS=FXdCpwIB*c&5?%Zn;qzcqp(Ihqn764Q+q9Wrvz_Ux}Df_HA%$Hb(eAi7r7 z)-t9{KWI7mZiuw~N$n+T6shXaxne+s3*Ua7iNPDn0g^-v2x%dnTBQGTs_psq!n?)% z`Y&0QE-K8n3p)>zwCMu8>%AAdJ{b`FRH;>Wy@Qc8&4#YNyHS?lQxba=AItD9PlJm_{IBsRaxAHkX2_-YPP45B%776($jN{{+b%icTxYA>&RKB`WTHN8P z(+a$9zwVn19U=IldLuw4Z0Igg7=C)hlh7RI&)c@sXl~<|T2Pi)84NRJorDw|3==|!;-aaM+j`wJcPdnRUWXzXicV@xjG7yqW=C;zMitk;0PT9LSfN{}V5 zeWBV}M>7q{k;*5M=9uVl7#kFON|2rgHQeGKyJ z*w~ot-hf)}QXyfN`6Gkv(8;C2`CG6!@-EKfYun7H+2m+w*#Ea=)kI&retmU!SLyzA zJs6VCPERQw(d92~ZOPsHCP>Zxw%ibz&P?VO52ji9lUcvs1ctFfrDvo0GOe_cV8~_w z!#z0VHXk3|9IFF_j+%wG3kJqAFylwEf^M|BzP|2n@baUy|He4r83Lx|sls-O&7Jx{ zje7#%0q8^Am9PmG_oc$5srdd#P*j;HF~yI7cnN&Rv$LBAdK%miTrs2x z2#te$B0yQ}oBCm828E+9n;GXG52uI&Qokd<-p?$ZtT0=6e>m-|x!e$6r&%bi~p=DamT z&PD~JMS~8U%T)^O8r{YUJg46M({kYilOAFCM7NURo1X@DlYrdJe7&St{V5r!G&S^r zAPNtb0sa}NH5%&bG%6IVvPT_Z1OQsTwyawNOyI$@pNXo)T98>MXiIBQd`pWQK{CfF zgEHq$k1uaGPXT^1 zLx9J@0UpOlp43~Dvg83))?K`JT3vXKc-F0-30Qw&!@!~~Z7`3$x#SS#XWq*y~=8RcXzB>#g{g5Z*LDs7od(dpFaH(nGTezVXdRa zv0TXed*4TongNYGup3KFO$FN`FNc^P7EjoH9}8(~YqPbrT_e(q!`~pz8_Psx1ifk1 z17S{obD}V z@EH_%)16)@{XKP>YY76!3K`%F#QR?Xu>Z;MeWb9`40L|7yt1ZBXA@&w7c#7V=jr2JHW*F`US3X1oW|vb zrc%oBy2riZsE^{ktIoB~KB&>$vx$_aY*EyWV|?#o#=8`9!+pQ^_o%ZcH#cbh=Y5Xi z6tB~zjj&>4&y2;cLwif3Vyz#DYHZ&-2fK9qb2KN@oK3J+;cWvaaY`AOHf^wmV9J% zH1G(HCu^O|&e+2b*T=+-%(|`vT0Pzp?H6Qp0qLi0yQ$D09T-J9>rjriVKE}gjp450m3}HV`GTB z0HtyH#UHQ-^a>S!fdBPv%K=m`Au%_Ouj%RKW3W+_eu?fIS^)!~GEzWf25`eV+LMme zd^S-HfQX-+ZSn~$2I|s0uyjUKSvPsBq)QV9RcQMA*RL?<%LOFwmTIO%M@1ok_u;+t zO1HLsw&VqkvnPV&hHcBhk|h}lBVW{N52%QCA0O!*ylNJA8|4_#nQsZo@Y|$b-FY~z z;s;YJVr-bO;*Xng_^ER5+5*0_JasR3OxMG$Z|+#di52ciLyh5UFgkEPzTb4 zWU&EGF)|6hONZ*0+})XL8}h6Rsix#i*NntuuYT6H9jj*ruMIGa-AE!eNwf|j6ma%d9agdd~W67k({1Aq*LAvvlR!ixQf#Xwy( zd(st229VGz>JYh|d&HE?M_)_~RtM4uo@vqAmPwxVc>~*q)59b5ZtXGXP1qLnDX_e7 zF9#i)M<`(*8$W&|UZ5w%!u6eCJ%wiXX;((@>l^y0G6m_x=Y>yl2mz zK__#=7s9LXVzi*C5#iyL>S&73y{6;t0H}W|GXSjniCB)HC9uQz>sOoC3rbroh_>WF zJtsVhJn(M==!qN9fp2fjg^!Z5c>3=ik7ocfY(%Z2L3{h|e47HR>uX?e#I4q>Y6EJt zZY>mR9F>b8p{_P8#$SKeKM&^hvRF!SLV6eA zuJ~q$))uj4y4Cuw;ZV64ZUvZC2Sx5HP!)!YciXSpJifj*6~H4klkr{AlD*|1+hM^W znC`yoH0bxYfzJ~6mD?WL$14*S78U|*&OX8zy*$Z>AF@05#vlGeUA`qvO_KMgL-smJ zNNYMk5lgJ`UDYun$IIxICOb$I<<3s>cm=VJh?mppwWlrtPU71#UnBoMrhqi%6gCAB zHo|hKrI?KF1qLrN9FJpM3T-L|DnyIh7#m@|Ch@=;(~pPn#2*au$CFN+EWljNL9*h} z_TX^ncl!UXegMBa1$eeJYfG~}%YE9s&ri;_-f{tY%A%2m{-S|nvF8UxObr9hLbY`> z&A7ek)mL*nja!QtZNgdDb|Pe>8@R;bp;gZVzKLH)-~5?8I7mdUpT=l7cXNz5wL;B1 z9z|m>ASq002+87NEJ}+sr)3qiYNR;O*gHHdmDw-Zc<)Y{>;^gqQj}b%AQf>qvPlES z7olY8P;~4LKKZqJ4o=tgulRdi=5|k_AbNQMtRmaMpw-A$ERrNWIJ?Jdaxo94}%uUZ%wHi2T1P7HgmCG!&vOIl^r7^Ey@{0jBGC2n)GQJH;Y4Hr_nd4g*U;HeQah)9Ewxk9vXND zXVLM;T|^bkN*JPA_`r1yZiyl_8pLu;Gi$Fx1N2L>H!{svKyFQ!XpqYcr5BwfN7Qz>I5?Sg;Z5qybyF3JWu%jBh#%htl~23$4S<4C z2inuQ`0HF~l|oCK!Iv|t389mWH@jebdd~@ybg;EZI2I!nN@{@*XGRblYEzjIwhtJ& zvhb9SdA0q)t}tHgbyNRyo{d;sw5D@aZPmssaV+?6AoB=DxU_d@s!1m8kLy?t&ot6& zz$>{Q${0iD3qF4~VaDs?u^s*is*u;=MAvG9X60@q za9C2wgrQQ)Y2A3xo&LL%wcS1<#3?GYVL{xGj3=l$+Tm+cRCFejx%g9?l$+5gLn=RQ zTFa0q2k7&<&qx-$-~meec(4ix5t&EWRCb^3JX_D`1=27S=b3U*Xs!pL1N00fk8kg> ze+a?ayN;WxUhh_kM#WN1HgYIq%cBU%BUwtMNTa86Jvd{5+DmxIMAN!#bj>|njMOI= zzeBM{a2vMG;zT2CqWn(G7*aQI(E+=a$0X=br*4t&_|&18f2w#=Wg{%lB_Ja4a`L1G z|ICa24HyQnlF?jf2f=)e$fIlH2FrX)Vt_C;yIxDng*RDY??A{|s;|`ysp28|j)baR zfN_URSq}76P#4HYPSoRx+t+^)A*!c6(UgT#R5 zNs%b}&Aq!>dM_b7fLBxzL;Yr9_Q*R3(qS0TSJrxcsxC6Ge+Kb@-{l z>(O<(uiEw8e^7n*lw`18oQN0C1f%e>^9QDDAUx0s>ij3ELxhMp@!S`l*l;V*#F?Ov zC!*`+qIGE-p^8Q6fU>{7^EZnNrE3*U?j5}D3msvkdrlK28a#CXFV<8Ipp$!;^KalW zceo5TZRAO7GiQzb0siaYwWaQAUV{Qq#E5-R@m8g`C~F`6K@qMeIwI`*K79?$4KHV; zjJwwt-~?Uk@sXEoqu~ulIoH`&lWO^y-YW@hLOYN?@50;|{oLQL=}VgCJZ#wd_@VWC zXVnlNCurTF6uPtEPCkvY&D6Y%4Ju{;sLX&!Fh)l_HZ=Fdpc_k!A;+DD8uVZ*^@^j7 z$_)|y`;!*5Z)r|64KtI9teo@lp5iY8@05O(}*6-U5K6PU z{kWU^GWgYBFJ61);JyADsMqj>==bY_SG z!U^J;#YFz2Px{3`X0lIa*g|S=GpoYm%tdSd*6K<52D?MPrx%?r^weLe$8z`5h8BtV32-id27QN~Ef$Rt(vW3>&9+L59B4 zme%gTMRJ6KOA)Rac(s=W@J}TBxH7(i>Ro7Nq?_wW4y@Imd&t*^;7!YZU8q zvW8L-1Pu-De;!ZT8T451hoT^dq)Y_CvB`AZF?FJ%6Aas0O!zHLGc=N^jvXSg*3%F^ z{rnC_byr&vvNXz)(o!;1MQU`9(4G*3A)bfk0u3CVh(B0f!|7-0{8@@X7B%VtqB#c< z2^oS#zCOj1m_=bOt^uP^H~ZX8?kufj)+U#wXJ;tw#N2eu8xz0Kboib2rwYejUHXr8 zd4~r(M%r62w(>P!IxLVK{ETHon%CVuy5)87m7;nDshE;rM;i&fya*^(8Th=(;=1Ls zVFU@Wm%}vM$}+k1iH6uHo`}B|L_gh%dAb@Rw8e)aMzx}jMmDJHVjPB3mh_9nO$EM( z;vUL+*jrP4Yg=^u;QX-T>l<^PJv`Io!=jd2Sazac&f8fZA;CILbBPRQM)8DrUH|FP zA1swT_qwGT%}dndn)K28p<%TSJA_%sHeZ!kQ+W{z+0pmuaI!YHk{C`Irx>^)3 zHpW$|kCfa417C1fgo)z-mogFAqy@^?&1&>kw6xjNDdUUQjxoButE8)WJ?O$KCRlZ> zSB?}OX)G_P!V+=a34yBkqq76Q&3Op*)d)!Qv61~xn(*Ji4i^gJ`01tgkBz|O5R{v<8XJfR~_jye+PM-w_7Bz?}thEWp;~mc2 zZhv}tcCwqoA#;?9UA}xv&LO{8-g>=nczj@GX2|#Ac=QB>8_){+Pf9~8_~hkV092#N z&DV(X9XK*Ps0iByLTa$RV8kejbAJ(GQiKJpjNkaBR)Ktw*3vxqX8-830T5-YAP<2C zzl^3}T1j?&_Uy{BH-2@jupMCAft3Za!Nra7Vl}6&4-w!VOu&5O?@PTgQL2d|IEM+_ z%7Y-<+TUwjh$JAYYU;8|uB#fj9IS+8Wgh#A9eGmnPMp_1{G*5tuo! zsvx;x&A0~=Lou6Reb#n%^w#gT0v`v!Ft{-?osdl|s@Y`cRgP_X-bL)p>J6^YAT=J+ z7%EoP;nlHGfJW2%=_ptvakFNgG0nmMX!z+B=oqRueC7H;8VfvYJ--C*)R|L_zLWSC zFsC1FeijA^Kc=&e> zqnu~6`Vt1F2o=tyxxxNzgBP+<&7VjP-7F%2gExF%qhpqlm~pfZSVUBC|^AD|E+x>K;jaJL4Y?f@X+8Cq*AXvp@9xAKPnRW)9nf3M>el!AaZ5ChlL@^(t8t{ z?3QHxKc)a?mI*l(;c9s2>HeiWZFV4Jxi1N1U`_4=8l{_wRC$q#I_DttyW-q717R}1 zeuOq@ly>yrm2bC8$i&GG*G9PPuUQsr@dF07@qU&_9;7csgXK(UG{{ZtRi%xsC8+3H zb69_Slfa3tNI0oV0-CF6W;!sU`i?ZB6oGhCPv2*~K!py75Mf=8cYx}=T+OiqQH2D> z0JbH36B@$7UlArNK4WiNkDtr$<2_GJ2Ang#7GNl?_dDNNl>t9<*~VYO$6*$t+SDUuwcWueU&;Tf7rBmLS4baPy6`FTZIK^JBR?X%QF#)pMi zF`@07k~+Hp)%d{t%Hytt3D6 z$i_GhWukn8Zin{Q(^>xF*6h)`u2fNzb+5*Pn!=W0UG!`{cNG+b6h_55Gi!L07E1)5uFSq&F zXl>HrpZ0=HfwZ|Mz+QM9)Bp#lJ5lM+>4rDJ;-Ru;8|PNcJ;h(A&RHGF3jk4AZ?og= zski|5Khoylu}w+p!VV!pPq zt-enea55?~C`l!JHb1>8FGq%x9&!_L&Fq699Nixipa-UrSX zC=2x5H0u(5#J^%4mxU2^jfNj`ke!ArOn@w0nuCN6?O%9+yj>yuU?)R4;Rvs<_zklO zD0KyP6CtEwQ!{Vf`C(9l{kP6gYYDk)bUGkL|DT_L?KAM-IQ{=q+LfEr1g^mT+sVGC zK53n=n*7S<{I4lkJQ zFB2`s0X=@`mwaD=?dtOeK=JdCvD_v9o{lvHR*PrG-E=jln4g?rRx)IS)k zzV1EYx^TAu79rtYD(Z$^%8lQPX_FQZa(1@VkU=bm*bI zY7pvN$5Vsi!8z~o$c)vGzxU&Q`1sq>9Gp>?$&FBJ%g9RdNwU9VY}`G`IBB3Hqo!t8 zdU^q}r6kmBm0m(-NLr=>5sk?#tJ*Ngv8PmUfRbWZ6ff(Uc+cZ{rPJTzSs`>0PJ{UP z%y0{@(b~L;8#lZQq^iu%o0vbuhhvNq-bYJHcqmWCM7xtW09gHA;5uG&=tx&p;Xh z-zN3sagBCuJEhitZ)<7e4@>RU%e}q#)Vr-&W$Xb<8 zHhLZ|s+mV)&kYO(^-_0Fcb3;9_FLv>$$;z#Jf3m`Q-H#Q*(N*!Vld=r79>9d_7eD1 z!~NN&Ycky2gfbi)9X`<@LQcXa_HSne@e*1E(@3|!@;pGDdXTaHCWRrJ>)`+j%DIgbzDfvhZm6<%O~ zF9j)l@L`?%Gm>_8c8etTqP?J@0eVabZWBrrDu_=&5XBza3!?n0KIT0=7wpa!4Xj&2 Tjw|3JP!Memef4Tp`|$q*;6tR= diff --git a/windows/configuration/assigned-access/images/kiosk-fullscreen-sm.png b/windows/configuration/assigned-access/images/kiosk-fullscreen-sm.png deleted file mode 100644 index b096d6837d53c03aedd8ece40222b984fa112ba0..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 18044 zcmV)RK(oJzP)`1s00001b5ch_0Itp) z=>Px#1ZP1_K>z@;j|==^1poj532;bRa{vGi!~g&e!~vBn4jTXfMiEIwK~#8N?Og|8 zR7Lv#ZOxWsH@%UNKp=DsT|hbr(y^hZp8YK6-C53dma~_?=Xu_F>e)T9VOJETN-xq& zfIt#Rfb_n**}nhpo3}67gxw@+62!|7ChxtOc~idm%{Sl7oA*{>Fg)(d%1Xe-{Uv}( z0l-JD3tc!vz?`jgK{09KTfSARuY}^VHvydz@VWsd9lQA4g);%n*^i5$7(3<--*?|% zi1153^b^@55xEOpI1>;?T>Y{LN;W2}4wvM~V2>_z;S7Tk3I%HG9ds(&5?xI0!kGu9 zkBDq-Aaa*s+=Vj}l18>OkqKQq?!p-gA~H~8AtDo@yR3>XoT(5R+3Iw5Y2z-O(NOwG z4O`eoRuGe!%x%%iK91Yvx?Bgl9|2)n)Y@GVk=xAVE_9(Y&~`#A#!Ot~oB5|$-2d(| zK%;6Kk3AI0M&=0hgD#V#3mpPAIRpLid8KQf!v%x?frw)Cq<4K|uQT9ppOyexy0Il9 zdx^DP7tBTt9-2P@YL62haYGlIyU;#R5MfOkAHF)`!e{HV;R}n9o;J5ens?MAGc^{6{&A__vkP5lf4sG`4%a^N3Vh))@Oj*=6M4wkMZRHIN8z<^ zkGD=_*2s1%M)vK7El*xZ%Gm**g6`?UuNTAzg`X6@A2|X0v0!a1oYIHS4%A}dUtWXT z7)RDc>qJ(%-9FSi+h`jzh|G}&jW|`P)KIEaUG7)tRBAO;DzO&O=ua2yuVfbxx4oP~ zN%@HlYf40$`7hbWZRDlW?e)UpAsa-Xl^(~5lD%Rw=)|R$?(M>_1A*FBQhszzM-OqM z&T5Ct$KvkEl|2> zMp*A+6QQltS0N@sFP(Ss_>6!|RxyzZ;h2zo++R?P@0KmYZ|2WHBu$01P8$-!ys%W1 zBg|*V@IGlsPVI*0KHWy~nZ(SUb|wOqgNYmwPCRR)nXGh^Mz+(0k8f@f+-o@s#fvuj zCwpB?{zXG3Fq2demHZS;JYLS?l>oovRRN#JNu2Ru(WYa#=aLC9`K+jRDN#^TOS(&e zidq{^)cRnzRO6b7eQ>g@9MyGog8WP!R)g%?ixCz+)L;6G$*RFJBfrgRFSK;)T4%+#pcAJBZUYL z(<44M63Ovqz+Mf5UWH>NHE`0z-tKWAF(DROO7i+C{qW)1y_BlN0sh;5Y*0Y2R*?xy z8d(sSQ*N2bil`p{@I_vni2TAjDQ+lo@(P7Q4ZY8aW%tj)IRlcZC$nGs6~7DZgGMug zuN2sL@F;d2tAy33ho#O!O4uW`u!~0HFg2SMJgFk*w4%tR$2C*45TSHIuT^4KehFS) za}<+$M`QM|3`81LsIWL-BXe}grX6_l%9$d+_5_uL=520V{PfrOa&M*dxSI0_#x;2z z+2f(%!p#xdLP#H_sX}ywWLmW8mM(NUn8d7PcnbEfrF*d9U^QkA?vATQr{eZGL-Ci3 z&&ETSorA}IJ01`GW*qLn_EKPi0+YL&~;S%Q@UC;*~q-tf)^Ot0HvFHr`;8T?LnX=dr8Z-OGg;_9SB)#@Ugu$ z$S)B*3F8(jC@Mi+WidAFIf8XN4`KI_6F7LH8oA|moUC@CxYmQBS}%@OyHVv(ptRP3 z&3Wb6c(@cFt=@+0!+B8Gkj8V?BO|>Vj5-avMH{hZ_Yq7QoFQe_-Vk(DA;M_jiugTS zhDvFi_K>fS32xrXDWxEVGzTZBB)f%({JZl8!W2eB7hRtTkcV16%621Hhlen^zH*#j z4g7U2B^5g2tPIk$W~d?~alG1t+!LkPaqt*+=j3Difqd*da1=Y~`dDcdDJebNZZD#u zO&HoU4g-63rzxNkSv`_q4)dX=suDJp0q-o|i9gIAEAgV;A+4mW&Mv~HL*;1L1re-$ z$TY$s3&n|l%BNb83YW#+vdzn3WJje(g=520^O0;+!l&|^7{6cy5>z_Mf@jU#w64D< zGD~Z`Dy-Rc2*p+f7LLs%UshIfo3XwQhQOiRMOwQa?{7GcxkKX7J2@7I%AI)O-LEiz z)_6?m6(^qVwy(^%eIz13{^?HK|K4^eNok4)CBgEMZDetyB2=XUz=?Q02s3EOeo;$H zBBu#IMF((k?R4WOD>q^N{(QQUG&5JLDS)v>m4O`(c=(x*H>6>ge|wz>-8aAIV?Zus`T*@)86Wa1~77C)6BvcULm zshZNUIRew?dqkts5X*Obcd!aG9#~A12rZ_M8-|O9#$(pdBp9XW)a!ZF;kbM+)sK>D z_lD{OG}M_C&$044Ed1vx>^W8mpWB59a|Co@VbEw)2-h2-(~yQ%`rz^UP-n5i<#M9l z<%Z4XLTy8m4+9EYp{yksq8-Lgi4bCORMs6^GhqC z2qVQAiknR|GNDZx*5g5RxDINXQMQIaLh-rmxY9qx$@kMAv1x^m;@Xd3>C4wVF{Lwn z^zAwlhMVjv8gkcfz`}c9#)O++#>yiWk%lA!zK3Nd)iE%SGZDO(_pI~;n4;rhC#_mm z<3wRe9rBJ>VNXsWw(dQGt-EuveP2Fuj+G(5s1C&ycGSAL{z~-ANWuJRLvY>v$(S&5 z5Ro`cB2`C_n8C6aCq9Ie!r?8Q+;*)&Db^3Uv07>{4&wroP$G?5v29sghk)GpQnHeE zkX<9uq$HX;CXq}e*-7yO(+~lEaQbq7B8a?{gy2tV66{ae1iyg(x~jCJGp6?H`k^FRLIGN_VNkvJ3C$jl>t z&MpN6g+w5ESeMawhm+E)Cub*TrOs66Wv7IN9Q(0zk!!p|KBFU(%}?q;qO)-Mywu`E z&dC~SI^$z|P=nW(7T~yDhgIvhp!9edzF)Z;sRlPLKc_op_U2_C)-Dv4+>tUnj+EAj z3%1ud&A<+GrhrEklgWgHC?lB+b|E(*My^LF$6$@iW|l@vqpt!fG1A@|lCn6;vJh?D z?%*`J96p#L4A7~l{rtsh2?|Bb6F$ZH-Qcy7R^o~TD;yVEMRrPgDek|10v6qD^`ad}Z;rTbkT5 z4b;2=JFY>0I=D=d0^u?%@Xq%+xb2;dsHi6`D|kYGS}HOVnIb5CE?hQ#5dL=gFvLgb zgos7iQeF0jF+ilEtOG!Y~LJyMd8-Yp)PX>rI%jYThV zJyYY6mK2AC*jN~7GE(JG<7l}H%k~uG;~xs}&Z=y9NWhb`G9+7>3&N%Vm19$h1=H{T z6s2A>YV0n&v*84;8P^kQ@+)!YKfgqUM+@k5*m=Ab)#WzK?q$c*zn_ELatm&LFB@0B zxEdRFoP<@Sg~eKnQG?SlFgaTALGG9`p=HQ^zceyS;Bo;wa*MGg=Qu2OH@ph*yjRGp zMR>f3GDo6&q#Bou?jdBYAf?k;V0qTK)mZ%97S#E8+i-|7``3|GFid$!K}7boMr0)k zptc$d$7fAITUD4k=8vCgA>%4JRn6(@OjkiEN~61WXdf1W(#TLwh&p*L^hFK z?>DMLR8TaOy&k`v+!y`2#|uA69;e0^f@Db&G*tN#rxv!teYp1Ap%~mF2}3edF|>a# zoISV?#$@#s?wq0han7**7%i^*Vbq{L7&f36#qCa=AqjoD#Uej1pX^r)Zk#rl<}HmC zbJOvGmp;bEBQ7MQL?c4$#jw%iu)m-bgNB`rojdp8=IdtT%Wv1gZFA$Fx1Epu+57RA zmp;ReqqV3fLCu*n1t(}0-*0dxY3mYUG2IM#@ z62M>ISc)z6@%Zku?|~>X-o*>AGC8O)vI=hk&X>Y!t>|-h76ye?VA0(Rpe8?g#Uc;~ z%Bt|(r+aX))QZGzDcHYfKMZCw5~Imc9_q{&+kv7V`-q3*WD2k?(~*Fg~(j-)69 z2GC@&H<>-Du}1VXdoXKAcYM9K1bgzUq0|~+wOU|`2&dV&gC>It7{r3OPkNcs>%{Go zQ}NdJI;`4r6xjt8$jd!0COv8KD#WCuW5_Ryy zG3&{%vANKS$|@^edZZ=|Rb~p)QJfx;3cPyz`54H5fMK9Q4pzaN(HVR5Ym!jJC+3vmuv< z<;dmycKcyelgU+4Q9}e_8Hz|EP7|=qsm9SN5BjFWU`)Ssq{s4PD+q}?5-d|H_ZOS? zBfFTciF;hGQ{cCe{iWkbEr2WR^@->5=5Xl^>b62?R;60(xw>T92o#l9qfbf%bsT5o zP{G3EGRls@NAix)^DZt8+2t8XFo#i8(lUNqt;)joEf5nQO_Re^Ec$Wy5 zziQ+|zaGiZ@Y2U=1aFBDYsjq>LokVSi?|2{kp@*#qai}-{BKbIC{X$|dE(xk7NJ1j zI4zV+WTACAn2Nzi;V3RUzQ=Ayzho0MmXrA1yfNhG7VW|lNVc#`s%av}RUlKtTXO=b z>3xw%rbG3Kd}uxOWVUd6lm~_PNHinXs6q6cW3Y0eb03**(GhwYrPzG(E1XV*zch$7Q|F@*x}kg_AWA4jX*nW8!#kzO z8VT8eLBKPPec;K(+pM`R(55q@{gic2$3NHsKSXi>--B@%am)<)AK5aN|oIVI* z9PqIgi`JW@VJwggQ$t$%`k+eovtlnmQ3e8o=uE!9o0ClaK<~ z_p~6|$VBGu*m4=TR?-=N4@o``2GX8-YGmo$BQ`p>)h^_CVq-L6Sl={UI5ZJ)?lN39 zzAtW?nT4BX48Zj>2jaTvgK_=z{pKWfo+mm@qIwk9x8slssJ0q|;aDfXC_- zNB-V3zanNKbH!a%$JrrP?32yhaG*~N& z5uwuvS+rewwKZNV@N+9FQX;a{!$QNq{Kk7NLaftq1$elrcVc+|?)c%+nPjq1Gm3G$ z?GW058=HjcB)jv-@oH36SHWIygUxP1y@NC(mDZq9AWUz7R;zxws zMdG5?(|Ku)2etKfIGkSe>=uEI+Yge`^kV0p1IWtiC-%_h9xFmZjG2_T2fA>x=!hld z6=dfUbH!*uiBZFzGpHw4?97FZv_L|XNz4ag%m&2z`!9o=iODN0AZm2p9mitiYd#YV z&S89P@Dx!vmUPkykcdYzqwIKHsIs;eFD%)Cg8DGzmeYeF1Jm+$A@~A z9#hWh0cBkU=8ew8{87C`xQHVvA=N=jpHIope=gOGa}(X1z&;cvWE22@el3C1=OxxJ zHtfgzC)Pn>=9f8w+|#i9#t%dmbc4s%8jfX-9*t<)3EBp}Cm=o1PU24^SkrTTn)p-PhBC50 zIX-X_;*{&)_vk=0$XU9Ovh$l0+wv>0d;cN$j4^PyeW)V^#T`-~ra`1Z2e;FTNVNmA z#to+lAK$?Rm*g+N#pgeP_4MZ@wF*tnr3@(+N2V~2!xrixP|%XZd}M3V||h3L?jl2q}|M*HR}nu^do zMb>J~>fb?VkZB9~@VuqG)=6d%wE>$GbVGzOjCj%fo<>E$?`11!l;M$H<*#28HNh1W z9ksDVL!q^`cbUk0^Gh-K#*d(g32RLwKkieVpG>x5D@3+dA zGE9LP=VYN*QVjMLl;eZ1RzV*b1-F0Lzj)kWe7R{a>RIA$|EdS2uTv{9Yw8%RU$F{T zUU(i&5DT$%>j9CsnkKbkL51w&Th5<~?fECMapwW3G-2XljDa-Qofk~R%H2n>W#3_V zlp5%W07ElVFlAUD%1D9z`6Vhb8+lkxO5<8b%I<56Vwq3<0ZVCT^i zbj@r$cKuw$noJn-&a~v(V3cqi5 z7Gn9{d~yEn`h0ws@51VByD|4)YtSuHD@gn{-8bX8A8_03VR-)cb8y$fiHPC%@3?$z z>c|T5VR4Yz!=pw^Xk4{u4PF;wY2rgC(gZ>B{Yel#(d!1U0^j`DTexz@INWvR9Nhk4 zE_Ri1kM}^WCi~Rq#?tI^ytbhn_2nmU`Ps>&T@;AWE3qoS4j*nS!}}|CVA9Y`^h=E+ z4FMdhw&Q`fzQdwm7&d}Ag4vuuy#Pf6`8sK$R*kRky+zp<>keVGlpPP zGLduD5g2JSbE?Df%*sOC@#b1Qv8D{~Tr*reywYm;ZF%XTkIU`CU+470MPoBD_ukh* z{Thkkyt7dRLqnSTi}i)igh>H&TufXoSgX6{v?kI93qL><0*_)^?5cNFg~gvF&nn$d^eQNZtKkHi-bE`;6` z1skc7#MC6*bUR?0Za_rf& z7mJ>`1Knc6QB=k2B0!bhiy@=V!Nb>1#ltr&z$NFBMkdrb6zH9nglnhv#q~sxy*c?f zTJ3<{r^eg~qwxB@3-Qz)vvAkTOYqFApK=fOmn3w9v=5}V@sK%D<2HzovJ{Xa&95c` zZ#jzGW0kn^y#A=Qd*E`q@P{d>c;@Qy7!&Wpzg8a-_c};c(x=p@o^B;-t1EHYg#LK% zk>BCZ_x&3mAJV|%f4W(1abnh#KG^@?dy%{58(i>zU!ln2h12fDwDF_x>>n@0!=#b# zc=iLlvUmgCp&~1f+P76G#M5LQ&pKP7n@XXd`jDc3gtQ+yly;_uR@!QD!