exports/latest-2019-04-30/Get-AzADServicePrincipal.ps1
|
<# .Synopsis Gets service principal information from the directory. Query by objectId or pass a filter to query by appId .Description Gets service principal information from the directory. Query by objectId or pass a filter to query by appId .Example To view examples, please use the -Online parameter with Get-Help or navigate to: https://docs.microsoft.com/en-us/powershell/module/az.resources/get-azadserviceprincipal .Inputs Microsoft.Azure.PowerShell.Cmdlets.Resources.Models.IResourcesIdentity .Outputs Microsoft.Azure.PowerShell.Cmdlets.Resources.Models.Api16.IServicePrincipal .Notes COMPLEX PARAMETER PROPERTIES To create the parameters described below, construct a hash table containing the appropriate properties. For information on hash tables, run Get-Help about_Hash_Tables. APPLICATIONOBJECT <IApplication>: The object representation of the application. [(Any) <Object>]: This indicates any property can be added to this object. [AllowGuestsSignIn <Boolean?>]: A property on the application to indicate if the application accepts other IDPs or not or partially accepts. [AllowPassthroughUser <Boolean?>]: Indicates that the application supports pass through users who have no presence in the resource tenant. [AppId <String>]: The application ID. [AppLogoUrl <String>]: The url for the application logo image stored in a CDN. [AppPermission <String[]>]: The application permissions. [AppRole <IAppRole[]>]: The collection of application roles that an application may declare. These roles can be assigned to users, groups or service principals. [AllowedMemberType <String[]>]: Specifies whether this app role definition can be assigned to users and groups by setting to 'User', or to other applications (that are accessing this application in daemon service scenarios) by setting to 'Application', or to both. [Description <String>]: Permission help text that appears in the admin app assignment and consent experiences. [DisplayName <String>]: Display name for the permission that appears in the admin consent and app assignment experiences. [Id <String>]: Unique role identifier inside the appRoles collection. [IsEnabled <Boolean?>]: When creating or updating a role definition, this must be set to true (which is the default). To delete a role, this must first be set to false. At that point, in a subsequent call, this role may be removed. [Value <String>]: Specifies the value of the roles claim that the application should expect in the authentication and access tokens. [AvailableToOtherTenant <Boolean?>]: Whether the application is available to other tenants. [DisplayName <String>]: The display name of the application. [ErrorUrl <String>]: A URL provided by the author of the application to report errors when using the application. [GroupMembershipClaim <GroupMembershipClaimTypes?>]: Configures the groups claim issued in a user or OAuth 2.0 access token that the app expects. [Homepage <String>]: The home page of the application. [IdentifierUri <String[]>]: A collection of URIs for the application. [InformationalUrlMarketing <String>]: The marketing URI [InformationalUrlPrivacy <String>]: The privacy policy URI [InformationalUrlSupport <String>]: The support URI [InformationalUrlTermsOfService <String>]: The terms of service URI [IsDeviceOnlyAuthSupported <Boolean?>]: Specifies whether this application supports device authentication without a user. The default is false. [KeyCredentials <IKeyCredential[]>]: A collection of KeyCredential objects. [CustomKeyIdentifier <String>]: Custom Key Identifier [EndDate <DateTime?>]: End date. [KeyId <String>]: Key ID. [StartDate <DateTime?>]: Start date. [Type <String>]: Type. Acceptable values are 'AsymmetricX509Cert' and 'Symmetric'. [Usage <String>]: Usage. Acceptable values are 'Verify' and 'Sign'. [Value <String>]: Key value. [KnownClientApplication <String[]>]: Client applications that are tied to this resource application. Consent to any of the known client applications will result in implicit consent to the resource application through a combined consent dialog (showing the OAuth permission scopes required by the client and the resource). [LogoutUrl <String>]: the url of the logout page [Oauth2AllowImplicitFlow <Boolean?