AzureADAssessmentPortable.psm1
|
<# .SYNOPSIS Produces the Azure AD Hybrid Component data required by the Azure AD Assesment .EXAMPLE PS C:\> Invoke-AADAssessmentHybridDataCollection Collect and package assessment data to "C:\AzureADAssessment". .EXAMPLE PS C:\> Invoke-AADAssessmentHybridDataCollection -OutputDirectory "C:\Temp" Collect and package assessment data to "C:\Temp". #> function Invoke-AADAssessmentHybridDataCollection { [CmdletBinding()] param ( # Specify directory to output data. [Parameter(Mandatory = $false)] [string] $OutputDirectory = (Join-Path $env:SystemDrive 'AzureADAssessment') ) #$OutputDirectory = Join-Path $OutputDirectory "AzureADAssessment" $OutputDirectoryData = Join-Path $OutputDirectory "AzureADAssessmentData" ## ADFS Data Collection $ADFSService = Get-Service adfssrv -ErrorAction SilentlyContinue if ($ADFSService) { ## Create Output Directory $PackagePath = Join-Path $OutputDirectory "AzureADAssessmentData-ADFS-$env:COMPUTERNAME.zip" $OutputDirectoryADFS = Join-Path $OutputDirectoryData 'ADFS' if (!(Test-Path $OutputDirectoryADFS)) { New-Item $OutputDirectoryADFS -ItemType Container -ErrorAction Stop } ## Get ADFS Properties Get-AdfsProperties | Out-File (Join-Path $OutputDirectoryADFS 'ADFSProperties.txt') Get-AdfsProperties | ConvertTo-Json | Set-Content (Join-Path $OutputDirectoryADFS 'ADFSProperties.json') ## Get ADFS Endpoints Get-AADAssessADFSEndpoints | Export-Csv -Path (Join-Path $OutputDirectoryADFS 'ADFSEnabledEndpoints.csv') -NoTypeInformation:$false ## Get ADFS Configuration Export-AADAssessADFSConfiguration -OutputDirectory $OutputDirectoryADFS ## Event Data Export-AADAssessADFSAdminLog -OutputDirectory $OutputDirectoryADFS -DaysToRetrieve 15 ## Package Output if ($PSVersionTable.PSVersion -ge [version]'5.0') { Compress-Archive (Join-Path $OutputDirectoryADFS '\*') -DestinationPath $PackagePath -Force -ErrorAction Stop } else { Add-Type -AssemblyName "System.IO.Compression.FileSystem" [System.IO.Compression.ZipFile]::CreateFromDirectory($OutputDirectoryADFS, $PackagePath) } ## Clean-Up Data Files Remove-Item $OutputDirectoryADFS -Recurse -Force } ## Azure AD Connect Data Collection $AADCService = Get-Service ADSync -ErrorAction SilentlyContinue if ($AADCService) { ## Create Output Directory $PackagePath = Join-Path $OutputDirectory "AzureADAssessmentData-AADC-$env:COMPUTERNAME.zip" $OutputDirectoryAADC = Join-Path $OutputDirectoryData 'AADC' if (!(Test-Path $OutputDirectoryAADC)) { New-Item $OutputDirectoryAADC -ItemType Container -ErrorAction Stop } ## AAD Connect Configuration Remove-Item (Join-Path $OutputDirectoryAADC 'AzureADConnectSyncConfig') -Recurse -Force -ErrorAction SilentlyContinue Get-ADSyncServerConfiguration -Path (Join-Path $OutputDirectoryAADC 'AzureADConnectSyncConfig') ## Event Data Get-AADAssessPasswordWritebackAgentLog -DaysToRetrieve 7 | Export-Csv -Path (Join-Path $OutputDirectoryAADC "AADPasswriteback-$env:COMPUTERNAME.csv") -NoTypeInformation:$false ## Package Output if ($PSVersionTable.PSVersion -ge [version]'5.0') { Compress-Archive (Join-Path $OutputDirectoryAADC '\*') -DestinationPath $PackagePath -Force -ErrorAction Stop } else { Add-Type -AssemblyName "System.IO.Compression.FileSystem" [System.IO.Compression.ZipFile]::CreateFromDirectory($OutputDirectoryAADC, $PackagePath) } ## Clean-Up Data Files Remove-Item $OutputDirectoryAADC -Recurse -Force } ## Azure AD App Proxy Connector Data Collection $AADAPService = Get-Service WAPCSvc -ErrorAction SilentlyContinue if ($AADAPService) { ## Create Output Directory $PackagePath = Join-Path $OutputDirectory "AzureADAssessmentData-AADAP-$env:COMPUTERNAME.zip" $OutputDirectoryAADAP = Join-Path $OutputDirectoryData 'AADAP' if (!