^I=eBZ9Ot z#rrvv7Ji0)vf6^>>$c;`+kb=6y%N!f2tDnrRO}+--e8D8QiKL2b@jMu`XD67P@Zf% zljFX8pr902j7h_wjBYS%N!zgPt5l(i_fZ@=1gph^?1MSjxjz@(;vx}ciV*o8D=I^3 zLLAQSVWume_)>qxiDJwgGYIc~y&2iZ?Kp3c8F_~fW6zNjIFNe`eNy9z$Uao(?Ll#A z4R#;M#oi-@7(r#uE45&7oEpP=B_Tb=$lF3taqJ+X;^Oh~w`*}IuLy_tA4XbwDlR{7 z4B~h+pg5f|;p6n(E-wm?pMb_*hC@e-uqXEfoDL6ezh*uL#_M6TyI{B0VAkltq@KJO z(?1m}_Y`6Fuyj~ztw@VEVOWnSoFrR&WY1V6#YG`LLW^;u&O*-7lbAZV8~Rg6E~%(Q zR%$W^B!^?()X~T;b)u{w9~!L|AFtYqqXj3Cb1)wxhY!YY&Kn7{hV5fkh%L*2gPlbB zSC{Q4+uK2GrH<459(g~qBKAq2l9%7)A69P;*1SZLu$q(D{Q6DEijNXrKeaLVK3*S` zrVJ8<%|vKOk0+DjT+*JQ^O9BqIIKw=e|o(9BXnT%d!?KF7k>CBnLM2FDc{CgK;9T6 zAky{c*?iK`0FJ{GSza$!Ktqw`*S;7$iDCQ{*|im10+FN0gRcDY5b)PgTH}_>z;z-? z1uc?PpU`L)F3VPyXH#KHN4gdd)aa}w@OyhUsBzY9AK^%0DVZ2#o;5FIlgVCSMNa{T zDPhoui4Pdc_&E(BNJq|1wilms4&umuF7l&7v0&XE-fkE`P(OHYEc>%Sq@z?GaX)Ei zo)^e25FW3GX6L+VMuLdXYvKfc#>4mWhf0XbB!6jHpX2a-Zr;y9=ltYLeoE;jf4M9o z9-Z^-pUKMCT7OfCACe)z&LFV>mq#3^OhO)92OrtGR1cCl7lXsOJX|)u;M(%FkUzy2 zvJiFi%f(+$xgH!(syl_#xg5^vN^wz^<=BG!^?*<;W$hA9WXwZ8&}#@CY`HDlL_H8bFwz%bNMKrOB?PvJt-CTmBaaQ zHHQbrm-FCnSn#?fYj9bMOQoPR={}XvCIt2;$M=ZgF(5rDZz){zmx!yTnRkOfxsC?s zA=i&rhPa$uHZBM6&BFp+1Dg2@W!q)22-gV_?gbcHulv@iVW>8Gd zyp;lwFvL4`0j5PqBTy)O9?CTjZ;nu5fqu=y+Jc{QPiG^rj%OmoxA+J~wu8wWX$gLf z+)A${BAX-h(22EOzh4)+(7}+qU?gv@Z>2*Lk=wvbiel8UX~Fhu7n8ftN$`_5D$KuH z(E^wK8o6b*vz;AIy+T7oZvJuXE_9*8;MbWE23DZt>RL=He8fyHZE{M3z(r&9wnMD~6roAhewft3FN zOfZBFVfYhMDBOtP-;E%T(_6hR{2cJBkK*-5KN>YKH#7h7z)NJQthF|I{&0Fo&1IA5 z856FB#!u={kYa`^Cs%;FFh9>T@sIa)(fG_oAP@MQ+g6a6oPP@c>GmQl`1>-9z4LA4 zSU6JSR!c$j(*hsDG#c@}KQ3=5P-rW&Qo2{GbR#mt|7p)IE}yaB@w8z~B~tKP<&2za z;M#wEjc>nQjyi=Iv$9gr&qM*5DaMmG&fz;~FqSt8aSHrLcAZIP zh4{jiN*^Y6&4ohCHZnt)7CxHnQ3c3w>f-U42#I(Sk?Baow40RiWe>cGuXh*W&4;eQ zA10;aYvM`rAqe(d7C8Ay;}^v-FXrPrIj@4 zrSLByiRpQ%gT|_?f zAlgh2kqAlu9)4#9p8R4DR^By1{PF+~*FN#>J>c>g!!Rb*h-+V3gIUk6#BGbVBBxBc zk0*q@XPY&8r}BU@RH+o=p$OZ{p`he4N#zQ{WG*#TG$z6z-mE>{V0*2(3x>AD`CkCn zU6>QphII-J?s$C}N~&wH^6?AMFC|jM;c%g4DNYzv_~ZGL@Wp)#@Z`nAG05!1olpN8 z3;*>!svCxN>E(gWlqG>@OiLGo_hM)vrmCo6P%x;P;dQnK-6*Cg2dy2|zE2MPDQxCC~)6EFVZ0_cTilLupx3Cl>j0Dm;cKoh~CX(n7V zXB^&o_705h-yOfb|83-!+c>I}W~V_~{*B}pciFJ_uPrwR`L@!yMC2&a$XxW!tUw_7 zc*4=pC{$b)w%6M@84=;K6Ekf$#o>3+q^DGJJQj**xL-MBnaTLiR~u31wBq^S&z8Qp zNzE?HmcgycpQ94jBtL#A!tWmPJ9m*Z>AQ7GPt0974fp>2zwmG;@XNJRWXWwu2Qz=* zhKNj;K@ptZGWaH{Oq|Ie-gxdT3b24=0fwWg?t6HVYe8ED`=Z@#_r8Eo0L0WKVj46Aa>)Pthkrm=Mh&idyf% zg=5n&vTq9bwQlKqz#Rh?XrO=@Ymb!TgB9DMgAD`X4H!Kz4GC$nm@yy)LwdxcPf83j zlA@837=_GkF&Io?BYP)dRAv(TrpLfjZ-duq!6$3>pw6p8OspAtvEe{6Hv$_|&hys* z?yzM}VAkJOVQ--of1WcKYW{i?k-MSJ{-aD<21|fV3lS!HiC`sM&`0WU^V1(f*=+#E z_cW1(K_ewAhz>#{AAC4;q5_|<-V3EUT9}sPDMf1fV>m5z_sOkX?_-lgDuvEV-yK}K`PZ1pDRd{#(0WuT9 zsNVi>aWt4~EbqoS1`~uyp(L|}vw!mrZj!(bdfO-eXo>x0M2%>`p zKxkxsL&;y}=4ge;lo%PSyMc^+5PM%kz2R0(Jtf{ z6oS7Oo6ZF5(7uN*~!z{1tWS5h|1S zRN?ZOi~K5RQkWRc+q!__DjU98vl&;+p9~evhWR6izb3F9sUVH|*7pZdX{kqfr3D{s zJAtD+^8o&dIU3Q_{OMSd3xAGR?)EMcu7l($j5A9eV5{f%+;H*4B#a%@7ZpV(@S8c~ z(I<-JrBsV{>kJ|vI$nXkw=AO0WTwgm*vJjvero}OFkuSlS*;5?bR3w(MKxA<>q>A= zMvP?8yQR+c&Z-?aKo#L4aG6+evQrXy`Fm_u7YkG(K10?P^q*T57JeA;{@19rS~*bs z?3TtHivxvK;#0Tp59ZllE z7Kt(F$z-I?6QY?~)X3s4`k(#JE6^{Vx6w%?YHtX^lPU21(Q>G(D{;=?o}#x)tR?Mf z^C3c`fKlW3XolmZmH2d9A#OSEEDGg~ElhHMAc0T$TgWHNYmpikA-y)^w&OsR2Zs+H z#@umPVv^Wsj-1($?64xg;VO&{h^{oL5NZY^TX;fRlmLQ+P5Qp(}NY$J(r!$M1r z$;rDbIDSP%1qyPHpsunCWnLN$Z7$sT+j026ONWY&6n5ka7DLp7^C0J_cffqjn`E=I zQvFdHnQQ2SDNF?;*-(7lQCdq*S3|<9sj#2Nwd!_OzU5iMd^#0v+5arv=oy=_zq=*HvJ6 z&v+<}ktp%#knNHD6=FFl&rL4leuj6JIlM)ZiGbDBSd8K5wPk<&oI#xpaAA4`)S zNhW17K9lDu%%;wU3Snxl4dv}8cOY6YEl3biCOzV5IN?w7vrVk#r6eY|ARuXL zN{ioYsHvyfH`x>AHU|pJ9XL>2hl-LKI2|tBFtNA@3y0V|Gs!)!9elA zM@pxox@_lxi7d?{fX}z)8mkM{WV3laEKYJ3*52Hj&cNTQCQ4v&K=F%@o=23rnSAU`*c zY`;pf`+Ue8l7U0dUO=V_ucLNM9XlILWND5@QIILjT?*=%hq97RzFP6P~n-y zTL43pAhM5$ygY|x&jbmO0i~l-tKg~g;{UEX3wO?wem|u%CVFxy#Df{)LdG9HLS9K7 zbv_DhJCW(y<;1iBu~_!VLKK!sf## z;ZTw-sOC<=Pll+{PAA!j^?2}xi%?;)&G`=rg}5`2g7JBL$cR#6>62HZw^@>L zM-!RBC1LPWT~?wK9$SvJWEvriHxM-?vaG#>fD6g5nE2lf>EJ^1b9Y2mPJ4S~n71>4g6{LBKfQsXQ#Y)0e!>vuiiak~gz46~z`9n6PqQb-Pt;D&v zJdZWIt#CNW4sns)2OCUbF7zQYW#;HieDT;NxcQuJnA#@}`3G}E{vM&hxSAbX&(1=F zMi%w)VN4$r%Brg2)ac-@t3fU42!o#AjQ2yXH?xQC6;7Pe(d9wEC^s_1k70GvY6XEy z6xbRjeoKVw<-ZO@%ac8)3xA&77tdThiL`siKK z4cSGtI8kjwSxr4EYMiKadc+eeer95|+M(2j;qG&L;;l^uaFQv~&8R|bgb|5mE!oIM z^oiFYEm3;Chc$PN#e;u*vKlvDIvojWvj2Z2wy_ME$Wq7jBIiUICO!B$PTEMDDahtz zE~=F9+Fh77f=mlr8I~Tj(x}ypq)b|3{d1T1#;uo371v@?EEB(j!KLAS)y%!C-q?Y+ zzuo|aA)FK$jSO6d7EKE-JoBC=2~S))4EJ6*iipV5#%wE^ zms_6fN$}#8m3#5G&-UPOv6HkcwKs2pFUM z$;)4?9gmgPqWHuK>^@qCs+u~OXtEcVkcg;A6U^pFgokUuA2R2na&1NRxjpFIMZ;#D z#fjRQT2xe&p_oWpXRSq?DIA$8@kmdKMG_r#d@~7%@A*-U!?N+m4^)3A@t`EfHIzRU?gqcnAKvW6WTKX97mK(+(RZSA1NO1w`tBXuAAJ(FKs-ITb}t4J|eR3#}HZLaAE0# z(=lamI;SWK&{2&g3e4#SO`FTsKtXcyd0WslzStE;f}!kwd_8#8M3AKMzCd|&#!NmK zq%tru{2r%(TP{>!aCx%g3T8@%mi~`zmk^-31lr(@ME2pmJtuJGgCD>f5i2@?sBo)9 zR%xKOJF)tyxfsB}TzPW|t63CpIKeiuwC7Q52yA+GQUWbhC$#BywIl`#H@6Q{G z+@eY>`aT;*!HiJ@u=&6-ytOWuCd=WdsI%b837HtyI|X;V_&I!9GtA*( zsIGV8{9)bEt49hRdFvaJQ#8~Xjga|*iG!eX)#IyOB{Wznkbj~WDM^Vi_-q(Iau9qD z8@}Fp1iFYwIBQCA$*i+6JSCdy()IIukz^w3D5RlCZnXA>-1A=CRE)d-wHUq9Q^ZT9g_U*a(=7(Ct~rKzPk)7@ zwO%Y37$t_sm3h^;>xZO<>pMbk#&+KHJM*)tmblA~~>R*k#gSc%X6G!B!` zO2wXP9iDjQbKHCR6pTtUAw3}+PrkDPcV0Rb3$o&onH-B=_k4%xeIs$#?14CMNOz=A zhha;AG;8jjxu3fRwgc+ zGK7SmF0{7R6oozm(-G6BA6ya1NOG5mynLj+mF5JfW741@7n_toGh`at)GDYWNb|?^ zfHEc>amh(wx<+fAL~JK2^r;v>VF-FqV^AtmT7Kc5PN=Eex(E}D20dcT2E@fh;=;+p z;We1BC;K2w6vi6#qZM26(ef?Wu=9W@{h~YO;gN|^c>0|sxairX_+V#=nA~lC{Q-;# zFTqo6Eaql-7=mY2T4J72BE zQ+HpD2%QqqG0_M&N5c>v0ey57B4eV&&-osIegS%!+<4^8CAjK^mH4#4M!CwCfy{_T z=rt;_(~;DL-=`75iOftV!(D3(gHFrZSn}@3p;M-Tn@kBkTu4<_BMw!F_ErghFAW|Z zOARiaJrRGJI~?>c>aMPuMD z%Em1ZzmEG}{D@Ow!HDqFrHy5{N#WGlT{v0~gXiA z@Sj(qA~~};Hh5HDOqnqmlV{DOG!sblJkfOG&g#08C+Y?N|97Mr2BxO^a=LrP#G~1J3Ck2dAY9HB}X)`699La0LnqkKwXO zgOHVKM6b~!@zCEELuo6)^$R8no0rS|;+GpRvR^lh=owF`DzM}5apdJ3zzerug7Ihd zB3s#xzyEg`u9`j^uYLAClEZ!IWpKhmorD`Yfwb=jOUOUggcMZ`Y~=5@*CQ%E5pRF+ zDO9!^n8*~_b<&EocrzwYn%oUfD~Uzb$+RJJz~)jQH|H=89?3(w#f`HD^~HVX4;34* z6j~#!HB~s8laFk_>)SmMyAK`3cU$*i@17i(jgk1vH8Y4XdaT~G2dlPcW8dC9^d>Xp z_RFWksMo=blP!I`s2o`XX+))AmiKn~ zh`?h8q$5)6qxM!}@!Ea(VaFcq&n`d~#s9;?35W_4(iHy!p&)+LI-K}m?IBb;SpPOP zErL(>7^Kxk^i9E%`{yBEOC{%}ln&C!atC2&BU9i=sSO3yc2N}voYM(f4XADR`Qu*yM=p%rA~erln~V_m%+Ns;`ZMCeUyJ#NRaWGzmR zd2+0x9yPq<$mgMlMiC5rgc!a-l`^G?_W4R}^CShYaaH zFEvUBh^5UCN`MOxv=DN;a^p+&Zyi#-PmN3dLe9aK?i$mU&Unc!*u08Yznarj1~1={ zN(#a=e)Ff8CiXKQ`4T&eC~ZZns}@`g3ba@-c|>n~a?g2)RMJgkPj)nsIdAzWIr*Fg z!bb_jb-#$XE~JU*$WE-0G8zutIs6xN-k1;7mAxCPBFA9?Fb2>0aLR$QU~okLee5UJ zt0_00JMd8qg$;>yIs%EpPhk0)!7CX`8cDg#A`boYQpc0S86uo6*`JR*D)N?EY5kW> zCURVL_LrCAgg=K1S+EGCml>p`&Bl>iY`>HzZ(KgQk2@SoQM4O{OAkRPeae&5m!gUo z!e0j8Rc5WnyvM)Brejv};c`(NKar)91wtf55j<|hg)2exDd~m|gs2n?h6utHW7)Ay z#n(IpiK@~ct|V89n}+X^?-QjH!sUb1Xd){8mD2P3`JG6gMI-W&@{(OccoTn0so|Oz z?6#{B(i%I(C&%}*pA=8> z7xiW067l4Fq35l5Uk&78nR2E>vsdOd_RX&%G;$CucxSXDR-rz^^<*-1< z2CV89dz%g;dT{D;vtm!jlo~I`G&YkkV?u^nNbnIyZMR zLWQ-}Uq*BP=1xYFYdKuHY6uH-!X*2tfx5Tl{wEhDt5CDS5S=N}sAzSHs4 zs(D3Qa$Wd!L(;tpGA*P%$;}a($V85C@nIG@5xzgTHvFZ!F8oTs?dexmTAfA^vU%$U zC9>dvN{fUDiO8HpFfI5?cfrX0zu@T4DSl^?3ku;a{R{}d7|@)_A&5+|XeMjoU(ykG zkYm3<=l3VNG;^WA@%^15n4>?z$oTV|Qp}V)&2fG|$ptI>Pj~WnkIz&m2u+-5a7+*Z zAB?d11b( z;}1fKk3zNLqbCX~$SX{{|TM2J;ZH?EGJGCjBIBJO>>v$hM zFS<55>6$|$jcgc7zv%f*R?3hl>JN~h z@VTMa^Cz}AV;TGaSt^uXd_rI9apGwd!=I;t>>nwlDL9@=!`mgf6ivgG3YA#LJoPS4 zQb~Do9!*2JhpUy+hh6+W{-abM-ry~jE%09HTumLkd7WiwRMHmGz)-%MulYXdtSLAx z-t6PQXawEJ<&*Af29lSG%CF=dR?Wboy!gRaV0tPloJJ@oQ7gYwK|^s5TMSsX=LEd` zc?TAZOk_pulRm}#WO%JkN-Lls6iMk9eqiw$5UQp96*vVU6AD1cG($t=^`md28>oJg zpn}}Y0%F%3R6c1k(lks;C3u*Okdqij$S^KvQ!+My?`bv75P}JLAE)U*Jq0aL3f5&|wLRR>H9nIt0NY8IbGOuxTjjQJ-Q#3VduM2S(^ZaCCL<(~m%o%A1Dx z19f`-C`VTVwGAx9E_Zre5GcDRCtxJMT*@CU>>_g)&QK_(PJ7q)_jg8N@EzZinx+|G zsL4eay6{Vcj!cV>PeNfdJnkEqm543-PXheDe2df1E_C4+2417AbmIR3CQ84hn#Mcb P00000NkvXXu0mjf%RH*y diff --git a/windows/configuration/assigned-access/images/sample-start.png b/windows/configuration/assigned-access/images/sample-start.png deleted file mode 100644 index 8ef9cc928c9559ee98d7e7801bdda01bcdf68049..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 94324 zcmXtfV~{9K&-U83ZQHhOn`dp?-m|uC+h=XtwvBJ^=dJI@)YNoWPfd4{E4h+Pgo2zn zEEE<{$^uG&Gw*WZ+0N|%sQbbV2UGLHd)Zf(Hfeu0zJ&Jcggi8A5p9xC6l&@|NUDI4zW_u40wGLa|IK^)W78p_B}+Ofr0WWh_o43Ti-5 zptEnXe8>`nqdI+!nD2RUIU6rvEPj~}hm3Zdb9`wHv?8a3{5e)}&SR$b;9PUa0G}mn zqaLvKfP&*vsny=NxNGxQAzRe-+QoMBIg5b*nqZ8TSWv1~ftI076zO6FDc~`>shZjv zot3Ind(yyerR z3;v79OS5kZ!=nD@(f&}fybZtoFdQiF_clgtw#f< zVxbZ8A`Rb=8m4unL=rAD(t(fHkzUNLNak55-!a#bj>%N-*6N&6{(qsYpsc2q5RrK4B^eA|zl+dv z+B54gk|Ibm6F>zacrz!K294zO%Vks~JY7u>;d;a8vv!B*`h@&rDmFcvV&2dtvI_1B z*WuO_bh)dA&|JVs(e-GZDP)!IvkkIQj!A;b^V`lnEG^`s;%L`h|Fj5i6uq;puIWiwV_U`vHQO8D`flVd* zwYgk`5!;b9%fY$bHGq4S{gg~=mdHyVKu(r#rt=j!0MXzpke5O#;eXs+d4$edZE1W; zCpo{4XOeme*#M~v4=NR`AR=ukOldjC)`j^*J6j54@)D+hwMWy!KUVP`OM~*e$IPax zA3*tqpa!d!t8QkXdC60OJjT5d1H0($a-W?aO5OrR0QmJ`ca{Nyi>~sorH7NLGPskFLX%cW!=C7&h*(E$t55Oi zu@HLuE$VW;31Q#9(9@|s(PCjo#?bVUB~vksR1&9~4N+l@&Sd5QmoF4~upAN!YGCo2 zF_n_*d?uXIKI63O*7lVSMaZw}E?TmDRJZWLFW*=&SQ-?E;GP$G*!(!+)}cAB$Y>|~ z6$?|0{l)5l;bCK;$JI)x_)8fOd7%Lji5{ChLU1>G9#B1dTk&-zd3Mr>h_dAwY@jt8 z2i=Qzo}7S~m+o&!!8@H9Db|0!wiJio@bJ3CC}>Cx*Q$j~(5Dm#J7INs?)4qJOZ=!T zsHdw>DKWzkeGps}JS!KdBwNW;!K<5?kVX$oM4_0`t|`MT#V_E0mUpaHo6CZ;x;iMt z`q4@kEfzE(^RX9PwwBQB!nh>BeGyy3aFUj{7)mUZ@2j0DR$WJ-|1|DIg(0Z;I^}=n z2vV*|K`m;jIFRr+#J_SoB=ROWfV!={4+hFl?|dQ^-LHjgs6HHaXujxM9lEwx2Aova zFo`2Pj1zF7H4crDdul*j;nBRykyhCfQ}B-I1|qW6Q3n@h-o%-+m0hf9R^JE=>PADs z$h0`ECYGzT065EE;YP`;DxL9EP1dCbLW(y$4+R?`T$4VXYVSc-!9+a5LN!o|^72VG zyE~zv!3j(DSsfHr>6KO6GVtC`+sx4!<~DJoYP!0kR{alCrK}vUn>22Tad)wGvHm+N zBk(-CcC-Txg$L;B@H4V9_QN3Rrw(exx*D?K+eN41)(l2ZSDUsAx$G$U(3}ZYDpivA zSpWoci8rO6v^Obf@HDMyreb=-ea|K3KQj>>Au%J2bMgbSz94N3+v# zJ}R#)E3+~*h+LPU?6$|9&=fjUoRLgL)dkN~5-6hRuB2M28xBB$7wczwP-Z%lxR!}2 z^}mI=|7d)o5FZKEnJyK)_sgX3UCQ55@mpnFC=M+3;eF z+0DjT<(HvUXE@LX*pFEdrA62WQ2BMa?LjQnIS<~=>HSm(VUDyzDD=pvS9GQC2D;sh zAQ96LI#*HRXM?hDqgnF}1j|=qILk2T*Gi z?7e37n_|0Q)e1q*@1R1uGJ-9kMs6`*{hjl*6@B_-A7Ef(!LVOEV#aKstiv z({LpqtGzYAnLaJu&4md!>)qa0cm4BtD)=C*Qu*xxJ*1|F!=?5WW#%q80N8y7yv$ht z9Y*JUpjUv}<(wE_2)EM_RPSZI_wGzXk7#nY{#2tI$8c{{7RH*rY7oBXb;tc*=5_!& z|Bt2nxoBKpVeYr%Wv?H8X8H;oN#MRMmP}an_T4focT}p8-N{muD7rW=g;pw@`b&q@ z=N>y~t~t6n?+?`m1T9KWFYj2~`a|@7mU!FaqR^Ss*Hm8SIj|u3b#VZxkcyCn{uy`B zzVu@7S`PdeW7m1JUx57QOD{9LGrnFmo9-Eer`gD==eSyuMmlv0?cg_XSlz|4cKy@m zL!IM4rez1n6}<^efWaI6dYp-OPluB$xAYws>=jKEuj{n{H+2sY`tu5{k-6egD6pu*+I+@z++2#6^BSv!^l zQ`C zgPG-a{_q?uLt-2=`g*wDt8Z!*KpJ8uD%=mp%3uLxd@KM*{qOIAw>@F;I zo=ZJxc##Pmd)BCre7`@16>=>YiTRjJWy9;C>w0?Gi)`yY<}eEY|ZE#QK1^ zTWzc6qXx_?4{Bk`N+SUjztRpoWn<3@IMwiI+Ew7uUK>Up8*e7$EjPCn8o zW>z*^gPcsise3;SxY--NZB!FeEKi^I&G+$7S2L%kE6{HigPcKgKlcY`#O^;3B_yT0 z=(^^}C5Aj*ubY6F3g2P?)`T5=VVid5UPs+7O6P>L zQm5`UobWU|eit>P+l(wK0)c1{SoklZ%Qr*i2W&@xeNuqq5t9);<3-*RFekuesH+=5 zY*`l%)ySPLt3^V1=+aO?rl{vm%5+ZBs{Dz{4qX%AYUvE)a>aG|V_N)%80SlI-Erf# zSl@ck%YWy~mg-tGPkFvde~>Qk3+Qqg)Al*BSa0Xfy?tA;V)(&{zMnY4gM!X`A$o%rJ89mlDt3{)ooWAr$AP=gHQw;o$lb20rFUZEY{0g+Ab+((80w?a%_=kH+DB zQI47USHKplwrC z^@`P1RWvwl?M5ScMmvXT$&v4x<+It#`xo50H31v56s-xFC7JAkP(a!2XTVvzq9E5x z^K;DP3B-8qu#$c~9=m}LngpCs)k#Hc_c2#i!%@Hc{)1i!xz3}+vRfKgiwJJ#MAsjU zMzDjRK~&rgS=`K`*snFaa$|f|P91B{=J}l1^HqD%k?%C*DY+KnP>(^{`T8#bvZ$76 zxzC%U+>wwt9|k=8V^Eneu&Q<+1Y$7)%r#o5F z>8YeWuk5jQrvmeA+4^dAUCz7>yQp${>(9hfy&&Ez)mSKb^;ETpC#P*XQi)!THw&Vs z+X&?`7Wl-t$6JD$&!d^U+?y{i0>5}r*_7l{0cq(dxA`u|BGL*>;vjl7X^R^R@l}*+ zpfN*HKm6fD%fxJ=fqT0POU|J+OkHrQyY-zd-KT}#DrjP(ZzysB|B}4n1K7YU1UdhV zgvn#aXccF<9hD3RV-4~<5s<-lw_~Qi^9wY?G?W>|XNriY3Pn>O)N!zed#A(DgY?X5 z9QTF7&eOR_)FtHQ;O&3CZgzE1VHqN z#F#D$yY3h3rsE1+mg8_p-~H1cVP)0^vwViGCBdojtL7IEr0(Y$j!SNSSP|Ff4|cxB z&;q~=5aCMVmh-bl<{u^}8%GfW!b)~c`>rLhq+j(Hq3T0+`>FLz?Am^;?_1Dk|WY8&_NRNK+5osg#!^I6(X; z7W(#*LoRsDS-IHo5QZwxJbI=<=%$>(h z-psnNv^MA%<-wI=6Xf{f(^>!0XXt&pEt_K#q6?PTp$uZ4iire#gg}?vP^EI{V@Wa=2Qtc=Fm1FW5 z)I#N?BcL1nk7+QW8nW(6bBp3uvuRLF!9K+-wEQ9K99hfs&W@jwi#!VSXv^k>g_!ON z8A+dd!T5NoY-Q!1G_f3kuKiHxf@P3c-2UHD?qJlOm)pE`q163AJ&(Bir?#<2@zH?*d%TJJ>J?ahnj9hD$L#r695 zdSnjXsClQF_S=tgI851?UD}Fxm|l$}7XDyhapayK^SV>_dpa+cSJF{ddB}lpbLCD| zu>WS!<|p@9u~uyXB@<>d>Qu8uua@onl&8*#o$YR^!y13YOkdOHQDchMXr!m*k4p?z zDW&j^bq2s~T42h5-ndL=d7tCH#>5SM+H7%YH1=p@x7kQ4a!)geNNIZOGT-5KAG6*G zt?c>o$Y>lu(#-;4`eUjy>#Agha(Y(F^P6I#QP5TiL;BE{aMvAocQp-by1&dj(R#hQ z=ui0TnTEjjapY|GQl_&R(5^Mx>0;?oYs_n|ptpHGD|148&z@_UDgAmOV_MO`zrRxd zC->?Km6t=x2dfay#)T`zR&3b45@x{({i(RcbumZWGRKhD8d?H4wvjNq|3C#%ruX@Q@ZNb**d{(ImAmo;9(>8-9WD=c+dAgJH?T6e{=t0 z=#{zEv+?!F=W`vO*#v+Um_<6APuam8xzFP$P}%sVW5M3)3*_JTwq%viQVK~5q~p?Qc)FXu zyp(CmUkRr1Ob@d&^!d7wo?_Q6WQLIH9vwpNkPRV~HINMAG&JxtiAs|WBE z!Yg>r7w_Q}N>id!!pEL1l^0dP%=$8uxPlIH&MqLuMoOwFa7?*T(b{{+f+LW11h?xg zxMVgB(q)z%z6|sRB&M;So*VtXyV5>!38Cc?o2kaI-gL9NoGwkhi)Q(H>`M551M9rK z#wR|xMaAaA4rzSb2~ld^yB_ulP8$BU*EHYFu%h$~U!CRIG^W>dOkznT5o5A~=H1^3 zFF*Uhl?s>=ATB8Pb2%ZxjC`Bau;+@%b-mXqN|K1)Ee}~H$ju1=<9eYyMcS4NTh?3! zd8V{qgiXt^YthEkb(f8;wzH&r*}uJHPO(Slow|!3NMsUF(6!Ek>BSaPpq8xnFx?Ee zfzEUE005>?=p4B4dSRtGb+~9}KY)pud`(?glxVou0+(PJ(6l=WJ6)+-*D0>+>@0Q< zx2{J7H&AiExfF?bZ6;ckmQc{SX~CWrDG98}EUwN^F1^~Y{!dBO#l4OjEQh6eeH1A#W+@CM z{(+8X_Uh~g+B(S_kjK(!Qgx3c8^Shva%2=YzLQNcQz&$N=yB8^X9^e7u!n(-m9QTo zfujLFw*8$i=8lXH)|P}k^9AzI>$0F7FZ|prOz;T1B7t0@jScYz-sg3`=}CBzbb*~v zScgwl^~zEjK_xYwEtt{BydOn~&KhcV-lw#@Q*A)63d;7%$p;Y-N9tGO5$oB#FwQqa z{dR2F4mKOj*7-S|S`P925d(9o_Ag7m`(rA%VO!CYps}PfX9ynwN~X(U86%)!5`T&1 zL?Co8Cd>?