Private/Import-ADFSTkAllTransformRules.ps1
|
function Import-ADFSTkAllTransformRules { $TransformRules = @{} #region Static values from config $TransformRules.o = [PSCustomObject]@{ Rule=@" @RuleName = "Send static [o]" => issue(type = "urn:oid:2.5.4.10", value = "$($Settings.configuration.StaticValues.o)", Properties["http://schemas.xmlsoap.org/ws/2005/05/identity/claimproperties/attributename"] = "urn:oasis:names:tc:SAML:2.0:attrname-format:uri"); "@ Attribute="" AttributeGroup="Static attributes" } $TransformRules.norEduOrgAcronym = [PSCustomObject]@{ Rule=@" @RuleName = "Send static [norEduOrgAcronym]" => issue(type = "urn:oid:1.3.6.1.4.1.2428.90.1.6", value = "$($Settings.configuration.StaticValues.norEduOrgAcronym)", Properties["http://schemas.xmlsoap.org/ws/2005/05/identity/claimproperties/attributename"] = "urn:oasis:names:tc:SAML:2.0:attrname-format:uri"); "@ Attribute="" AttributeGroup="Static attributes" } $TransformRules.c = [PSCustomObject]@{ Rule=@" @RuleName = "Send static [c]" => issue(type = "urn:oid:2.5.4.6", value = "$($Settings.configuration.StaticValues.c)", Properties["http://schemas.xmlsoap.org/ws/2005/05/identity/claimproperties/attributename"] = "urn:oasis:names:tc:SAML:2.0:attrname-format:uri"); "@ Attribute="" AttributeGroup="Static attributes" } $TransformRules.co = [PSCustomObject]@{ Rule=@" @RuleName = "Send static [co]" => issue(type = "urn:oid:0.9.2342.19200300.100.1.43", value = "$($Settings.configuration.StaticValues.co)", Properties["http://schemas.xmlsoap.org/ws/2005/05/identity/claimproperties/attributename"] = "urn:oasis:names:tc:SAML:2.0:attrname-format:uri"); "@ Attribute="" AttributeGroup="Static attributes" } $TransformRules.schacHomeOrganization = [PSCustomObject]@{ Rule=@" @RuleName = "Send static [schacHomeOrganization]" => issue(type = "urn:oid:1.3.6.1.4.1.25178.1.2.9", value = "$($Settings.configuration.StaticValues.schacHomeOrganization)", Properties["http://schemas.xmlsoap.org/ws/2005/05/identity/claimproperties/attributename"] = "urn:oasis:names:tc:SAML:2.0:attrname-format:uri"); "@ Attribute="" AttributeGroup="Static attributes" } $TransformRules.schacHomeOrganizationType = [PSCustomObject]@{ Rule=@" @RuleName = "Send static [schacHomeOrganizationType]" => issue(type = "urn:oid:1.3.6.1.4.1.25178.1.2.10", value = "$($Settings.configuration.StaticValues.schacHomeOrganizationType)", Properties["http://schemas.xmlsoap.org/ws/2005/05/identity/claimproperties/attributename"] = "urn:oasis:names:tc:SAML:2.0:attrname-format:uri"); "@ Attribute="" AttributeGroup="Static attributes" } #endregion #region ID's # $TransformRules."transient-id" = [PSCustomObject]@{ # Rule=@" # @RuleName = "synthesize transient-id" # c1:[Type == "http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid"] # && # c2:[Type == "http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant"] # => add(store = "_OpaqueIdStore", # types = ("http://$($Settings.configuration.StaticValues.ADFSExternalDNS)/internal/tpid"), # query = "{0};{1};{2};{3};{4}", # param = "useEntropy", # param = "http://$($Settings.configuration.StaticValues.ADFSExternalDNS)/adfs/services/trust![ReplaceWithSPNameQualifier]!" + c1.Value, # param = c1.OriginalIssuer, # param = "", # param = c2.Value); # # @RuleName = "issue transient-id" # c:[Type == "http://$($Settings.configuration.StaticValues.ADFSExternalDNS)/internal/tpid"] # => issue(Type = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier", # Value = c.Value, # Properties["http://schemas.xmlsoap.org/ws/2005/05/identity/claimproperties/format"] = "urn:oasis:names:tc:SAML:2.0:nameid-format:transient", # Properties["http://schemas.xmlsoap.org/ws/2005/05/identity/claimproperties/spnamequalifier"] = "[ReplaceWithSPNameQualifier]", # Properties["http://schemas.xmlsoap.org/ws/2005/05/identity/claimproperties/namequalifier"] = "http://$($Settings.configuration.StaticValues.ADFSExternalDNS)/adfs/services/trust"); #"@ # Attribute="" # AttributeGroup="ID's" # } #New way to release nameID $TransformRules."transient-id" = [PSCustomObject]@{ Rule=@" @RuleName = "synthesize transient-id" c1:[Type == "http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid"] && c2:[Type == "http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant"] => add( store = "_OpaqueIdStore", types = ("urn:adfstk:transientid"), query = "{0};{1};{2};{3};{4}", param = "useEntropy", param = c1.Value, param = c1.OriginalIssuer, param = "", param = regexreplace(c2.Value, "(?<start>^.{1,20}).