>]: Whether to allow implicit grant flow for OAuth2 [Oauth2AllowUrlPathMatching <Boolean?>]: Specifies whether during a token Request Azure AD will allow path matching of the redirect URI against the applications collection of replyURLs. The default is false. [Oauth2Permission <IOAuth2Permission[]>]: The collection of OAuth 2.0 permission scopes that the web API (resource) application exposes to client applications. These permission scopes may be granted to client applications during consent. [AdminConsentDescription <String>]: Permission help text that appears in the admin consent and app assignment experiences. [AdminConsentDisplayName <String>]: Display name for the permission that appears in the admin consent and app assignment experiences. [Id <String>]: Unique scope permission identifier inside the oauth2Permissions collection. [IsEnabled <Boolean?>]: When creating or updating a permission, this property must be set to true (which is the default). To delete a permission, this property must first be set to false. At that point, in a subsequent call, the permission may be removed. [Type <String>]: Specifies whether this scope permission can be consented to by an end user, or whether it is a tenant-wide permission that must be consented to by a Company Administrator. Possible values are "User" or "Admin". [UserConsentDescription <String>]: Permission help text that appears in the end user consent experience. [UserConsentDisplayName <String>]: Display name for the permission that appears in the end user consent experience. [Value <String>]: The value of the scope claim that the resource application should expect in the OAuth 2.0 access token. [Oauth2RequirePostResponse <Boolean?>]: Specifies whether, as part of OAuth 2.0 token requests, Azure AD will allow POST requests, as opposed to GET requests. The default is false, which specifies that only GET requests will be allowed. [OptionalClaimAccessToken <IOptionalClaim[]>]: Optional claims requested to be included in the access token. [AdditionalProperty <IOptionalClaimAdditionalProperties>]: [Essential <Boolean?>]: Is this a required claim. [Name <String>]: Claim name. [Source <String>]: Claim source. [OptionalClaimIdToken <IOptionalClaim[]>]: Optional claims requested to be included in the id token. [OptionalClaimSamlToken <IOptionalClaim[]>]: Optional claims requested to be included in the saml token. [OrgRestriction <String[]>]: A list of tenants allowed to access application. [PasswordCredentials <IPasswordCredential[]>]: A collection of PasswordCredential objects [CustomKeyIdentifier <Byte[]>]: Custom Key Identifier [EndDate <DateTime?>]: End date. [KeyId <String>]: Key ID. [StartDate <DateTime?>]: Start date. [Value <String>]: Key value. [PreAuthorizedApplication <IPreAuthorizedApplication[]>]: list of pre-authorized applications. [AppId <String>]: Represents the application id. [Extension <IPreAuthorizedApplicationExtension[]>]: Collection of extensions from the resource application. [Condition <String[]>]: The extension's conditions. [Permission <IPreAuthorizedApplicationPermission[]>]: Collection of required app permissions/entitlements from the resource application. [AccessGrant <String[]>]: The list of permissions. [DirectAccessGrant <Boolean?>]: Indicates whether the permission set is DirectAccess or impersonation. [PublicClient <Boolean?