^)V6mQ3$8{if#^>pB(-BgzOP; zxj=cBA@D;h;ZAn7p=jWeu zzLGyMB<6>^KiQmt{!CZmpT#IMPhT<7h+D{S@x~G~WF?}A*)NCPAf3_Yo9DJ&b$xE$ zTaqp0IZ7kblB(sLnYPpAhX#(zt1AxPR0q01L}@O{$U0{vpdbh9dd4sSD?>`+vimw! z9CzUYy<|`pV#Z!1nS&9bdVH_jMp62r?p79xO=2WnWIsT%q#WxiL6jBODk{?L(D^Qv z9aQqKWw2QqvIZW%?t&|ef-u$ecu+5&#Cfy7QCJLGZ#`d6j{D?jZ8qd;v(KcO5kq7L zMnq=iK@UYL9D3iO+iOP5zZI6v*VD@gN!$(H(pqFz*LfNj-)p=7i@j2+^9s8_0Zo6i zR4em9Ef<{c|M1ErfIji_%WLvv~wlYk4W?N9JaM^sj*-CMO5^d)pNv1sBp7wcX&^C>N{46 zk}847os7*~*qUWh<^A^1qH&vgrc*p}REtJOhZ@1Zt(E5Yt;jyx?X*!g`T4vc1X4&z zb`V4wu2kDUHXU==@!rah2H89`K-#-aBH-#9xSutuv#&5>&3faBJeBK)o)h5e@-@x- zyNkrUA`f-!La*nO(Ezh|G${dvSU;H!17Mcm+_c4k9iK~s^485ZmGM=1h4W{J{j>!t zQ1wP<9c)$B*kUCHWx)t_Jq=qfk}C0Xfta``Siko7sCnso#=#JJJccc+z;WY5Y%l{8 zTe^!iRsR&bV`x2Wy~Hc!w_4?XCdZ>%FaA%tZ1oc}B{Uz8+R$=rsVg^?V@N!~J(*HG zWNQf0_(Nv+OsCw2B zi!9sxxWka=`Qk__tS0a}PA>&b#ca{*y`wgP|psR?`h+@R4ecC*>LFlb|N$;k)@|f&$W?+hPgt#X< zT+ICj#I#Sfc4`DEkYB0uS7}RO24i!VngUK2pRbO<8spJ0cJ-fAH;;@Z)S8Y%{rwzk zLZ@cQ{xxo*6Svx#+YRw79$_0n)g8Qo*R5&DB!$8dzzJr2KpY=NUf^*UTbC)MK`xCS+QTOH-(j}Z=aJSz55 zWtAem`t>->b=go`tKX#J!k9Yhed%DGOrCABTtt>c21Tex*nEBys}(g}b>QY3WYoB_ z*|jFSn24xQv3inSOm;!@Q4d_Y1{*L$;#jw=VJ(_Oh=r-4byBcxO& zwKjUy+nwzn?G`fMwM;}iA}QblYUUmyU{>6H=k_8#A&VWIoB>~}SLj9fkXDtX3#B0J z)h_xY!W-WJwUBbD%rQbH*4Q&JZ+xA)#_F53zN3}*Ww?a2GsQs}r?jtV8qo zowwj#yymAph)6zfvo}*L>#1b=k#-$jj@PNp?vb;Mz=7-=KJ&9m*;kahd&QmzO!vkL zb;RWmdV;NYmx2WH}ZoJ%aV$>`YaPy&lzix& zT(%Q4GRtJ`2W#)%=2XyiS(F=Qm-@2Mw z-nJWUzW#*H@p&At&;^K1MH#p+cvu1sLqybBgUNwQn8Ic5emq)7(S@j}dhkf`pGgguU(O zE0j|FNu&vgcZ{YE^Scf_ftZS%GEZ1e#G~zxVdDZXp0eC?*SuwQ=M?C?>jB!4C{@;E zMC2{7hXm{mhs|6U$|6jEPkkd*Wz^}R#K!FJCP^2Et8!%kQ{nnaI|UQT1#FW|o9iX7 zQ6;+H=NpIc&xj0KzJw&zeIUO9SKxgrDQein%DN9X!=!oJ$cnhoQF5fCsB6|+cHNkf zM{|iO1NoM*HEg!tuUJwT?meeXOPt>(9N84!D<$m%l;kTutK&Y1SN{GYi^)nE z5U5Mm_EX=%&N7Z93L|G`L+eyO@;Dp7yi%fxOs~Lr-VbyC8+O{AsoT`cr&Jw2$2=^_yv58 z^r}^)`0kNP@DR;azGE}jJoCS3(_>BO`LJ)#J8F#wu^+@Kp{?f;Mj@^ib6Weoi?v}Z zFiC!^LPtw0u#}ncE0akt;dgOml*7hR=7@`~rzYf!-*DkFOAs45|TEwLVK{ zebhZrMWH-{0F8mv<}17M&N#JiOPGIwTY+;&n`9Vy?c) ztn!+h=S!=C&K@Ij^G<)u+e<-QGvmqu>b{i!g|%>H4>( zN9Sz!Q5~2Gbd?lJKPDzIUYQos8mih ziVA|5V%x8Y0|hoH%u<~tWcMA}nd6@Tto1^=ANR)RMSH*jO;UgQ@RUe~=fS1a2)})i zIUb<*>jHytoaHG>Grycmpc@bp8s(|RQ6=0`mssw;Mo%M%yyhh{etr5U73yWHb)Q$* zWs8jRnBWiAaek*WnUJ zW2u^5y(|W(qR4+=l7vJRgc-_cILoA(6o>})(4?y}N)%P5wQP@8 z5K|ykFVzg2s`fIo*Q^(=x?E=?Uk-`L8d_`!ZQ$?vZQ$3I<6C))9%ya7%B0i|XZ`|2 zMg2+_r-Yp1_lzEA{R?Ue6fFiQ&=+Q|?4ik22lDwF%7FP9?R{Nb>>f|qrK8^# zgD#O!65%C-gGHz**01N5<&yy0f_`1P)7*1>PqA?&9T6jnmu&iTVxA2x-Xh$PC@wy1 zUE6Jkuzq_T)ZSTBGZab()<-^ z36NJb7>x@~j5J^hTUH>leqAwwx@CvkZ=~Y?$w68UUR{E6s&Aw(m=c~BUPe(>VT}JM zLsp4z>_koK*;0)!-=vCSRmwOfl{CX>W$eR1lQsa(v9{Y0_nw1X8wCbJ`l~nO6h&vj zT0o4jpON!{yZFRZD7d55_t=_|MWNKRdO*YW?iy0MJ;8AL#=>eR{}@m#CX=djA; z@-w0;P5*1o1NjTWs8YV^zo2~#Ok2q$*RXUB+b+pJ?^iu>Sw>$|kAP`lExcc%^4`-` z#HStMb|J#{?O(un!$T}4M(Pn}0_fyGI2WuUNhf$YUZxfOL&ACqK{edVE?p#as40og zlb^-_0D)M71l(wG%jj5AxaTR-i>5wfk1=dThv2zO2Sk##2(?~RwaFiMPYAdc3W8eS z5!E(`9Ip@g`v!!P3zDfL)S7{4=oZ_p{Gxs8iP=H^HYS$Ats!;XQL3WoKCCjYw{2*<8W9OD?82qV^O zF$CvTv_h?tSW9*8VJ@m4G1-%v84wLZu%DjwH_Z4?m|(G)A>cdkSRMMJu1GX_AROs? zWSBYsf07JWN7qVWzsTcjgHQ5??{~pcDxxz?_!j9eCIiWU$53KPZ!!h~L;>$iTDc+! z#y@LYpfT$XEF}3C(QxUYTB`g}Q3X5(KTl*t>*xVIbf)RF`aeS`xJQYx5scH+XbTwV zE?1^z4s6QPGtM#(WD2mR0FIpLCRCEAs#O8gFe$SG_wi2X<5OC``1fAWuyF#zw}?g{ zfIJ)i*Bn3NB!E`HSVDPeT&X%%veAxIg;<|A^e7b|3QF~_iP9HnnqS%O68K{M)82q< z=Zf-wHX@qWoWi3bD&3M1_}o~Of5(Uci;lk>riv*ftw8#VIUIrrS@2K@yRX680uKAK zZ2zNtO$s*-ReXJkAt>4kvcHF%i+~O3RYl_dpUBMmZI#sGAXCnOK_Czet_i7-N+V;G zsK8ASVd2KWAQ*Tb&ok3}`s9BPtW^Z}SM4zc-ji|32O@ z8-tF^J=WPx3wI1_Oox|IKE#V?@Nh1(zM&33ykzTqGw{cnW9DXE#}#>VHJ zv~NCGZ--Wl66edMq^1ic%ugRU^8cg=m;#n%%ZE2z7oKKckr^I}2p5JBX+g0EP^NFP z>;_A^tvTY~L<1O~^(fxp{(YZ$mvxPOJ9{dtp@wC|Ti@gSY%D2YIrn5y2niwO4={qw z!hur$1r1HWhJXv67C%`CWox*%U!6<_2Ed6N3+_l{Z{T(6xvP(_J)m#16SwjQyAOFK zb}x|CBdfU~dO#*Gb@GjUFUp!fZslJO*dcS1{$=RMGor02tA%Np<=i=(i#!Nz_sye@OdOK7 z`Uul*mw99T8TsI^x9&$YGnd2zwEd=gQpd5l0iX7G-*5J_JMO5j1-x_j8!@>iB$3k}F8k=ts4ec9~A z#@)Jl{mkyWX)tHtShkapriuz@pmwxixBurw4Qz7axjSYD+HjB)L<+Ssc{$F1ZDl`H zbWegbi!8Z60sl!#w~8^)m&1#Jk0)g14paWsc{ldBaNGPFe9P&+PVmq5v#4;Z{tuLp zq~r5Qj10X$NH6Y0kdkJ$86uaiM|q^vcmr=O%1J`OmXi)5QrXzqPQ);0q4G2~ByY6+ zb3CesE~{8ZA?er%@}w$mkK3;Waza~Zbe>{JrfHaX)JbO|ITB+6oiT^fh$DMgf-1-) z!-P~_#PyK@4xU_52F`FP)T!=={3pV0b0^5Fwa!+WGRjDiAdsm8|Mf^b4YMWpnzhgP zCox^q3M2&8z;3^cXneJ&AR3yjW!E8-+u{0LZRh~9DG3b0Mmvh-qCi8!*nlOfTNqTw zVTYl|%NmXTtR1gb$Cox#Y#5PLlZOLq*pDTE-FNq*I_gG0&Qt z>0|<90xgo@5#yM>;$eyA1s>$!;Rx-oCvkkE+0TcNx?>Qssg`JJBIx>q%f*%xIn)k6 z*rI{8=8U)J7$8U&0%U+SV3QSW?;m}B@}0aw3L=YhS?7Q`;W_SpHHh@uFU@vvAioh> zn%#_K?bTV=^9ue4^PQpN#v5Dh@(Y72@?dp!ApqR&d}v3%0TACyik!~pFeqNXVrC20cvc;q0(2 zu$M2%6_&=SYF-DWSqUAMRt_d!I;)#6TAim3SvZ|$OcJbcjYw*bLQ8x9c~~w~G=BPo zF>QMH)*UNd1*}{J?Ux6nPjbwUA^w3zt?wuVe*45AnjIfQvUHPf{_>il8V3B>zcTdR zTeH6XmTooFmFI4#`YRK0@OFDMtNDpcjxjNZiz{}6TRV8o?H8lM87b2eo!|^<{wzM5 zjyHV$0l(X;6gT*xR6A@?mi@MDXwa?K9Imh?ZoFMV!hG4yi}63D2IY?1-mTvWpG6x$ z!VmAV!7@p+?T+;p5^^DU`sc}*V3v8{>7Z!Oq^>?0fZPmSY#geK^u0IW z3uERqiar4mHaObggDZDr&yYT-(Gv`0{>FJ+t^o6pbA4}kC{21OteMd`YvHG52Ob+u zjyQi&omecO@Fzqlxqe6@a=cq*xIu2$CeE_IG^ZU9USlV8&l$=sW;1X@thRAy*&4GG zGal!SxKUsL(Q-thArBP&P*EtM=(cZLmxF~PoOm!y;aW@H&10Mh`7f2qH5a>BLe3JD zR1wPmwivS7-Tf@4S=ETa3jPAJM(T|+~!}p52ZG$HkW~UUF}8#eu$*ffX(vKe;gCHsEFDx zg-t|^$WZ5dU)6oSoYwsZSslo-WJ8;Y_pUDOZ9YK5hI-1;ddwlS7zUMIyuD`|A;;Ma z+_#rKBIt|=?g$El79}ArY<3G%JS~_uduES7a(uhr5J$3v+U^BKY7}*Vgq+ljJrI`K z%VB(+4kj)xPXq}WPCa&wj<1WwqK}SBRvLh)b`NR$v(A<0W>fWi8G{59XAGVIPtrho zgmUyGYBbv1zUYSXb>aNQ(9e>ZX^q2G1TRR%9T+MErQHpT=#vYiWVa=_9^c54Ub6Mev)SP+%kItGh2Lt zzOdzlV?j#Hf9P*-57}>T=je^4&GGI`FC?&}IsAm#)x=Uq(K6>1VjHXfNhmdC>m~e0 z(Pn8F)ZQ=!tfj&S?Vdzh}VDGgXu`w+%#OX5c)=weLRViKH@B(wPq(}y@dXoCwd z=+PN7VCVRPyt#rB5?ESZnvA#ZO(~9`B$7Ft$kQcfb^Wn4kf{&)FNj_{M{GrC5(E;C zs%Xn3%3vc#!7ioo`mTjvj6LoYEh5|sC5V*h%x342MBTRrf1A{)M6`)V)x5JiQ zQf|Rdb|=ZwK47y$umXDaD=%Oau@{xXwl_7g2MECX0`6d*OB*m`POfx>>rv+CP)r^` zFJ;XbnfRpc2QWPdql5y0&D#A<(t`-4FeYLS3aYIcdH7<3go7ZMH*Eb>1|2ypB>G`qxwQE4yLKgWexph zpv1HrRl7V%J(5xe%a*Wn?nQC@{SgUBcuK!vF{5{0xB<~lepfrSx-4y}e~`Ut_h3c~ zI=Y@-n)7JzbvbI~AR1NC`wjGhIyU9dP|H-|T|7g@ZcHLJfpommwNHmZP6wBJPEe!s zZiF_y7%vIEREo3_!l*y52{quFP7*VyP&3*TP>+K2FbZ^IU($^751VK#Zn+}{sNMtV zw3n!!gwa3<&^-yu$+O#>JjfN~^lfwEh^Dt1IOkJF#5hTxVx7C3Hr}tGIuJUq;KNP- zhTClhzUs0Qe&XASa-sD{=HON7Ek&_XcOcls5F$|)qD0u|D0)OyNQ{MO&+>XB$Kwno z=yp1^9q6E_XGO`BhwH>%OInS;;Y|G2hWy*YZ0-~)w0Yh^^5iDO-ul3TC~l6ztI&_Q zUY0ADG*caCpb!l3_Q2AMfvUqrh+n_-ZGoPalibhVuH5g1KLYNEzCRUxR(q-%fa==G zqbKy+v$bLX+fY+T!PzV1|BjvIT}sAq7VOqaZ&gajoX-04$iB#NObl>F3;T;Xz03>|HjZ&1k+v+TnHYcPjX0(QXx!8)zj5-A)gQ%; zK8G2%yJx-ZIG`uehVn0*FF-yv)g?D^r4|RgOu$s1<{$xky}q~?w(X0Ir1l+-srQFf zXfTYy(EtOukTVe`amW#o8y>Hpy`~2-Ro@Bw8Qx3*D(sPsW1b{pO$SN)`3vD7ND^l? zbKon^hdk^K1IjWHneEwxEQ;pB#?s%WueI42-x`{9QPxDUzLme`fuYdlCJ6YK+0)?K zAKxWUuf&!b@-Pf^Lx zrpS?}@GchQ#!f7*l1gt;-6A15W5gjkpvm=CC9EgTMceXWYb(GqKN3#|{4bVI1)DgH=<oln+-NWeH3 zxwO+Nxqgzo&w~T(^&p$7P3%}2z(#Ruc0^L50q5|Z1kEGb8m%YfRhbB`=Gygc2Y=U&CM1shaV9!xm4*`r4>;0Ft~DO_)x`}?nhMG0dA-%d zD3}YerQ3u-A?%s$affeoO)Qwma>IHT3+LTPK`G5mzt7jWFxn z7kmHq9LY9(LTSFJChotmNK-&~)S{+;1i3XV=CPy*ou0`Ns>-QPr^Gu)V-r#m{iVwz zo;0t{G2tDX&6+{%7&{r~s+CPt63aLwNeDM^vcn#3@W45Y_L<2ye5WN$#t|bat;Vy- z2c@P!?rT}cj9Z6N;mZ|ns)VnW?}f>v^Pm~0>D*I+`e!uCC**zBeo<%XMV|B1hsN{V zBo{sJ(}U9AkZ>`lx*62J^>VP?6NRYP9`ZzVuOS8{IKw{BF`e%r79|jo&FO!xD7E4IL$t9P=$M%rbMV!rVShw47|A;#Inkj#!5i zpw6wNv&ja832ldB;0TmxbBNkh<^(BdkADHV29b#oF)5E6Mtrz$pK`zPex94HZ$tFA z!}k6_N;0K|{ka}C&)JSs*PD%$NE?y|PdoEH>emM<^s0AqXNCLIk#yk84rvCNV1ZG& zF4Xq?u6?^PXhSh1p-=(qhM3Q1fDE}^27Uej{+!|PYbA10-d7>ij0}3iao0JojrS+D zvAdk+@}DW=`+^zL%sf6@jbg)KZ=ff$7sn6Bsk05-N_*YViLL zsz6o0|8qhfCI`u5TTds>Ska5t7zY{-Jf$)R+tG34i&3OT2GHIWM?_x_Eid&0ISUMy z)96?V@kAV>tc>gbv=dkS;#Pd~_eXHWp5?f6yxl&ws`IVmxeP{fMU0btB(;K7iXt?A z7=1(6WBf=4ceZRpcExs#7m|oF+`i5>9N2L`ZrY#1UaVkqZ`5EH3D!^8nLKH(ySNS* zAV7c<27R1Kef*ir@xH5uJ(Hu*XSJ6G+{iET;2Xr8vG|04MM5GaXHK2c(t}?FU28o$ z&r@KkAO%-$a_2;lxf4H}{ZfJQ!ZiN+F5sKjC-A?&jAGZGJT|np;rx}oc*w>C+PXUs z?rcXk)`CP!8#-D-XyuHzR1RaPkip(`8tGyVkKVi<_YEGwfuV5>C39$x7E!Q|w3U%g z9YT9+E84;&Ck1bdXQ`FNVu9uO^&1Z12RGb>Z(sd;T=k1v@Wp$gxF@^~q5ghccxn&A zF}+TlrW8@scTIA9E|Dmbpe!4?8EvBnu=~CPxc$u6qYw_0oJ6s4Wd}+Fhw)2>`|IRd zpuL;*z0?X_={ef5YP(BgXeCavRJN-E1PE}r7A{%LlJP>hNCtZslcY zS-lx+`x02)5y!3_cj5cj+=1^6tN}Xv*^ZaeV9t!&Az2Cgr=3G-ZIYl^p?MOtqW}R; zD7^lWUD!EX#E9NcT#AtX(UNcVN5nj-vIYs^h{L2s5YK+5@CUCj{ZbFktqt%s(g;)8 zEhb#LU705M5DDR>-_GDOzboU8eH=h`jpKQ}A-whcwRpi9oA97z9av66vb?o$hWU#97}B=XL=$DPncJ)pUo_l>U;qL1UTXFst0yr*T{sWhou84 z(*$Q#Q3(e|NldFCP9bSz0~6g{!S03*T?IgrNabKaUa$p-jSZAX&z>$yNA^->$>@f7*>T zZ~6|t{_Fc}AZ;(@u&h0fR@O^_od#%5*LxKQpIv8H%iPBhRVr_C7bDwvoQL5ky-OF{LL?7c+zKg;qhNMfH!=77ryzs zL)dpPjgMY?2p_p)1#a)Th;_s~mUES|Tq^rkk7fWr`q_*ysD%9rUVT{MSF_>711F?13 z6I+YH__DE(L<*Q$-}Z%ttGFfpkxQ#BC51u%IvXIjGOL2mbs=-PlW1@jS#fTi z9m`o;Qms9}sgI?TiC_6WzQFw0ISS^7QdSx3>_emCSxi_P8wYm%zS0)roxp|%u}QE# zmLgP!wZgVu&SvrZ>>0SB<>53tj@pj;kod&Vear{zLj6n=2=a{(mYuGi(HzuaR-6L7 z_)|c7^0yNL1UTWKfo*^t=NoUP;vzv=wgq_32P%W+V!)eWv~w1k;9xqRKR&Fn**v3d&J68jb{69d> z_iLKR1Ik)5(Nzh*yd zF+xJMrd1IABB~IU<`dzFRmh5FXGXwC1at;P_92R$N0HFK-g*$+TSFoZW!mXCXtb(i zB*>e!=_6x0yC8RQ3GZXPwlWR6*Y{gQc67i|ag}JN<#-c?Dbc;cqniK$PDa=na<+eU z1NBjLW3zD3WJxBCL`45MoKPJfkit{tP_z%N*BJGa_qhflJN+KFRVc+2CM7_C6BbTE zc`FlBtu%;eggEG%J1Q;_5|mYPO2N8B z^9VZ4+(V>7ge0emk#Y>9hl=dXHEnq0)@69|S<7+hIm>EfIUapVKh9g%hBdu0PSU7A zt98n-0-_S&goFr(L}xVA&Uw-Ac8IXJtsDOq3A;swaPTT6=%gMRnL8*9H$hXFT8ftV z-x$*UgovEz!o-xA)|gLp=-R&7qH`@25gCc>0%f}hP?@XkkT?cdcvyed4f{-9@%!VlKaHFBrE%-tG_9$`wO?*JvSAU;`6ZcQI{Pzx%G+pzmZz34kY`T=vIU!w&zb2p(XBmBKfyca&x*_Qq2AEf9J8)EQ z@qCmzv)g-%=VdJa%!Mw zu?@d@?Kb@2&sXE^kL|^C&Thj6>ta~ZF%>xxLg;P{8TyK^5tuA`(JOzC1>^^s(o$|6;r4I0vyk9 zZCD@5qZSi+5TDR>I;e};E)m1fwrGeXC#1J+d=e%x(E(SjKH8f&&YTjH(4YE~e(%Q) z;(DU6MS7}4!!L@w4rFdyQ(pK{rYFp2`!Tlw3k$0ZPXa6&+%PDTa-6;~eSAR*N-G$- z61J{t#lJjt4SxNa4S3PHzUAsBpl*}a8Iu{{wB<2e@v^n}((~8h(IhRlucz}aK_{F! z`~yyaMS{vcP7%w{3QCh-%ak{1x(V7&4m8>RXt zkQ4Sf{f3ag{W!5VifCtV73rDju_Q4piz~pwLG3~19t??#4kP;&32I|LAtfX}kSXFX zFI<6Ny?Pz~?lC>~$%Lt}V>plhx^@JAarq#g@`ZzV%%>0G5ueiESvRg!G zsl>?)AWb(x+s%;eH-d$$_MlG9H0jLD1W}u5qm|l^UudR}yy*i~{&ZQ>3fkA=fb|t% zNg+5SJ6{lKD3sAjLhzAGm*d6fd7tTSfIsce;$y!X#y4*p!-2tKWjjdgT=q$ALXZ06 z$cW9rI9O_RCQ-tR&g;izjN_pj66kN8poy#a!@dmu{OgDDr@iCsiwegA4KNk#kmerX zr|+#S?{{wip73`-mSq@V{$b_sKP0O*%YogRZ<>R=cUEL7$gRensyo;A8P04V?~S0Y zXA^)LG~3mRBu?F{fyW$&pISd&VTWW70M~q$eLN0yt_lvxE+p)bEcwKapR%87oKz>O zjA8XhvH-^hk%w#vYnCPOg=ep6OioBH{`aO7Uhw4uc*w_h;=g}>2nU9;tR#|>1Qk^a z!_jB8CHnNX_Ql<^eTJKE5_HS>zI5FoJoVE%ap5O-<3D~qgu~-UwPcFC^267S;Nc(J zi9hWg3CPKez_QZ$ApL+_>oS&occp#Z|yB)72q|5^WK2AesrBSBbg~ zyP%0QsOw7VS8lt;i9G14Hq(q)1OWn^j8JFN5AjGUohl$Ga}6n(TnVRb=)fQUVjG@* z24{G6aOHhDJob}&@uDy7#8+=Pg0y~=t&OC^e({r)W3L7~&DQ|Vod!_t8->caW!E^~ z{G9`M@W*!HT~`j_`h6KZ;q&|OhHvddF2guPZUS;LGic1nb3n|KJciYI0xS;HZdDoD zo}swMrr>wz*hQ0YUZpLy661)8#04dCqM4xH{?WFM2`zLkMcX(!lxx4=k7>~VH*`T_sv$p_~!7|k^-DXBeJjZ}^ibiu#R{>@Y zYp1&UL{-r=XH@%d_pUR9ID?3Y;!|JpCqmC=rf|(cMf3@K^OWFYjKX_u%i0Q#3#=B- ze}F}SsxiRAL*;IZC+as^{pW;`hO_9Y0UDxMMo(7)|Nev(SY2mV=k9?5p7fc6`2HUU zsH0d3nvIE6%=Lh$@I*%999TnSqH)Gm`x>(&C3(6jQCZrLqy@dRE;RV)XZDNiL8YV1 zj{z16EPt&=*jq6i+@0urikhs(`spB@XS<%WY~$=E70AEpU*tnX!-;$LAZL!RxW48@ z?a8))Xjhx3YQAV6VBw)UlLW=T@NjBX=Px}82+CYRukRKk`0k4~;9(mzOPYuu-JQbY zKfMQ6-+82RHg7(NNi7t<#ZeQFDN0^*VVt_E8((?JCOqS;{>rLapcp4ZWm3@Bd3l}h zItx$-EOV`5*^dBn@OBd62+zy31VvR=B`CAR1ahMQ6>+V2kTXX@^f190JHHP0+7=M? zgou|ugYVCm%mOSNT(zoxRP@29xOh<4Qhj*+HK>ZYfPJYogbzPw6&|%kGpULA=pT}J z@+Wp+=iwwLS*(G@9ON{}D!n8luYS~W{Q7n4@%%Fr_?IViV|5>UXz&%w`p~kYz5pB) z&jN!5ZbVzZPgAGgG}Dz-XL6?j=vZKNPhw%;%b2Pm(9V9B$0JboNq(kZKQd_P;mcL^mC-QIo+`CQ%S({dsClMJ)zIuJV ztnDEup8Eg`2W@eOSyxeSn=R0RO9BBwIaZX)=<9C7J09JSR;`ZsaA3HISA1t528MHN z_!I3G6zXjHm1E8hEme#|Qp^sjKH3r6EQbILcztSRoD{=%9ouln^1w1QLm5JqPC6#Ob->KD>B`C5)hPQ1sm#R59q{$ z*Lh13K0NYM2XOn&bcLKO*2;-G5c^$wTNEFB)&~6S_I(v(57~p0cWgk$L3|6Nl!;oWUtr21JsAwv5D?| z;!w}b;0$%}Yla_Y^M_S-WTJt}lv_t)s{ZQqdD%%3JF!3hh^7GB$QHJx3s38;v=x>| zOFW84ZR==EQZ!KJ=BQmUzBqN+!?v`eEx~d)k#vM@w^4^r^|C;{KCU|UyQiB|SG3?+ z=k+uuDXP2a^ufspHB)g!6`SrU0YNzysDtY4$&;6P21oI)R}bOdUBi`+t<4oVY1DBV zLGDSQ&fL&}pS)}n{_0`V|NhT|)?~e9>wRMw-#IbHHoQM9sgk7^a^;K1cijpK8jhdPU`gW z%{sTIvuVEa>S>K&OCKkJDj$`bD^FcXPTqCtDxA8KaV_M^*OCXz#`+68h~7L^KcY+| zC~^~^Iap&0;f+sRH)+`Vh~u>vkQi!9NOh~acCUu(m#F1l{$->#rM7W0L2vBXIUp)_o9R+Y zA}!v%t}?eD?sK9yX6UBOwyff^GV?_Dwc@wakN?>>O9VdK+cmuPs>C4Yen_cSAxkP- z3%3DmOIRYsESVk!wvAuyOyk>swiZYgk!PD2apXj8#s%r=iidA#!xOi6SK5xu_}}c+ z#?+={rrE06nz`{BrfYjLLu?N;^q0BrStqZ4NbgaCH&y#M=^*CLKBJ#|FcM$sauukY^c0j= zb6}&~u(}m*dDz6Su@z|k{%ek4aB!T;(d*k;ldI;pl>xo9lab(SZFOG51g^;V`z4MK#EL+#tHkOy-7o{C464>Dz9JUt}KyX zqL87Gz3V$AF?FB@eN3c8(b}%5>x&9Q7V@Wfc@fvq`ID;9omP9QBU^Lz*+x?Hq3e{qn1D;5O`tZA+ydER(JRP^P4c*0dvUzO>Ui;8qTy|~(|M|Ri*s`h}KYP_C zw!1C(=AUmfKSTd~I&Ne;Q(GJVm(!VCPP!hk9Dn%BO*r(9Q}Cb9-e?5+voF|){qHyx zKYiIoEN_chyFQ_y?5Nu8*QZq{jp6U(Ke=}dm%nNwuK7QktS=|n7GHniGFF|E~*bor8m0D zv0vp3FfF7I*sw0y)`@l9l_GRFFj~S7?iM-W!%SCCOwlmlWXSfFKlL1)8QF;6zIGF? z`-_eE<*QfWy4P;R)l@Ryd&x#T?}1d%C2B@nNv2~i@83LN%e_Coa~$XV z{T=wpT{&F1u?63I=|(*3%Lj1YJMO?~AGi-cdD%Mr<#!Ka-!SmlcifIMSF|8fj^oU? z-iq+w-HvxYZY3VNsSA(U5X0j?yC2W}z`g9l6WiU1j1UP#OLqqn-MvV3QTlrkqqLBu zMElnux}4W#D-r5l3G}W2I+p`ooH(?1Q|IxTpwerhh|Fju#J)Sie&ZMWV44%(v&f5H zF?apTFH)Q~L#AjJZAzAYje+PYGY{2U-AF`WBpRV~mHXzfvOS8Ie{(Nh@_=q^=}RC* zlCo-jJKplhPISNZ4xIV6+pu%6fTx|_&HjG~|MlB6{_1nP@X@EOB$+AU*Y~IKtkVs#@iJ2Lpk$FIZ(zqk{BI*`Th_hj(Avs@8QQOCVaO+{b;d@7L+o3FW4Ce9PC#=T7u>y{yipa7}BuHc) z{fYZ=&WG>CQ_g6|`>!