+$", "${start}")+".000Z"); @RuleName = "issue transient-id" c:[Type == "urn:adfstk:transientid"] => issue( Type = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier", Value = c.Value, Properties["http://schemas.xmlsoap.org/ws/2005/05/identity/claimproperties/format"] = "urn:oasis:names:tc:SAML:2.0:nameid-format:transient", Properties["http://schemas.xmlsoap.org/ws/2005/05/identity/claimproperties/spnamequalifier"] = "[ReplaceWithSPNameQualifier]", Properties["http://schemas.xmlsoap.org/ws/2005/05/identity/claimproperties/namequalifier"] = "http://$($Settings.configuration.StaticValues.ADFSExternalDNS)/adfs/services/trust"); "@ Attribute="" AttributeGroup="ID's" } $TransformRules."persistent-id" = [PSCustomObject]@{ Rule=@" @RuleName = "synthesize persistent-id" c:[Type == "http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid"] => add( store = "_OpaqueIdStore", types = ("urn:adfstk:persistentid"), query = "{0};{1};{2}", param = "ppid", param = c.Value, param = c.OriginalIssuer); @RuleName = "issue persistent-id" c:[Type == "urn:adfstk:persistentid"] => issue( Type = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier", Issuer = c.Issuer, OriginalIssuer = c.OriginalIssuer, Value = c.Value, ValueType = c.ValueType, Properties["http://schemas.xmlsoap.org/ws/2005/05/identity/claimproperties/format"] = "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent", Properties["http://schemas.xmlsoap.org/ws/2005/05/identity/claimproperties/spnamequalifier"] = "[ReplaceWithSPNameQualifier]", Properties["http://schemas.xmlsoap.org/ws/2005/05/identity/claimproperties/namequalifier"] = "http://$($Settings.configuration.StaticValues.ADFSExternalDNS)"); "@ Attribute="" AttributeGroup="ID's" } # eduPersonPrincipalName # Calculated based off an ADFSTk configuration rule keyed to ADFSTkExtractSubjectUniqueId, default to the Claim 'upn' # # Origin Claim will have only the left hand side being everything prior to the first @ sign # Rest of the string will be surpressed and then it is re-assembled with our SAML2 scope. # $TransformRules.eduPersonPrincipalName = [PSCustomObject]@{ Rule=@" @RuleName = "compose eduPersonPrincipalName" c:[Type == "$(($Settings.configuration.transformRules.rule | ? name -eq "ADFSTkExtractSubjectUniqueId").originClaim )" ] => issue(Type = "urn:oid:1.3.6.1.4.1.5923.1.1.1.6", Value = RegexReplace(c.Value, "@.*$", "") +"@$($Settings.configuration.StaticValues.schacHomeOrganization)", Properties["http://schemas.xmlsoap.org/ws/2005/05/identity/claimproperties/attributename"] = "urn:oasis:names:tc:SAML:2.0:attrname-format:uri"); "@ Attribute="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" AttributeGroup="ID's" } # $TransformRules.eduPersonTargetedID = [PSCustomObject]@{ # Rule=@" # @RuleName = "compose eduPersonTargetedID" # c:[Type == "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name", # Value !~ "^.+\\"] # => issue(Type = "urn:oid:1.3.6.1.4.1.5923.1.1.1.10", # Value = c.Value, # Properties["http://schemas.xmlsoap.org/ws/2005/05/identity/claimproperties/attributename"] = "urn:oasis:names:tc:SAML:2.0:attrname-format:uri"); # "@ # Attribute="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" # AttributeGroup="ID's" # } $TransformRules.eduPersonTargetedID = [PSCustomObject]@{ Rule=@" @RuleName = "synthesize eduPersonTargetedID" c:[Type == "http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid"] => add( store = "_OpaqueIdStore", types = ("urn:adfstk:edupersontargetedid"), query = "{0};{1};{2}", param = "ppid", param = c.Value, param = c.OriginalIssuer); @RuleName = "issue eduPersonTargetedID" c:[Type == "urn:adfstk:edupersontargetedid"] => issue( Type = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier", Issuer = c.Issuer, OriginalIssuer = c.OriginalIssuer, Value = c.Value, ValueType = c.ValueType, Properties["http://schemas.xmlsoap.org/ws/2005/05/identity/claimproperties/format"] = "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent", Properties["http://schemas.xmlsoap.org/ws/2005/05/identity/claimproperties/spnamequalifier"] = "[ReplaceWithSPNameQualifier]", Properties["http://schemas.xmlsoap.org/ws/2005/05/identity/claimproperties/namequalifier"] = "http://$($Settings.configuration.StaticValues.ADFSExternalDNS)"); "@ Attribute="" AttributeGroup="ID's" } $TransformRules.eduPersonUniqueID = [PSCustomObject]@{ Rule=@" @RuleName = "compose eduPersonUniqueID" c:[Type == "urn:mace:dir:attribute-def:eduPersonUniqueID"] => issue(Type = "urn:oid:1.3.6.1.4.1.5923.1.1.1.13", Value = RegExReplace(c.Value, "-", "") + "@$($Settings.configuration.StaticValues.schacHomeOrganization)", Properties["http://schemas.xmlsoap.org/ws/2005/05/identity/claimproperties/attributename"] = "urn:oasis:names:tc:SAML:2.0:attrname-format:uri"); "@ Attribute="urn:mace:dir:attribute-def:eduPersonUniqueID" AttributeGroup="ID's" } $TransformRules["LoginName"] = [PSCustomObject]@{ Rule=@" @RuleName = "Transform LoginName" c:[Type == "http://schemas.xmlsoap.org/claims/samaccountname"] => issue(Type = "LOGINNAME", Value = c.Value, Properties["http://schemas.xmlsoap.org/ws/2005/05/identity/claimproperties/attributename"] = "urn:oasis:names:tc:SAML:2.0:assertion"); "@ Attribute="http://schemas.xmlsoap.org/claims/samaccountname" AttributeGroup="ID's" } $TransformRules.schacPersonalUniqueCode = Get-ADFSTkTransformRule -Type "urn:schac:personalUniqueCode" ` -Oid "urn:oid:1.3.6.1.4.1.25178.1.2.14" ` -AttributeName schacPersonalUniqueCode ` -AttributeGroup "ID's" $TransformRules.pairwiseID = Get-ADFSTkTransformRule -Type "urn:oasis:names:tc:SAML:attribute:pairwise-id" ` -Oid "urn:oasis:names:tc:SAML:attribute:pairwise-id" ` -AttributeName pairwiseID ` -AttributeGroup "ID's" $TransformRules.subjectID = Get-ADFSTkTransformRule -Type "urn:oasis:names:tc:SAML:attribute:subject-id" ` -Oid "urn:oasis:names:tc:SAML:attribute:subject-id" ` -AttributeName subjectID ` -AttributeGroup "ID's" #endregion #region Personal attributes $TransformRules.givenName = Get-ADFSTkTransformRule -Type "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" ` -Oid "urn:oid:2.5.4.42" ` -AttributeName givenName ` -AttributeGroup "Personal attributes" $TransformRules.sn = Get-ADFSTkTransformRule -Type "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" ` -Oid "urn:oid:2.5.4.4" ` -AttributeName sn ` -AttributeGroup "Personal attributes" $TransformRules.displayName = Get-ADFSTkTransformRule -Type "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/displayname" ` -Oid "urn:oid:2.16.840.1.113730.3.1.241" ` -AttributeName displayName ` -AttributeGroup "Personal attributes" $TransformRules.cn = Get-ADFSTkTransformRule -Type "http://schemas.xmlsoap.org/claims/CommonName" ` -Oid "urn:oid:2.5.4.3" ` -AttributeName cn ` -AttributeGroup "Personal attributes" # $TransformRules.cn = [PSCustomObject]@{ # Rule=@" # # @RuleName = "Transform CommonName" # c1:[Type == "http://schemas.xmlsoap.org/claims/CommonName"] && # c2:[Type == "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname"] && # c3:[Type == "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname"] && # => issue(Type = "urn:oid:2.5.4.3", # Value = c2.Value + " " + c3.Value, # Properties["http://schemas.xmlsoap.org/ws/2005/05/identity/claimproperties/attributename"] = "urn:oasis:names:tc:SAML:2.0:attrname-format:uri"); #"@ # # Attribute=@("givenName","sn") # AttributeGroup="Personal attributes" # } $TransformRules.mail = Get-ADFSTkTransformRule -Type "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" ` -Oid "urn:oid:0.9.2342.19200300.100.1.3" ` -AttributeName mail ` -AttributeGroup "Personal attributes" $TransformRules.mailLocalAddress = Get-ADFSTkTransformRule -Type "mailLocalAddress" ` -Oid "urn:oid:2.16.840.1.113730.3.1.13" ` -AttributeName mailLocalAddress ` -AttributeGroup "Personal attributes" $TransformRules.personalIdentityNumber = [PSCustomObject]@{ Rule=@" @RuleName = "Transform personalIdentityNumber" c:[Type == "urn:mace:dir:attribute-def:personalIdentityNumber", value =~ "^(18|19|20)?[0-9]{2}((0[0-9])|(10|11|12))((([0-2][0-9])|(3[0-1]))|((6[1-9])|([7-8][0-9])|(9[0-1])))[0-9]{4}$"] => issue(Type = "urn:oid:1.2.752.29.4.13", Value = c.Value, Properties["http://schemas.xmlsoap.org/ws/2005/05/identity/claimproperties/attributename"] = "urn:oasis:names:tc:SAML:2.0:attrname-format:uri"); "@ Attribute="urn:mace:dir:attribute-def:personalIdentityNumber" AttributeGroup="Personal attributes" } # $TransformRules.schacDateOfBirth = [PSCustomObject]@{ # Rule=@' # # @RuleName = "Transform schacDateOfBirth" # c:[Type == "urn:mace:dir:attribute-def:schacDateOfBirth", # value =~ "^(18|19|20)?[0-9]{2}((0[0-9])|(10|11|12))((([0-2][0-9])|(3[0-1]))|((6[1-9])|([7-8][0-9])|(9[0-1])))[0-9]{4}$"] # => issue(Type = "urn:oid:1.3.6.1.4.1.25178.1.2.3", # Value = regexReplace (c.Value, "(?<start>^.{1,8}).+$", "${start}"), # Properties["http://schemas.xmlsoap.org/ws/2005/05/identity/claimproperties/attributename"] = "urn:oasis:names:tc:SAML:2.0:attrname-format:uri"); #'@ # # Attribute="urn:mace:dir:attribute-def:schacDateOfBirth" # AttributeGroup="Personal attributes" # } $TransformRules.schacDateOfBirth = [PSCustomObject]@{ Rule=@' @RuleName = "Compose schacDateOfBirth start" c:[Type == "urn:mace:dir:attribute-def:schacDateOfBirth", Value =~ "^(18|19|20)?[0-9]{2}((0[0-9])|(10|11|12))((([0-2][0-9])|(3[0-1]))|((6[1-9])|([7-8][0-9])|(9[0-1])))([A-Z0-9]{1}[0-9]{3}){0,1}$"] => add(Type = "urn:adfstk:schackdateofbirth:start", Value = regexReplace(c.Value, "(?<start>^.{6}).+$", "${start}")); @RuleName = "Compose schacDateOfBirth middle" c:[Type == "urn:mace:dir:attribute-def:schacDateOfBirth", Value =~ "^(18|19|20)?