>]: Specifies whether this application is a public client (such as an installed application running on a mobile device). Default is false. [PublisherDomain <String>]: Reliable domain which can be used to identify an application. [ReplyUrl <String[]>]: A collection of reply URLs for the application. [RequiredResourceAccess <IRequiredResourceAccess[]>]: Specifies resources that this application requires access to and the set of OAuth permission scopes and application roles that it needs under each of those resources. This pre-configuration of required resource access drives the consent experience. ResourceAccess <IResourceAccess[]>: The list of OAuth2.0 permission scopes and app roles that the application requires from the specified resource. Id <String>: The unique identifier for one of the OAuth2Permission or AppRole instances that the resource application exposes. [Type <String>]: Specifies whether the id property references an OAuth2Permission or an AppRole. Possible values are "scope" or "role". [ResourceAppId <String>]: The unique identifier for the resource that the application requires access to. This should be equal to the appId declared on the target resource application. [SamlMetadataUrl <String>]: The URL to the SAML metadata for the application. [SignInAudience <String>]: Audience for signing in to the application (AzureADMyOrganization, AzureADAllOrganizations, AzureADAndMicrosoftAccounts). [WwwHomepage <String>]: The primary Web page. INPUTOBJECT <IResourcesIdentity>: Identity Parameter [ApplianceDefinitionId <String>]: The fully qualified ID of the appliance definition, including the appliance name and the appliance definition resource type. Use the format, /subscriptions/{guid}/resourceGroups/{resource-group-name}/Microsoft.Solutions/applianceDefinitions/{applianceDefinition-name} [ApplianceDefinitionName <String>]: The name of the appliance definition. [ApplianceId <String>]: The fully qualified ID of the appliance, including the appliance name and the appliance resource type. Use the format, /subscriptions/{guid}/resourceGroups/{resource-group-name}/Microsoft.Solutions/appliances/{appliance-name} [ApplianceName <String>]: The name of the appliance. [ApplicationDefinitionId <String>]: The fully qualified ID of the managed application definition, including the managed application name and the managed application definition resource type. Use the format, /subscriptions/{guid}/resourceGroups/{resource-group-name}/Microsoft.Solutions/applicationDefinitions/{applicationDefinition-name} [ApplicationDefinitionName <String>]: The name of the managed application definition. [ApplicationId <String>]: The application ID. [ApplicationId1 <String>]: The fully qualified ID of the managed application, including the managed application name and the managed application resource type. Use the format, /subscriptions/{guid}/resourceGroups/{resource-group-name}/Microsoft.Solutions/applications/{application-name} [ApplicationName <String>]: The name of the managed application. [ApplicationObjectId <String>]: Application object ID. [DenyAssignmentId <String>]: The ID of the deny assignment to get. [DeploymentName <String>]: The name of the deployment. [DomainName <String>]: name of the domain. [FeatureName <String>]: The name of the feature to get. [GroupId <String>]: Management Group ID. [GroupObjectId <String>]: The object ID of the group from which to remove the member. [Id <String>]: Resource identity path [LinkId <String>]: The fully qualified ID of the resource link. Use the format, /subscriptions/{subscription-id}/resourceGroups/{resource-group-name}/{provider-namespace}/{resource-type}/{resource-name}/Microsoft.Resources/links/{link-name}. For example, /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/myGroup/Microsoft.Web/sites/mySite/Microsoft.Resources/links/myLink [LockName <String>]: The name of lock. [ManagementGroupId <String>]: The ID of the management group. [MemberObjectId <String>]: Member object id [ObjectId <String>]: Application object ID. [OperationId <String>]: The ID of the operation to get. [OwnerObjectId <String>]: Owner object id [ParentResourcePath <String>]: The parent resource identity. [PolicyAssignmentId <String>]: The ID of the policy assignment to delete. Use the format '{scope}/providers/Microsoft.Authorization/policyAssignments/{policyAssignmentName}'. [PolicyAssignmentName <String>]: The name of the policy assignment to delete. [PolicyDefinitionName <String>]: The name of the policy definition to create. [PolicySetDefinitionName <String>]: The name of the policy set definition to create. [ResourceGroupName <String>]: The name of the resource group that contains the resource to delete. The name is case insensitive. [ResourceId <String>]: The fully qualified ID of the resource, including the resource name and resource type. Use the format, /subscriptions/{guid}/resourceGroups/{resource-group-name}/{resource-provider-namespace}/{resource-type}/{resource-name} [ResourceName <String>]: The name of the resource to delete. [ResourceProviderNamespace <String>]: The namespace of the resource provider. [ResourceType <String>]: The resource type. [RoleAssignmentId <String>]: The ID of the role assignment to delete. [RoleAssignmentName <String>]: The name of the role assignment to delete. [RoleDefinitionId <String>]: The ID of the role definition to delete. [RoleId <String>]: The ID of the role assignment to delete. [Scope <String>]: The scope for the lock. [SourceResourceGroupName <String>]: The name of the resource group containing the resources to move. [SubscriptionId <String>]: The ID of the target subscription. [TagName <String>]: The name of the tag. [TagValue <String>]: The value of the tag to delete. [TenantId <String>]: The tenant ID. [UpnOrObjectId <String>]: The object ID or principal name of the user for which to get information. .Link https://docs.microsoft.com/en-us/powershell/module/az.resources/get-azadserviceprincipal #> function Get-AzADServicePrincipal { [OutputType([Microsoft.Azure.PowerShell.Cmdlets.Resources.Models.Api16.IServicePrincipal])] [CmdletBinding(DefaultParameterSetName='List', PositionalBinding=$false)] [Microsoft.Azure.PowerShell.Cmdlets.Resources.Profile('latest-2019-04-30')] param( [Parameter(ParameterSetName='Get', Mandatory)] [Microsoft.Azure.PowerShell.Cmdlets.Resources.Category('Path')] [System.String] # The object ID of the service principal to get. ${ObjectId}, [Parameter(ParameterSetName='Get', Mandatory)] [Parameter(ParameterSetName='List', Mandatory)] [Parameter(ParameterSetName='GetByApplicationId', Mandatory)] [Parameter(ParameterSetName='GetByApplicationObject', Mandatory)] [Parameter(ParameterSetName='GetByDisplayName', Mandatory)] [Parameter(ParameterSetName='GetByDisplayNamePrefix', Mandatory)] [Parameter(ParameterSetName='GetBySPN', Mandatory)] [Microsoft.Azure.PowerShell.Cmdlets.Resources.Category('Path')] [System.String] # The tenant ID. ${TenantId}, [Parameter(ParameterSetName='GetViaIdentity', Mandatory, ValueFromPipeline)] [Microsoft.Azure.PowerShell.Cmdlets.Resources.Category('Path')] [Microsoft.Azure.PowerShell.Cmdlets.Resources.Models.IResourcesIdentity] # Identity Parameter # To construct, see NOTES section for INPUTOBJECT properties and create a hash table. ${InputObject}, [Parameter(ParameterSetName='List')] [Alias('ODataQuery')] [Microsoft.Azure.PowerShell.Cmdlets.Resources.Category('Query')] [System.String] # The filter to apply to the operation. ${Filter}, [Parameter(ParameterSetName='GetByApplicationId', Mandatory)] [Microsoft.Azure.PowerShell.Cmdlets.Resources.Category('Body')] [System.String] # The application id of the application. ${ApplicationId}, [Parameter(ParameterSetName='GetByApplicationObject', Mandatory)] [Microsoft.Azure.PowerShell.Cmdlets.Resources.Category('Body')] [Microsoft.Azure.PowerShell.Cmdlets.Resources.Models.Api16.IApplication] # The object representation of the application. # To construct, see NOTES section for APPLICATIONOBJECT properties and create a hash table. ${ApplicationObject}, [Parameter(ParameterSetName='GetByDisplayName', Mandatory)] [Microsoft.Azure.PowerShell.Cmdlets.Resources.Category('Body')] [System.String] # The display name of the application. ${DisplayName}, [Parameter(ParameterSetName='GetByDisplayNamePrefix', Mandatory)] [Microsoft.Azure.PowerShell.Cmdlets.Resources.Category('Body')] [System.String] # The