~R+YaY&@uzm-j@|mP%M-37j~yx!PmXH2DmiIfIRQMdh+>H_ zF51dLyar#oIf>yxHoR$A_#~)PGoR@kC0jz8C73RUIg1S=9Sw8B)ruHNNR(tG(L?F&LulDD5|&j!pM<1kSwGOT zjKXVo56KIOeLG1+3q@NwA|xR#BZ@4jOj+)>@}l-HGY8qpj|hlJg?giiJjJ$}+;$Sp zR481UZp7w zOv?ZKc0b<3S< zdN@_a&b=9=IGAb=x{ZXRQ(BEZO@l>GYZ(82%>aJ;>a}?E8J)Q0U1#H8e|Z>(NJKPF zKH{N$xcOijFFdCOk3GK|AO7=A*v-L4_4wpdI`Myhybs&@+Oc_kr?tbA0wf9L4BKaR zoC9!%*EGsmmPxjZd|Kp%T+oxOj(xD`3)-sD>{NZRmF>8z9f__^wDhk;>+0OWT z@|6g$kgP&@C1o|Ge-#Oihz!e@?$PP3z{Dxq>e1G!^&4JeBqUM+jKVaj3G2i!T3Hd< zsXEdUwulKqEBn13rB(M$pd}WfRPy$oUmd}#FKDxN^@qFD7$CX$+h=dYB@gVz6HjZy zzy4wr!?`@3a#|EyR>tx9KOVw6E?R@LS0!-HDh|YKpFOQny!-*Zc+>-W@bRbi;5)aE zU~7K@g?t*9Z0*GQ?l|r}lEbr4@5Y-hU5Qsds0R;T+j3%ZV-ZVZ4U+m9^!M?6u4JTR zbw>>6uW8|U&_Xg;As`|o;vn6ej6_N1B&w$vuLEOYyyhXjXlZ8~I$8Q~Q(&Jid*UI2 zw&m~i?kja-GX`})UaZ4WJR|6H)9viM=RBPnK&Q`7QgFud;PowdJsX+MRyq9ao-DpV zB2eLZDzGM?o}Lfkv~`{M=_}TtmkfJ0c+A!o97+Sfzdu!}Ge?kgWwl*(UkbNtCNDc< z@4k3gzdh{eRVZQuZdq^0gc-EO+Hn_ZxgyyE59IWkagA*KTcey06 z?@yJst3s6?(l;y06m7w9kU)uzSR(x;rLXfO(sR;Xy3(o6-s$Xw&TPmyOyUsIDolje zM1m4WD4syLwF{9p_J!7Vlwu?)tt1s3$Pr`5Zl&ngh}H46*CE29{-I|b53!An=aEV0al@gEtrLY3(7;D@h)O^)lf5Z2$s`w#uwuQ4eE4rF#=x>t}t>BOQvUtG1-^cuT z?c!vFI?Lcr;Cp{pQCxkSfTz8iZD8VxlffM-76EkdoB8jx0-!2UvAXs`+e5l=IP2RyoO{5m=r9 zJg{*+W}_{WR56??;QGB}a%z+_K`D&CeQf_RlM_L@<+ra{&l~NB*HoD5wqE^OV*u_O z{apz4tpK`L0-fEJt)sRM)+Z%OiBQ6xNLed;jo@!Xg4%*3uv)cqZN{|` zwI#J1HyHZc9o<}YZ_-xj&`NvfM_1>@g{?UKW+&pn+Dw*e%U`ILsb}ZKB4 zB+KU%%`8JFZxB#FtUa>(WK6vjk?lOvJWA<1lkfk(>FZ(fDt9h3w@tt9##QN&1M zV(lG>b+#ea-Hlj}u5BbPlrBzs+Id~5!|AON{Ml!B;Scwdgw+nZCmUGR6UMlODE|Nz za55cn(h15@ZufwTwuRd!l zBn-&De?rlj1d*1q0%rnT*djSHVt+w_LV{v$Gx9@sI;4@UxG7}wlr;HI86|~p!IUW> z6e3Yd7=>5|3i>cuTRS4{U1;g*L0nr5wi>hmAW1pt$%zB2tttT)6xPMre=2i;QKXZ@ zNT-wR#j=q!i(s&#vJ0VYB0s@Enu574ow4I=qMa_{{H9xZu6_;B&t@i0|Dn zfG2+V9z6YXdoaxS8ev0!6r1}v8*7%JNI~=ej?u~F=M?wJ<^UDwP^P`j!I|!y2oNkQNP%JLbkG74poFd|qqM5c% zL|PbxZ8_zNDATMg-ebb&VwzDY{UkEQ95M_$r!UOf_gSKoMc;6lAZ(9KNj<+3#nY_N z{d7_{?s_7(4WwSUlcZkyjzt)zwF^RZs{`?~if5*2^t+z}saKvR)0DZ|!33e1dj(zx z&hdM*>>Qvj|1ruvp)I2G8l@W{Lxdr=L+6`Z4!U|-QB!Xsk(xk z1|xYSKX?w>Sa0=k$3Ov(`S?y8($RK2P`ZSRKDh@s?i!Rz z=P|!u?_NYjew%5sA{UB7ex*Paj>Rj>8Yp;kN6VZ)RisYl6%&L1-Z`}!y0bSYc(1pXlr$BAj2$d3GIa1+>Q=$Ha*}~aWi>rM$gMwI z7kxEtdQf>1B8hc^m;e`+uGRQ`ux&r~=iz<4(t+x>XDjbX995V8GMN@ijBBUV+jY;G zFifSz4qmgas|l=ut7~0V-nuHd2F|PYewcq(FM1GL_Mk_rF5YPMP+8}_hL|#mM1ua> zTB7J;_s|%%jPn*9vq`bc?>Lmkkx`L+TC(gyxlug)>~#n;oZEH}U`#8Qp;i{15*4>E ztXJYvS$l2X&Rg+WeNg%|$@2HNA34D)5)@T{3c#N^S{l^a&71~B2Dt1L5|sZA2uck> z`41A5H_w=$aK`lEbFI?r;mbEB@xrfoVfq_-zKB!ScH+)AZuAT$Vw42tNuNJ}-`veQ zYW5Xj5|kHTupD1_UO-SLz)w(Gx>yzLD04X4H|%|P2!Z(lvSXx`KzX%Hz5*3y~6859`yEx-TK@K_A0V>Z((S_(!DC3 zkUM|YbuTmX&p+;22@)A%SoWx(cq0x|jn}17S9`0-Jy$L^4#-#m$jp+U2N^0Lkpf;d zTh=%yE2|@lpte#?k09db<$jr>3wu(*9EG{9xk{8?KV14O zAC=pqhJ?LEBq4OjTV>@BgH~}8u{iroEYXT~Hon1@vicRP!xGf~C> z3CfS|PvNHBDP-~;2xrrXjO@Z|pYuR;vaNjg#+}$x>_morw^(XHR@DDa!b&tk{w@Os_?>?Y*){5fZ3uh!S>Li6V3J7FB{nEPJhdv4AXDw$Ww$L zV3x2ggSimaPgz?O65ZEvBZVSG=f3gLP~^WR40~<)Sj3xQ>%KZtOd)b>uK`aZQvUYV z3`P3H%&Ej`-DrEn(!l}4^bTjVCbf-P&z|T~=AfkkR3dLm-c-<_XF`YaFUX&hNuVPU zCmY1n(O7>WiPA$T)u9_3t!#aR)1GfCG1-H5Gl5J-@8#}i$M$GZ`4p|pCUukrSGBh=Ro zbW{2{BI!r%x=GBtcyB))&_TsSvrdN9PSIy-wc;SLttrOCOXZs|tkVed5YJo6nhdlst~TDc@?Ia?Yh}DGv~S^Hm*608*B*vLaqi8Y;p!Um z!gEr6roDc(IN`r4O*$-0QTp^oiSlGy5T58O!T#`^XvI)hy`i8tdNkvd=()PJK{2-q zgKn&RboIiPxrTqiX{6YP0(~NPX2-BBy)ImqjlPVVplFLU!un&mg!vrq=tNZK zomj73eO>5X-ifaM4kUWJ5Ne4aLjt0+;3MND>^+>uo&MFeek|{4!}4WaY)%OsvqHGDh)`UFrNAruj^+e9 zFBxW=S0A$TWt3v&8p3jK1%-7|7wR)=T)Gk4Tdpmhj|3|ywOc&DN#d`+H^UW_(LDCQ z=Nzo+^qy-lk}2acpV*0;bjsen?k6Qy3gc@p+l1$yq1v5{K{lkv{?8uVvS*A9!SgpA zvPHb`ATVze+pApr8=q?j&5CWx}P=Z z*_5mII4$Vj7&ptTSyc0+gfcFFf_1BbBFlEX>pG@`%2tVy0@h%mekLyyAWsU^TS;=k z`O8lCb@QZxreat6{r+mJ#@Pw7v#?#f@?QhLdzX%SX>jgj?(DPzYK|%XaLkR&nE;nQ z^Fv2^cK*em{OMO1(g~_p^X>~*?wnueUy!|PgQ{9>t7uDr7Ezj;cm63ANRFhRY<8sj zk%j)~S?*OfE;4~}yR?W53vw9mPTJ&A?@p zP#I`u?{v059>H@~F{g!li_Af{a&KiR1HWgbix;IskiFafGk0odYSV;^N8!2P{Xtm* zEU}e~;QZ)n>1TMVAKgoDIsdZPJ@Xm0x7sSt;>Pl2a{`fbP6o8a6A2Y)7P4-(GNKif z5H`1@aN6>2tZ0uzBmXrAa`^4eaU`?tJts&=6zY5`+@sdZ>%^4%dp@1ly&%r2Io(N zy9SCRD7&zKn2b~nq#2|Oc>Uwo;X_aA^$aTbho24LAAb-KlXLRxZkKk%FX;eA^reEV`M35X_4QpgjUxZ+nwk?3BQ92jfUHHp{=&b|60 z@Aar=->3_@AQhEurOKg4j2gl3M`^DIzjwKF1{2)VtgK8>65?o~*|zNDzg{=@hhym>d&d*11V9hknxP-*V8OYOdvoI;Ly9i8;-@&=-WDN$ z!i2h~omQ!|x+Q|pYbXe_NhuCuc5x6{^0kqBdr~ z8ALOAR~lU~&aqgdedN!xuri{5^D8r#K|ygVT$y`RfaR~Q#pxLOA_a6M3OI%7KYdw; zeSvtGu70^Mh3oH6A(`t$B%d~d@~Wpl0G-7QuDt6o2I6hxJ0vLVrLoE;Nl}wfUi^7GSwR+jI5n{#mbZlvYnBW+P*HsD z4^t0x=d4NK$UmQsk3D|_{_)b)xa;j_PDxILTMp*2e~5~qS)!!I&&IpHb8`CcI>J^n z!)%?<(3XRiAl>Vzb0+M(CxYmF&YTO|ApckNINP+er`~*#QdKuJa|g9~8AvPZs*y>{ z_I#F=>k@@DROV?urvmsUSi-r7=Axb~_MCplVf*FohR z@AYYR31`jaToUO_3Mo#s^sC4z=0D9ybJUNCwld;vCB$3X(b`67??7vJ8``ur(A$P^ zR|~?_H=!1a2$RRPOti{i`C`J#tP9)XlRl%wC~?+(JM9@h+Ucg9W*tnMCQA`Case4BWcu`)yS6nnXxnxWBedi4Q_yHE{-qHSWOSHxvPKVVoj-SI!=P)e`wv^#Ck z^p${fPcBBC7lS`v~3$KM#aMI5ayltc_Id~RurAwg1+;Gn5- zI>Z4vl&AlE7NH_1cEvG-IUvVb#_9VuvRbZ=MpG7EF9OBk=fQe-RaFAeE`rt z7RYCvJJDGZ5hI>mrZt6KNQuEh=>bYqLmiyl~^8V zZz6{b+w?vYZgs?4SN{gtInYu|7c5h&cRkyc=}W|{IWzot9*CsTEX~4?LkWv1Z2*n)X=KWdx@|MGFV>75Q zD!#6^D7Gw9FFuOlObNFgVn+z-KEP6f+M{Vg4FbH_;7QQ{EIu#^awG?)O=VEgrp}*4 z_f8Cogo@h+bNZ3FKd!1f53;i`<(3YNq&V@#+X%9DPU?j(OQl6yGIo_29V$*cOv`xe z9070Tw^juCQP_g+W$vEM9SyazQsRuLDjYZqo@nbKq?t6OC}Cvs=dvhK{1U;w#+&0n zmS=HD3Mi8F6nHJBN@K2sU;^u%V6DwlG$c1gz%$>W&ty>WFf37plA_+fw2TKf?ht!|{Kd zI(&%bMsh+z5{-@{LP8L=?Wj?Nb+{LF$MzK=8HzBSky3$tAcsYqiy}-b+Ak@{0md*~ebdZD?5z%S|b*vrM6%%3MMHrW@5;AVBf~eitPb>Ju z&evFl)4fkjFRQSbL90-aE{3fwt0J!@KC4c}dWs?(G}BRmO5@>$_qNi)z>E;l-d2%Z z2dfYb?;C^Fk1SiY=S$4CDqrqs!Apq$NLA@Bf-J`rojI}Qp{gy1QMR-Y%#x)k6enSc z(0zrtZ6KL1V1(^NVp$9@Ly(~S_I_3LQE03Dq3hHTT<>fGV!E*~zIwwTzIY=W z=rLkHdCtY3IzT<5*5WmW>7ZE|ThaFJR&48?*c^6_GH+*^tF~r}p7NXLaBKXD`D!+xxI>Qx`U@ZAVvk zoRho+;v^~&tSnAI3EtoMxD#?^-fZ5xK7-;WaUV4e-8uO;3^&t}H5)z)gb6^l9hz;#p^^u^+|1T{DK??P5o=1AsFK??i$Ww0^n!F8$Ie zJ5y^9aO%Zu|C+T1n0KiBvm^++Zsep(Gd!9(WoN`$3eJNboqa{eRz$kX;2dzIvsDP* zo0#QM$bHpJHxj2g3G+)w&Ps6z)p!VJXZHN#W{)zE|7rsLo;)~z66egp1>+nj{Vsf6 z6}D!@HoKJ*rdej1h$zh#o#$3(7<4{Cb{ZfoF6B{X)I&6$kT-g%KI>j^>6=Qb{&b^& zB-D{+uefOL!qGMWpWW_3k?Bfnxt|89ToFlmwMNjv^2{=gw-05pKUrk`#1R(x$|mvfGgkAy zfE`Cj%EGOzTGeeCIjyGHEADDrieLSh&uRwMhQ%~#t4!sj*}hhomN}29D%cuXlTcfX zhj7U@vFVBU`b`5&o0Pd{5Fo%(fZC(Fn5|Z74}agwq8 zNL|XG$f+F3%)2NaS=EbA_U49vY<*k~CB85kq3V|+=gzAi&W%KqNX27uQEb&ieVC$W zmoF1@MDCQS(;r7@J*i!!{{SP0#m2yX0&;-PEX@aQc)c-ZO=Y)KTcx}}I-#@9-cQ5Z~N z_wE7Qcke;$xMvscx_>|J-!qDxhXyf_%99`!tq3F05Td+^8Ie$XRA$viXsLYoNrj$O zCJy!km>fssMS=+H>F6kZ%=qm%*xzR1S!#Ko0eZ6Id{g4wt7DS z&QO7>4R~=XJjErElX`y5OztS=#{PI>iJ~+>t(A+%T^)4q#KA^UFL6@-em6>sZfw;> zx4bvugITeBG&KhdvQ+ulAbfiXVf@M^LyF=@I{cC^#~u)d4GSx|25>sHIm~ zFLs!haoaY9B#r{xM1iAcf$^p}CS~$vq_Rbf7eW{(8A+1O3}q4+CJ7o!6>%tCz(AIy zC6~dzWDa{XCG4W^92_ZNe2DqWN6?apShkO3!npU~e&{90Jk!^j=s|a98&>x8W7CR$ zY+KfjQ&)CjU4J{)cO|f*EryP05s4_nh=!1oNG@D`5Mnv_kG1X~s z^z7oW5eB0{YnXN&NhdkxDz6X}Bj6)Ui?|D7TZKXlYUe<+OmHEEtTS z=tFJSvn^`S^4g*v zYR2q`deptH=APoE_^+^dnbOkGSGynGOwL% zZz6Mw!V&ysD+ijOsxIWtM1zT!R<~6ocr)h8@BVoA?stf^%&+jA(8#1}CVQ5@ZD-Je zUd`U6$+@+>%B_ec4Z=|-HHs1k%RD7VB9krV?X~A*AwmL^$FLo`EMp{F##p9^!DOD~ zC6DBI7W+ptNVJBrtRqH!Tf`ssjN)KEhW)t`_NBrYpx<$J_i6s$peRZ#O9d z=F2kZ6P+Vc{n=#ED?^nBWaSjGKzYuN~>^%Bp!U$YNRt+>>W&DEZj!kT1MJdMMN~&2CQ!?U>j5@ipy&o zRj7^1zLH4Bdb(USh6XX!hTap`?>8*pc9MUn%|o$_7zxUqZ`z8@eJaqS_=lg3;UBNq zQ>pY>4es=(N|*N-S-HrERb~Zt;9WmGuUU&;hnr0ts#kWv2XE`c@BU(qXIMdsabNVw z{kZO4k{^rvB!>1ykL(04*Oz2D6X@RrJoDW^hJ$8+`G;ow`cT_7ALX=^lcR~+)z>Y& z8@*B*(&0f)k^Kh;g{oU0Y|QpssJ)X2sed%W1TJ6ePU)kW4v;!KB|*kDNk8h9H?o`1 z)nuvk`#o`FFi`@ko+sQ^;l=<#dC}^s9Y*vVJG+UhtAa`4(LnC~tHOGfm?o(mBbE%7Y1UWmh}iS$gEAHf}zX7(`1sa;XtKd|f*( z-r9}d-=D#iJI7ICUk^n~_AL(`hlq0wY+>1#>0U|EaWtK4iI5nzMZzQ>9Li}%o>O_V zn8CMD+^&^Wb)IFGqi#)-DCt)oq{mYnQgekOa+v}~vuTS@{8uT?v8=;%qb!%K+-YjR zOXUiIf!o)W1^IA`1}bZ{fBB*4tsb{Rqx9(NVC{jC=qCwmg@un*`w+T92`rC?u_m6x znSF7bLZ-DVAHuh9AHjYywrny>uPo%uVf@t#&gWci4Ac^+%FKTMg6e z=@y?#P=%y8G|_XFr}R&3^UZDX*dWM2#Psy3?_dSRDzlW% z{l7eDO@7wlpC}MH*A~wm-XU47pqw78pez_v{@UW%{Rfu6+M=|YuTARK#Jf?yvDv+# z87Xy^8{MjIJrQgG^BbzwYgXyaEbTy{1_t&yxswwGDQ6N(lM_J-n6Ni#6bAjfl?e4& z=S--2l|98)RXj1&^ zK+8v%)>-sN^EhpFH}2dwg1spYn`}n~+xiQUl+c~Fk;p1Cyid_jvJkc{_9N*m4yN)r zFq*=yp%nIwrLcc2hdrZtnip_58^Tbsh+&eGJlnG7JBhY1+S?-N?+9aUZwTvpBiP&< z$A%Sc*i2cwEQRJ2+UMo@|H@w;k6x~_btBv#7+A4LNoehd2!FwG(?qD15Wce*ml+fQA$1n-i z9sBY~X3A89agwMEB83zla_$=BQ)S#eTt+(7!rIk==L9*4!e=xryEvmSasr@|700dA z2NNN&*Py*Rv~*Q|3we6D#t~p55)pj=_lI!*kV^U}){$lY{o}eTg{{UtTR3H9WTi%` zN^BMoi!GIK**V>K)aHqA?x=PA_iqQuKc$>KqW}RG6Y4_N#nd3Fj4KaQK<@l91t#e> zzrV@=Rhi|97%*O?MMh3@PDqO1uN>&=24g~Q8ztR&Q+gzpXZo`PwX$$HL2Enkz}4+IcV!#SSsB9_D`MEvQ^Km&Jo>^J^pddXlk+W}#92nsd>#?|#tI8b zKRzi^V=GH6Kihg?x!9XulFFmLWs(l(kc;G)w-E9qfckDlk^K zw|?%Rf{1+tw~BC_VbLzEuMO*&!lYD1ZgrKpp~T0g4#_fRQNLgXWg=8Atc<&dOL*aV z9Wtnx6X&jO!FVx>Ywt+HJ~J%0O9D(wp@hEfc6{aetI*qCZ4HJm{xOaB{_Ietv4{wr z>WykN?k1B&jW%N-4tQi^rq{A$FL;?^@AJ7f8k zv93zeq;TZWb6_9Ps@$5fq#k5$?s#LbX-XKs4XUzKT3i5fsPKiFJgN-jL@=lPqruwF zG02aN;1q=|dwOu`leG)hg)tjgxHaO!u7*!XMjB{PD}p{8=f0Y1{#g#ngMEgdSF3AY zb(mIpRGdyMPrR|Xc`rBiQ9D%>@8w2*Ij(iZ(>Q%yAMV&YhC>BT+U!GWawpFki4zt7 zLbYsV&+=0`#9$&KHen9t5r(P{kkNg-okead;$yv1ACDY#vE_>xq#uiYV((KP27N8byC=3@dt~ln7S$MX{NZ9#8W3px^%c-X!l7b7_+7cxwKoaGt~_$`Ff4i!&(k zMh=-_m79H8m)D5Oo@Uy|GLodL(xGzIbF**p*sPs_1_Wg?ST=Vb$>G!$9XOk8){n<; zZ^g}n1vdIrr3@FFq*!C(m7Qq!+qPp(w|d%9WY{(y_@R54PBxrbZB3nk2nfpJ!V#4F zNl-MKwSFWE4H^|CR)x%^V5Q%xkm1CBISJl4V~~Hr`YQW@#p43iUcMgrY%8Odkjh2L z@E#|^JW$wPq@?w%M+L1eR?m;~;p-u;+QD0r2-}XJ z*h+`|dtP)ETrg(t8QNPj49CnUB7quwV-ajy)sB1i7jRglz_vnE=gJt{ovzmQG{~y& zGhMb##9IYsXPRW?O?Ff>m4l-bhm`Dyf=i^oP2Jij^EN1 z!**>U^(U}xSpr*oquAI%Qqx|-iqSUtNnbE>Ne|G0GMs<>Pn6SCqF6ld;vnE+>It0@#)ad7v{ldY~W0F}AL>$z9H z6sE3D1S2>arD!0+W@iaxUa_vaQyA`APn;iJCkQPig3@R1X<^$gN~6pvax1udU6o!x zykLxT2+p0tE9cSOTEr=B^9GFDiJ|XB98t@1S?q2J#qc?KpcmXCEU6%g`$0(R^^mIyflIf z&f9>|u`CV^Wszmtpuaz27rDiZfTl@wFGP#Htl!{23OcDWwI5;?&+_xfTEM)RlPgd9~+G zfFInE!KeRlgn6Mmkj5iU;RjS0|J7 zoDBWp$b*Dt&V4mbpG<%p%CAO0`Qx+oOFk-{3VwQRTya;09yGh>VCKgJH+7(-IH{&v z5AvuqYVxUc%IxT6fQU!SOn)j)eLsVNSKW9b zYh4w8E#yw-{m(Q?!w9$8LEhnL8wN;d_7?Nlqg9t=3U`mEaL4dC zZaXrD8;&IL$AKJfIg-ZBN3yv4PzLuN&fqZbkBk80BV`oGVA@EI+DTB?kc4b$kKx>| z2+myAiU+P}$C)cTaLVfCSk={mHfA-WpC(XY*~>Gkha#(mWyGvTdEXi?qq~qsqL4ug zMXy$Ovff(grHxrkXiJEMC!+jnTq-bsb_PlJ6rCNi^3mUB&!DKlwIma)piG9!hm~{t z-Ib-SOSY*29)*6i>h%xl#Vtc++_{$(st&PGBtRXS{W+S5;t#Lih)YkKm^R`1JsCXZ z^ZSt2=BWCDb;l?jULZ&mjd1z553 zZXNV&1C@7g(2ZZDL^V*-p=~kvtemx=Fsg8tUK(umL4N7Txp&s`Co_$WE*;K|fe)sa zm1kLcaPFw*t67{1a___r^-CClzF%PG5d&JPpph~N>?O={%{_NaL!WL#XN;cTv{V7NQAORu|wf7L)6-YMS&dc#AGfU?`;uYYvWE&+`;yhAYWp*Huvvz#6tdm3 zH+JAVFW!g;u2bWlh;g?2M}BlK21iJoG#Q)gv>fjU2+HE3mY|qfp)nL97e zo33h)^%CfJEOI1{xJ-IP=vhWd&&%G1*ljy++3*ES95gRKc3DanV zw~~%BMc+>;llYV!VO{CR{?b|n;WbOiv0r2;uv=@trw!{!`i(*B46kR&3+n(Tk9Q}M= z)fy*pNuZY#=Khu_I+^TFot-IX(ap(2qNuH)655!e2+Lnp9bm4&#!$%R@uu$|z|Zbh z1y01Wwh+Gf{AGCmv)5tWiY}66HY6=)IYKcPP*@61uLrmFGKJ{G1%uNh{YzEsh{6)U;dAR#|?K++p<>a~5j zmy=p38iPMx7tTx||2{u@bU{k|&kZ354Nx!b&A`Q3^)CZGXi_TCy%(=;Cy6}kb#Uk2 z6TPvKXE{l%ykt%fjq*2HWzj7iYultU=Qg7$p|Gpri&#ng{wl=7cBu4NFD+Wx5XrE6 z3Dd4G|B47GDLPOaWw=`5&}xU;!*n#v@o0=e4lquAigJwU z87;RVN#ZeDj4}qjR?H+RKt-b{yd;R9CUZFq4-eTFdb5;rE{z`A_cFfaktjBG#&Aks z1ZS;i!2?#d;Q^~!@G$+_^qMZ5y{Z%Etm(vqcs*@JFV5(VHc3#F0L5M{;Q)1^MjQ!Y z&ygH1`RERO;}$iR$$0a_y0Pmm8}RSX*?{)ej!H%AXSc2Md9^)L$e$W)wuERjikCcW zE$)5$HvIdO`>?ueay8#MP{89qcL-PCc7$zN9V4jQ0LLLrH&KkFOw)#)6N&t2OT$|X zsLcF*a6zeWYCv)E$o&Mk0A~yJP3Z|mBH{3%ef>uLQT<#qZJYTjaY=d;8JI&TpMoak z)nw?#rO`8V?gSZ`@Q>0ceO4OI>k4a2Gq#8bfBQ{-G@ zx2`r+%P+5bRvQSlB1y8Erkj-9DQTuMT?V~`Sa?c&8>6P^w}Iq7PsfFJ+R@D3Hqth_ z0#F33AB#_-`zg|F+dwYz8nNvhiPEc86P+VuJW8SygTjy~K0)_tA8J!1HevZw+FOw4 z1U9YLor@8qS+1iTKZY32XgG#Zjv-^=R*aP57-!{V3Sov6sfKRd#mbc)Xdp9n!NaWM zdq#@bKU&0{!{gX{WE}SmO48Ufl*GNf-aDkXk%|~h7ZBB|49VV#)-pDAlyO>r8RxEw z;6bY+c+}c<%l*_)#>EirQ@GVq2+#;>K>Dn7tc>S=We@)Ax?#^^BGlI2@`x_{?zQXi z_fJ}l&194Ilbuq4?lbm|urw06(V-%JGdUMVOFW9Fo!gBcy=)^s_uM{g={HR<3AZ20 z;<2CDhg)_qZ3(Z@2MBOHflc4EqJLns0Y{qCMh#CI!1>Xeby`U&ONp!V`TBxxB{qTZ z#6i(W3`&e<;!2DUmLBiw;QYyp#O|er6~9D=g3?mUhG?fP1>4$@XrSWNwjY{=KP^*1 zK`L2-OQ!~N6W+VLDa#UY7O@e}!d$mm`)(#Yh z*Dma;a;BM9W;A9fyEc9>0BxD7{j*Kw>9;`gl`KUuUMM2TaV5pN*7sa;w&fK^kp-k^ zbv!1jI<@*|oGd3L#hL_3mXcBm$2mN;Aj@m2$gpTQ%JFR^UB+lSg9GCk930JH*P%3a z42)26*g25J?jy7t%wuenl5FZrvP_6Fq$Mp86{RG=^w9ogA&)oz;4t3w!$YjR`UQ8! ziU{6yQ7``RmmBbf7jD5T9fY4@VKpNr1kN|8^eFPHYgGf+MxephubySbXT8DU z-ViZ+4n+1*u_oc-o(?W=5|>uL$jl{GG8N3;Ig%$0o_v;(lHN>u99*1Am#ykIK~fy# zyvPXk4GwE7eAauf9E>AOh!%N__Xu+9@~Rc9SwVp)ugatoJvV@B%gsW;I}ub2R%bLQ zFdi!(rCpiw9JyO-K70^CQ9sey8nq)zzFcH5`dmGS8m1^s%W4y zFXcQbP>DGUSq}Bqb%BH@OY0=sk&+Z6BtI>lw34v2kg&Az+J>=QD@NJv28_UjF`%Cb z7%X59NlOzy7D!PZ^dTBm?6U2^WxceF;ax+{wH?IHBHg>5xvI_wxK;6-0Kglq2|sx(sXa8!V4pjZ5Y z9}8SONZXC<2Y&G}P6U0wdFAwyQ|fwl<5bn0hDN}(>@Ej&;EdHL?BiT=uUTgkaL#Sa z(MYCvWZ;8y<3wrH)tO79Pk>91CK=3xd$bRMF_HF*&P_soEnoIjiCf8Zka;8B;o@~r zT5I8VQ_o&7H~gb~8nM!>$n&U+OM~u}K3)B3ZUnirFm)qQoi)l#4dh&~^5?*uFJN6; z4(FcMi|g(j!hlvb-Z547e!CWL>tVWQf+Hjh; zEojvb)$*yAM5jAEhRvN3Y+u)o>uw&w)%T2YETXNxpj#Y9FAm}jfBq=!**}W=_NS0+ zZL=deVYXX^o+UACW&MZC=?dp#$ofoO85v6DFsxd(Wr1na*9YQEBDHe;l?f!