[0-9]{2}((0[0-9])|(10|11|12))((([0-2][0-9])|(3[0-1]))|((6[1-9])|([7-8][0-9])|(9[0-1])))([A-Z0-9]{1}[0-9]{3}){0,1}$"] => add(Type = "urn:adfstk:schackdateofbirth:middle", Value = regexReplace(c.Value, "^.{6}(?<middle>\d{1}).+$", "${middle}")); @RuleName = "Compose schacDateOfBirth end" c:[Type == "urn:mace:dir:attribute-def:schacDateOfBirth", Value =~ "^(18|19|20)?[0-9]{2}((0[0-9])|(10|11|12))((([0-2][0-9])|(3[0-1]))|((6[1-9])|([7-8][0-9])|(9[0-1])))([A-Z0-9]{1}[0-9]{3}){0,1}$"] => add(Type = "urn:adfstk:schackdateofbirth:end", Value = regexReplace(c.Value, "^.{7}(?<end>\d{1}).+$", "${end}")); @RuleName = "Transform schacDateOfBirth 6x->0x" c1:[Type == "urn:adfstk:schackdateofbirth:start"] && c2:[Type == "urn:adfstk:schackdateofbirth:middle", Value == "6"] && c3:[Type == "urn:adfstk:schackdateofbirth:end"] => issue(Type = "urn:oid:1.3.6.1.4.1.25178.1.2.3", Value = c1.Value + "0" + c3.Value, Properties["http://schemas.xmlsoap.org/ws/2005/05/identity/claimproperties/attributename"] = "urn:oasis:names:tc:SAML:2.0:attrname-format:uri"); @RuleName = "Transform schacDateOfBirth 7x->1x" c1:[Type == "urn:adfstk:schackdateofbirth:start"] && c2:[Type == "urn:adfstk:schackdateofbirth:middle", Value == "7"] && c3:[Type == "urn:adfstk:schackdateofbirth:end"] => issue(Type = "urn:oid:1.3.6.1.4.1.25178.1.2.3", Value = c1.Value + "1" + c3.Value, Properties["http://schemas.xmlsoap.org/ws/2005/05/identity/claimproperties/attributename"] = "urn:oasis:names:tc:SAML:2.0:attrname-format:uri"); @RuleName = "Transform schacDateOfBirth 8x->2x" c1:[Type == "urn:adfstk:schackdateofbirth:start"] && c2:[Type == "urn:adfstk:schackdateofbirth:middle", Value == "8"] && c3:[Type == "urn:adfstk:schackdateofbirth:end"] => issue(Type = "urn:oid:1.3.6.1.4.1.25178.1.2.3", Value = c1.Value + "2" + c3.Value, Properties["http://schemas.xmlsoap.org/ws/2005/05/identity/claimproperties/attributename"] = "urn:oasis:names:tc:SAML:2.0:attrname-format:uri"); @RuleName = "Transform schacDateOfBirth 9x->3x" c1:[Type == "urn:adfstk:schackdateofbirth:start"] && c2:[Type == "urn:adfstk:schackdateofbirth:middle", Value == "9"] && c3:[Type == "urn:adfstk:schackdateofbirth:end"] => issue(Type = "urn:oid:1.3.6.1.4.1.25178.1.2.3", Value = c1.Value + "3" + c3.Value, Properties["http://schemas.xmlsoap.org/ws/2005/05/identity/claimproperties/attributename"] = "urn:oasis:names:tc:SAML:2.0:attrname-format:uri"); @RuleName = "Transform schacDateOfBirth <=3x" c1:[Type == "urn:adfstk:schackdateofbirth:start"] && c2:[Type == "urn:adfstk:schackdateofbirth:middle", Value =~ "[0-3]"] && c3:[Type == "urn:adfstk:schackdateofbirth:end"] => issue(Type = "urn:oid:1.3.6.1.4.1.25178.1.2.3", Value = c1.Value + c2.Value + c3.Value, Properties["http://schemas.xmlsoap.org/ws/2005/05/identity/claimproperties/attributename"] = "urn:oasis:names:tc:SAML:2.0:attrname-format:uri"); '@ Attribute="urn:mace:dir:attribute-def:schacDateOfBirth" AttributeGroup="Personal attributes" } #endregion #region eduPerson Attributes $TransformRules.eduPersonScopedAffiliation = Get-ADFSTkTransformRule -Type "urn:mace:dir:attribute-def:eduPersonScopedAffiliation" ` -Oid "urn:oid:1.3.6.1.4.1.5923.1.1.1.9" ` -AttributeName eduPersonScopedAffiliation ` -AttributeGroup "eduPerson attributes" $TransformRules.eduPersonAffiliation = Get-ADFSTkTransformRule -Type "urn:mace:dir:attribute-def:eduPersonAffiliation" ` -Oid "urn:oid:1.3.6.1.4.1.5923.1.1.1.1" ` -AttributeName eduPersonAffiliation ` -AttributeGroup "eduPerson attributes" $TransformRules.eduPersonPrimaryAffiliation = Get-ADFSTkTransformRule -Type "urn:mace:dir:attribute-def:eduPersonPrimaryAffiliation" ` -Oid "urn:oid:1.3.6.1.4.1.5923.1.1.1.5" ` -AttributeName eduPersonPrimaryAffiliation ` -AttributeGroup "eduPerson attributes" $TransformRules.norEduPersonLIN = Get-ADFSTkTransformRule -Type "urn:mace:dir:attribute-def:norEduPersonLIN" ` -Oid "urn:oid:1.3.6.1.4.1.2428.90.1.4" ` -AttributeName norEduPersonLIN ` -AttributeGroup "norEduPerson attributes" $TransformRules.norEduPersonNIN = [PSCustomObject]@{ Rule=@" @RuleName = "Transform norEduPersonNIN" c:[Type == "urn:mace:dir:attribute-def:norEduPersonNIN", value =~ "^(18|19|20)[0-9]{2}((0[1-9])|(10|11|12))(((0[1-9])|([1-2][0-9])|(3[0-1]))|((6[1-9])|([7-8][0-9])|(9[0-1])))(([PTRSUWXJKLMN]{1}[0-9]{3})|([0-9]{4}))$"] => issue(Type = "urn:oid:1.3.6.1.4.1.2428.90.1.5", Value = c.Value, Properties["http://schemas.xmlsoap.org/ws/2005/05/identity/claimproperties/attributename"] = "urn:oasis:names:tc:SAML:2.0:attrname-format:uri"); "@ Attribute="urn:mace:dir:attribute-def:norEduPersonNIN" AttributeGroup="eduPerson attributes" } $TransformRules.eduPersonEntitlement = Get-ADFSTkTransformRule -Type "urn:mace:dir:attribute-def:eduPersonEntitlement" ` -Oid "urn:oid:1.3.6.1.4.1.5923.1.1.1.7" ` -AttributeName eduPersonEntitlement ` -AttributeGroup "eduPerson attributes" $TransformRules.eduPersonAssurance = Get-ADFSTkTransformRule -Type "urn:mace:dir:attribute-def:eduPersonAssurance" ` -Oid "urn:oid:1.3.6.1.4.1.5923.1.1.1.11" ` -AttributeName eduPersonAssurance ` -AttributeGroup "eduPerson attributes" $TransformRules.eduPersonOrcid = Get-ADFSTkTransformRule -Type "urn:mace:dir:attribute-def:eduPersonOrcid" ` -Oid "urn:oid:1.3.6.1.4.1.5923.1.1.1.16" ` -AttributeName eduPersonOrcid ` -AttributeGroup "norEduPerson attributes" $TransformRules.eduPersonOrgDN = Get-ADFSTkTransformRule -Type "urn:mace:dir:attribute-def:eduPersonOrgDN" ` -Oid "urn:oid:1.3.6.1.4.1.5923.1.1.1.3" ` -AttributeName eduPersonOrgDN ` -AttributeGroup "eduPerson attributes" #endregion #region Load local institution transform rules if they exists if (Test-Path $Global:ADFSTkPaths.institutionLocalTransformRulesFile) { Write-ADFSTkVerboseLog (Get-ADFSTkLanguageText rulesFederationLocalTransformRulesFoundFile) try { Write-ADFSTkVerboseLog (Get-ADFSTkLanguageText rulesFederationLocalTransformRulesFile) . $Global:ADFSTkPaths.institutionLocalTransformRulesFile if (Test-Path function:Get-ADFSTkLocalTransformRules) { $localTransformRules = Get-ADFSTkLocalTransformRules Write-ADFSTkVerboseLog (Get-ADFSTkLanguageText rulesFederationLocalTransformRulesFound -f $localTransformRules.Count) foreach ($transformRule in $localTransformRules.Keys) { #Add or replace the standard Entoty Category with the federation one if ($TransformRules.ContainsKey($transformRule)) { Write-ADFSTkVerboseLog (Get-ADFSTkLanguageText rulesFederationLocalTransformRulesOverwrite -f $transformRule) } else { Write-ADFSTkVerboseLog (Get-ADFSTkLanguageText rulesFederationLocalTransformRulesAdd -f $transformRule) } $TransformRules.$transformRule = $localTransformRules.$transformRule } } else { Write-ADFSTkLog (Get-ADFSTkLanguageText rulesFederationLocalTransformRulesLoadFail) -EntryType Error } } catch { Write-ADFSTkLog (Get-ADFSTkLanguageText rulesFederationLocalTransformRulesLoadFail) -EntryType Error } } else { Write-ADFSTkVerboseLog (Get-ADFSTkLanguageText rulesFederationLocalTransformRulesFileNotFound) } #endregion $TransformRules } # SIG # Begin signature block # MIItYQYJKoZIhvcNAQcCoIItUjCCLU4CAQExDzANBglghkgBZQMEAgEFADB5Bgor # BgEEAYI3AgEEoGswaTA0BgorBgEEAYI3AgEeMCYCAwEAAAQQH8w7YFlLCE63JNLG # KX7zUQIBAAIBAAIBAAIBAAIBADAxMA0GCWCGSAFlAwQCAQUABCDNu7D0EcJuhira # TxoIS5PPuu3hSonkaWHAgvxzq12m5KCCJmowggWNMIIEdaADAgECAhAOmxiO+dAt # 5+/bUOIIQBhaMA0GCSqGSIb3DQEBDAUAMGUxCzAJBgNVBAYTAlVTMRUwEwYDVQQK # EwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20xJDAiBgNV # BAMTG0RpZ2lDZXJ0IEFzc3VyZWQgSUQgUm9vdCBDQTAeFw0yMjA4MDEwMDAwMDBa # Fw0zMTExMDkyMzU5NTlaMGIxCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwxEaWdpQ2Vy # dCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5jb20xITAfBgNVBAMTGERpZ2lD # ZXJ0IFRydXN0ZWQgUm9vdCBHNDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC # ggIBAL/mkHNo3rvkXUo8MCIwaTPswqclLskhPfKK2FnC4SmnPVirdprNrnsbhA3E # MB/zG6Q4FutWxpdtHauyefLKEdLkX9YFPFIPUh/GnhWlfr6fqVcWWVVyr2iTcMKy # unWZanMylNEQRBAu34LzB4TmdDttceItDBvuINXJIB1jKS3O7F5OyJP4IWGbNOsF # xl7sWxq868nPzaw0QF+xembud8hIqGZXV59UWI4MK7dPpzDZVu7Ke13jrclPXuU1 # 5zHL2pNe3I6PgNq2kZhAkHnDeMe2scS1ahg4AxCN2NQ3pC4FfYj1gj4QkXCrVYJB # MtfbBHMqbpEBfCFM1LyuGwN1XXhm2ToxRJozQL8I11pJpMLmqaBn3aQnvKFPObUR # WBf3JFxGj2T3wWmIdph2PVldQnaHiZdpekjw4KISG2aadMreSx7nDmOu5tTvkpI6 # nj3cAORFJYm2mkQZK37AlLTSYW3rM9nF30sEAMx9HJXDj/chsrIRt7t/8tWMcCxB # YKqxYxhElRp2Yn72gLD76GSmM9GJB+G9t+ZDpBi4pncB4Q+UDCEdslQpJYls5Q5S # UUd0viastkF13nqsX40/ybzTQRESW+UQUOsxxcpyFiIJ33xMdT9j7CFfxCBRa2+x # q4aLT8LWRV+dIPyhHsXAj6KxfgommfXkaS+YHS312amyHeUbAgMBAAGjggE6MIIB # NjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTs1+OC0nFdZEzfLmc/57qYrhwP # TzAfBgNVHSMEGDAWgBRF66Kv9JLLgjEtUYunpyGd823IDzAOBgNVHQ8BAf8EBAMC # AYYweQYIKwYBBQUHAQEEbTBrMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5kaWdp # Y2VydC5jb20wQwYIKwYBBQUHMAKGN2h0dHA6Ly9jYWNlcnRzLmRpZ2ljZXJ0LmNv # bS9EaWdpQ2VydEFzc3VyZWRJRFJvb3RDQS5jcnQwRQYDVR0fBD4wPDA6oDigNoY0 # aHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0QXNzdXJlZElEUm9vdENB # LmNybDARBgNVHSAECjAIMAYGBFUdIAAwDQYJKoZIhvcNAQEMBQADggEBAHCgv0Nc # Vec4X6CjdBs9thbX979XB72arKGHLOyFXqkauyL4hxppVCLtpIh3bb0aFPQTSnov # Lbc47/T/gLn4offyct4kvFIDyE7QKt76LVbP+fT3rDB6mouyXtTP0UNEm0Mh65Zy # oUi0mcudT6cGAxN3J0TU53/oWajwvy8LpunyNDzs9wPHh6jSTEAZNUZqaVSwuKFW # juyk1T3osdz9HNj0d1pcVIxv76FQPfx2CWiEn2/K2yCNNWAcAgPLILCsWKAOQGPF # mCLBsln1VWvPJ6tsds5vIy30fnFqI2si/xK4VC0nftg62fC2h5b9W9FcrBjDTZ9z # twGpn1eqXijiuZQwggXfMIIEx6ADAgECAhBOQOQ3VO3mjAAAAABR05R/MA0GCSqG # SIb3DQEBCwUAMIG+MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNRW50cnVzdCwgSW5j # LjEoMCYGA1UECxMfU2VlIHd3dy5lbnRydXN0Lm5ldC9sZWdhbC10ZXJtczE5MDcG # A1UECxMwKGMpIDIwMDkgRW50cnVzdCwgSW5jLiAtIGZvciBhdXRob3JpemVkIHVz # ZSBvbmx5MTIwMAYDVQQDEylFbnRydXN0IFJvb3QgQ2VydGlmaWNhdGlvbiBBdXRo # b3JpdHkgLSBHMjAeFw0yMTA1MDcxNTQzNDVaFw0zMDExMDcxNjEzNDVaMGkxCzAJ # BgNVBAYTAlVTMRYwFAYDVQQKDA1FbnRydXN0LCBJbmMuMUIwQAYDVQQDDDlFbnRy # dXN0IENvZGUgU2lnbmluZyBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0g # Q1NCUjEwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCngY/3FEW2YkPy # 2K7TJV5IT1G/xX2fUBw10dZ+YSqUGW0nRqSmGl33VFFqgCLGqGZ1TVSDyV5oG6v2 # W2Swra0gvVTvRmttAudFrnX2joq5Mi6LuHccUk15iF+lOhjJUCyXJy2/2gB9Y3/v # MuxGh2Pbmp/DWiE2e/mb1cqgbnIs/OHxnnBNCFYVb5Cr+0i6udfBgniFZS5/tcnA # 4hS3NxFBBuKK4Kj25X62eAUBw2DtTwdBLgoTSeOQm3/dvfqsv2RR0VybtPVc51z/ # O5uloBrXfQmywrf/bhy8yH3m6Sv8crMU6UpVEoScRCV1HfYq8E+lID1oJethl3wP # 5bY9867DwRG8G47M4EcwXkIAhnHjWKwGymUfe5SmS1dnDH5erXhnW1XjXuvH2OxM # bobL89z4n4eqclgSD32m+PhCOTs8LOQyTUmM4OEAwjignPqEPkHcblauxhpb9Gdo # BQHNG7+uh7ydU/Yu6LZr5JnexU+HWKjSZR7IH9Vybu5ZHFc7CXKd18q3kMbNe0WS # kUIDTH0/yvKquMIOhvMQn0YupGaGaFpoGHApOBGAYGuKQ6NzbOOzazf/5p1nAZKG # 3y9I0ftQYNVc/iHTAUJj/u9wtBfAj6ju08FLXxLq/f0uDodEYOOp9MIYo+P9zgyE # Ig3zp3jak/PbOM+5LzPG/wc8Xr5F0wIDAQABo4IBKzCCAScwDgYDVR0PAQH/BAQD # AgGGMBIGA1UdEwEB/wQIMAYBAf8CAQEwHQYDVR0lBBYwFAYIKwYBBQUHAwMGCCsG # AQUFBwMIMDsGA1UdIAQ0MDIwMAYEVR0gADAoMCYGCCsGAQUFBwIBFhpodHRwOi8v # d3d3LmVudHJ1c3QubmV0L3JwYTAzBggrBgEFBQcBAQQnMCUwIwYIKwYBBQUHMAGG # F2h0dHA6Ly9vY3NwLmVudHJ1c3QubmV0MDAGA1UdHwQpMCcwJaAjoCGGH2h0dHA6 # Ly9jcmwuZW50cnVzdC5uZXQvZzJjYS5jcmwwHQYDVR0OBBYEFIK61j2Xzp/PceiS # N6/9s7VpNVfPMB8GA1UdIwQYMBaAFGpyJnrQHu995ztpUdRsjZ+QEmarMA0GCSqG # SIb3DQEBCwUAA4IBAQAfXkEEtoNwJFMsVXMdZTrA7LR7BJheWTgTCaRZlEJeUL9P # bG4lIJCTWEAN9Rm0Yu4kXsIBWBUCHRAJb6jU+5J+Nzg+LxR9jx1DNmSzZhNfFMyl # cfdbIUvGl77clfxwfREc0yHd0CQ5KcX+Chqlz3t57jpv3ty/6RHdFoMI0yyNf02o # FHkvBWFSOOtg8xRofcuyiq3AlFzkJg4sit1Gw87kVlHFVuOFuE2bRXKLB/GK+0m4 # X9HyloFdaVIk8Qgj0tYjD+uL136LwZNr+vFie1jpUJuXbheIDeHGQ5jXgWG2hZ1H # 7LGerj8gO0Od2KIc4NR8CMKvdgb4YmZ6tvf6yK81MIIGgzCCBGugAwIBAgIQNa+3 # e500H2r8j4RGqzE1KzANBgkqhkiG9w0BAQ0FADBpMQswCQYDVQQGEwJVUzEWMBQG # A1UECgwNRW50cnVzdCwgSW5jLjFCMEAGA1UEAww5RW50cnVzdCBDb2RlIFNpZ25p # bmcgUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIENTQlIxMB4XDTIxMDUw # NzE5MTk1MloXDTQwMTIyOTIzNTkwMFowYzELMAkGA1UEBhMCVVMxFjAUBgNVBAoT # DUVudHJ1c3QsIEluYy4xPDA6BgNVBAMTM0VudHJ1c3QgRXh0ZW5kZWQgVmFsaWRh # dGlvbiBDb2RlIFNpZ25pbmcgQ0EgLSBFVkNTMjCCAiIwDQYJKoZIhvcNAQEBBQAD # ggIPADCCAgoCggIBAL69pznJpX3sXWXx9Cuph9DnrRrFGjsYzuGhUY1y+s5YH1y4 # JEIPRtUxl9BKTeObMMm6l6ic/kU2zyeA53u4bsEkt9+ndNyF8qMkWEXMlJQ7AuvE # jXxG9VxmguOkwdMfrG4MUyMO1Dr62kLxg1RfNTJW8rV4m1cASB6pYWEnDnMDQ7bW # cJL71IWaMMaz5ppeS+8dKthmqxZG/wvYD6aJSgJRV0E8QThOl8dRMm1njmahXk2f # NSKv1Wq3f0BfaDXMafrxBfDqhabqMoXLwcHKg2lFSQbcCWy6SWUZjPm3NyeMZJ41 # 4+Xs5wegnahyvG+FOiymFk49nM8I5oL1RH0owL2JrWwv3C94eRHXHHBL3Z0ITF4u # +o29p91j9n/wUjGEbjrY2VyFRJ5jBmnQhlh4iZuHu1gcpChsxv5pCpwerBFgal7J # aWUu7UMtafF4tzstNfKqT+If4wFvkEaq1agNBFegtKzjbb2dGyiAJ0bH2qpnlfHR # h3vHyCXphAyPiTbSvjPhhcAz1aA8GYuvOPLlk4C/xsOre5PEPZ257kV2wNRobzBe # PLQ2+ddFQuASBoDbpSH85wV6KI20jmB798i1SkesFGaXoFppcjFXa1OEzWG6cwcV # cDt7AfynP4wtPYeM+wjX5S8Xg36Cq08J8inhflV3ZZQFHVnUCt2TfuMUXeK7AgMB # AAGjggErMIIBJzASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdDgQWBBTOiU+CUaoV # ooRiyjEjYdJh+/j+eDAfBgNVHSMEGDAWgBSCutY9l86fz3Hokjev/bO1aTVXzzAz # BggrBgEFBQcBAQQnMCUwIwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLmVudHJ1c3Qu # bmV0MDEGA1UdHwQqMCgwJqAkoCKGIGh0dHA6Ly9jcmwuZW50cnVzdC5uZXQvY3Ni # cjEuY3JsMA4GA1UdDwEB/wQEAwIBhjATBgNVHSUEDDAKBggrBgEFBQcDAzBEBgNV # HSAEPTA7MDAGBFUdIAAwKDAmBggrBgEFBQcCARYaaHR0cDovL3d3dy5lbnRydXN0 # Lm5ldC9ycGEwBwYFZ4EMAQMwDQYJKoZIhvcNAQENBQADggIBAD4AVLgq849mr2EW # xFiTZPRBi2RVjRs1M6GbkdirRsqrX7y+fnDk0tcHqJYH14bRVwoI0NB4Tfgq37IE # 85rh13zwwQB6wUCh34qMt8u0HQFh8piapt24gwXKqSwW3JwtDv6nl+RQqZeVwUsq # jFHjxALga3w1TVO8S5QTi1MYFl6mCqe4NMFssess5DF9DCzGfOGkVugtdtWyE3Xq # gwCuAHfGb6k97mMUgVAW/FtPEhkOWw+N6kvOBkyJS64gzI5HpnXWZe4vMOhdNI8f # gk1cQqbyFExQIJwJonQkXDnYiTKFPK+M5Wqe5gQ6pRP/qh3NR0suAgW0ao/rhU+B # 7wrbfZ8pj6XCP1I4UkGVO7w+W1QwQiMJY95QjYk1RfqruA+Poq17ehGT8Y8ohHto # eUdq6GQpTR/0HS9tHsiUhjzTWpl6a3yrNfcrOUtPuT8Wku8pjI2rrAEazHFEOctA # PiASzghw40f+3IDXCADRC2rqIbV5ZhfpaqpW3c0VeLEDwBStPkcYde0KU0syk83/ # gLGQ1hPl5EF4Iu1BguUO37DOlSFF5osB0xn39CtVrNlWc2MQ4LigbctUlpigmSFR # BqqmDDorY8t52kO50hLM3o9VeukJ8+Ka0yXBezaS2uDlUmfN4+ZUCqWd1HOj0y9d # BmSFA3d/YNjCvHTJlZFot7d+YRl1MIIGrjCCBJagAwIBAgIQBzY3tyRUfNhHrP0o # ZipeWzANBgkqhkiG9w0BAQsFADBiMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGln # aUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMSEwHwYDVQQDExhE # aWdpQ2VydCBUcnVzdGVkIFJvb3QgRzQwHhcNMjIwMzIzMDAwMDAwWhcNMzcwMzIy # MjM1OTU5WjBjMQswCQYDVQQGEwJVUzEXMBUGA1UEChMORGlnaUNlcnQsIEluYy4x # OzA5BgNVBAMTMkRpZ2lDZXJ0IFRydXN0ZWQgRzQgUlNBNDA5NiBTSEEyNTYgVGlt # ZVN0YW1waW5nIENBMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxoY1 # BkmzwT1ySVFVxyUDxPKRN6mXUaHW0oPRnkyibaCwzIP5WvYRoUQVQl+kiPNo+n3z # nIkLf50fng8zH1ATCyZzlm34V6gCff1DtITaEfFzsbPuK4CEiiIY3+vaPcQXf6sZ # Kz5C3GeO6lE98NZW1OcoLevTsbV15x8GZY2UKdPZ7Gnf2ZCHRgB720RBidx8ald6 # 8Dd5n12sy+iEZLRS8nZH92GDGd1ftFQLIWhuNyG7QKxfst5Kfc71ORJn7w6lY2zk # psUdzTYNXNXmG6jBZHRAp8ByxbpOH7G1WE15/tePc5OsLDnipUjW8LAxE6lXKZYn # LvWHpo9OdhVVJnCYJn+gGkcgQ+NDY4B7dW4nJZCYOjgRs/b2nuY7W+yB3iIU2YIq # x5K/oN7jPqJz+ucfWmyU8lKVEStYdEAoq3NDzt9KoRxrOMUp88qqlnNCaJ+2RrOd # OqPVA+C/8KI8ykLcGEh/FDTP0kyr75s9/g64ZCr6dSgkQe1CvwWcZklSUPRR8zZJ # TYsg0ixXNXkrqPNFYLwjjVj33GHek/45wPmyMKVM1+mYSlg+0wOI/rOP015LdhJR # k8mMDDtbiiKowSYI+RQQEgN9XyO7ZONj4KbhPvbCdLI/Hgl27KtdRnXiYKNYCQEo # AA6EVO7O6V3IXjASvUaetdN2udIOa5kM0jO0zbECAwEAAaOCAV0wggFZMBIGA1Ud # EwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFLoW2W1NhS9zKXaaL3WMaiCPnshvMB8G # A1UdIwQYMBaAFOzX44LScV1kTN8uZz/nupiuHA9PMA4GA1UdDwEB/wQEAwIBhjAT # BgNVHSUEDDAKBggrBgEFBQcDCDB3BggrBgEFBQcBAQRrMGkwJAYIKwYBBQUHMAGG # GGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBBBggrBgEFBQcwAoY1aHR0cDovL2Nh # Y2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0VHJ1c3RlZFJvb3RHNC5jcnQwQwYD # VR0fBDwwOjA4oDagNIYyaHR0cDovL2NybDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0 # VHJ1c3RlZFJvb3RHNC5jcmwwIAYDVR0gBBkwFzAIBgZngQwBBAIwCwYJYIZIAYb9 # bAcBMA0GCSqGSIb3DQEBCwUAA4ICAQB9WY7Ak7ZvmKlEIgF+ZtbYIULhsBguEE0T # zzBTzr8Y+8dQXeJLKftwig2qKWn8acHPHQfpPmDI2AvlXFvXbYf6hCAlNDFnzbYS # lm/EUExiHQwIgqgWvalWzxVzjQEiJc6VaT9Hd/tydBTX/6tPiix6q4XNQ1/tYLaq # T5Fmniye4Iqs5f2MvGQmh2ySvZ180HAKfO+ovHVPulr3qRCyXen/KFSJ8NWKcXZl # 2szwcqMj+sAngkSumScbqyQeJsG33irr9p6xeZmBo1aGqwpFyd/EjaDnmPv7pp1y # r8THwcFqcdnGE4AJxLafzYeHJLtPo0m5d2aR8XKc6UsCUqc3fpNTrDsdCEkPlM05 # et3/JWOZJyw9P2un8WbDQc1PtkCbISFA0LcTJM3cHXg65J6t5TRxktcma+Q4c6um # AU+9Pzt4rUyt+8SVe+0KXzM5h0F4ejjpnOHdI/0dKNPH+ejxmF/7K9h+8kaddSwe # Jywm228Vex4Ziza4k9Tm8heZWcpw8De/mADfIBZPJ/tgZxahZrrdVcA6KYawmKAr # 7ZVBtzrVFZgxtGIJDwq9gdkT/r+k0fNX2bwE+oLeMt8EifAAzV3C+dAjfwAL5HYC # JtnwZXZCpimHCUcr5n8apIUP/JiW9lVUKx+A+sDyDivl1vupL0QVSucTDh3bNzga # oSv27dZ8/DCCBsIwggSqoAMCAQICEAVEr/OUnQg5pr/bP1/lYRYwDQYJKoZIhvcN # AQELBQAwYzELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDkRpZ2lDZXJ0LCBJbmMuMTsw # OQYDVQQDEzJEaWdpQ2VydCBUcnVzdGVkIEc0IFJTQTQwOTYgU0hBMjU2IFRpbWVT # dGFtcGluZyBDQTAeFw0yMzA3MTQwMDAwMDBaFw0zNDEwMTMyMzU5NTlaMEgxCzAJ # BgNVBAYTAlVTMRcwFQYDVQQKEw5EaWdpQ2VydCwgSW5jLjEgMB4GA1UEAxMXRGln # aUNlcnQgVGltZXN0YW1wIDIwMjMwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK # AoICAQCjU0WHHYOOW6w+VLMj4M+f1+XS512hDgncL0ijl3o7Kpxn3GIVWMGpkxGn # zaqyat0QKYoeYmNp01icNXG/OpfrlFCPHCDqx5o7L5Zm42nnaf5bw9YrIBzBl5S0 # pVCB8s/LB6YwaMqDQtr8fwkklKSCGtpqutg7yl3eGRiF+0XqDWFsnf5xXsQGmjzw # xS55DxtmUuPI1j5f2kPThPXQx/ZILV5FdZZ1/t0QoRuDwbjmUpW1R9d4KTlr4HhZ # l+NEK0rVlc7vCBfqgmRN/yPjyobutKQhZHDr1eWg2mOzLukF7qr2JPUdvJscsrdf # 3/Dudn0xmWVHVZ1KJC+sK5e+n+T9e3M+Mu5SNPvUu+vUoCw0m+PebmQZBzcBkQ8c # tVHNqkxmg4hoYru8QRt4GW3k2Q/gWEH72LEs4VGvtK0VBhTqYggT02kefGRNnQ/f # ztFejKqrUBXJs8q818Q7aESjpTtC/XN97t0K/3k0EH6mXApYTAA+hWl1x4Nk1nXN # jxJ2VqUk+tfEayG66B80mC866msBsPf7Kobse1I4qZgJoXGybHGvPrhvltXhEBP+ # YUcKjP7wtsfVx95sJPC/QoLKoHE9nJKTBLRpcCcNT7e1NtHJXwikcKPsCvERLmTg # yyIryvEoEyFJUX4GZtM7vvrrkTjYUQfKlLfiUKHzOtOKg8tAewIDAQABo4IBizCC # AYcwDgYDVR0PAQH/BAQDAgeAMAwGA1UdEwEB/wQCMAAwFgYDVR0lAQH/BAwwCgYI # KwYBBQUHAwgwIAYDVR0gBBkwFzAIBgZngQwBBAIwCwYJYIZIAYb9bAcBMB8GA1Ud # IwQYMBaAFLoW2W1NhS9zKXaaL3WMaiCPnshvMB0GA1UdDgQWBBSltu8T5+/N0GSh # 1VapZTGj3tXjSTBaBgNVHR8EUzBRME+gTaBLhklodHRwOi8vY3JsMy5kaWdpY2Vy # dC5jb20vRGlnaUNlcnRUcnVzdGVkRzRSU0E0MDk2U0hBMjU2VGltZVN0YW1waW5n # Q0EuY3JsMIGQBggrBgEFBQcBAQSBgzCBgDAkBggrBgEFBQcwAYYYaHR0cDovL29j # c3AuZGlnaWNlcnQuY29tMFgGCCsGAQUFBzAChkxodHRwOi8vY2FjZXJ0cy5kaWdp # Y2VydC5jb20vRGlnaUNlcnRUcnVzdGVkRzRSU0E0MDk2U0hBMjU2VGltZVN0YW1w # aW5nQ0EuY3J0MA0GCSqGSIb3DQEBCwUAA4ICAQCBGtbeoKm1mBe8cI1PijxonNgl # /8ss5M3qXSKS7IwiAqm4z4Co2efjxe0mgopxLxjdTrbebNfhYJwr7e09SI64a7p8 # Xb3CYTdoSXej65CqEtcnhfOOHpLawkA4n13IoC4leCWdKgV6hCmYtld5j9smViuw # 86e9NwzYmHZPVrlSwradOKmB521BXIxp0bkrxMZ7z5z6eOKTGnaiaXXTUOREEr4g # DZ6pRND45Ul3CFohxbTPmJUaVLq5vMFpGbrPFvKDNzRusEEm3d5al08zjdSNd311 # RaGlWCZqA0Xe2VC1UIyvVr1MxeFGxSjTredDAHDezJieGYkD6tSRN+9NUvPJYCHE # Vkft2hFLjDLDiOZY4rbbPvlfsELWj+MXkdGqwFXjhr+sJyxB0JozSqg21Llyln6X # eThIX8rC3D0y33XWNmdaifj2p8flTzU8AL2+nCpseQHc2kTmOt44OwdeOVj0fHMx # VaCAEcsUDH6uvP6k63llqmjWIso765qCNVcoFstp8jKastLYOrixRoZruhf9xHds # FWyuq69zOuhJRrfVf8y2OMDY7Bz1tqG4QyzfTkx9HmhwwHcK1ALgXGC7KP845VJa # 1qwXIiNO9OzTF/tQa/8Hdx9xl0RBybhG02wyfFgvZ0dl5Rtztpn5aywGRu9BHvDw # X+Db2a2QgESvgBBBijCCBvMwggTboAMCAQICEAOskDJ0+AevqWO8oNH/1wUwDQYJ # KoZIhvcNAQELBQAwYzELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIElu # Yy4xPDA6BgNVBAMTM0VudHJ1c3QgRXh0ZW5kZWQgVmFsaWRhdGlvbiBDb2RlIFNp # Z25pbmcgQ0EgLSBFVkNTMjAeFw0yMzAzMjExNTI3MzdaFw0yNDAzMjkxNTI3Mzda # MIGjMQswCQYDVQQGEwJDQTEQMA4GA1UECBMHT250YXJpbzEPMA0GA1UEBxMGT3R0 # YXdhMRMwEQYLKwYBBAGCNzwCAQMTAkNBMRQwEgYDVQQKEwtDQU5BUklFIElOQzEd # MBsGA1UEDxMUUHJpdmF0ZSBPcmdhbml6YXRpb24xETAPBgNVBAUTCDI5MDIwOC03 # MRQwEgYDVQQDEwtDQU5BUklFIElOQzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCC # AgoCggIBALlhEEulEk2r7fbTNCoo+p81y529qlp967G0SlY19u/IrhBxuATMiKa0 # 4rseAdQwkGxBkr/64lwzXV3o015QhNoMrKo2FZ4ocrbQByepU7RgDed3DyWuJem4 # j41839F9/Ckez1me1GMO8V2i1M1E2TPZNF0CwMSBgDXN2WzxwmOQ9hC8AvcmUZ3v # o/xS4m1p49/DfOZSsjcq/56wdbTjSXOR/rdAvaiuIw+aXwgXLYhjNPG76Sih0up4 # Y0/9O4M1ZT7wuN7S5TG49u4jxiaFy+vasnwkZMdL9Fx32yvfM2Ix+QBA1snKveCd # F4oCqvdXSRtdKZMfTKPjRLtYBbs7BmAYvQYigYiwi1sdwQUtuxfEwn/TmorXC4JQ # xx0XUjJQAsWLyuw9dr5g/0BInrfjhoSPuScpEFHSc12YnxeAIGI4q8HA0YlFXeS9 # 6whXc1obZr6KiTUzWlj7LGhzhxvYF0e/5xw8PivdgBPTfRa5agaNb5lSJRXK/pag # rJwdmBWs9Fy9KJhN4R4BNwjQCTwZy+25nXMDX3QuxhG7I9UnNSGA4K3xZHdzWOAj # aREWHdXkN4hRZopagwsWLUxKp9cgr1l7oVJ9g4B+NzUGMX0BJjcrL1UX4gYmHfni # lhcouRbTxN+5HwinLg5DNybYazo0zjIhAVqqQpm/Jmizl7LuyYJLAgMBAAGjggFg # MIIBXDAMBgNVHRMBAf8EAjAAMB0GA1UdDgQWBBTTT76qZjZvAUxL46m0qcBIVpce # BjAfBgNVHSMEGDAWgBTOiU+CUaoVooRiyjEjYdJh+/j+eDBnBggrBgEFBQcBAQRb # MFkwIwYIKwYBBQUHMAGGF2h0dHA6Ly9vY3NwLmVudHJ1c3QubmV0MDIGCCsGAQUF # BzAChiZodHRwOi8vYWlhLmVudHJ1c3QubmV0L2V2Y3MyLWNoYWluLnA3YzAxBgNV # HR8EKjAoMCagJKAihiBodHRwOi8vY3JsLmVudHJ1c3QubmV0L2V2Y3MyLmNybDAO # BgNVHQ8BAf8EBAMCB4AwEwYDVR0lBAwwCgYIKwYBBQUHAwMwSwYDVR0gBEQwQjA3 # BgpghkgBhvpsCgECMCkwJwYIKwYBBQUHAgEWG2h0dHBzOi8vd3d3LmVudHJ1c3Qu # bmV0L3JwYTAHBgVngQwBAzANBgkqhkiG9w0BAQsFAAOCAgEAY57938QM/Bjoxgsp # AVzCErhur03VoDVmq6/JUOlVd47+ddlJgyjj8F3ezKFrm4y20CKV5W8FZXBAwnQ0 # hP+OQEmLizckn7pMXLM+k0wb2aBxpKXVhOe9I/oEKMICmQqD9XKDMs5T5OyjHG+p # 170cPnxCBDxkC0fQVA915axL2CePDFrMInEYsIVB0W3qa0oeUAZVUv3zsDQunuEl # ktGOTXENSjFgWU1Dpn6wNb4pN70GrQLD/gSCs05bRa0oseCfqTbhGEORVO0QaK9/ # k0TDjKDxzSuUrkfPrKLsincyaLA/KKIQFs8UFOb5Ku+4OnsgaqEgAC8KJqDdx5C0 # zU7MAHvKkRe3kvh1Z2p9qwU2tj9rCRZ3OF9D65Y/ajO/iiLQ55jWNiSoob8/Qzpp # 0x4e6+dDyWH4rVllPO0WpIVVnzJNoKyYnm9erMmQ+S49EgDeAaRcnKtQHc+imszr # UrqpCs8VsZgbseck5u84G4hgyymqM98ZuxQv2M5VwYb3Z1tPyINHbYhYTi7r6C62 # RbXKeOCAeuiobqRa51yX6WAi97kfWTmyaQ/8BsnpAkBE1uO42aHBnjkHPxlanNtH # 8H5Rwc5GwDk2VBJxmeFnEGqR8zT0iNF7IzABJVrVTM96v7q/ZvaF9g0JeCDEZq3x # FAFM0CygH6WWp6JaW3A1UaeMmWwxggZNMIIGSQIBATB3MGMxCzAJBgNVBAYTAlVT # MRYwFAYDVQQKEw1FbnRydXN0LCBJbmMuMTwwOgYDVQQDEzNFbnRydXN0IEV4dGVu # ZGVkIFZhbGlkYXRpb24gQ29kZSBTaWduaW5nIENBIC0gRVZDUzICEAOskDJ0+Aev # qWO8oNH/1wUwDQYJYIZIAWUDBAIBBQCggYQwGAYKKwYBBAGCNwIBDDEKMAigAoAA # oQKAADAZBgkqhkiG9w0BCQMxDAYKKwYBBAGCNwIBBDAcBgorBgEEAYI3AgELMQ4w # DAYKKwYBBAGCNwIBFTAvBgkqhkiG9w0BCQQxIgQgJxdEmFWA2ek9KrBcqsLHWbDr # 2v7kk9mVoY1vsINp3GIwDQYJKoZIhvcNAQEBBQAEggIAXDb/w2ZmNGl/GbEdvnpE # +zGxCE63jleeYpTRgs8xG1wTPqS2YuLNtJ9cYIa9VW2HH9H0wnpM3NEOyecNpCOG # 2OG/AkGxMHqIoK2G1ccQkGqhZ8vkcJtl7g89yC7SNf6JuS4U7Hedb/3vagbKbtSL # gHT/vArhW2rSndlcObqcd//iYHPd2Dj8gBEhIJP350XAwnBb78eCFRI/1ZkqXSJw # 1yQwOzcT+KqVDCOJR6iX+W1Z+TxU8hbKPV7HyCWBJ+QguxcB3iNcHZt3Ah5KSboD # fX6C8y3+srQ0f7HndTfnuMUnMpdq7TgVgasb7zvIy1x/jrO3xdzSyJ8X0LUnu9FJ # wAzCdWpXyA1fRD25l7PZS/0zKUO/OC/Uj/1T8a9t0c26OPfWsdLXp36r+ftDCFjt # QdfKWVOesWmqtZcM0LGsLrL8jXpIhj91/rtBlLY6+uKpUQ0oajPF4HFK5yCuC3ZM # ZwMdW43IUo8YiBtj7NF8eCSrUP2zzXracvIUmlPmrZAaONcMw7I2+mUNhBo0HxcH # LQ4GW4Z8uQefdS/35yGVNp82WzTs2ErcpDQ1gCVphSMAwf01ayx4YqGc4VXn55J/ # L1JpFNmHUVRqswL5r801DwYkpU20CeEpZeQ0/2LxLFMDNwxNghw+7IlkLouJl9tx # 9aewZXZ47VQ1mKQPJltPCvOhggMgMIIDHAYJKoZIhvcNAQkGMYIDDTCCAwkCAQEw # dzBjMQswCQYDVQQGEwJVUzEXMBUGA1UEChMORGlnaUNlcnQsIEluYy4xOzA5BgNV # BAMTMkRpZ2lDZXJ0IFRydXN0ZWQgRzQgUlNBNDA5NiBTSEEyNTYgVGltZVN0YW1w # aW5nIENBAhAFRK/zlJ0IOaa/2z9f5WEWMA0GCWCGSAFlAwQCAQUAoGkwGAYJKoZI # hvcNAQkDMQsGCSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMjMwOTE1MTYwODUz # WjAvBgkqhkiG9w0BCQQxIgQgUyVxn9FqCN8OyDT1px1CwbE+Xqf8Gb1XVySMeQ39 # +iowDQYJKoZIhvcNAQEBBQAEggIACt+Q1CVKZSrICUTsgQTkDmdZ03mgVQvH12+Q # KiOXudEgr/K35UI9AydKtmSJWD4NSKZEdib9DjJVYOkoOFT+oBp4El+Em2rYle7r # yByR118DR0rblC1tpoHorO3ZcDcEeyKi5TBLTQpt1B/qkT0l6YR9i4u7WfQtqSzW # pmRXBKGHhSfUX2fO79BqYuSxsUXXuiI0xolp7mPe2TcfUopc/tL3H2akOIyEgNJw # qaXxQfRlkH7+6K9kvzMio1qxG/J0E+Ktu3QwG4LYDa0T9uV3/0T0pKMgUvzrfYVo # B2bn1eNQ+SwasaPMKbUT3Q+Gg+QyRH30xxu5QkzYYd5AC+OHvOTSKZP3uDveypQi # XaNPVbK1PMbpXIPuH2M1W/JcT6YYiSV9DRiCkHP4Gn+KYpNIF2UGZF5jGz4Mj/Gj # oCL2iBpJPNa+VgadaHnOyxndt3I5Fk63x5xVrA+2k6MdfoAQzW4U7zWjC6OctkDn # hyJ/+i6PXMsT1kN5OtjFWVOySzaYgPxUfPRe8iarlLNfjKIqaGMRdWSjhERHy0GS # HIk7lBUmC64+DiSOKaJV+zI8LMc19z7U1xAqVZ/N4jRPBwTRb3JARfJUpknfm/Pj # JqUhgMEkZxmPJ9c54OPb+XOQjItiiWll9fcA/r9ylqBt1CfmSzToYKSWuAjyReei # jeV7ZEs= # SIG # End signature block |