prefix of the display name of the application. ${DisplayNameBeginsWith}, [Parameter(ParameterSetName='GetBySPN', Mandatory)] [Alias('SPN')] [Microsoft.Azure.PowerShell.Cmdlets.Resources.Category('Body')] [System.String] # The display name of the application. ${ServicePrincipalName}, [Parameter()] [Alias('AzureRMContext', 'AzureCredential')] [ValidateNotNull()] [Microsoft.Azure.PowerShell.Cmdlets.Resources.Category('Azure')] [System.Management.Automation.PSObject] # The credentials, account, tenant, and subscription used for communication with Azure. ${DefaultProfile}, [Parameter(DontShow)] [Microsoft.Azure.PowerShell.Cmdlets.Resources.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Wait for .NET debugger to attach ${Break}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Azure.PowerShell.Cmdlets.Resources.Category('Runtime')] [Microsoft.Azure.PowerShell.Cmdlets.Resources.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be appended to the front of the pipeline ${HttpPipelineAppend}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Azure.PowerShell.Cmdlets.Resources.Category('Runtime')] [Microsoft.Azure.PowerShell.Cmdlets.Resources.Runtime.SendAsyncStep[]] # SendAsync Pipeline Steps to be prepended to the front of the pipeline ${HttpPipelinePrepend}, [Parameter(DontShow)] [Microsoft.Azure.PowerShell.Cmdlets.Resources.Category('Runtime')] [System.Uri] # The URI for the proxy server to use ${Proxy}, [Parameter(DontShow)] [ValidateNotNull()] [Microsoft.Azure.PowerShell.Cmdlets.Resources.Category('Runtime')] [System.Management.Automation.PSCredential] # Credentials for a proxy server to use for the remote call ${ProxyCredential}, [Parameter(DontShow)] [Microsoft.Azure.PowerShell.Cmdlets.Resources.Category('Runtime')] [System.Management.Automation.SwitchParameter] # Use the default credentials for the proxy ${ProxyUseDefaultCredentials} ) begin { try { $outBuffer = $null if ($PSBoundParameters.TryGetValue('OutBuffer', [ref]$outBuffer)) { $PSBoundParameters['OutBuffer'] = 1 } $parameterSet = $PSCmdlet.ParameterSetName $mapping = @{ Get = 'Az.Resources.private\Get-AzADServicePrincipal_Get'; GetViaIdentity = 'Az.Resources.private\Get-AzADServicePrincipal_GetViaIdentity'; List = 'Az.Resources.private\Get-AzADServicePrincipal_List'; GetByApplicationId = 'Az.Resources.custom\Get-AzADServicePrincipal_GetByApplicationId'; GetByApplicationObject = 'Az.Resources.custom\Get-AzADServicePrincipal_GetByApplicationObject'; GetByDisplayName = 'Az.Resources.custom\Get-AzADServicePrincipal_GetByDisplayName'; GetByDisplayNamePrefix = 'Az.Resources.custom\Get-AzADServicePrincipal_GetByDisplayNamePrefix'; GetBySPN = 'Az.Resources.custom\Get-AzADServicePrincipal_GetBySPN'; } $wrappedCmd = $ExecutionContext.InvokeCommand.GetCommand(($mapping[$parameterSet]), [System.Management.Automation.CommandTypes]::Cmdlet) $scriptCmd = {& $wrappedCmd @PSBoundParameters} $steppablePipeline = $scriptCmd.GetSteppablePipeline($MyInvocation.CommandOrigin) $steppablePipeline.Begin($PSCmdlet) } catch { throw } } process { try { $steppablePipeline.Process($_) } catch { throw } } end { try { $steppablePipeline.End() } catch { throw } } } # SIG # Begin signature block # MIIjhQYJKoZIhvcNAQcCoIIjdjCCI3ICAQExDzANBglghkgBZQMEAgEFADB5Bgor # BgEEAYI3AgEEoGswaTA0BgorBgEEAYI3AgEeMCYCAwEAAAQQH8w7YFlLCE63JNLG # KX7zUQIBAAIBAAIBAAIBAAIBADAxMA0GCWCGSAFlAwQCAQUABCALMQcA7/WQXsFK # qkqr0dQWPkYRlPSMzrsyB2ffB/R0o6CCDYEwggX/MIID56ADAgECAhMzAAABUZ6N # j0Bxow5BAAAAAAFRMA0GCSqGSIb3DQEBCwUAMH4xCzAJBgNVBAYTAlVTMRMwEQYD # VQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMTH01pY3Jvc29mdCBDb2RlIFNpZ25p # bmcgUENBIDIwMTEwHhcNMTkwNTAyMjEzNzQ2WhcNMjAwNTAyMjEzNzQ2WjB0MQsw # CQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9u # ZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMR4wHAYDVQQDExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB # AQCVWsaGaUcdNB7xVcNmdfZiVBhYFGcn8KMqxgNIvOZWNH9JYQLuhHhmJ5RWISy1 # oey3zTuxqLbkHAdmbeU8NFMo49Pv71MgIS9IG/EtqwOH7upan+lIq6NOcw5fO6Os # +12R0Q28MzGn+3y7F2mKDnopVu0sEufy453gxz16M8bAw4+QXuv7+fR9WzRJ2CpU # 62wQKYiFQMfew6Vh5fuPoXloN3k6+Qlz7zgcT4YRmxzx7jMVpP/uvK6sZcBxQ3Wg # B/WkyXHgxaY19IAzLq2QiPiX2YryiR5EsYBq35BP7U15DlZtpSs2wIYTkkDBxhPJ # IDJgowZu5GyhHdqrst3OjkSRAgMBAAGjggF+MIIBejAfBgNVHSUEGDAWBgorBgEE # AYI3TAgBBggrBgEFBQcDAzAdBgNVHQ4EFgQUV4Iarkq57esagu6FUBb270Zijc8w # UAYDVR0RBEkwR6RFMEMxKTAnBgNVBAsTIE1pY3Jvc29mdCBPcGVyYXRpb25zIFB1 # ZXJ0byBSaWNvMRYwFAYDVQQFEw0yMzAwMTIrNDU0MTM1MB8GA1UdIwQYMBaAFEhu # ZOVQBdOCqhc3NyK1bajKdQKVMFQGA1UdHwRNMEswSaBHoEWGQ2h0dHA6Ly93d3cu # bWljcm9zb2Z0LmNvbS9wa2lvcHMvY3JsL01pY0NvZFNpZ1BDQTIwMTFfMjAxMS0w # Ny0wOC5jcmwwYQYIKwYBBQUHAQEEVTBTMFEGCCsGAQUFBzAChkVodHRwOi8vd3d3 # Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2NlcnRzL01pY0NvZFNpZ1BDQTIwMTFfMjAx # MS0wNy0wOC5jcnQwDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQsFAAOCAgEAWg+A # rS4Anq7KrogslIQnoMHSXUPr/RqOIhJX+32ObuY3MFvdlRElbSsSJxrRy/OCCZdS # se+f2AqQ+F/2aYwBDmUQbeMB8n0pYLZnOPifqe78RBH2fVZsvXxyfizbHubWWoUf # NW/FJlZlLXwJmF3BoL8E2p09K3hagwz/otcKtQ1+Q4+DaOYXWleqJrJUsnHs9UiL # crVF0leL/Q1V5bshob2OTlZq0qzSdrMDLWdhyrUOxnZ+ojZ7UdTY4VnCuogbZ9Zs # 9syJbg7ZUS9SVgYkowRsWv5jV4lbqTD+tG4FzhOwcRQwdb6A8zp2Nnd+s7VdCuYF # sGgI41ucD8oxVfcAMjF9YX5N2s4mltkqnUe3/htVrnxKKDAwSYliaux2L7gKw+bD # 1kEZ/5ozLRnJ3jjDkomTrPctokY/KaZ1qub0NUnmOKH+3xUK/plWJK8BOQYuU7gK # YH7Yy9WSKNlP7pKj6i417+3Na/frInjnBkKRCJ/eYTvBH+s5guezpfQWtU4bNo/j # 8Qw2vpTQ9w7flhH78Rmwd319+YTmhv7TcxDbWlyteaj4RK2wk3pY1oSz2JPE5PNu # Nmd9Gmf6oePZgy7Ii9JLLq8SnULV7b+IP0UXRY9q+GdRjM2AEX6msZvvPCIoG0aY # HQu9wZsKEK2jqvWi8/xdeeeSI9FN6K1w4oVQM4Mwggd6MIIFYqADAgECAgphDpDS # AAAAAAADMA0GCSqGSIb3DQEBCwUAMIGIMQswCQYDVQQGEwJVUzETMBEGA1UECBMK # V2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0 # IENvcnBvcmF0aW9uMTIwMAYDVQQDEylNaWNyb3NvZnQgUm9vdCBDZXJ0aWZpY2F0 # ZSBBdXRob3JpdHkgMjAxMTAeFw0xMTA3MDgyMDU5MDlaFw0yNjA3MDgyMTA5MDla # MH4xCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdS # ZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMT # H01pY3Jvc29mdCBDb2RlIFNpZ25pbmcgUENBIDIwMTEwggIiMA0GCSqGSIb3DQEB # AQUAA4ICDwAwggIKAoICAQCr8PpyEBwurdhuqoIQTTS68rZYIZ9CGypr6VpQqrgG # OBoESbp/wwwe3TdrxhLYC/A4wpkGsMg51QEUMULTiQ15ZId+lGAkbK+eSZzpaF7S # 35tTsgosw6/ZqSuuegmv15ZZymAaBelmdugyUiYSL+erCFDPs0S3XdjELgN1q2jz # y23zOlyhFvRGuuA4ZKxuZDV4pqBjDy3TQJP4494HDdVceaVJKecNvqATd76UPe/7 # 4ytaEB9NViiienLgEjq3SV7Y7e1DkYPZe7J7hhvZPrGMXeiJT4Qa8qEvWeSQOy2u # M1jFtz7+MtOzAz2xsq+SOH7SnYAs9U5WkSE1JcM5bmR/U7qcD60ZI4TL9LoDho33 # X/DQUr+MlIe8wCF0JV8YKLbMJyg4JZg5SjbPfLGSrhwjp6lm7GEfauEoSZ1fiOIl # XdMhSz5SxLVXPyQD8NF6Wy/VI+NwXQ9RRnez+ADhvKwCgl/bwBWzvRvUVUvnOaEP # 6SNJvBi4RHxF5MHDcnrgcuck379GmcXvwhxX24ON7E1JMKerjt/sW5+v/N2wZuLB # l4F77dbtS+dJKacTKKanfWeA5opieF+yL4TXV5xcv3coKPHtbcMojyyPQDdPweGF # RInECUzF1KVDL3SV9274eCBYLBNdYJWaPk8zhNqwiBfenk70lrC8RqBsmNLg1oiM # CwIDAQABo4IB7TCCAekwEAYJKwYBBAGCNxUBBAMCAQAwHQYDVR0OBBYEFEhuZOVQ # BdOCqhc3NyK1bajKdQKVMBkGCSsGAQQBgjcUAgQMHgoAUwB1AGIAQwBBMAsGA1Ud # DwQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFHItOgIxkEO5FAVO # 4eqnxzHRI4k0MFoGA1UdHwRTMFEwT6BNoEuGSWh0dHA6Ly9jcmwubWljcm9zb2Z0 # LmNvbS9wa2kvY3JsL3Byb2R1Y3RzL01pY1Jvb0NlckF1dDIwMTFfMjAxMV8wM18y # Mi5jcmwwXgYIKwYBBQUHAQEEUjBQME4GCCsGAQUFBzAChkJodHRwOi8vd3d3Lm1p # Y3Jvc29mdC5jb20vcGtpL2NlcnRzL01pY1Jvb0NlckF1dDIwMTFfMjAxMV8wM18y # Mi5jcnQwgZ8GA1UdIASBlzCBlDCBkQYJKwYBBAGCNy4DMIGDMD8GCCsGAQUFBwIB # FjNodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2RvY3MvcHJpbWFyeWNw # cy5odG0wQAYIKwYBBQUHAgIwNB4yIB0ATABlAGcAYQBsAF8AcABvAGwAaQBjAHkA # XwBzAHQAYQB0AGUAbQBlAG4AdAAuIB0wDQYJKoZIhvcNAQELBQADggIBAGfyhqWY # 4FR5Gi7T2HRnIpsLlhHhY5KZQpZ90nkMkMFlXy4sPvjDctFtg/6+P+gKyju/R6mj # 82nbY78iNaWXXWWEkH2LRlBV2AySfNIaSxzzPEKLUtCw/WvjPgcuKZvmPRul1LUd # d5Q54ulkyUQ9eHoj8xN9ppB0g430yyYCRirCihC7pKkFDJvtaPpoLpWgKj8qa1hJ # Yx8JaW5amJbkg/TAj/NGK978O9C9Ne9uJa7lryft0N3zDq+ZKJeYTQ49C/IIidYf # wzIY4vDFLc5bnrRJOQrGCsLGra7lstnbFYhRRVg4MnEnGn+x9Cf43iw6IGmYslmJ # aG5vp7d0w0AFBqYBKig+gj8TTWYLwLNN9eGPfxxvFX1Fp3blQCplo8NdUmKGwx1j # NpeG39rz+PIWoZon4c2ll9DuXWNB41sHnIc+BncG0QaxdR8UvmFhtfDcxhsEvt9B # xw4o7t5lL+yX9qFcltgA1qFGvVnzl6UJS0gQmYAf0AApxbGbpT9Fdx41xtKiop96 # eiL6SJUfq/tHI4D1nvi/a7dLl+LrdXga7Oo3mXkYS//WsyNodeav+vyL6wuA6mk7 # r/ww7QRMjt/fdW1jkT3RnVZOT7+AVyKheBEyIXrvQQqxP/uozKRdwaGIm1dxVk5I # RcBCyZt2WwqASGv9eZ/BvW1taslScxMNelDNMYIVWjCCFVYCAQEwgZUwfjELMAkG # A1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQx # HjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEoMCYGA1UEAxMfTWljcm9z # b2Z0IENvZGUgU2lnbmluZyBQQ0EgMjAxMQITMwAAAVGejY9AcaMOQQAAAAABUTAN # BglghkgBZQMEAgEFAKCBrjAZBgkqhkiG9w0BCQMxDAYKKwYBBAGCNwIBBDAcBgor # BgEEAYI3AgELMQ4wDAYKKwYBBAGCNwIBFTAvBgkqhkiG9w0BCQQxIgQgvtFuqcUj # gUpQuR8HjAPGZwaQTyOTiBppyF7RlfskxScwQgYKKwYBBAGCNwIBDDE0MDKgFIAS # AE0AaQBjAHIAbwBzAG8AZgB0oRqAGGh0dHA6Ly93d3cubWljcm9zb2Z0LmNvbTAN # BgkqhkiG9w0BAQEFAASCAQBX71F5mZnW90dyFXhX4FVQRT4Drk6tr1T4RM/pGqL5 # G3MUMvYiwISPTtUVnyadGBOF2BkB2NpXbZIJNDYOL+v0lluAxv+I/uQJn4rRxdui # TVrkawLPEAYq9zL75BgBK3WJ5Q+wSupov6OIptxBF2Nhb/jvCdVUNMICsD6xRV2x # eVDq/ub/g4tNDklYXOk7UbOaNU+SfkBmlBTgvGWeAYTbi2UCdWPS0kRbk7igIlD3 # hWygSnZlTPRKLmuBFOUOpp2L3jzFau12qZ2V4VL0TZrB6BDvamSfW92o3lbgn9il # B3vU2RdtqbD2TOWq7U1BaCryBxaHMWU+OhTu7FHyfjsToYIS5DCCEuAGCisGAQQB # gjcDAwExghLQMIISzAYJKoZIhvcNAQcCoIISvTCCErkCAQMxDzANBglghkgBZQME # AgEFADCCAVAGCyqGSIb3DQEJEAEEoIIBPwSCATswggE3AgEBBgorBgEEAYRZCgMB # MDEwDQYJYIZIAWUDBAIBBQAEINRjA+TH6hKrYl+IqI92cQEIljVsinrK5/zrPyJT # M2VwAgZdjfvdxdAYEjIwMTkxMDA4MTIxMTQwLjYyWjAEgAIB9KCB0KSBzTCByjEL # MAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1v # bmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjElMCMGA1UECxMcTWlj # cm9zb2Z0IEFtZXJpY2EgT3BlcmF0aW9uczEmMCQGA1UECxMdVGhhbGVzIFRTUyBF # U046MUE4Ri1FM0MzLUQ2OUQxJTAjBgNVBAMTHE1pY3Jvc29mdCBUaW1lLVN0YW1w # IFNlcnZpY2Wggg48MIIE8TCCA9mgAwIBAgITMwAAAPJ2DfwKMergIgAAAAAA8jAN # BgkqhkiG9w0BAQsFADB8MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3Rv # bjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0 # aW9uMSYwJAYDVQQDEx1NaWNyb3NvZnQgVGltZS1TdGFtcCBQQ0EgMjAxMDAeFw0x # ODEwMjQyMTE0MjRaFw0yMDAxMTAyMTE0MjRaMIHKMQswCQYDVQQGEwJVUzETMBEG # A1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWlj # cm9zb2Z0IENvcnBvcmF0aW9uMSUwIwYDVQQLExxNaWNyb3NvZnQgQW1lcmljYSBP # cGVyYXRpb25zMSYwJAYDVQQLEx1UaGFsZXMgVFNTIEVTTjoxQThGLUUzQzMtRDY5 # RDElMCMGA1UEAxMcTWljcm9zb2Z0IFRpbWUtU3RhbXAgU2VydmljZTCCASIwDQYJ # KoZIhvcNAQEBBQADggEPADCCAQoCggEBALYlr+mvw/bLN8BodJPfXW1bq2TM5g/t # VFIYQMz8NhWK4/LSF0AzcAKNm3CbI5tOw7ZmGlDMC9U32Bh1fzTxH8cYLPLhWIV8 # 0gddFzG/oEnehainhq1z1yyPaye/Qw+sC+/rfEelKS7HUp41m2tcnk831Brqpjyi # mfw68vA5PTxKbkMZlEEoM+3qwJHZKZhhuFFcWX5Ge142+Jc8z2vk5o7D+EGdv5hz # KdiLVyTdAjFAMY3IaVY8bMKTTxJDs1PI3w1zTk6GS0BN9nYjWVWkdJ3wr15reNft # Ts9BibtgfDLA128qPpXFET8pDkjMx7L+YFJ9CCY/p/OUR4iiS7OdWzsCAwEAAaOC # ARswggEXMB0GA1UdDgQWBBS4/tw8WnSXg/JrywXuYexbkrFyyTAfBgNVHSMEGDAW # gBTVYzpcijGQ80N7fEYbxTNoWoVtVTBWBgNVHR8ETzBNMEugSaBHhkVodHRwOi8v # Y3JsLm1pY3Jvc29mdC5jb20vcGtpL2NybC9wcm9kdWN0cy9NaWNUaW1TdGFQQ0Ff # MjAxMC0wNy0wMS5jcmwwWgYIKwYBBQUHAQEETjBMMEoGCCsGAQUFBzAChj5odHRw # Oi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpL2NlcnRzL01pY1RpbVN0YVBDQV8yMDEw # LTA3LTAxLmNydDAMBgNVHRMBAf8EAjAAMBMGA1UdJQQMMAoGCCsGAQUFBwMIMA0G # CSqGSIb3DQEBCwUAA4IBAQCa9o0v2tms0rHwgF0t6PXcR8LkVR5l8g+NtO2Yv2Om # 5IpDP2IuIyUEUWs3WX/PSpDS3Bvs6cCWJJKQO5f/fNylna5dv0UjNeF0L66KCliJ # XGwxNHCbcWIqASm61GgeE/DbyXw3+FeK5OUqexcYRNL8u3ZZIJJV14vsUZUBRaJ6 # NrMNYCRJPNM3JRNI9fSxZFaGu9KW/GguyYBvqUqvYQTXvHMXSJsqdMiIupTFP2gD # eBgowQY+ucJEwiuImpgtZZX5ogy+Tz6CQ+0eh+/3lVMOKQvytF8Tji0WcmplFn0l # c5xvUAkgEQTtH+BPFKNqyEJKJPZL56ymTUp3X68FlewLMIIGcTCCBFmgAwIBAgIK # YQmBKgAAAAAAAjANBgkqhkiG9w0BAQsFADCBiDELMAkGA1UEBhMCVVMxEzARBgNV # BAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jv # c29mdCBDb3Jwb3JhdGlvbjEyMDAGA1UEAxMpTWljcm9zb2Z0IFJvb3QgQ2VydGlm # aWNhdGUgQXV0aG9yaXR5IDIwMTAwHhcNMTAwNzAxMjEzNjU1WhcNMjUwNzAxMjE0 # NjU1WjB8MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UE # BxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSYwJAYD # VQQDEx1NaWNyb3NvZnQgVGltZS1TdGFtcCBQQ0EgMjAxMDCCASIwDQYJKoZIhvcN # AQEBBQADggEPADCCAQoCggEBAKkdDbx3EYo6IOz8E5f1+n9plGt0VBDVpQoAgoX7 # 7XxoSyxfxcPlYcJ2tz5mK1vwFVMnBDEfQRsalR3OCROOfGEwWbEwRA/xYIiEVEMM # 1024OAizQt2TrNZzMFcmgqNFDdDq9UeBzb8kYDJYYEbyWEeGMoQedGFnkV+BVLHP # k0ySwcSmXdFhE24oxhr5hoC732H8RsEnHSRnEnIaIYqvS2SJUGKxXf13Hz3wV3Ws # vYpCTUBR0Q+cBj5nf/VmwAOWRH7v0Ev9buWayrGo8noqCjHw2k4GkbaICDXoeByw # 6ZnNPOcvRLqn9NxkvaQBwSAJk3jN/LzAyURdXhacAQVPIk0CAwEAAaOCAeYwggHi # MBAGCSsGAQQBgjcVAQQDAgEAMB0GA1UdDgQWBBTVYzpcijGQ80N7fEYbxTNoWoVt # VTAZBgkrBgEEAYI3FAIEDB4KAFMAdQBiAEMAQTALBgNVHQ8EBAMCAYYwDwYDVR0T # AQH/BAUwAwEB/zAfBgNVHSMEGDAWgBTV9lbLj+iiXGJo0T2UkFvXzpoYxDBWBgNV # HR8ETzBNMEugSaBHhkVodHRwOi8vY3JsLm1pY3Jvc29mdC5jb20vcGtpL2NybC9w # cm9kdWN0cy9NaWNSb29DZXJBdXRfMjAxMC0wNi0yMy5jcmwwWgYIKwYBBQUHAQEE # TjBMMEoGCCsGAQUFBzAChj5odHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpL2Nl # cnRzL01pY1Jvb0NlckF1dF8yMDEwLTA2LTIzLmNydDCBoAYDVR0gAQH/BIGVMIGS # MIGPBgkrBgEEAYI3LgMwgYEwPQYIKwYBBQUHAgEWMWh0dHA6Ly93d3cubWljcm9z # b2Z0LmNvbS9QS0kvZG9jcy9DUFMvZGVmYXVsdC5odG0wQAYIKwYBBQUHAgIwNB4y # IB0ATABlAGcAYQBsAF8AUABvAGwAaQBjAHkAXwBTAHQAYQB0AGUAbQBlAG4AdAAu # IB0wDQYJKoZIhvcNAQELBQADggIBAAfmiFEN4sbgmD+BcQM9naOhIW+z66bM9TG+ # zwXiqf76V20ZMLPCxWbJat/15/B4vceoniXj+bzta1RXCCtRgkQS+7lTjMz0YBKK # dsxAQEGb3FwX/1z5Xhc1mCRWS3TvQhDIr79/xn/yN31aPxzymXlKkVIArzgPF/Uv # eYFl2am1a+THzvbKegBvSzBEJCI8z+0DpZaPWSm8tv0E4XCfMkon/VWvL/625Y4z # u2JfmttXQOnxzplmkIz/amJ/3cVKC5Em4jnsGUpxY517IW3DnKOiPPp/fZZqkHim # bdLhnPkd/DjYlPTGpQqWhqS9nhquBEKDuLWAmyI4ILUl5WTs9/S/fmNZJQ96LjlX # dqJxqgaKD4kWumGnEcua2A5HmoDF0M2n0O99g/DhO3EJ3110mCIIYdqwUB5vvfHh # AN/nMQekkzr3ZUd46PioSKv33nJ+YWtvd6mBy6cJrDm77MbL2IK0cs0d9LiFAR6A # +xuJKlQ5slvayA1VmXqHczsI5pgt6o3gMy4SKfXAL1QnIffIrE7aKLixqduWsqdC # osnPGUFN4Ib5KpqjEWYw07t0MkvfY3v1mYovG8chr1m1rtxEPJdQcdeh0sVV42ne # V8HR3jDA/czmTfsNv11P6Z0eGTgvvM9YBS7vDaBQNdrvCScc1bN+NR4Iuto229Nf # j950iEkSoYICzjCCAjcCAQEwgfihgdCkgc0wgcoxCzAJBgNVBAYTAlVTMRMwEQYD # VQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24xJTAjBgNVBAsTHE1pY3Jvc29mdCBBbWVyaWNhIE9w # ZXJhdGlvbnMxJjAkBgNVBAsTHVRoYWxlcyBUU1MgRVNOOjFBOEYtRTNDMy1ENjlE # MSUwIwYDVQQDExxNaWNyb3NvZnQgVGltZS1TdGFtcCBTZXJ2aWNloiMKAQEwBwYF # Kw4DAhoDFQA2yWLDDSl8mq0I9vfNML4Rjbruo6CBgzCBgKR+MHwxCzAJBgNVBAYT # AlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYD # VQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xJjAkBgNVBAMTHU1pY3Jvc29mdCBU # aW1lLVN0YW1wIFBDQSAyMDEwMA0GCSqGSIb3DQEBBQUAAgUA4Ub6rTAiGA8yMDE5 # MTAwODIwMDgxM1oYDzIwMTkxMDA5MjAwODEzWjB3MD0GCisGAQQBhFkKBAExLzAt # MAoCBQDhRvqtAgEAMAoCAQACAiXJAgH/MAcCAQACAhGCMAoCBQDhSEwtAgEAMDYG # CisGAQQBhFkKBAIxKDAmMAwGCisGAQQBhFkKAwKgCjAIAgEAAgMHoSChCjAIAgEA # AgMBhqAwDQYJKoZIhvcNAQEFBQADgYEAiqBaT/Kcz8oWcO3d292K0wDGI9sxy43T # +KuCR/fHq3npd63LNMwyWyjdTpFpdzku+jkVkAs6/2KjRMS+DD8qPCT23O69BlJ7 # 9CSLCitrg3lruJvUv22+LfOQIc3Dk6v6hNdZjC0l9qiridmiA70N6gLiL0rrIKsa # iSWrY98ssQIxggMNMIIDCQIBATCBkzB8MQswCQYDVQQGEwJVUzETMBEGA1UECBMK # V2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0 # IENvcnBvcmF0aW9uMSYwJAYDVQQDEx1NaWNyb3NvZnQgVGltZS1TdGFtcCBQQ0Eg # MjAxMAITMwAAAPJ2DfwKMergIgAAAAAA8jANBglghkgBZQMEAgEFAKCCAUowGgYJ # KoZIhvcNAQkDMQ0GCyqGSIb3DQEJEAEEMC8GCSqGSIb3DQEJBDEiBCDl/VaUhxnZ # CBjLtpm0DdjGH8JdqZAfQCYMSRPSxvBp4TCB+gYLKoZIhvcNAQkQAi8xgeowgecw # geQwgb0EIMmv9818fBA86rzxu2PyX4/9wwrjaRRPG0kwTE8LV1JFMIGYMIGApH4w # fDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1Jl # ZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEmMCQGA1UEAxMd # TWljcm9zb2Z0IFRpbWUtU3RhbXAgUENBIDIwMTACEzMAAADydg38CjHq4CIAAAAA # APIwIgQgGgMYc0Ev5WPvCu90iNTey3nz7lZiY2j/jIRd8g6Ui8gwDQYJKoZIhvcN # AQELBQAEggEAj1Hxx2m7Oe4ikiPAcFKkzSrMLToJTgKFzL1CQWSiVpCF5ctFxwSx # VRGOkBwU42wOubZwS83pxzr5Nrvodw2eZQYZITOZzlhHArYyH0AsAWQkBwk/Vr3u # ADKMbRwMQ3rbFRkbi2SVmq0OzlDznTz9zgZVwNi5939xS3m0LLwQVKPdox5WE8o1 # 3Nq8kjSGv/iABOoeIGG87Zz9uW7BN3b7hcg952qfXYExt9Elha9p4aIC6/aqv45g # BSF061CTlvaICjJeyyaNmauCq+BJUPokZzKECTSR2XNOkDmmZ3fWjz/3NjgkRRe5 # r5F21lx+bmWawtXDve8Tn5Ysx5mv4PETIA== # SIG # End signature block |