}Xlg_LmZc8Le)M_RKww;AHesZENIH~W-LZF2PM)x>jK&jqL4>@)5N-876QJG2& z`Q1qb7nZIGeEFDuNpaJSRXZ*%>WT%Ox zD=SO$aROHq_44P3^5*K$^5@u~Ji4|Ws=N%uyIiPXFJFnK$)!HouYVQtuh)VrP1#+u zyb0$+$gv!CT0s(KU`77Z;!d9a^hS|>`=~(jSET5g^(0rO8HrDl1aVRqnHoxhB*2WI zie$}}O9g!M_lI!qhj!rqUNMN>gHmMk1AX`ACwFJC{R8*oZ9m+Lkuk;p=cS1)OH)pIRmE)hAg z@2Mza4R11ZaDyV@(oipbjo|V%=TLgJ8l$xO(|dxz-yRIgBO95{Gum*Zwku>wMD&Zv zq9P(8^r-gAy37?bBrkGDGyBzUZ3tB$0-`7~+7b#!`CR#=e+c^eNsLiwGe|#*s9yw9 z$ofLA-VTZ~#wf`Ng=Dr6i<7vtG~H_nMXMK-bdXE;0cHesQjvpr2>XY#crQuAhWFls zhktwz{{G5A{C;l^Ssi$tC33|w_6`^D<2%Q3>E{lh`ycPa6F+9QcuNu>xTlHPrGFIF^kox)+6%iuxmZGr%w zH@^R;VWhGollrA%y-}n%gL(^avO!H=T}ULwRvD&PY4AfD*@y@|7paz|F{QWNAg18# z8!9x{eO)a|3u#+Nj^sve<;REyMFx6pRm3F1S$l+mYsEov$i1BSMebc+cKumrq^h50 zp9K_*6UE_3nqO2NUUUWnErfo9r2a16)u-ZWeq z%)i2^j=Igk>YAcB-Mt=kwJ*EYrgx5@bbDDocDRa~0Vb6(^J;I0sV#|$DDNdU-GY6* z&EEN-i4~8PlLDZL_ZD0<9;q(;>Bsx+UhSU-wql}Z1z`212Zu_bhsp(VRgb*zPgSNp zBr7-dM8XtKx1V0Q168lY`^B)*Q||r5C@wX9xo& zmp(c$J*x2L5H6{LTU96z)?Xn&7hKjNtp;RCva3zib@q{bza7iu{?Gj&f>Ox zY236sjhlUPTD?9dy(`_W zSz<*8AN8s)j2fY!#twBG=mz*v6NLU zTwva<2C{nIr-VE@X%aQgbG)Bi?ekFRHSr!h>IA6A>B>-Ul;LWo9YmgKNm88;m)$0% zL0*#nEjh&@r@YFjj2uN3D9}XaWrm=Sr#LgK>&lxuZFJDW@G8>=bsQZd(MqQhm1>fp z1XvhU$qGeFXL{R4B1Kj!GM5`iNK9c$0t5(9g{MI04$`;`PNw!i{kA%z+DpSc+ zP+2H$S2i<+OS_rFI`~@ooSR4t zD@MC6Y$*EKKUdVQs`NHbQEzzZ`zvZsy4TjA(Upp8uZIN)5a8qhJH7@@i9Pb_{~~ea zlaCeAm#a<$NXtoQ&KVS#MrZF<#iXkSN(U9M%GC{U+VY6-US~||!B0pOUcFTmM+oK< z3cpsAH5x06W2Q~j<;#tL?m8QybHaiJWIxKN!m2>U zqaPLY84>!P3G1F_I`b?_qN25Dde4!Flt|E>7gd#3Wb|%Ot`tVL6tx#b^cC7lf00Wz zw&IN5;t3ESz;OvjNOV$7XDYNQtb3VJc`WOQVf)HfJob!Uy!TlfvFBgTLF$9&;DS?n zP8^a_g{jV|!D5*nHIAf}WmFAb<;#oCW7vu(HMO3dI5J~yysKXp1BzE8f`6;Y5hbP3 zUv$o`#;>Zm-$9e`=h=y%pcHpAs7=?5;EPn@%-H`@fG-bo4mIqG4p0m_##%0F)5k0H zviJ4ac({@R{&5;ZWJXdd>vxm06)zNR1L>qdS^~hPBeWL zAi#+Xkr2HNRt}@1Erzq#cHv29_v3;sBp>>gHO-%PW)JRq%NG3n8_QCH~ z*4pmSz#ZmnFwRj{D+^lc&NIFoMc-4=PlqTCMixE4P6U}Lc@o_#+s@qtILlg*M_p$C zg{`7hkj-F1T9k2@;3ngBWo>0uBeOxZSug|koeozHb)dA%t-Yzk!8Kgw4Bj&rs_kC> z=W)=Rlc3ceYucoPt527mMyQsZA9@3)WTlv+o#r%ZuGs7Rdm@dSE8$HSF2navgNqqWovQ%HZqZ937`Jm zC_erB@k)3ev^2Z1iz>t34_s_04VuYG{pqTcs7oo>Vsecqb*cKIBd1TPrTeX44{AcD*vOx^*HbU3H+d zLD4)iVb1XxmtM-Ucnhp!dr*7x%5fIOIV}{XlBPIkjRpioMWOJgDnnP!b@QgJn<7h4 zA6e6@z?GzC3fi1e8MEE$BW*OdpY-vdl!Qn?!X$rDR%TQTgoLFKDX{s65HHb;60 zNUY0HCV+-A4-g>0aRX0Fm{L>M4xzmziVgj7Ja}^l-u{$LxZ(|4@SC@sijKC*zVHw4 z%;20gQ9NpE6stPINJK;EqSckJSd9mt-cF5^!YjVAA0Pb9#NXF?&;|~!IyR#Bt@ zofe$Qs6{xh`gQ{qrHKse+5o0yDOIiM%0L622+~xbTYL4FZc8M7Mjk2li^(J_MobvE z>d^8cJG!fio)x*?XwdT*h3?FKE#$7A5Dcc8Y(Es%oWmEd9R(x_K20UqRB){aBe zqEY(mxpz^UdzTg`+LD+m&!uV;KN?+a7(~6a91FZ)EnL^9=Nc}Kso>n0PO02Z1lzkv zGI8{;9IAdNM<5%OcE&5zl5213Z#1%|&1)?onH*9;Pyz%vzECLRj8$zoe`6;*IlFkV zgtJ$*LvbZ}IP zSvuTSp+ru2HG;&Ez`mf$dnx|B%=|*Pyx5P_g&3D)#)+4E#m~XTPcTbNkiA)Pj8O0j zR)d=jxP&%<;%*|Da}Jlh#fD461d<{{ zDgl}KQB7~1gwwAxRa3Tuu=cH!$!;6*Qa=KM5+K0wgj5l?zIhX_e)(Fw_lYZk@eqEy za~yyB<0GDfqj>!G1itpdbsST}xM$ZWF8bUa9IW}i;+e}MxbAfuv2|@bQsYUy%Mz{8lqM^ooJ||WUFwamUhQQ5_Fxyy_}2G=^G~^AGT_u!-2eaVi3{s zRIe@ywhA{o=qh(EZu+gAayrQAgn`9@e#$kg7`FA{(s7JXFbY~xOc>l{;Y84iQ-jgp zAI7}FpOzZfS(U|LCO%B6w|Ro%nJTNUh^lQ#25fY-#V7j)#cBS$`jnH3)5(sH+D(ms zpackToMB+RfUeds-ul=ceDvj;sSrZA{MY+&!N+%ESQAzsF51$H-@R@N)~;^D$l-B3 z;FCLW_0BAA++V=I{bGbfWIs0l+uhio;vk|!ZG{v*c=cXfb^9>(4Qr2?+NL_NE(JIZ zcnomf?WzK+DKvvDr5^R$I6gwr2rf(&mA*}sPtr_eKqG=16ayH_|$yL0C`&_x@Qu02$nb{$m1oC4t~ z6B{5vfTe{<2-oa9xD z2Dd6f;nm(+spD8-C<(Gwd^3T+_!N~ZKZ63Ej$IMX+WB`P@9y3eV>9Wi>qddp1It74 zyD~6m{A1s-X#h7s9}8U3s5&hFGEkeIMZ2B~wMDPAH!2FD>R#z7@^1(QTWP8o<=HRn z9UPZt_QPn5nefP-jO+gT0=+222~kf|j?EF2DFO%(Aix5G3hnyc6BXD$U($oWd{iIr z68P@TW4P=aNAT944C10s?!q}Ax)&FJdM7TwZOAwHu+!VmDo{J5F zf^#A?mG(;EN9ifgHXS0N53ztmP^^3umXVSYRY=@!tKs_FkY{eku8^&sOmgOSPO1UI zQ?*rt0H5A5MW^t4dIG= zQ`q(&ci{z}--QoeJ&2#(GKgFD=)8!hG_)e3ua~;tY7%6wCF|M9Vna!g*0Zw{8oBkr z{LWS{sYn!*NQ#28Jl2e;a$`luKlTZ3Id+D+_d(uF+qwrSb&5V~Z(%ri;hUmX#LA1# zowQMCCu@Z>(-jPtEC&VcMb#8sypm%@Z8{{=LJ2rZ4Q36+t@s)SB?k@ODw>PDA1_cb zsL0ifn`kF?$hDNETd#7p;^Ey^kY{UmKlnEd*tXUDTX{9r#D_>U(Xh!kS1mRDF+hL- ziwJ!{N?Q;jB>HM;LcN|nU0+w5Yte74OtsX#V2~!23S^pWkkPZYMP>;pM+Kq5%(B-& zQ_G#%yM<{<9fhc5Ss1Jb)sK-7nbpADDL~~#L`Eu@{^V7+WGejsp?xq~kv){A;i#=8ol z>5_T~VcF?E-whxaN@RhZbj2yai$BE)OwId>0Ro(e(Ek0AoxtUP$MK{U=-&)H^IzD* z#ykfLjBE+7d1Nm>_RKY&!Te(PND&+U;ciZOsCj0yrE;v$xryPuz||jM8kSegidrq= zh!XZz9*za3+xSO>qU;fd+I;%m2=;|h5)3&rJBkq!KG-)9vkUYaH$3b)Z{ z=HTLXWm-*({^&s>a!Ut#(<)pP7ZVh&rS*sJWXqSOZ=MM^A`SG_^2ieIy%8V9^Se8xUVH?}9bz>L)=Zn8WD%Zzu zK+k%WK6eC<+17_AUvwINdEX%Rj%QF#bR(OOF$e~t@A|km$MX8oK$S25v+V3ew`j>$ zQxfXaF3Vn;RK(N6a~vSR$qDru^(1L1$>Mg1w3NaEVJOY1j-7s6Oh}t)Q0G;9-_q*( zgnU(-9V-~7eF~owFnzbg>R9#dhv&wG1BsTr6+a&IU1p9P z9Lqpg3xz9a6~R^#oIwL9ElOvt$nR{5xOP;rf!CF(?rWf}105!wGM)6Vv?%O4K}>)@ z80WTnm8HZB&qhh!Gu%+5h=S@?qot)s^{IBoYi*oL$5hFk6&R=vQCqyTDfn4H`I0oM z>mtj?`WzjVRX%d2U*4%08K@tk@hEFo>nL8q=w~+UgM@OxGAz+t?n!E7WOD#H(UkZeL-=kkSX(nCr z;?I}LL1KPo>4mHMDtYx0E+Vh6w{e0Xu_v;WSHMCoYEv&r}@ut3o?ge#+ZFmskUuN7yWL#26ARZNqSN&uc;*0HUs z`B7#w@xu2ZASeL>1X$XT-V$G^)n79luO>i>QsJ2f)Qy(%-NDr%j(N3aritq00qY>5*NoXa+*@g?mYVWWbE~2BHBiZVrE3T9YYRAp zVktanH#s0E0RjX#zMw%!N^-UYMM_ZmQExzL0I!}@l%Xs&U`qT0DIqKI3?2B>0YPm^ z$gGN5tt}C8p(oq=@f=U^GoN63jGQQc3l`~QOe!Nc!ik)yjCJosj{Vy~GHVj@I@4_0 zK$&B;hHQYXZmwu#oI%tlE?gmm`7dh4lJl2~%3FpkyeV6m4v*{Hm{u#JDrGMaug*fD zFpBn-A2Ee5?tEapSed4$>(1d$AF2ico3 zgy~voS>K4J@mEGRzA_vegJnQywM8SLoa#E?n6#8W3n)J`ftOXgDxVX^9cL-Hw0Y%b z(7hAE@7{l32daX}W84&Q;gzZ}1_NRv94(!qwW*rAptY+pvvUv5nTVjRoY;dI*~M`c z&r7C|L6+hW)JK2-0hTzZy>x)CNX4aB7TrKJqrs>Sq-Pbb9pdx?lR|Z0$rP!m)y3vV zH-1CGOO&U3E7qRpYC3rz;w(~j&fUC%5zPfb5o*h!5#&Zi;dkrG%sz;x!f)KZ+AF?jD2iOU%qsTkO4hEdb(OeRjs5V|p)F>GqxSl;OGdczdlp_S z0RjXFu+$)>r$e4L*tQ-W*JcY((Hara@8%dm(Ta%9p%B%u^=658E67|)aN4s9SvY0S zdp+uRd_r0};Z@4n!clm+W@W-&6Ni-Kwtcu72-)-K)+%d#}Cr z+QV6UoqhH>S4V6q`QtH=hdV4=0_YLc4{O%H1m=)H)EDr0i+535YMb_)NYfB)#Ovcd zk>W$Qery{>R&QL>VuL1ql~0^tv&#-3_iV{t69X2!f~}=XBySuwmD()-v|LvzC*AC) zk=H-*)FivDn-Lryt}3F`AsQ_HDw-UY;;y1Xg$fnUH)NmK_ra#t%>ZIBidaAHj0?GV zBitP(itj!2L|D}Tcl!v#ZpyU!uOXv1X_DVp&e?>@ZOL0GO(q4(?a+s9U5I9hW1u)! zfF{xulgGN;o)H)X83lr zAf80IXIEYLfSGifUVm!KDoB3FP-pW>5Yp)wkvl0cSEx{-!g&O?X;?E9Mr<>IW8%xz zJWjwea%5t}@D`i>g3c5MVbmnPi{QdLQMYQ zr1X?LlQ-7mR8NK4pHlhi(GV-qT zkj6a+T}P~Z@TJ+FRlu|9JpUO0boQ9lS~w_O@RB+~z;mR2-gkuxPdacdRM*230)?4l zHsu6|V^-ZO^UCk;w{cXU5`5yqE;6wxh&ATDOY(6yi9dj^Qh@PthO;X+7~%#p7I+9p zd`^CoDWY6{)fy$2`JI~_G}$?C^V>=^s+6Go6!ha} zU`3rW!L;4^M5wZ+8a=1~4WeAwIvX0t5vN1h__;t35`74wYEduv2GG55_z}RX&1HDJ zqz*~g5Cb`itWe>}46XyNNT|ZO1#REMSttWGY+!8m>t(u#%O_&Dh{*O?zhh9t0a&fC z`DQ~rochxzK_gII|m5AnrJ z5f#jkt4CdeH5IjPtW_s3KywRkWbwm~tkyT=)%nIs9K{U&yGQhAPT5$XEKZ@-%B9HQ z$qA_3I==?qRap{MRzXUmZC1{hn*)kQ$3lK6OG0|8;d;bMU9RhTKq1sMCoTr$rIkJx zt@8PeB01ia7DED+SPXGTeMyYVyp=X&V>(6KVs9)N+-c^7KV+2dI5hn900?N&ofTt$;Q3pi9E$v6rrg?dw2{ zezzQbNG9wXh946fj~F0~cR!^37;3Ub*}0jdpZpP0AWsy?6KbpmU!9R0pR9F`2=a1A zIxMOapN5$iBCXA8Pw?>wT*Gi=OR#%up!Mn))% z!ubN_uQXL%fQ31R(ulqLo62)Wwn$KM}>{I{zyr2Ox_HHcqGNK!NkF% zD)F;V2K(*tOna-{*nsR| zwPTa^gn=w(R2Wx zM|l@?Z1F^y=L#dZ^3@-9mi6{*~4GoJ#YW@9goPU$RH#`we^6pVnRqpYFNao zFOR5uflqD^F%gRD%!HZ@Y9e2H)~VaKGQuinGP~M?Forgt7(npo$gQPYaQyhqmVvf*vbSr!iwl<%L0sHBFi!Z5s#C_5ke=+BoI3Kh;fhIBz6 zx!3H?uhw;>yO%vzo4xGkbv2$$4CflUT)ED5NAmQG$86_>?lD#vtuq4#rO|BLhaX+A zg?S0z>~D{(2TWck9yNQ{Z_1W&=aqwsGr?yj%qL~RCk*Tt20I`=ET%^(jY$zUvWE!l zcUN^ep$r5Q#-JvdFQ=ks>+wb`yNQNpnq}2fzoF;{k0{I23}~xdR}wveM^`MnkO9neh9nAbvp2_B0mk1vgCF_UQ?G-Rs_K&9UtrCLHg@llC?L zDUWA+r9L2DhH*)lLtIIJ^Wd-Kl(Sip5>tIz0T|vzot3sL}EA}z%b~*UH@v=>zRT{ zo;$|#2^^H;51YN?7d7|GparOROi+c2S!3XcFd4@j>`6?782XeUj3cKp5tZS$fbhk{ zBXEir=SLB?(?#+}Jn4?o<&UVmSlxi1J5mQ7$Z|bMX~-cOpiju>2nY`fcfO?au*xs$ zNgYC1KPVmj1JN$DGvW2@Y1ZPv{y8|SC@4q5}Kp&tG z1YaQdQ=E^-6t|YR9KNk%NcSf-+qHbkzDQ2oScnb`E7Kpc6Lkbj4Mu@B{{99b*yC`gzg+ypMk=;7iTAzu#Je*erP~jx>KeMR_4)pl`gn z;@_o8ge$V+stlLH|mnn+U_ z8uJb6$BGG$?R;Di20FInoREf`LKcNkUP5t7fWGfhubw3S785s4C7uys9SO6_dd20R*=1}jN_VyBwu+QQuUP98uqPE{%bjimil}c zc+s1zt#%wzmyi4B>zBpQkf3G7%O!N`R6~0Cz8>kxW@+CDox;mYVo8EKpd)&a53Vd+ zp~901Og0ToY)edl+*MT9z&Qnz;_PwJiEf%p#~F?%Wf?X3EvkPOuMQutvTU#66W;!1ov!Nli?U=p}a%joP?cVnW1m z$d-qd#^Yo9nVYR}h*)J~Ps;GHB#vFwsU@A0>eCmz{&dkTX8-b!bkXTzs!-vH4!$q( z*d1oC{f5pXh66X6ecS7+@qezsBeussYxaM>(`;f#iUcxd+=6ij-P2B&44I!|ZD9^W zr*Qnbu-|DWc#@1Ht4N;ae@=rk3&1Sif`>fFRnYmc;EE$XY^(zw^iO+X27&Xdtb#q& z!J)8!88@9eD3^9h2zHL%Zk)iAK>Uaj{2k8>lnWb^Wt2B8xy0uMa+--d4f3d-OkTb> zNXW7kIwjEs;HP~Y<-`FH`jFLEL#0BNGg&%r&wcupwrBgIz3qbsHRQJ2yzb(e zm{03~5RsqL-vX<89#$LQHn^r0a-RFsOX;Q)e7BoY5S) ze8vRz3i)y%Cgiy6)y>&+uis(YM)uij-~2A|PfMP7aBfZD#fy2SUYpn{FdL4lLO2a{h^eNZ_l z6`pLsK{+S~<+r|3SJPC-LHX9oK{;oj{oO(NH>VwxFlZ$^+X0anw2~nsiiyL&?;x2S z>(_}R3x*qboQS(qj4S7|!G81!8A^G=sFUWCw*vk)LW+YmluX$?fxATR!U_9ZEs19> zATyj0f9$~I7=p3r$Ra*Rl1((MUao+SppFBjBk3NefIC!z*H4MO{>w4nJHp-|W*t5Z zx0Zv2YuV%8L&p*cs|PIwOxfhd&nY#7?+RR z3!nE?+rP`~Q+FS+Me*aCE^18p+uNsOq?FscF~m8nLHeK50u!llHrB{2Tf2JFU&DPyEpEi5dHruXwIqdgZkJ{ryMn z)F3N#5`v#}COr^*K3S&| z4>GfnAqNS{$JbVa-`{dkFj$EuYdCzUQ-&|&Cuawq05WI-=J>p5m%|^Ce-58;u3r)o zr>Sa=T#kc$;-`K%WjK2J&z#+C&D)iiPTTdD?6>Lt`^2K_ys@n0rp+xa*rMt(yV$l9 zn*L5TTXw3kXlRi_Eqrvby5 zj-AIUh13pG9Z6aA{GECcVy&#htur2%fV@pWe9SMP^dXhcE7q;yrcIBG+vIrLeZq;c zA)6j*`TJ(K9jMuUF@5T;1$*6F-lhugRv8QOb!Ke5K5k$0WnXB|c*=G=#n)x!a4gE1 zZ>Ybx9ccS^dgP4gUu$_;j*GI1ZE2|{R|!`|@bMz2g};ixF(je;5f61;4V8mZ;mL+r zLHXU}ps<2cIVk52`3lO2929`j<>nC#V**z(URXD*_j=(g6{fs@i)=!hF_6bd;k-vd4d7K)}N{fsFc6DV&) z{3PS3(DZ>q{ZgL%)WyOma)*y|!R3k3(+362I6J8T+JLZcfL6ajg-#{-#13@SB4Wu~$R$9jvSp*)|O^9o?f*8pU(YO44S5veqpwYX|bKHHVi$TZ~Eu zVv@tufx_(>bxYgEhR5y7i?6ipBQ1OQ(Zlx0<8vxU1+gcJ@v_*kF*!98W8!Vkd&{+I zlNyq>&bI+Iu4+q*?&z_i;@gXqjSaKIy3Q!I!B`?tLT3d9ypj3FW zAsm$7&K#8L5zo0pI4FPcU1pQ{9+UwQ_N#~S>xsg^E2F4zvU>Ht6F<;Lt4O!Q< z9|+?^er&jHvuPL|sfe6NoEhFQDJDte<(2G(K6>{;-ZnIQQqkiG_ZWViNgEv!Jb%A3 zrDvfkeXJA4H*$IX#vK&aFm&`Wqqbq}FS*O1VidQav~jfqD|T!WmrbmYgP zw8aJ4=%y3YLv{=+K)p!w&D^AE>_uH6MFD3kltvGPK!oEw!d`HN3QsaH?iv4pYo)pl z&M|0kCWd&+AgIr6R}PXf?qS!~q5@=;eBWb$@nrz?C@Z2+(G9Vmod)Sx*&-_eR!o?X zQH%_n_mEu%EI~Oqr|hnB5{h%miaNkZnXCxqt3nF^9&xqs`aqH_uoMia-EJVE8 z!G=**ok;6BZ$~}>M+irt&|@u-u|!OItZ1-V6IFAfiV*N>WF5mQ3lp&C)w!IJw$5Ah ziSO!^KKz!EPyQmYd7a}GcYkw8M;t6qOzF`sT}0df1T#lgBp|}*$IS9OvuxYsNWJ|M+0*Ip8W(coKkd z&&8ImvkK=LOa#3M=YiK@!+Y!l`fN4IfzJaW5{jaHf~Tx-lzJf4aDE|t0`5-POW|Q6 zxie39=dJ)Uk)2-cEd#bPfzX{tFO*S~lZXi>CQ*MJ1gR`Oz|}?b;z>uEG}<7DI0v$V zxENH2kiqZ&EU8_h-9k` zTwcdzMZ|x{W}9eAS#XM!=C2u(SAy9<%f?q$O@2U{njO~&VCqV zF&QhK$+T!+@!&YEmk>m|&_2BgeOJU&FCBBBYoSYtD8nCV$tk1`9_ENcp}q@8XjBxx zzs06tqGiKVPk5e5gj|f8zdb8{D3?V!`vS;G9Kvz zMHXo|fSqv4ouIOO>4uLNb*EIQP@%$k0>(%N&sQCCB91$7pS=bERA{-8%&+J~umr_9>4`50wc`uF{zi|8-^D==Z|N)@Roc7_*X6+S9Us2UL;YK0@+(@(mfGv& zBT71Iiwh^LvB{^u0+aLq@$lsqD>qm_UY3c zu<uM&o3|AoTj~ng}N;?*z`H1xwd9= zjRk8YhoIeR*-~SvGw(u+FMTea?neuj#3AyZVxCHrj65?VotW?mr|a#eZ2*j^EsZL@wG@ zmru*TSduSX_tFv>G%r0d6c;I6d<-8Jx}4cpf#meCDilCR;q+TP0Hw)L zu2*mu4$2=_4oZb52i!rq%k1~RRo5dQYP;U-8(ypHNp}bp&OW$HJbaJYAHQ1d-@`%4 zY+7&R3<~>)*-o20ha2lP1$E{R^7=%_U2g(eOCr0#YQhR|w=a9@$5k>To8rPQ`%#fy zSztn+9&(Cmx$>uNJ2PaFCJ>*W17;E5CsIzxu}YfDB)yMrD^QZ{!#^Jeg_MoNYnQ%KY+>%`Pt4?2^BO(s5i` zy1QpThpSB6=6WhqQ@Q!s1IqC|C7qNmJtc?Xw506J_r7@5!=WLXkwOVxRnV)yKp~z0 z?M@pijEcY?uG74bUUQX$a*-UAulZ$Jt`mu& z!dV3l%F+AH-uh#j%coOh0(J?*n;Ysd#6U*SjkK>I$lAi^;Sw}y4a;%y8`+T6i%oo3_>LMc41QJ0DoEx4iGu>MFGlds!A|ZD@YR{_WR(j!kYG zw|C$1xV4(gHZRdb8dMEkR}FbSeE1GfqK^OuTvP2Y`^pAoSBdhYevnYJZ8#{M|DEi3 zT`4tC?8KGJv*$*$Z+l(kpj3Er0ONE-ckpl09sH<_)She1Uj7SmP);U>3TG8ePW+nj z+tucL$#*Sa!Z3c!7Z^Q2od03(M{e7a-P7%By)6eN^5I=zC`&*B#bFNGB999X41CT!{w4HD{lr$oL;45WB(pHA>}zCe#M;VD*HbQ9fF z`_O1BP|Az5(Bwnv$Lw>Sez`3+j@ccbeN5wFuVy;-KhP@bH=Gg|hm*ou26{6{P&B7r zpv*K7UC(lz6MCt8HsE6feN-T;DV(!$+QX!0if90GRv%ij%NAzr#ZNt8cOPuqU%l@$ z;@8a@D?`nO9F(K>9WQ^XO-)VM+wOea<|VVCu~r|htCdFF@j2Zc6cQL#OSWB1Ct81M zqv{q#_?tw0#?4c7Lga`pVE-jkHDXS_xhM%>xzdGIsPH5KcZ#FBHikqzBB(Baa}U1* zWfI7Ue(}wJ8S(gq-wE*#YbB~dI5(0Ja&SCZ5gQ?X!kQyBYYk7xE>2oYcF>O{YKr`g z56F}cTgloy{(`^8IV_&35}!!pra3$=`IIrFdp(hKF9D)k7j$D zwOS(S*^)d@M~;(Z)`?FtyNI|%lsU?)v?ARZ`w`NuD|fR^_8hQ^olh!S_2%sz>d)Bm*Q%KeX%Czt!ld^A;+gm*uj5=& zrVhR6Tp;w}hyED5cn$Ow^FD7UdAyi{blx78gE2I2OXEt@wbiB_SxurkY%*D1^k(rE zpdPHM3{R`c>edin+x-WPMJJ72U5}?}R6N5rul}1C@4V9IXixfv>saG)sI#M)!AZwZ zg9;TYbb-qPgUJzlRN>qL!-oZ2LFy1DMgJNq23FM1j`<`=Kpn^%3;r84#OZDlXQh~Y z*FcE&2^A~Nghf7%OjwD51LQ_KBBGp_>^YK;aGVF}oV!`_=4v6LOU)>RgpAniijEQG zItYYUu&ZH)HNb;sy&xZQynQzS^l@iFLRhV6Qg=~9ZNowZ*B&?hPGU|A5)Sglwb>An z#(6)$2ZcPqkK--ZI*%EY*z^kVC`bL^Hzev;%8h)3BG-*Dc?q8{gbuVR#}%aZ<~uko z^@AUEE`3|A<&IyY{vD%P*ev23Th(sDm=Y$%z~$s$wO63#ZP>P<DG9 z8bLm2Xp=$bw@NfR_G#c_Plw1)|(?dBk-duB{FD;IB|22Uil8 zNavdCk6z=a-?;3D_44N+Ur;ZEer3wbf@jd{_#gz6C2#hHL2Ll*6cDg~&AK=lfpiNh1=19*|O7U1*lKyc?#2I#Z~PGel` zB6h{{nk=uUfS3`h*@`MElDhXyPQ|lqr(yYpBs#)KLGl{H8zxun{zm zg7rEpPMu2P=hkFT+OaoD&I#L%`DG*6yHOXf(k0tTF$@77GkREm&UAQng9@rXH(xYn z*X^c5uqQNrrpD`bV27?Q{}`8$#^EJ9N4v*mKPY{;UbE{p21mGES&Ki1%G|$w#BMw= z=EoIdSo&SOW5lmZu9ItYZC<^1RQh5_1j-W6_~?*bMEN4cx_V6 zKWvl!{TszQ4=XG+TN)bi%L{OmSG(Jp<&iasUK5CfH}A$Mo+I+QNQ`_`%QHor zkPz)z%;;hf?{aFVqHdy%B2~Y0XRc!q&Zj#fSgyM#4x&()PQBt>A;;s2*#)DTlI&i@vF|l02xhKL; zK<(h;elr~uIR&r!yj|96F4>p=!aerYzkZ+X|Eas|p2IU5$0~3}7ac~E$)DpXNO7Fw zX304EIkccKPR6Ww(w&{>!P6p+yd1N;yhbv_|LnS5HZ-nE%fNp9Q+L_%g_fN_9tN0~ zumQ3OlP7eM6ZNMbI%41W>-VT-)hy&em(aOFg*7n47!$tp3+3bzUTWI+Ja>=ZwEOtP zQTK5#@^PgEj*R1U4Ltnlf_?3;e%9`LT$2UyeocsHKJmqPWqih+w&HI%u+8pxykTGe zL$@o7${w%VkI6B=a<49W${wrRfBEZ2?VtVjgZB3iE!fxm!9(_)zx9Cq&WBFecRYJf zN8iaYd&O&u#9r>n6UEMfnav(*32gX415pJUfdD-WhqQje}}5h%KoJ zhTUn+K|hF*iPYcv>BRO2deV-eV>!IqSR$=Qn|D#F_eMa~qIw*uOS!tYCGc zp}L6ApRg~y(@fH*IqZ*qc%|57$$?w)Uwf|UK48>pa!^heL0jSkv!aAR>cjX}`=ATW z@uSBU?A2d% zvEBZ|x7vL_aie|i)!Xd--+!Z>_}N=*`4^sQUwFedH_ZS2WtUmwmu|E9pTEt%|BElS zZ+`A>`@p}yS&oD>m%*J=e0_Ax{`PyXwL?F1v;F0(ZtzDk;iRw{b!@(E`=(oV^`2oH zn;x~Vx^=gG`mv@hXkz%f7wofle9yIJ$CosL?6tpo)wMP`F=QXp9q-)FKgE9IYp=4e zf8HK@`}gbaQxm|CzxXm+lzxYP`WAbs9G%KZsh|r%)LFdjg~^ec{pY_uW#9ez+x?p0 zPW{CyL;ZAajC+Mw!QeKNjr$+ zeo_X4yVZ7a z6Ae~ZFwG@dXD~MvShG4&2<1lwN{Hw_$s0y4D~cZko1sI`wncE}k(^064jo_Nme>XKc_kGIvQ9wQh?C^DpIK7`|<*pO-h2SnJ zQJl(wAzS*{2g=K!l=y|iE>h)vgHXA^)8HAq|0=Usa2#0fe)xy3x9@quUca-Pl5xE1 zyFP9&y?MKR_VFd#@vlE-&-tJC+h2U^m3H-|6ZYjdOxws0+-{RU_8I%m=k1hHKVetx z9=3}wp0fY>wU^s}d(UzEZ(q7cH;#4tjz4|WE}b^}vYRv!q{m0Y80jNR_SV}^*~?VM zQ!kmYdr!>S#}6*}if++ZY9B&PIW||xk*cc+CcpQS_8tH8PB+?1npkeQX3D-scameT zx!v~v;HT`(AD7b=Uz(}#Bn6`;jiElkA;10cMLRxQx6iw2m%a8IFSFOY?S#gD%}y?~ z>`mWrx&6>z9rCgN%kMj3Kl%kY^e62%zUFct=Qkf1vG4nfN9E`Y*%3J-fB$c;vOoC5 zG5d};KW5+Z%xU}OZ@AJfnI5)@@4v(T&1>)0T&BUyq&B~7|3hj2^_@rTOMdrZ`@^rj zQqIPd9XYjRcOBMs+i&RV!no(YllH*}7wmIgIHh^9{}kdRD#M5nBx?&A?*C zD?>!*#28}Hq8~hu>KkKF=j@Z6s*iP6NjkCVX{-LkY7+^bhmKoTF|3-%QSrqM7y{_X zBf3>QZC0rem3){evjZ+*p3VBN9p;plVfsNyhi9dX?&!GDIeu)(zU?>fwcr2PNnhX? z(H+}c@06D(<9cAaWz&evrSvH^ z7~hDg@FWIT8COiYdtU`R`H>{oI}Q=ihX>z422gZQ%qC$|~b` zd`S8px1asuz4naDM(uCzKH7CnZ8_u?i*~{$t_!R8-=>11Aexim1Lf#90r#@CXF6Gj zE?XVwNFOtYmD}qqflsx2(_AQRRDf}!`PnH`Jc6`ij5~;P(&D@qa(=!fTU)ka9jD|2 z@EFH!ljoH&ODnjXdXfCm_2@p3c$ekfIR8NAgbSHfARYlJgFoi$zTEo*W`0|sUrCBy zlymWOGN5<9`Z}B5Ic&SHoUki*j@Z%prj2WY-_A2_8NLrZuw-xlmg{Ux&dQIzXqP=Y zvt$QPwe0_U+8+CYXY8~ux@F3qb7|f4{l?!Pw4eUs-FDCMIa@w7Yah7pl)d7%UH0d9 z%-DPGo45OqEfh7t0bz1DsXM}t%kg>s)ph%wzk1XSK1=Tp9c$XNE}O8S{bTmLE5;Qs zedIm;jU1kr{{92@-Ou0QTU@5Z`^br=>+_;#?zGEykH~=%Z_FAMo`hhKVFdij?2A#2 zbDWXCyMNaH>9te#e?B>*>t@+kM8=f%$wwFM>z}^UCU*_ne|z!e_O5%6+597?wtrgs zXxu;e@Qgiha>>5y6<6E#y`%OsUwV=2^OXJLwtKJi#_LYtI+>6zg%6_g-u}UZ_RK3r zZ1?22-F;Y2`DzZ$`2gyKadi+7r9;Oo6^Y#lo`JD0=H3XMRxz2yKHNco40y@29*`#p zFnpOk&}*xs=+jXCECKPuYu|WmP0&asn?yB;rl0$bJ>ns*so=@0&k~8xt1TN>cuL`# ze>g3%OLiOQB*}5sgwxYxt@G)a$TJY+g~QCs3r}s_`5E8!W1YlRKqlIO^`32e&7S^M zx>(rgl7Ppr^xN;5vkx6wwqO3r1NM@er|r~2+kWH^9<-giNA0nhW&7AcrQdbRh9-yX z$G&KtlBJBMY`Du~RajKls-Nc^S$6?tw+S zao>pjyXWt+ue@=GoRm2`!5$SE)Vhehv44B-tbOFjvJCd3edwVDo1PxA2XzyJgzG?M;u`sl}G>S9$wKj@v)#PWK1DaF2b-_1o;8 zqmp+-p50b6+!f9~SXG=qVRq*`HO4i-CU%8N{n0?fV1maeUf>=_qN*lYg!h<)avId?Fy5O29-$^OF& zrtPb5+ir*FmhCw|f4BY1&);b;ylUG1?BmB}gga)0N3oM~qF8yT(pU?QG3?4JH5F3k2h?YFCFW;>hu;5dJi3Y3DJcU{oT5`NeJVWpfPv)4>i+D{x`9_HUfDDXE;LdA! zQs=1-&Z|HEYr;%AS>1@jals?(dUQt{vdj!fW92LZY?SBg*g42oDgy*R#(!NPV-KB? zMR$6gR{^|ag&0Dd2YTug8A|mX6p=j}YG(v@J|(bN-M~S~D_trGmJPMDGBu9cEjL|m zGn&&LJG@{^L;Pws&M*Smung2LeAb_0spm$3j_8+HW3zy45cS8eLf1k1qsS}8eBnW3 zS#_Myb+%9PcIi5~ZTFDfvVY9(n;W*@f5+`IOOw`W=ptyGuw7H*_MQLqa>cdm-S^Mh zjNeGK)ng-4gAcV00#@&%-qoN8rXY%mh-O1|! zALrd)VK@y0cVN%Zhn9?yrY{kUwfUP4|2{3wjX>Up= zxK5BEC?7zbxJ~Zq3Kc3;*koX!Tg+y_=kJmwVZT1C;T-Xp7MUKw0U*(`ws8C_+ z0|SW7DhwgUE%u}k7H!0u@rcMb5woW#jO8kzeAuz490x@_W+6Wms~cTT*Cr#%x?qu4 zfX>A!fdr&rvGibvn zMDtULd@yH~qWzCQZ1%VRLvzzqicDb7$ufHcCOcNN3=F8pud=TqipEYlB7);8c}Xso z)Hw-0?)FQMdq@Vou2&3r57j$~Jsukojjm-`gMhp%>Y8JXwptCV)@1|e(v=gwpRo#Z z{s_l$Rfu8vsNHg7+Jo|V+JnLubA3~+#uswDT~xV^*3o4M8|}L?LSBHexEAs})PcGb zkYnCnw#nL%O%9KF(so^6JBJo+hlb%TdnfIxiMBn|s@reA^8uT03|Wh}SQZ<0>Gqa= z^9!%A`DV-Bb02$9q)ctnmUaEHO{Ip<&t9;86^|sfjsF}Jr|2i2X?+d~zihbuVzcM| zE7d1951mI~fM^WfF2Y#FIur4}`}+w9zc~1#x|Z+0Hge&t2aJ@iGKg5Eor4!PXf+h| z67g|B>PL5`E?rZGe>7;FeIBw`19u8DN6bFE5)!^#JD)IAi! z4sZ+TpTFGm*%i z$sxl*nHnCq30*teYc1PRTeLlLP;TBcX%|hl?Ez){{lC56jx3E>dr?9b=k1amE&G-) zl!LO|vUfc&YjfDip)p%-4p~Di{FdkG&)0|ID3Fv1-IT;M?xSAkKBceAK>;`^OIyG> z0ccKR0KRk^jgMg(;cjbvRon8QI-~qiPd0VI_>YgJIugV#p6x1!58!I>r$;+;8u|dv z{UZ0Xl_1@Jr4%Ee$)v&RgqR~g*H5X40!3K_xXa=K=*OG^7UcKSDF;r<2zRpr&agWt zfU<}$l~=C2U!Z>0xh_|zhn!v$;Q&A$+1Cw}P{x|{r|ky;Z1m%x?Y0*DcW|VGJ1BIr z>hraDen`{%6zc7 zlmF|0hraSQ=X##8r`&pp9X)*9j+~T(Qcn&_+BE9?I4Eqy=H98uJ0Qrv;p?;qkk@z2 z^g)q_hCq>A84?>Z15LiAYTM+{kL#KoQ~mdiv~0KP`_z4twri|ykIE_kpYMFoj?GP4 zdr6gAIBr+$YTGxx@CrNCY}w!5KWmMlQ8^bi|KY`kM0b4P+=z3eL9z;@Bo53daFe_N z2Spvaywx@-QPI2_3ge()WS(dUJIgrZf^h??deQ`EVhjcW%^77dg4|$)4ke&Z7!>lY z=AeL_KgYm%VZ=dMjj@E%HPROt@nP=51%I_QzZ>XN_h_fkA4EKH1vo)YAA`FV^0L+q zmFp9~%8hY#&OlvxyM_utY<`q&k#Y0S(dXcHs-?K7=W62tvC$^}GZ^$;)<=;J@^FAS zfWzyPcaQ#c9{s`b^lx?O2m!`ac^t=ZK__?W0msZn^=yCA5S*Oj0MSv$je>GF+d(M< zJvU=qb=8*>Km_6FqdY!=sC>+T744>kAu} zi_WCKazwq>tAqCigR#dTZFgP@o*tRdsBGAz9F*bOlIg)$TspFGIvmPUATiH(fQ8>owLtcD{?}e zcijurQCoZ`HSc2Q4hq5bbm&$Eb%4Uf^ih}U$>~|NH;#~xarQA@(jiCaLz3&e3i|23 zuDs~M$$%K7tuWwAd?@Tg;+Itz(;e*7k%Um3i_c(^RJCkx#fxV ztOA8``l7#RPsOp~5i2Wz+pngamq$J$cDJydNg}e9f!L^4*+I$E0CFM@L>QuYe{K$Q zDi;I~>5NOx-BA${AGSYa#>5EV3CmlYNDx7ai9B5(5rIX^iGy;39F&t~2Zb>yqJMpLSMrh3x3BtOh5l!Vyk3K%(1FSj$opN1 z?Ijx-s@rsZSq{pWO~}ER9-6o5;bFUMqG8wVp0b@Ia!`hc?6=?hkUcsl2W3uja8UNj zLHPnXD6F91plI&xc2Kxb;*mH&8Tx7E*dvA5813udBzy5w%>LDzw$LWoei*!370v+O z%unF9=5fQ}yUpJ8Y8l%Jv%S}vz5M5Oz3~`oGwXc@vM$)>&lS(DZ5HpFWFInn*DuRz zvErb(nDp~30n&-bfaeZM#OISbap7D93d5iBmiM=W9FoY(1dRP%O{V~P!}1pLGuPka&6nHBqjFH<5s$B! zDr0-D)6c#qMQwE<51tsYX4yeml7sS4=@E~lcN`QJG@@{ni3@?W(+$(MCAD%*shvJuzk{;Ymt-qc zcp`xb^5}hLfA+&22W9tFW-s~atO#6Uy^XzYOgd$GobzZ2Cp8e+;UmmEmWzyd&?{WX=LF{<=>}ZqPH-iHKdlgOx+;Gk zcv<`r@s-xC>Y$J}+A6}{4S52Mzl#2_k|&n~iar1}8)_W2+itzw4zYp~Uy@}7o{hOU zC_X-(01isOzG%;DD9JIAQ^ub1DLE6Ypllca{;{_0);N3m{z?B`o`*(;?2kWq*zP|% zWQ};lv$vHTly=8Ksl^J)xEz$WB$roEKytJ_?X+U3IV5LkjJ4~j z+zyI~?=bjVN&z>2BCI>{I?9k1vxomK5AkuXFrU#ZgDC7PtV~$kVF!T_3Ci)k5brBzH{vs9VZ#ni;XbYjIibT=@tLRT%%gLOV<9Jm>PH;_=Z&y;eFPKMRIFlI@8A0a~ zz1pG--xNILS4OAm`l~#xmIk?;dVWR2S3?xtY-m77TX6KfkRIr~P%ECc7@MAh3xo>C zwZ#$si0^hz*h*L*l5@g|a3;-Np+bcU=N=d@sGrd#4g2TD5Xym(WO7TyhuT~acgPq^ zh%}DG!QTUv5%xAGK-pftkjJlue)Z`>#)N$j=Vwr0@o~C*LK>*R^8-|)jaN+OBoN7_ zY8X~Q%$uu19fgA;-mY#c=c7o7K3{LMMP0&KT~ViVfIh?cbbEFNEL&*v>NQ(!e`yV$ z#QoY<&1M#7RSlg`C)&70%Vn-a2*COGE+QhXIe3YTYb}GKxu+P(bj_qzs8FH87DpKR zUT|Y5gzXDM*#($_QAeMZFwnC)mht#q@@ec7aoi9i-7ltS5pjQwP86m!^T%(PXpfG4M{%k7upn*P&p_SDpc6|z;X zJ5EZp%@YODr_53t?23UA&3hrVA-dAv{T%gPD8^K;N)9QeEq9!FHnVoTdv6k5GhN)2 znU%ZhCzNXK&L@pxj5_GdK0n?mzS?rrcdK~eLgk=Ts8Hd;0Jat5n2eVL!xzSncu&hC zOTb#X#SF-T`p?6Il9$phEkU1cpcZv3CX+Ivf)Hjr%@myWsqO^}>O;M7OwP7*a-o5? zSx>vrj>VY5vnda-T4%3`RJgE!wF|;X$0HrLW?_^{xc2}6a9Bx1K~xGmhPD9FSW8bXKe|bL zx_c`C-#MB1b8|l^B2P)Vbv^3YNV(?$t|s*i8UU~j(su)iTSvL)64Y-)UDzX|x0Nmq z-qLlax8wQn1`coPkL zC@duQE^Jz1HSt#PMiSuhGzI*%+AJ+lyxEeiqIBJ%MnMUjo-q&-YxO0HIz^FL(We1# zQlzN6u$pdO4gKLKOW6HbE_cfTh3SZ#2AH<;G13c&C0*2REl6r&jy$CMhdwnX7#EC> zNZTk7x0YUK6NR^-aCtnrPHNkBrzIAoY>l_tc!r~hI(jSEFo@Wmdoe@G1ca0hGqiX!5YxoOcyUPzzCtp;fOS>8G1Wc+moJO2WegHoYFg$oy_E#ewDZS=as03kh0VV7*u zGv@^n*wixug36Qy)9DIz3k1VD;Bu4j<#Y@=l*2EHv$_IpDJNxyM28~KY| zTNX*-&>eqrJz({))@Oq%&WRj^X1ifc_5HjGX*K1vXsj$S98$6FtoTw1sCB-1q7YIe zwhZ18qQvp^kwLcI!h4#={n*m=H6}^p?!a`=OVbJ!Dpc4yzM+H=@uxbb7Q%=2>nAYx4O%!K<<>_tZeNWdvy%bW~w%iDDtk|dY~e#Yq0wR zBD~Q7(XXP4Pf0P{*Z|@{9lw@BNlgs_KEOsg;Tl7N9kl)kEP){Tdx&?ZCSg*}2kT)( z@lj|0u(PL6D1Nw;-8Zs#;wuNGLWK%j9~i9l-ZA!sTf@yk7-RH;HpPiTC^}}7P?U2v ze1({e*q^{1Ha{&8@Vy36_yvS$!qj}LVMtZxe%BMtCb!s8Hd;04o(8 zTi5|%tXP*N%V*piFz1;C)~DLddfZd%mK)*IXztnGV@=LzVt~H#KWt`8m1j=2j zU-|+i88b113(?O|^y8p_-}BJE1mpxU21G3t<$I~y<7&zgn`<_`o#vLCHWYi9Jey*h zVkQm|DcauWagdh@yktJZxULHF#@i@NG-m-(%{6rqqAB>p4+$i}X0?U$ZFw={ObAwXVE z#0>&;DfD0*GZqz58x}RlH|wfQZy;jB6LA^q)rSU~)Ikl_ zZ#xMhVH4qM#>a)*JfpZ!fX+E>SamXoD}YBaDyL+~7S$HZt)}mXU39NRoN=wKxZZRk z7NRCP5vSpz$-sa}o?z$<;;4AvA1m?=wCcXfL8(w-5Nw*Ut+1)UxMA=BeH7uINX)EV zvndpZg_V_l6F;)nlzBElf#@oV;JEMK8}FNVbmXPvRAaOI#> zs4xh)#^MgM!qx`M^o=$Cv3c2Ez% zw=RoX_KZ*j*_n_ybsb3OgqfFwv{9F6DD;G-$g>I}Pw<~_l=UG@oP$20y?RkXk(Kc0tpc;+Of7Y}%{SbPuD`=A?)YA32wp+be#!1agS;%cj~wLxF`5;VlK@$Am97huCe zdLH;O#}JXkmEYE3*JZz*mxBPgAj;#IgF%+bkNL8gH%Uh)2+OYnB1nhwFf<6(!#fDj z3EJrF68ezen~O?CzvPtd7l8%dhQ6A7Z;`fI5eI0(M$N6*|TC}!2h=%l?kt5X{9`QZY zZB|>@!#)988}nLSA+ER-^0ljWBq`4Ut(+k^a#S}@NE{Hi=gaVEmS2ODEx+kA`nkh7>;}o}rp84^P@ct!{IY&1%zlyVhx)Y$NruA{KNCA*R#3 zHER!#+VIe*YFf9t^cZd~SzXRdTWP2|G1Rhc?Rls1;dz@DZ5y7m$@+pEoVHEWs}+t$3}cSt)2E@;c)SuFytR$Ll#6KCE%%1R!feJKkni2 z4Oz!@$^)9V)o@};pl4W+3aO_xZFU~#h**6Ym1D9^j?%XFf@oRsi?&@3(ezNmrsTZT zL?bGDTo>XF37wWu`lmvL3Twgd7@!JINMKPnI;k?Dtr!{|6WvW^!F|3ZC2> z7e9^*k7JzVX7IR2;re3J#(0BA)OmcF*;$}$G6*oZBw>?`>0*Mdvx=gyh4R19Jmu{ z%<3pwITKZQqM)ZWT%*5B^GgR9aq>l81ar6Fs{nYJY#^+Cih>HH6Ap;znrPRFkc%AV zuQQRAV};IZAoz1aAE;>4h-B4-aE3fzB*B`8b5P%|t`uWilRpQw0UI_u44R-@JQ68^ zbmuvXpm;AsO8EwjM0JrTNKu>;9>LH?!}`-!+d#vjA<;+*J1O10g+%_9T*Z4HoIC;1 z?&!$I`6>+M#MqTPqO!--ChRpSK29Q0oo@+sPF;llk<3p9OzF5y$8Ezk+acPezSvW5 z+P?9oT{P9UOLvail{;&8{r;Lg<)Tr$>C$n#@v?Ed=F(BS>Y}>s+dFJi+lOsvynfc3 zyh4R12Dl06AN&?&H%_o97iwX41tQs>C(Fo;4SzSD2PNMbSi$mQqZ zmsOtcn1y**?YE>ZY}r)3W>-$u?aGNEIUvJ!?Vbs{df&KReqhS3xO|UYcF7*wfAKEc zwP(tvc1&4oeB4eb&tt72duXm@pFX^7pLlf9{{F#5`@4G=?XN#O+fl7Tg$fn6E--{W z?rK*9_E+|MLm;0o^D_%EIZ%FvIQ5yW7ou<`8jfT@4s{?cfoR`@AT!LNOx!&?KaLKh z^Nmi7K4E!*YtR7bmnGLd;5_;hgfl{9T@~T|)B31L-T~+Cl;lL+lebZh&dY+LSvkU! zgY+EU=A8_Dql5JWe*mKLM+iB8^c$qU<7=osE=p7`YY;>p9MgL42!$gOl>t#9(nRqX zhet8~!;Xv{9qT$DT2ed?goxLMmwD6^vUF7Y*IG+*IBLoUpYk%3n&fc-M?HX;_u$;6p^%uV&;BWn?t#~}c+dH)3?$IH;;=rU`v3Jb&PmkI* zvDAiZHrs65;p2;T|FK28{jml6@B^pp{db?VcicN`e{+As-hTg*{p|w__MS&h+WQ_? z`s0iC>67ALq<3~+J$MsS;R83Cebei8?Hx;z6)HS|!7Fr!?=gGRtIfuB2fOE1vzPs( z=9*K9;Q{~?152{ls?J*Wg#+FyIPtLAyM9q~^fpCM304vYFk94ng!*Dk*8t+uT-aH< zCND=KJ&Ox31U-}~qNxhvIgfdy3nZZb_-UTdaXp|N{7yTK-obXZQ z8Ie!MW0^@EN91HojgH!cBDX1wk36Ne+AS5YnXK6dA8y#|-hZDp>$}trYM;h&yKZ0I zzVQW@+DxNmA3M~v1@-03V$0^5%QhpzZCG?2YSxs%CGYDoxne`54>c37cE~O_TBkyV z3af#OsJK$fcQ{)dG6wabn%#QYlwG%fO6qe9exU*b2IVtEACSDBZh|)#>&^$A&b@UB z@OpYbMBzcmVGoKjMG{dl$#T8|Fv64`>wrO=6S5VgKae{llEWJqBhn+Bl`b8F61wCh zA{mvaJGwBD5RR+`pZ>5?!f`|ltdj6*t>1N%o-(k4P~=hAA2*b#!|LTlnX9z}ypYQj z`6^T*cTUs>uCvZ->~VleNs>8a{0^_KZ)VM|Hj*RZkADP2g&t6_^+Hy(^HDr?8b+RG zZO@Bbo%;%j;NKZZrPGo8<7UMN_xg2J@|VZi!~@3@?poP5(?c30Z#Qp+cqNavcw@|W*u zNr%6<%PR}yJZ7&FB5zFUUC87FA9d`!TGBxek&aviWET-hQQDxGa92St2ljIF5|@kV zvRg`k-&Y(6qpZTd0W;^z;QXE73fXI+kH{|IB(X8n+mH-u99B-E9O*x@JY!c)&D-aH z{>AozPaL)T4lUW@@OH6^-yJHLHSdv^M?;7yw@WX;N7kHoD4q*JAQZ`wu1)gGc^PUg zic2So=EwU+<+!kYq^))ym+)~popq(xhwC;ao*~t5`-q&Ckzu8^ZDM@H#_Kh!*N1FO z`Nrf(@WwFZ!`}SalafDV4LKrwHP+oaACqNJPZ~#wFwqp$ zxzx6mgK|D0=j5LMe3MPqY&h`IYA2Zw0V^v_QqRT2B9wwoJ(L1Uz4$#NemO@4B#juR5YX@vaZ?qNH+% zUw=5q-sfo!GN6w$_D4CHvXIjyONjCUq+@W(aj{Yn@ti`v5M`8g=!;TWA;6>cC)DBS zZKA&EYQvPsq202H)~sE=ZOLBvoc;FB+mGA*k1pEcIF7KG-MIoV1LaG_IkIR+oCk2$ zaEJ=9Qi2k!j-VWlkC5f#_mqc4{B+G2PUUjj&}Nj!FOs)oa?&P8TcR-=(fAx6m;0jX zP2hc?GD0+$ENW~oiCBo4TWtIH+DU8`g~Na-d?mDCztHYpLvme=HQUM>D{`?K`S{hwtPYk%1${b7s)|cvNzs2YYRAq ztc)E4O14cKoh~eRaZ*y-l0;Mz z;Xp=l9t`NBFtdz*a$I3oPig2~l$C+3!0Q9EkPaPiLdIb1fjlYKvrA4wS9yt%Hgnx@ zqQW@?rFP5p&&$lw(?r1>N(G1$Gi8&9jTFJhk^o2l8C>@~m6ZAhC&9CFrmy?ANcXx{)u2E^jzaVnFx;T%xj@Pf){d62$D zW#kTPoQ&yjeW+=}!*!YHnvKcX7?qyW?EBD7<@i|L_kr+qY*aEw^~V>4B#q+O)4C|{ zV_seeLl_5SuF>^?TgGV8x1(JK)z=G3a7>WTQN6Rezbw?Blj49X`Tr8A+`CEIz#tEhq~8XM{pE)nR% zNf=-9D;)fkiTIq#Dr3O?TO1KUJMpxs3UGbI!|S>1oj@)QRejMX?pAx*CP#-o`zXAMW7~|?#Xl-OWO_W4sEAGG z5O2Zw#0t%+s73j`GvZ_Oyr_24MwgcStEs!>C|^2Jv+H(_+6{X~?CE>A+0!l`w$Hs{ z(w=+mw7uZEX?ymy+wIv`P1|i3PuWxUP1q&dMr~3KOnYw0jvZOBJMKMfAG`Cgz5k9G z`}h~dyl@@o8I2Fmj zc0p;E?-{j^zv?=B@I=d=`ZJ$2+lDzVfr$u1BI8_>j5hMZvpJveM?8<3z3bQIm+*)u z>6BZoP?I>n%h!=fCYJZHy`C6GFw4x+Gwa>Jos)FExU6&}e{mUw92wrCU?CIfWs{U8 zpGIQzgXH*xpACNP{TbV*HCI3WQq zmxv^s<^4$aC}$vW8vaN~Z6EP2A3hDpdU_1vO3|O4vkq_KiAN=;6HgsGzf9HYwtd&6?H-?0w+`EsRK|ZC85TeOK)N>DYM({T%l>AsM9yh0pOqtWYGKx9 z7ix+Vsr&^#Ij^cMsLe;^P%NU3FeIVFI_I>(H5zj~pzZxmgjCwJQ)UNwxCh7*rhzc* zBWmBp8GGigC41>D2kc{qYWBzPx$nX{8PIrMvY z_2|bqDZ`!L6n3oCuX0e%CrS>=t{=bOj-S-Tx87GlH3{w9Ic)#%ombm+d&epVWiwHB zP!7mJdHEJ`P>wBG``4dlcRs#sFaF&J?CyiQKK&LZUFbL&I4`UL&nb>K5%|O-MlE+{ z+&LMtS3Yy6z2R#wvLka%+xs7G-x`}~3kT&lIu1%$D^!O#FX9yNyJhYG(~Rr}7Y42a zC@e6L0M^EtcxVsqx-q(eY|iYUhnz?ceVG4xA~E^_Ch17~_cYw;SjdcsvT)+1hfnYc z1j&;{^+bpSUQUYe-^T9*I}Q<(x`Z)CC>~zYIfBRsigIC0x6PiM^u|dDFBoR>#%fid zOFm;+{lf`yT#JkcPa~r2m=Kpir@jSAN7Nru*=*c|i!W?Usqgo;X6@Nm@3iZ#+HIeD z=!pG;Y-Xcfx7NsrE$ccN(PTTO>u0R3ysW~F$|;cpvVFX6qZ5-hHY{gBT`*2LQg=x5 zd5v~?v1yIPhBU0%k{prwrMAt_F52w;qRlPMi)YvxGzB{9z<1VK)Qz`T7`u!ODEg76 za1tXGa1bDOV)ABI9OF3N3hDy9w09qbIL2gz`NqoftbOj(l6~cE2kfJVm+g)3kv(J& z3Qi=Cc=mT5@jP^LaeWR7-G|Q9D_u@yMD;6d0q|4PzNvKsG$yAeJoE}@2{doAyITTs zKHqcCqTR4>*xvRnSGtqoh6QWPHhfJspMUKRd-=0=*-O7*r@i#~yX`BVy3206Y+A-a zJUm~7S5C}RF4<`%W-Hy>+04>}K^Zm5M(b5ev)-W*jICRcY(n8=7zk^>$r zVA%?$83LjHs6|H%DTG|wrqiGztf<=8y_O^=Wj(Ers6Z*NKX#FBtkTpp3AsZApOCXc zg*=^5FF&D7%4UK|lD zD^JqTAE}A_5er9A$RaL|L7p$QLocFiKGFf{f9DMxIV`NIu+kNI(Z@dx509cmEcoy= zX#0fOj;WgMo2uI-+uC-?_L^PJr`C6m*fkezw_C3{U{~##v>nZsUAJT0KL66)_OyLd z_AJqJFWzR)xqRB5f88E?{!It$c{g5c&$#+hyXB%?wtI5S>hnu>^2kwp=z$~lsXGqa zC+<3I|8VMmp-Og?>E9pe)eGu2w53=M$wBl+r3)@a3<^y! z(>sUlL*I3cUB7pojH>g74wR7;u$l@GO~n@VI(h; zCE%Ci0&eWNgXfs!7nV7p5S!%#zN%4roJ3yui3%~1%(*)OiYSU;LdnW46;YsEwLllY zPLR)pz)cNx^0w(Dd0-&jiVUao0lu>m@sU43wD(63Z%K1deLHQT|_i;Ni zH?Iq=S8w)5Q?t%q-68zfFWGMwZy%`~l+DCec2KzTF%o?BlJHQ&MkmJYO<#Yxefdoo zzqRo_Z#`e^btMrMfDDo$DYhrQITLuO@T(>JuMZ ziLsEMAum7VcwSNPwwju&hiqKVhW{p>`VQ8e;$u$7ruuK>>71XBfoD_+RC7qemi4c; z%&~3P?H#d;<>)UgHEfy37SfMbcw4faOM$! zWQ%zH{_;}Ni@j*OZQdE{POFVOI8MK$b2@}G|6H5-MoE)$vv5v@= zgY``}XJL zuj8(crDof{|1XZ(FTe9(XM)BU`UJ8?(9=P|vgQUmfm46%fc}hoIa@8|k4cpYfZs52 zCq?j;6DAY!Bhn{XId(ig2oWog@;XC=Im#jNRg(mgdrbfVcVcwJkaKh(2VFBcQ3O$L z^h=0zN0M1&*9nhVh-YP~*uNo^>xLZC3Vkxc-d-fAZ4g&L@&55KRg^b2aBxF@fUJ}i z$F5(@Edib`9ZDdsh;Lb4&U9OS&D@Spja1$&ch_7eu)2>a)p$a}K9BY?8&KtlH0E{5 zw5?fh*skFr+qGkx&77FCR%2N5h9rB*hR51AKDy)|KpP)#+vxD5P4C#QW*pbG#&66l zTVr9t4llLr_)Oat7VCC+reW=d+#lCdeaRj$2im0$Br2jK5cTrY$o#Mcv=>*#yk%O8mW#oV3T}0CkLYg$)B^IwxoR_PMEPuWp>M# zX#A%o=JSr!zcWpH&v##MFS}Jv)H=Xw-Iv`sX>*!f-gn0d873_I78*0O|Kg0<{r}i$ ze}DXmb5cS$9mV8^!Its%$2$S>@B?cF#6vpuO>>8XiJW3qAeB)DdrQLFlMh)Odo^R| z3EV+qf*~)ICZ@;;D?yTSeY(`p3E4<5h&qK%DUz}{?WI$|9n=&q9#JV1D^T7hN-WYv z-flP?L{KKj9!M%Up+`T)Tz1U4U8Dr&FD89Cn!IV&UT&#NTh@@1u*91$3eU(be7Io`AF11eM_YE!{quJBeTVJtM~>M8k1pEdM;GLnjM|Q!+id&xVcWlB#CGo) zw_V%EY+|CW>bBG!eA{GRm)4Th$I+1O@JBk3#-p$Jse*jh#YvU)aVp{$i}}30JIzXi z{QEBn{D>j^?(ixcIpfzAHDa8 ziW!y9tBmpk_H3K5r(C(sPRQ~5^y7=R%y=nQ52ZIjx_t#m@aJPfI48tWc!zpst8jks zj(g_q&p$I~fAoo2d+0=ToY@B+T(Y++{!czNYoFmkXu_utE!v-bdd~jz_F4PDLtACS ztZ>dD6r2kC^t^Su+vWOb>@iHv2wLQqW3DS{1# zaZ|@zyXAi&8o?iWH5oJDCPo+EcD0_lLvb8yEy(Wkzmd# zLpdr{wX;$r@)c6*ts|Rn(aqmr5|dAS3UW$wkQWMFX;Yk%Akus@FX>D&YBRrk5{1+1 zJR(k!>4KPCm<)RWKIR(c9@yvy91Y@F(%?&C-1s)jBxWYxMNQ6f7@QjFzlO@;wU~zV zYz%u9#>76#=1n$%VjdS&s2q)DQJe6*mvYDN#JZ4Stp*&!Yr`Ei?7_|*KgotkUg;gdCcQWqca?KUnf5|UsaC;gDdZ*dg)qh_wL36HI?Meyand(gh(7w)#NdBelD*jXcV zeCJyZ+E*(6<-h*0Kl=>)?0b*dOMd=td+9IUX9u^+6Nd`t7P1=ksS*1(&)tA7(+KF>)Hl~lsxR9ei zOzi%K3g>`?C?t-^k@0WioOok-Y++w}f%ar#W@RJZYKaNI7oym*OutJO6(60GzSNUC z`x`xqBb_`!I5J+oD4ZH6>BEn+QRg7q*WcXXs77L92{o0aOKvggD1c+c+ak#QR?)fKu1hjyvj+vHc(?dZW}d*r@D_UOIG?Y?`C+r#%iZigN| zY)6mI*{tfnr23C&R-YapwY|G=T(;Y#m+i32K640Z!`G^ z>eK=B0b>f?hg1g~86KbEP%<_c3r^@sg=kRsAUaTz6W4-Y4?W=fagqqN1=U}YC^jGa z0vq`g2uhQ_qI!c|s!u`mt&UD@e_Tf~6}AW%_Xn;RvwwKim3Hl(!UCupmu>W-G5hQ9 zzS5q3>FIbMI{QcMjo*E(z2p{kZiOc#c8w!Y#w{<*UvZySZL(ZxMpTJ2_L}7S|kQ3tY z#LmI*?wFlY9DqNGE)Y%uz{4tLBreaoVz#&T2o__&iJvn*bS4~O{1OvTTs3}pJb zWVkaS*)!6CFQ4J;ppTaePa=u%d73=%oAjlE= z|3Q27;Bom&E!#FRZU=Ua+m-vq?BYENi?;8XupK)_Y(mX6K0YLWMdkY@a4GELWv-)p zF_<_gg3a$f?o)J;ta=n6Oyv`F-SEAbaq%t4nZrR@R&)7NR#xXq@alWW1rGpZc;j|5 z+D&Vb~_u-y>gqq|J$##e|lqg{L>Ch+S|V6 zDtq~DGFBCyxX`39B!lp@%eUDV@)POTP5be4uiB=Ixn(=m{m_|WmyDi270_MSbFbkO z+?}#ssIsowqp^41ofMVt6KF->`2YsIACPk)L!i5CjpT!zT+-ZhaA z(NW5h6ME!D5XU*+DH-7opL`;JJjFCZ89LB7zB(Y{v5GqwkS1atiQpJ4DLfxEYc{Jq zGl}?Bx>@nfYGMp>heZ>e6Ap$7f|#_u9a0#F!B;fUNBPhNC&3@(AOj~u(Ks}|s-p9` zQym>}&bgh3d{svIHKF+=+)`ebqdfk&L-}Z9Z)ZVG(sATeHpvixmo`we6Y+T-?+;xE z9#(=oPAUs0D&&)o@endt&G7Qbt1-q{pzf?rP=Ahc6kE+PTW*YMULLdNOv7dm9=5~x zKVtWNR`i+2?4bvb+2KPo);clg{>IL+VcWfZ*!Ia`*{_R#*X}(wy<^ID@7!jS+v_&I zZP-Sp>Q?7-0s2p|zIUZYJBv8-NXhrL=*Uu(J2H4~3Og+;>%9ECwtN-2D(bt%rH1c^ z9^w&OQ>5|O`Q~n0)#k%?LpGxETJx1CNMZnOLs;F?c?_o$Xf_dJW?uccpuXiNm5+&Z ztlr`|pD4Y>b7H<_J0{XehT{uNLM!9x&xsy4&edByn~1IO7LOc*OLmRgKfLNXyF@-o zj@rNel)doT)AncIbeV0#7@Yy$cK57(>1!Xbn-7fHC;zSLnc+`9IcG2b-*;<%i`n=b zfyw#AV`lIBZTSj2bS{Gq{7#j0kvk|U9>hd}H7txS5h8vp=OT~CO5r^URyn;I!N+{kQ>O`*q4ifpCU%VXQWm03}LM`fxdfYJ{il2a%LzUU?~qD z;-t=Lh>`b#Ng$60y>Uh95VD94ptn0Za#BK!*T{x{D_=a{GU;cmyRFA2HlRMP~(js*hSo9 zG?w{wSmzsU`_RMl_K0p`ACPbKuzb%?KBkL3 zy+x5O^D_qX;Yk^<&mJ**NM%sg!BZ{!=s_8ia1PETFm4o!&Gc7UW!x}wzMq3gksH3m z3$dEOky+I@u(IMHV~TUa6`{m zL1H*{Tz9VO+!;A2(41&Vw4hFJh?b>?f0-Ck8!>_S-F`a8xlinn%7Os1;Ii(}8{DlY zL>hCYlN60dL_Sf8eC32y6V;s+6MqaO@_I=Ck8@%V2}j~WrzN!?`(6rtM7^$xh%QL= zgO{cbSw&heg1_9E8G7asMc?35aRd^zDk3i+54w3o>KBS`H+4xgZE1ed7EUbM$)gK) z{IO$p?4hG}?2$uu^vH2Ldia#h96M$6qNUk6WgD_RyGQJb0~2=rRpWO372|fvo^ji^ zcig6@CTz!K&9+Z2+xGFA?HO&_?uoiCx3;T3r~YWxr>r?LZlhxw=NkWPj;-n6k{q9z zR?}t{n*L3h#^Qpt+52-+G%K1vp>Zc-FEIL{k%%I#$>@TDR->buN}_ z1!WVl6;@CH6CoFJ{+NZX9jn{(ubZ|%|E9}iP|mEc|LU$;d+F~#sQFCg$jG?S4zM~i z&P;iZ!Aiub$IL$PI_V&T$i4w4Zl3-7l6&F{gz@jpIGW^i@JBirJjMAZ{N<>ynGjxI zwV+;Uvf z4wJHPidEk*!3Te0^BE+poA zA7 z^aYMBjaf8kH()CRJy*%n6S;;$Ey@wa< z|J{Aa7MAO_D96)3o#!_KI&yP>!|VD{a7Pt~$0bDbrZ{p}*dln@?;o^h{f~R?#lQ2Y zZgNid+IPS8pgmjhpZ6>G+rg8ka;1%GpgYe*S+ChsyeY58x;PNGagXi`$><0H*}MQljg6aPsoR@dsCb`G-n4NK4tgb zbJFg+7>2#Sy$SZ-m=?1|LPrf+hx1#;@x{}d~8xq&`A0ukrZKEvQkD{`OQY6xc=Zt2U@kl z7Qv&ZFh&jg)vvfn9&3z1vt#UpKiaVW{^k4ZS(k?;mYu?Q9bL8``igz_Ww+?=vci)O znr!cRc*Z_(pC+XV*WuZ3^k8<>(yVkx!!O z=x-5aaY1Y%!@*!R`lR}A_LMGa=%m7rCpseHag1m|v@Bv`jcPE< z#UzftDicS@H<3bW2eB3Y8}-47QMOK)$PDmBe6$7Oo+KTSj{|^SJig&;sQx@aLVN>m z4{D+pc@_3m5@e{bSoV)cJRVj#IiYtz$-PN`Ale4`=+^yAtPe>qcRsp=Wdu0VKq!Mu z_}4&Wr_E4>tcVyCksks@`zP`@V-$!V6687{jyZ)_y&F3BHq|%@@>j5jZU4UgcFiR_?Y677 z*>i5%Y0tQ3huwVbPP_b)UAFt;9kyfdHXEMarW+q!k4$Me^(xlM9ef&rcZl*wJe{}> z@=6D)M?9O0(j%Uy|I)+uniuV|SKP*P@YDFJ*FS16xoOhA>6trHOb4&|>%+ENch&#? zc{@`~2h}5@cMIW8Cnc4lNJVyJ3I_6`xj^sUO{Hn#ECmf8S9v|b07l?$zu-s z-6t8YA1r1}Hp=UFe#%S|j(|VfQJCyJdWo>q@^W}X!e416LHy`T5RjLNiFyW04&uUi z2jD64!=OY~Z#Z(ABh+`KM9O5JOv+kJ?Cy*ai7e^J-8b^#A)0(RIT7!xO|(l{X(40= zU_nM9i#X(^a6iN&9tT3`6VCApi;A5_tQL?Iaw)SPoOd+^1d0v)X@k{Jlm#=qwB>5@ zvpVE#WF={h;)6*Z1;25{% zWVjH24G-|fkw4o~R~UkPIt z%_~8;PbRNdsnLph3BBsETKRzDmf`&I+;yV?=Tbq^4a(3SSy5!oVZPZ45bM(>%} zrHB9zV^(>5Fw>?CBtRP@C+SjG*d0){WjN0Mhdk*#1y9=wl{JKe5`6`e;#jru>w_|M zWEIh`!yy~h#5X)TZo_gAYYNwR+$#O}!2Q(Zn6>MBa{j|*5nI|p(M8I2%0$Lw*sj}4p1#}u_#5`Ga9aD}Q->P%lHYyI?s@D)$JnsSz>wK0 zPDe4xM46*u=yFfV`nBjEqcN*9~;O*H7Vx()bd2JrYxPcYI zPP&l?9C4Bo3RNhd)tZP%%DNnc#N-eVA1ttQsm`~zI90+ke=QR?kv=R$BqAo-N zq%e=V^8F@VKmjJML69q$WCwEb!3LbQU)dRO9H|zpL5$Hn>}HOWynqD%Y&vNI$p!y_ z$i?<4!jX#Tr0ayS%igBA>yO80tkCiJu&RKB>Ql-^c9PX~9VyJJOr-f^RSDH;eW-42 z>DbW-=9JF?KSUhz%gR+aE0|eo8DDEYG2iy@9|iaUtQn1iQ~cPK@80i#xAA5c+fMu- zR)r@SxGpsYo_Xa?`WnOR-WY~_iJA*U8KGdEIeFPUbPuQPC;Fa)gdOu5hB`k6Zhsj=lkv4XGmkO_*89gV--21DlHKK;=78 zu6QXQK0biP$H#DXd>;l&*vcEWHUi-o@<_-Zp@;`@fs|a>{jRb}q+Li%$nye!OydDR z?R*DCx;QD^j=JgGH>fJwN&G!2rSqtZ6%qC(6t4y+QdB{CJiz%NPkiaM7m<(okE(^d za@gl7@fHPTR8#*^PuiWa;ChOX2}@b0$QsDS67Gjcb6%Zr0kYpC>OeZ5t7j7S52Iz| z?M+`R4|{QV#Ni*S6S3-m04~}f&S^JRCtPrufbx3d;Et0AD2-&_$D<={;3QWd!bRH? zR@uH+N6aAte+0y;q3`DrKO5I6j=Y@HxBk-v$WmrEND4#T2=V1&exaNjzhRNTSp{F) z_{Hg#=DV6rU(HA0I)#%rJZ{cW7DRltg0i_Nt)RU8^@r@SlM6PiyWijb>Pzg}J)M#8 zy?=4YK6w9vol=MY_E#UUXIXc zd9kl}=3aa4SM9fHmPo(vPF<%m8jCI4zi-OE^oB`$-j!2!V4Gj_jR&uNcYH+tNI>zf zLjXSXCY@7w;S-Zj>M)b;1!M^M;`jYN@R3&y&T{>r@W)=g_>mRmCb{0fJ@g3{2;}Wu zAlF}ECeL!Y(Jr~Xh&vM?&zpyGbz~9`U84+lJQ4<7!F0Jl?rfYIrTGb zNq@1@>JDWwfKuDRBS)#YkjOuwgZi8FWy$fqCL;ElpnH_zy2}0CgNjAIYQ` z|LKL4?y~q|3j!mLSAc;j5KrH6tZ+{7S9i?W`#*WY{^@m7g>wSld!OPzbi_XIvWdbu z0Uv*K);{>*qxRGTHGA<59p|LNlL!kf`@dg*kvk_p^>#TF-0^bJPYm0k%VTF%ic1O@oUX3+Tz@t&Ckq=PU*(-q&4T|V6h5v>adQ9cn$aXQN=yhp_59VIiVY> z^!7{qaGbx&ijhtfch){xVssO^ffxB(G3n^-ruG?DIA}!V{3ZCEqK+8cpd4X)v9n>= zAw)rhxdU~;kjfw`q5(I_m~QS`osYY5)zg2!Mn~$s$ep?JL;NmILE<4DJ|0*3%8ugM z1WA4m6GvK^l#V=rRD z9j}bMe2!UkMM=pyo;B{vX!3oox;lFPr z2459Zzu{>3CRc@Fj@3YZMcLbw6*cA>-VRNk2Wt5q6XhKiKl$-5d_|Kq5y{kz^PKqO zudlPOB@qtdl5||w(H{*djAP4}Y}0QWsbnOIe92TLums6cOt}yWuW(i|sy_M2S6pI0 z`bE1_Ob7h7!4G`Z752Ygwl~Fez^9D=<%=(~KYHb*Tk6G&CoJNc*ecNEcgN$4_WghP zxc$gqJ*WYs%Q=i2s~=2`nlv~(|Jo^g=H-*JO0h26j(^efp3L6q&XHPy?qx&PIFopqvlUiKEs&al+asdG%Hf3Eu&M{LzaHD-$z!bWVzk zM;I)f`^1KQ6AuoHFQY5oUxQ6Yk0WntBibq_+NM0&`Pd+wfm6(CU!aHTMqUuvIWi{@ zz!vj3hzZ0e4*Czu?6yC`N=L|lqejVouCOn`GYLV2i7S)hX=ne<8wfcme|*_>1re`w z^zla~@JnZiiFi;d^ZNuYQV|N2Nb!zxyvTo71}Y^Xhd8Nsx<80OcP8jaNQorT{z0%I z2juM>L>%?+BJl=A{-CG=jw=&<&_>}aWKxvf-h7Y8-?Cz|mmVM<(NJzY26Y`!hI~3< zrQLr5f&_?)N0_}Vk{OM_!B^D;9u1{vM`Y=VNK8aoh>0;1?L;!Zm8fP@2il!wm1rR< zLy8ol0RhQ0G#=AM)gzuwL+KIEAADraUil0*bams;KeK3Gdfiy(%ibB@`{1%YWpB-P zP0*XCQ9a_>MC6Zn#?&|auQ7Ys7J7?^F9|bg`j3KfWtXtrvKua%usdFTjo&Db|J#pu zKD@R9y2#mVivxq9lM$wiiA^7XmQp#7*N_ARsse}#)VHF}PgJ9IJq~^wv*FlI=%JCbGL^v$I!X{8} z_;6})>f(2!)`Vm@8_MGpa7;MUx|EBT{zIodCORf{PPm+LVSr$(aMsYvIRRgO(@N(A zJpc0H70yY8vjnb#!f0(FY}3HtE3d08p+ypV(z>2=cR@@{u>2U{RvS~Uzl@=8NaZMl z>S0Y9q+#qKCeoO!Rt1@YRssE;v#v$}9r_`+rGo(5PoBI!UOyEE`LcdS*zw|Aiu-Cw zssL$&5_@%`jDBSWkMHZriE^bRlen*@usXrSj^eET5MBckQ?w)Ov_mg~ha>I7aD{xJ zQ|A~6iCATFy>%L61@d#^$(QoF?uq=7-h79AL#Q(F4Un!ni;Da~p#uuC@&yr}4pF~N zLteIse&p!w!Jv!Eat;(nlqXTo6gLpm&^(I48Fc4HQ9);dym;n1NX5{S0@AaFq=LQ! zeNd$qS3h`C-+7Y~YNY-tVNxBGD3=2L(O4(gc{HH3obtyT9w)wn z^d}}r-bC`p9qKQCQ%7MYd;bwZ98Agfaz#-u5V8s#dQhaJGK4QsK#5&W1Pm&(rm~#~ z(-DgIukPyTkM(qfm-^#$@TiHmCOuv3IAzS3IVs8!x^Q$vLPS#Mggj4?Cn;aC7S3*aB?2`rz;I!PJ70wL0kbN(hz_{ED0*y8c zV>*lOtguO-g;}z_urTBkhOT`-T*!k0-E+bq#a+5)5T6`VG+mX?dmFJ`A!iUoxxLB? zb%VzpD4qDk8Tx1B4jA=;6!!fxI-U#i@}ul1KM^Zdg?=gQpY7);UME#B+MEi9!xDtU zz_jChDKBq_`XdzDLNdbJ@J+1PG4YneF1vH^vN(FXCL&yr5^3*(C|_mxS5H+guhNp= zH~s3|N#_8ax#M%vd6~G=XBLgJInu`t7upGSg$07}m&aG=e^!8Eg>uqWPNF-9=MbSn zPP89wnRz3Dnr*uXmL5I9hGnJvnSY`Ohx0LmCr5_SQ!_kAyB1#2%DC z|8cX)?J2ShH&lrT_t*yl;tBSePzLs(u+f+aWT56E4@OeN{3rUFcbbJj|R@5G0U$dmIFiNSy{jZs!= zh;rRTAo349R{H=sWgUn^e}_)Ew)}%}XBkl^fIj8xsn9V)%Cm}t0+i&x(kTf%pT_H~ z9F)xkPQ=*&gT8W3&Kz9CN93UV$q$*0PRl{LQVz;bUpNj5z%cvfSA{Pm=LCd<@@H~T zrsSaX9n$%Agk>&Sc#_FW(wcx-`FZ7$>&UMq;#YxBHe&Q&HddHs_B^Y!cdqhUD9Vpa zDT0ZO$1EsG(wRInUXMP36~$#ja(TY;Aszj9kn)7oKIO8JOB|~v>}~N!OP-=EO7#6T z(na5Cs-*iAwdMbU)Ib?k-U6BX+BhB$nQZ$X|H%WoAn9mVqDCR62{Y$CW! zxTlqBNotRZ_4Ds)r6A}kP$>p2fQSXt1Z zi|jZiP@I=32j}pzT0vJha%S3r{hq3eKTcu{q-gR4alTQ64lA%hp=67!c{oQN7d*5n z*Di!JxS9!yJiLjOsH;nQLp5b^(bB%7ne$Fcg$hqPlwUEdaBi@!W|z_Tw?-gkbfcGO zU{D|vs4&Q?3+#-I*yq5+$X*A3n}r)Z9gFX;Vz^ z+d*m{^p3Y?Al{e2wDG_Bv-W9r?C*;FntuRN3I)p>gRreBtKl0<4cvllKI*5akKnJsQ z>784l!jlb*eHl34R2CMb!Z`!YKaj!Btvi{RWE4mAy1Okalwcr4m-WfZDEJlOzn?{d zB6(9J$lnlA9FO2u#AoM0z8@oqbLH!b3nD)9Azy942kZDbe0OeAdM|Q)c;kdTnw*89SG!C1|He?qXnHu`Ap)xdBU-X z3sRmkKNGBnbzCv=u7{8n)GMx>mdIBuWa|B^pQW^3v!H>)Htx<13D|Q&9$_x)k!IXZdka8Qv};CiPWU5ke-%9*8mP^%mu0m@N7EW}>V= z=hPwUlBWd$9FuTfRzq1n8_W5X=h!@)%In)~6)IE!x{A2#TGHJhzg6Ntd(M?r;hZ9x zJd9%i16`VnP6I|+Iwn5;{3yLDvK~H1_i&4tXOzD zVd>%%yhI0KjB{|_YvSo!&ow|ba#{=Ucv~grE~h3%Lns-KhL#es85{kB2RY>D2oc90 zoQ%AT!l_^uj<`V(GJ+^P-eomADC`V(eS4ZXjNm)V2&C?2f zDX1%oPbaJy#UHn*0`XWS_LX=Vq;n=79lR(I^(CI8Q{w0MaC}uqM4p_d7a}d>cM&p4 z5QTp111Udlg8cg>nnj97H0gt1o`<8z+an_oNAz?jASJ?2zT)F;oRk17d{IYOaCTzf zPT};Bfba~FmuPpK;E@vvulJRLLGTsw(-9EY#ZUrKB*)Ae`GcJ>BSw#7B}Tj)heWmy6px%JyB|<9san7v4WWzV_+uN%>IL#qr@YVN(M{KkMnY*&kQa(}a7T!8 zq;rnoD|j<=F4&tMY)(i4dd6 z0$I@}>@^u4(UDCn5KtWLR%)NhL8(w-O=MRpZx-~m2o=sAvNk6e1mZ~7&{Yt|y9}RD znM5H?NU^-1QyBiB^5g{dip%3Ee@*0tMo%rbT9TPBc&onN3mptS%yZSC!r47{sSjdkY2a%jmN1TsfN{CZ;QV0-H;t51jp<|AapMg3D-wOU-P#^dvTx6|*f#hX~ zDh<*PWkg<_hRp!&S9ly6Z|9+Kwqy1DF=Yq!Md(lh6SY5%QMey5 zw-x8`uR?_*BN|R|(Pq(BLCD(>5R}@;_19_W*$b2%6mWg?$G?vvS-eH$y03y1j6I#>n$e9N~Jkp8BB?Cj5aGrU5xDh7>qAq7NE(GKh zUI!-`dZ<-7C>1JHxBw7VvKL{-u$)XRtQN>YaAGxtiBdcZGFK?q2cbfg zS?I5JDnE`14$YY zMkR#aMez!7o%r}qQ5ooo3Kc3;xWIwM!}?+6f;h*b%OJ-i5298h*vL{2bBFDe!tMk> zi4P*JfYL%pJW}yTElgxQT9RO#6VI#o2Iow|;^VEEoH~UnP2u7ZO_`E>-0=kCde41451_Cke>;5U633^d437tV{x=gzc+nAR=l(D zkv9LJTtsjz!OP%}PM0=zE-^ z?Sgvre?L%ms^+>7I#U!Yi!LNx3$C2vI6z6Q%0a16p~4dc7`1K<;PqeHAr zuvyeUuP(maZZoOm;hc!?1@dRds zqPo(1R19&{YpuHX1p>%Kd9=SrZUD;2YKpgq6zY1@XBD9&1^FL3lzb~Xs{>f*FaIDN zV?#OzNTVwK`nhOx%19s@&~`nGjJy!}a9}}X?12!EysW6cKoojM-|<^*MW5$HT~{eL zmy^p|4??^j`I91WnppkwzU@ST%0a16p~BV%hBzk3G7Vy&3qyz?CXtlcofSxNzWN{| zT@dGKLd_{axhqKW{ljG(F}BJ;QNAjocwZ3-UZru&WkY}?dkxC8-aQ8^1cN-BgLoz= zW``0_Sp;>WDWf?#u8PQ<3EIfy23$nQNwR!WkBNOPM7~uf<6Lz2$r=bgbu2p4F44ze zpmu_A7GhlaAc3-ju?I+sI&s`cKSo~az|kXA5w63i z5b>hQL8(xo!qx|Ns~2G)!{^|9RbU8v5l9xXpeUde&!dX`5lI(mlJrLqaz^~^9!)YH zhqI&jc+}xUoTwjqsR^yCz5y8VZZP+R5fqyVaw46Ho5_(0pJOqLbh42>Cyd_Rm89RHJ_W!QN7SRbnQt)=LXWOCiN}x%Cfa-l#V^o|dSSJ+GS zjMEsa{le=(7# z+&VxOR3cl12L=vEULK~u7lF{1b9BaONr)uc8Op<}0!9>O(v|XYn)la0a>@vWHiEVC zg_5*E0#S@Js4qe%`Z)tpQ9q9KVNXPUh=OQ;+Kpo>IG43vgy^1#M5v^HFXXZ|s!x$G z1u_+4L~agP;^ec-{2oJ4*|>5J544uyB^{XyQoJ88ukux>a6aMVRL2GV;TU6_^I{CA z@LGV!zsW#8oyTvR43hWBj4*1n8Pp3jVN5Oqkp%W4_Ce%Uw4k-ni?>I#R0^+teCkpAIPp>$ldaE;f_Z<%BF={EdA3k??gmBFw*;D*I#bUG_XK&P z^J$m}D}J-g0XpyqvI}wENB_-0xk$gJ)DZsTl8lc|x!n#5nKoK+8R4ON&Hn34ue2jS zd6PZ*<2Tt|ues4|wlv!0Z2aLjUE}1A$7)c+J>!ZU*8ch1%x37A5@g7qbM>SjD^xgd z&^Y~^%O~vkPv2@+>=`keZ`rSX%@y|WkKb%|vSF9(p0f5Y+-i2J#~98bCuDqN$et!y zT!)`~<)nT32XD2Vlajg7>+%T=uKO7g?Mhe_k6?J?g~u%H`@jH)ZHo`9!Rz6O-vrta zuz^XR5HhSV^&oC23!^u7JIY$u+yQfBh;T3Jht<*&25JZ71Y@d~*G&h&jD$Zh2tthK zMJ}?|K$No{^vgqh6uE*Y^ohqM>2XbrPd_ROVhDtP7;!-^C)z$_rZJBU+AHTLc~BsZ z8y|j8sklZsDuJ)Nwni0Sy1qI}t%S=GQJ0?eC;@&beN5Ix^QILybG&ZfP@6U8dpIcT zsbCJ>>3z?0_t?#Q&GvlHC+*@N_>}$dUmsH8Ds)yFW1Klkf#dT{Coc~tg)|%xUbUN} zh5`mgJWFyu9;c0HxVa<;UYwF64SUbGUuAY!9v2OaOwu8K%!7FO98Hn>Goionkx_Ck&>V+kbuJCDZvcZd|Xo_0iphP~%0)Ka^x1@f!~Wr>F_LLrMu!KAaT}wrG7$uLq>}}$DkG2b1FNP!!{e5${WHrY+M}Hle@~CLi zd8I<90V{HP)q{ABWnx%yB(D?Yo~F$i;&KFb?;f$Qd)jvUcYkrvOkvwKYJc<($LxxW z#_dx-e3KphZ#Uc9zUNwbOk-+?cBh&$s6Y0V7g^&MZ?$`W{6_nN8~50ozx`^(H|)|q z+w4u>d5s;D0mt{yt);#3Uted(|NAZWiPv0jSM3|Ow|xJ#HloSlvp;*QjgQytH(q&} z&HemSZ26a-Vz*tsL!S7s{pq(~XCL^1>+CgOvR`f7a}-smaAwf8G;K zVxtqo_SSE{!fx3&YVDuC*$&M#b%8G1C%^9+JNRF3u@~RA-R$_1{f95P%&&vRUwn$$ zqYL)U&)H|M|E6o~(Vx26zTmoP8HFd>IF|wN4W&?SEU|uW)x;ulLoH&txcE+q^7?Pg zh<6BnOkPU!FmYH(?s5lgH?romVdO$Ea+EK9dhTUWQeIfFm(eeN!=Oxr(oVEHZPf#r zYJ-6cDU)v|Wy7izXR;a;Q6}|8#X*!<(LSX-q!Yzmy-(2e1-JPnz!QYLLWh3HGeC?z zDodMko(?&!CC~YkzoxOv7y;u&4jZXYF%;?LON#S+{@jdDAxE zXxpj9rhWTYUTm*?+D;q!wvXD?Kk{k2=UBs@cJa6rY}?52klnI>%o+;&YuhtR_SLVu z&z}9O_u4z}Yua~x-fnxzPu^(mN8`zx0y5_Owf< z?SFspG5d%d^mpGsYd8Gd-S!Qiv)x|)Pxjka{nmZC*E<&-u)9d`_=YU zw@lf^-}7;M&u34`NIk*ExvvuG=s)w%QRg03&HY@2VZ#tYAYRR71$RWG8=1n0cOl}i zlxKh_JIY@-&?9IK1WOqGC^roJhIQzN&?^d|!8Z#bS45Edtk+3N*_~DcydZD4eucps zV`weGp##mrG4B(?P*0GN@^MmnFp(V14HY^EqF^XFDTs@xF5Xp8To*~6KT_0jIsG<~ zKk^|eFE8>809gA`h|7uMQ=L~jC>ybD%6ELe<$F+S{%lR9Ky%A>(VkKJgI8W*-}#)~ zwtc)NKLZUqdhF93x({H@WzV8e6 z*v<|V!jCNm?1*{Wfp^UuDvyD(S zFE{GAfhr6Rgb%t&WKe{{ss#Oty{BFr2SK!hxBD8EC)xS+hiwGD5{LIo1D4<`aG}f^ z2)RtGxv1zHMD!eku8ashIC37DgpeC-L4_<50!pC$B0Gfo@aAn9GI}Bv=8uqMOY+A@ zUHXR-O7}fqsyM{sIzE8t8IZLGQgQugbF7&J&7NAeKe_#+-TuATn;nya#~b!*Uw@fh zDTm?s{IdP~U%J~anHu%gkP(%NWAW%r!+!LOrqiC0w%vXI3A=HxjO^%`{j1N}*7>rt z8oVz4E9K~1zGK3^{kI;JuTn4U@JL-3%g%B8%exlrpFd^XWsP67!>-s-w?F&LNjXJg z8r_^~R;bVy8qY@$F32~o*>kTRv$x;3VDJCfQQJRNm*Y{hg%fg8=34f*_srY(|JDQc z(|`1cuMR%*@-h358q=RTylm5BHFw6hkBoH2zQk_R#WJkBe-;4P-}06_mgL0L?MMIg zuzla_9#u~|I1eB-I)YiU7NQ$ppcQPqtgE^(Cp{A2 zhwRj^-DanL@m9O%h}rFj7VYVmjM?$u{~Y^++fUe$xu)HHbjco*Bk|h5c+B4Tky$(S ztGC(RKYF8W-(9!=^U)bQ_Ft~I=Uh2z@4J6a2D@b+d~nh3KfYx59zSVEf8iv2TCQ4m49=xnUq59pff@r=Oo(sj1YB1V5;N5I;X;m-{*l=LFnr2I`MMUw(M2P%VY(C zrvZh`0cD4bC@12=_sB&OE*Nv!Ia2~`x%`3@=}#_#AJRGdQ#>w3g`+|qRkg^!7K$>X zoFED1=qs8c93prqgE!DTUBn$1PA7L@5$2^Be_IFAb&azVx+c_Y+eH*R81R}dy2b2Y z{*l?-u@qUtq6$rqad29Ese`u;D3_H%mQT{78yn*-2b9z~<6d`yo?rhvUY_zJgUzj^ z!5eA53?t&L2tYcIeemwUq|#_G@=R8bcPeZU^%1i}cbdKKUuwKfneD&9>>FRJc@n3i z2N=JM^$7;M!1#=@%5Lwt7IbRk`m?Aw;yL&I62yszVLd4sT*RX~GOQ!a^$_En>w|HQ zk>GlIqG3qa?%{jP{`l2u(;X>tgGf!b0_x(G2xhgdgL7z76mhGdToze2#SGQIwF_gT5vt|r_iI%YEK!_KCsq%)RFXI{V8-H zqDMOniYPDO*M2A1ja)J6Qp#AC6F{w^+Au+Mx+;L3h%ogD3VxZGp2&FyL0LEQ_d_^1 zTdb(!I7S#Svt+AEd2)nv_5gY@Cl3S!P>B#kM#{_t zphmw*ZoOdA>Zx=ez=~7Ds)qyJs36438^<09c0cl`S4R<_Q@I`1(Ya+&WM@?+#1)7L z^rkNHSR^5r5d^yWlSu3j`l%3qr9O>ew<{?b&~Lu)Mm+xZ8|R5gLqsp?DlZ}Q30e)_ z&nk~SEIj^+A8BkZ4(OoJJ}AKvs!*Xqg(nKIY1sW7{LvPcM0 zzM2YZ&4_3AG`0BsAjSFjS$Hc*deX1nw<2WqB6OxKs^2SpAd+4NhpQA3sU5tWv;weJ z`xh%b8HfszO!i$>jzowA%7FT`d9Z@enPWjpbc&7_u~~RoM4UTd#8U_ABJ%I8NHHhX z*PRI^wzqZCi@$gV+zjelVXDS82njBYASCqpouvpLky0e9EEtWjVLQ6AJgy zBch{>O!R5Mg#6ftgu@(+9O-}YxU&&n00`l!zx-o#LPQ5vlv`#<`FkrjAdrazBpEKA z_NHJwl}>!k#^s=_HJGRyJUk=XbB)&A827OzVW`5RUhNqTvKq*bW1T~B z?o@$TK|!xR{j~x(DdC&|${>H}jO-YsdHjV0_n>L`v!py?V*t@!YdMG)1Y#ic*lnI8 zPonN|;caE$q>N8@!cBGDVmAISIM7Elya$>RZ$oXM_ zsAH_W=#ZBSdNjf5ys3@_a))^}BpyWIH*m`19h9#%b&7+666@{owGb7&(11tjhC7zd z&H%K551t+%4bVn(`~?px#2{jT_W>;Bx?YH5)JQUs|_ zF%f1UEham#uDX*M`AIQ!C4aB#^#dY+mm7+%@u+1a(kN)1&L>$=mkqj+jnx6-A&*N5 zMY;my;o7WaB72q3PJlZJY zlJ0@f*UN~L0iBd!hvJC>;JjycMRGlkXxwsbdQ==GfUmZ4t-9k9f(JmavSP09DS`}i zikPCEgD;Xe$KeS%IXEwuxnd54Au+Mx)`hBmY&?$qo+lph5E%t;6c{4vb0#vj0xAb( zgNVxDqBEE{FM+7aLD?GU8s|OwYBLZ+qKx$x7cwH>s@Dum7@|$A7h)LF$zHFG&|!ed zERw_i_G+(92Zcg3B97cDI+C<%dj~R^Y-$aedEfP_+raVzNp4Y=+PS9V!1)urT>YV& zc)a3rCe;rL=XyFHq<}x}!M+VR5XcL9$qNzTzmD3GG_p%;Do){p4>etOn9C%I6Vr9fhj-FvE6nEd`HH zFu}Nv$z(MYvPA=l%M}D1G4`t=Z=PC4w=QqR; zIOd})vOz2QHyA<|=P-%<+c%|g0wN3WbUGt+3oynw7c&k@_$$EKlrO%LZD#*JWK}C2 T7h)D%00000NkvXXu0mjfK$-&g diff --git a/windows/configuration/assigned-access/images/set-assignedaccess.png b/windows/configuration/assigned-access/images/set-assignedaccess.png deleted file mode 100644 index c2899361eb0b062549e32ff32705fdfc059eca0f..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 7012 zcmY+Jby$>5*T4}3>FyMy8x};mq*J7O=?)j^Q0W$tP-5wpMml7H1(xo{1!IrlYZ=KSuNSY2%u0$f^LG&D22==V^KK2$=W2a<@Nn75jjL&`p^()x1YkhKaQ+1e1ep!3QoU; zaq4xQdcm5+VR52wS)Ql@ihIAg%db3&7EX}-t}^8GTV#gKcXTG4LK5S%!$6FXHb*^H zxRb(Qkv=xOPZ4+HBk!H6FT79oiD2Hro$uvpr(fXFYP)1k3to5f--)i~%Zv5pl594d5(pk@^4=7JAFYd(-b6V9v{^^_WapGVHu_xWM_k&Kiz<; zd`)J^csnJEK-UiQPxckkR)tG={WQA%45W?%PGu}MI6`Vx@gaivsU)>tLZ}Q4CLYy; z`0A?LFuOA6pQ^j7uvtbE98@txaF39PLiqo;>pPdME>VdBVE(-}Xy`_(&fg=WwE znxhgaqSY?0mF5UDbF%rpqmRJC2&;jfX8SOr zt6`=kBP~sw5lM5MrLCDOMRWA`c4u&W92!IN3~7KFOZmsZz~KB$<1_dUS$cfG@e_JI zlk@!|ez422ioCG-{s2p+ouqet?9BEJzlj;E>2PnH?>HxIp<=C`u5m<9IbjI`%7$I`TXGtptikE0Q_E2nLGL43Le&*V z>&?wYD1;z_BXWxAb7I{m1YEkT`dCp;Dd1Gmbk1BV$J^>nfSo;2MuAVo4!h;mBE?lh z)P~BemD~@iTZJP0%J|0`tsy3hnYrL^iZM2B{BMelxdJ6I2Dzxdg&Y@nV{VYfl@xWF zE`EA#8dYG8#?GKEO%;y4z0D$3$oaUtQLddP3aIz8(Z5))5qrG%?QdS*bp5;?EK3(` zn_phCp^c|9!FSL+N?z~5Ki`(Ag?(5{WHXBuV^|zs!u>KmN#O@*xjCob=3T$fWGBxYpKKxYPX`_AkBMUEZOVt-p`R_ke?6BjsF;{XcBv z;(B)~d^UK*?UJ6)Iq_6!kh{8I#FY7V?`~HZgqsBvCY!~H4-xzl%K^U@^ujb*eAZil z%m75g&r1jLkMG>vRszvnEnR=a1aYXz$I~|p7A}O)1h-7Grwo(KrMEmc6kCD+;WK;l z>Mq8RuwFPql(j!8iV*|@`VYY+w)8_cswRlDv-LhxIKxE<%zU#+!Q5nim=gW1&Mlv0 z$QE3i^skxw^5sLAX-(hMdO4Smyq@ybxK~{`55nlB6|EXtDTB|@f99t^XYHTlwJaFn z_6aP2jR?6#4QVD2I#h+zycmImZv!FvKh;`7=L59Hj1mVAA!qBfiKSFY1NXjnOzHQw z7-QzN@4N3W-1G&q-|b^w!nz~LqHyxtpG-5+7btqki7hb{VDe3U3mhY#^m-!s#4nUb z%5Cxe>&{+v?!2=+rv=G=19#COOcuNTa%S~PQCnh@?0nv*MEc4%AUXB+{i6(mSFP{-o8(ZJ#mEGiw{~f|mq;``>eR-HdnlDcvhxog#;> zvf>0Hlw7w8o(LlDWQQqY!k()=`5EEXXja>-lpHhUDl$I%A^rH)kba``2POTadlP;2 zYwazLv0j9~C!Hxq6vbzZDVQ9HCosMw1|V_NU;a#9PshI4>5Y1Z%@^Xw_1My>ZY$S! znTq}l?kRtSoa-xQVj)G!klg`XM$n$LS zYppISfHe-x@#LQsuJ+&naaQ)7w=9M!^+;77eTCf)v8TN9&w$7q&Ndx-5qx9H`K4Rd z&AH1$rBRC^$k;C)>i9gNUq3E`^&|B0Gl~+d34+T;!3DO?3}7dcMH%`>zpp5kxT3V&ruxDGX)c|a~}qp3o`iWy-U=Vdm-JH zO~zM9%nskedM0)7*CP~V#+MlLZ11XuCrXiro*_tv^~5g?F2@Mv5a!Jnac^1vZuX^^ ztwt0qNpzSObYhW^mgX#L)RmeRD={7rIj{E}!|^SR*-u3e+<#BcaUkXuaTjm7cvASGmR-Q8z{Ip-AEINoDBeG>i|yC6rbwuGxHr8sw0Yx7VJrf?GhJ zhrsr7!O{Bs^FS?Ic)(Wu`=sx@BbS$F024XB(m-9otw$QBF+JsgjV0FGW46jBVbB@P z-`E$NT+of%LMQS$TRmrIPQ^m)CtE~K4#089KF7P+r7(+mQa54+#q@)HhK+0A)J&7w zbjL}ueL&r&Eo#2qx-L79oHHc#S`x5m)9icXPgE{{mA_9KeN_dBYD)quJ`F=>WN*fH z{qaM&!^`~IIQFz~;PyOx30-25;LnCX@Qa+W(&zN((ij*=TFjwL9_`;NzHc=C24>vy zT>75Yk`~&6eCoHFK=pWGBDNAZG{nqrv)0$siiyTSx}()FZhQlSg~6xWo_{i5O1ck< zBC2xgf-R*EUds95KXRMbhSqmIe8Z|Sx3R{pPUzYm?ijd^`K(q}RMd%gE;D7!fN?xk z7LfU-!|W1X1p~jcyb&2?G$a9F{%A|dv;f52Ioixd!-Vot2~s}8x;_n@j7HvJ-B?3l zB)vkRmr=fo31zGTaEvQe(ZnSaCIV&q%aSNMD)cR29RwD!BV9 z+dF<7LBn?a;JH|2ij5;1TaP{e^r4m(KCZ8sOp3idhoScTR=Up8=)+bJo|GE7;|8W z6;i4`R;}pA_dnUc;WP8&2DAou68eiK74J-1>Anqhe2$?_$%ZVcS9|j$m?iaqBc)S z*KDN!eDa26fE!@7Ne7q4m7bmrXXyl~{b4!zn20D9+0*B*)|ZKzwfJYKTc1jB`BRHr zzF6Ja4#uj=gC848Dc@!fXUwpLOU3}mHD z5*fdE*GwPo)dhM?ItxM777$h1iMd-(T73FWs_W9u9Ie+wT^IYf0pad9$u{rTIOoYM z+!rvG2<#}IYl=r3Nd*0}7mzlMSF#xfZ)%^TmpW>^y!irKM96%2?p)H0m#Kyn@8foD zZhSEh*lE*XB`rCPU$N~P=Q}!?3wSnS9H2_QMAcA9v8?SIEjFsnwl_ohGJ3B`%A(u$ zR9vZ7WS*`0YUL2b3!upbwI7J`RU}MN$*QwsyynQu(?DR85ZKQ+U;0Eki-9JWajVK+ zg`Unb1A6H$Dg+?QC6=j>!##fK=1}KyNnCmnGldJu%4w`-ZmH?eNJc)ixCT9uuZ^i4 zm>I$i6AN)61In#+d4k@A?UEdME?P9!q%dP?(`yA&UQ&&_->@abqF$umQtUcHMzl{q zS(@imx3<7AO#ZV~?>KY$wKLc+GGtYYU32)EMf^%BElG0+)L`ePxc?4;Kcw4LM*gTG z2+5$#RnhBR9EWtmTiFkG%kHur^L*=dpCrCs>Qxqgou&mJZ7yF`BC{kxWCWQO3{RJg zOykH#IXahOc(j*lj7S5QSk(T!Dh>**tbLBGogb!s#d$ubJnVdl>=P>P?`XJYfZp&Q z+7&kjPbBv9L~IA}5>@!5fdXsUDuPEB(wkrn#XCDKWZke3c+Qa@GS5~e$EVZ>@H6v# z`djYe{Hk5Ai02-~O4m!Dm!DX3kJiy<0$f%qw#&tyQorqyGSB3m%IEX?cE(sc8V)mK zFyA~oevaLKRRE@WtKgNV6f(v)QWltgSSHTDRCZO>!`6Ax z_1h>U9e=NBiG{9t&`;BJEL_l>TA*OMp2U*Y_s`x>(n+n3uz=_4Ezm zv{k7(PZT#POR5|RJ!S-v}?$wH~uk#-39jymk`t;fb>eX;m zpu1OkDokcyMRjKT0x}@178)}!DoAud$2v`5W(~C`W66!wMUmaD;&bi8I^KtsI) z4mt+&691Nho0$$sWFY%f^KGlN*)y4EQfJz?bq5iESgGh=sBgJ=D>f-;@Px$%vkKu> zZ)~m|kZiC+Hf|MM2JDrB;n^AF>O)8Qa_aUSS^Bs$-g`W_Zh@|O-P*o26?i$sa^btx z%oo$i3*+sf97xfrPhggc#HX3VWBp@EqDeb2$TOP#pgB(_Nln{P^(0)!$M&RN)xJOp z$5rwGi#1q`G#1L=sTugQ_)vHcmg9z(*_XcxPo@_y7~d!@E8}cxheR7?XgSlj#IYLf zngp5nqV`D4<+*v_xKyXj6h=L;$Wkhv5`r(~SIcL8D0M5tk77OtUDcrY2haoRJ^J_j z;@=%VG7Py}w>0z+8TN?G%u&hzQC*h`QwZ;jk4=k=J*sEsj2sLuV9{1IP8yy80iasa zJo#^3|9dp@zpA@~PpSWf$7oa!Z-B#!KcfEhoF=siHoQ1}QSvIeFF6)gwsr z;okCusMFz&VVb9Q&%abJ4@Y?>EAmbI@{a?=MSoKJe7%qWRvqhHb7;5{m_ zNG6^Ued`SEZdtr%&SaoglVD7DVPng7)= z=tjx>=49U|ggLy9Ct9}nR;V0mW%^uRGTCOeiZ+2v#p5kmoQpxBX2Ew*5Z8r1k8D7d zY|)W-^vf-S4u)18`gM<)T*50atZ`2SDvG5d(~y1qIgmpdLU6JYPtG4r`bcqzP+*zW z+&IK_qtbC^x2yX`gtjsrVpWxFFyO~28sUWr;~B7?1=;GF1SnZ)F|MohXR=RO{i*Kq zidHqa%apbFRndE?6HFjUl$P&3N4LPw|4H-&5@o8nY8t-9Q8~dKSxG5CZzLA*zN&E! zL3Z3mI8Au|AXbZ^KVbchG~c=iqr&_6Cu4ck|TF}BG_<7M14Jcv3r7_XZk2iuDz>r}=rFL6>W;>E7^_Sr{^M-52>KOYSnCk?={y54B-)|}59U(a(m+Z@_~jrRU{_ofjOXursf`SoNUGUA zh#-w<@YgZ3>Dp-RQ5I#rNHy5+P5heE zyZi>pv{A`|I|$D|iJ^S*pH#r|jdWhhX&|KPK%0xns^(><@7 z*z`njkSQq-fW1=?XCA+!VkiH@6mFa`NwnDfuyWAJBkvp;GAMlp9cvuGanbAzUltun zrqQ7Zr}M7Iq0u~2h1TeeOcP0#xe zJ9F|gL^rLoPND7IU2ZcDV&DPK5s>+GkgkaruIGMh&Bxy-Rs#^mZTA`a+hML;LVDM zvHGuP%QD`#iL)4Dd4zg6w*u@3@I~0+aUeFQ?$(LNj1{+c4Iz@z?%>-!98WI9mno0T8 zk(zi)E4SIlK=id`rdWYS5|aElC6<8X6j^KhB=IQt#?Gho_xu2dj(yd!MvAbMuwRNE@ zw;j^a?|B|9<}!bS)5d6%3UOnkav3!6`wuI?{+{q!l;-!%Yt7;3WDGGgfK2tn$vTUy zt~<-3?gzO|`Hj?-Z#zfkTO*wZRCg{D)0i}s1)qDe%=yj*SZ2ycFv?a1Zd_v{O2kQK zvq}e$uO=5LJQJ?6c76=rv)P6w+}a?wX9br68k<$NO%kwfvI<_6!0VNtF?tU+-iDhl z{Os2u$lqfY&C&h}2`VnsB6uH_ya1b7J+0ox6oC0FAha^S_h)Xt8E1Oc?ZUqVc8QB{ z<_2)cHaD`GI%o#Mvn2g2cdh+$Wwc~}srPcUK`L*jD4yj|@Pxi!JGqP#NZvKG(&ecs zz_FZ9;^gKTZiK1Zf+~GYXaHk(D&JEXe3h<4jB0!Xp3MXCG)j?BSdr8X61-QZv!h6c z5R15jw8ED9S@Cc{PUoGO?xu?>@lT&;Z_K{cJY5kDqPV7A?`aXC;_Fr2nWPgtasJ_! zK>LG^3P3a1PLx;P}^%knH*(X%R;JZ`}+mI5F8PLw^t4iAWd04TXb>)4D;{f zH)>LyNc;+&NJ3aPGiuBs96JJ%ag-3j1QfEQ3YmA$awsJMGu!DX`PprEuaMkHepV@p z;oIS;GCax$%3&|GhTEV>MHu&A@mL`6x7ojNlYGAoy*M&|sLyP)-KD=G3cZSzL7jyF zGet`6>T6pXv;MjB$%QNaG^&~Ur$Q6$D(uIEvP{x<-E`C?7@C@r_RDGo>kt0}fcT|g diff --git a/windows/configuration/assigned-access/index.md b/windows/configuration/assigned-access/index.md index 6db61a28ec..d485e5959f 100644 --- a/windows/configuration/assigned-access/index.md +++ b/windows/configuration/assigned-access/index.md @@ -74,3 +74,15 @@ There are several kiosk configuration methods that you can choose from, dependin >[!NOTE] >For devices running Windows client Enterprise and Education, you can also use [Windows Defender Application Control](/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control) or [AppLocker](lock-down-windows-10-applocker.md) to lock down a device to specific apps. + + + +>[!NOTE] +>It's not recommended to configure policy settings enforced by Assigned Access to different values using other channels. Assigned Access is optimized to provide a locked-down experience. \ No newline at end of file diff --git a/windows/configuration/assigned-access/kiosk-shelllauncher.md b/windows/configuration/assigned-access/kiosk-shelllauncher.md index e2f36b998f..970d1068d3 100644 --- a/windows/configuration/assigned-access/kiosk-shelllauncher.md +++ b/windows/configuration/assigned-access/kiosk-shelllauncher.md @@ -39,27 +39,6 @@ For sample XML configurations for the different app combinations, see [Samples f [See the technical reference for the shell launcher component.](/windows-hardware/customize/enterprise/shell-launcher) -## Enable Shell Launcher feature - -To set a custom shell, you first turn on the Shell Launcher feature, and then you can set your custom shell as the default using PowerShell or MDM. - -**To turn on Shell Launcher in Windows features** - -1. Go to Control Panel > **Programs and features** > **Turn Windows features on or off** -1. Expand **Device Lockdown** -1. Select **Shell Launcher** and **OK** - -Alternatively, you can turn on Shell Launcher using Windows Configuration Designer in a provisioning package, using `SMISettings > ShellLauncher`, or you can use the Deployment Image Servicing and Management (DISM.exe) tool. - -**To turn on Shell Launcher using DISM** - -1. Open a command prompt as an administrator. -1. Enter the following command. - - ``` - Dism /online /Enable-Feature /all /FeatureName:Client-EmbeddedShellLauncher - ``` - ## Configure a custom shell in MDM You can use XML and a [custom OMA-URI setting](#custom-oma-uri-setting) to configure Shell Launcher in MDM. diff --git a/windows/configuration/assigned-access/shell-launcher-quickstart-kiosk.md b/windows/configuration/assigned-access/shell-launcher-quickstart-kiosk.md index 65749ec54d..219e7965b6 100644 --- a/windows/configuration/assigned-access/shell-launcher-quickstart-kiosk.md +++ b/windows/configuration/assigned-access/shell-launcher-quickstart-kiosk.md @@ -7,7 +7,7 @@ ms.date: 02/05/2024 # Quickstart: configure a kiosk experience with Shell Launcher -When you configure Windows as a *kisok*, you assign a single application to run above the lock screen. This is useful for public-facing scenarios, such as a digital sign or a public browser. +When you configure Windows as a *kiosk* with Shell Launcher, you configure an application to replace the default shell (`explorer.exe`). This is useful for public-facing scenarios, such as a point of sale or a business critical application. This quickstart provides practical examples of how to configure a kiosk experience on Windows with Shell Launcher. The examples describe the steps using a mobile device management solution (MDM) like Microsoft Intune, and PowerShell. While different solutions are used, the configuration settings and results are the same. diff --git a/windows/configuration/assigned-access/shell-launcher-xsd.md b/windows/configuration/assigned-access/shell-launcher-xsd.md index 0892c48872..5d1e9bdb51 100644 --- a/windows/configuration/assigned-access/shell-launcher-xsd.md +++ b/windows/configuration/assigned-access/shell-launcher-xsd.md @@ -12,7 +12,8 @@ This reference article contains the XML schema definitions (XSD) for Shell Launc ## Shell Launcher XSD ```xml - @@ -182,4 +184,4 @@ This reference article contains the XML schema definitions (XSD) for Shell Launc -``` \ No newline at end of file +``` diff --git a/windows/configuration/assigned-access/toc.yml b/windows/configuration/assigned-access/toc.yml index cd01c43f27..796f27d31a 100644 --- a/windows/configuration/assigned-access/toc.yml +++ b/windows/configuration/assigned-access/toc.yml @@ -21,6 +21,8 @@ items: href: create-assigned-access-configuration.md - name: Create a Shell Launcher configuration file href: create-shell-launcher-configuration.md + - name: Configure devices + href: configure.md - name: Find the AUMID of an installed app href: find-aumid.md - name: Use Shell Launcher to create a Windows client kiosk