(Test-Path $OutputDirectoryAADAP)) { New-Item $OutputDirectoryAADAP -ItemType Container -ErrorAction Stop } ## Event Data Get-AADAssessAppProxyConnectorLog -DaysToRetrieve 7 | Export-Csv -Path (Join-Path $OutputDirectoryAADAP "AzureADAppProxyConnectorLog-$env:COMPUTERNAME.csv") -NoTypeInformation:$false ## Package Output if ($PSVersionTable.PSVersion -ge [version]'5.0') { Compress-Archive (Join-Path $OutputDirectoryAADAP '\*') -DestinationPath $PackagePath -Force -ErrorAction Stop } else { Add-Type -AssemblyName "System.IO.Compression.FileSystem" [System.IO.Compression.ZipFile]::CreateFromDirectory($OutputDirectoryAADAP, $PackagePath) } ## Clean-Up Data Files Remove-Item $OutputDirectoryAADAP -Recurse -Force } } <# .SYNOPSIS Exports the configuration of Relying Party Trusts and Claims Provider Trusts .DESCRIPTION Creates and zips a set of files that hold the configuration of AD FS claim providers and relying parties. The output files are created under a directory called "ADFS" in the system drive. .EXAMPLE PS C:\> Export-AADAssessADFSConfiguration "C:\AzureADAssessment" Export ADFS configuration to "C:\AzureADAssessment". #> function Export-AADAssessADFSConfiguration { [CmdletBinding()] param ( # Specify directory to output data. [Parameter(Mandatory = $true)] [string] $OutputDirectory ) $filePathBase = Join-Path $OutputDirectory 'apps' #$zipfileBase = Join-Path $OutputDirectory 'zip' #$zipfileName = Join-Path $zipfileBase "ADFSApps.zip" mkdir $filePathBase -ErrorAction SilentlyContinue #mkdir $zipfileBase -ErrorAction SilentlyContinue $AdfsRelyingPartyTrusts = Get-AdfsRelyingPartyTrust foreach ($AdfsRelyingPartyTrust in $AdfsRelyingPartyTrusts) { $RPfileName = $AdfsRelyingPartyTrust.Name.ToString() $CleanedRPFileName = Remove-InvalidFileNameCharacters $RPfileName $RPName = "RPT - " + $CleanedRPFileName $filePath = Join-Path $filePathBase ($RPName + '.xml') $AdfsRelyingPartyTrust | Export-Clixml -LiteralPath $filePath -ErrorAction SilentlyContinue } $AdfsClaimsProviderTrusts = Get-AdfsClaimsProviderTrust foreach ($AdfsClaimsProviderTrust in $AdfsClaimsProviderTrusts) { $CPfileName = $AdfsClaimsProviderTrust.Name.ToString() $CleanedCPFileName = Remove-InvalidFileNameCharacters $CPfileName $CPTName = "CPT - " + $CleanedCPFileName $filePath = Join-Path $filePathBase ($CPTName + '.xml') $AdfsClaimsProviderTrust | Export-Clixml -LiteralPath $filePath -ErrorAction SilentlyContinue } #If (Test-Path $zipfileName) { # Remove-Item $zipfileName #} #Add-Type -assembly "system.io.compression.filesystem" #[io.compression.zipfile]::CreateFromDirectory($filePathBase, $zipfileName) # try { # Invoke-Item $zipfileBase -ErrorAction SilentlyContinue # } # catch {} } <# .SYNOPSIS Gets the list of all enabled endpoints in ADFS .DESCRIPTION Gets the list of all enabled endpoints in ADFS .EXAMPLE PS C:\> Get-AADAssessADFSEndpoints | Export-Csv -Path ".\ADFSEnabledEndpoints.csv" Export ADFS enabled endpoints to CSV. #> function Get-AADAssessADFSEndpoints { Get-AdfsEndpoint | Where-Object { $_.Enabled -eq "True" } } <# .SYNOPSIS Gets the AD FS Admin Log .DESCRIPTION This function exports the events from the AD FS Admin log .EXAMPLE PS C:\> Export-AADAssessADFSAdminLog -DaysToRetrieve 7 Get the last seven days of logs. #> function Export-AADAssessADFSAdminLog { [CmdletBinding()] param ( # Specify directory to output data. [Parameter(Mandatory = $true)] [string] $OutputDirectory, # Specify how far back in the past will the events be retrieved [Parameter(Mandatory = $true)] [int] $DaysToRetrieve ) $TimeSpan = New-TimeSpan -Day $DaysToRetrieve $XPathQuery = '*[System[TimeCreated[timediff(@SystemTime) <= {0}]]]' -f $TimeSpan.TotalMilliseconds #Get-WinEvent -FilterXPath $XPathQuery #Get-WinEvent -FilterHashtable @{ LogName = 'AD FS/Admin'; StartTime = ((Get-Date) - $TimeSpan) } Export-EventLog -Path (Join-Path $OutputDirectory "ADFS-$env:COMPUTERNAME.evtx") -LogName 'AD FS/Admin' -Query $XPathQuery -Overwrite } <# .SYNOPSIS Gets Azure AD Application Proxy Connector Logs .DESCRIPTION This functions returns the events from the Azure AD Application Proxy Connector Admin Log .EXAMPLE PS C:\> $targetGalleryApp = "GalleryAppName" PS C:\> $targetGroup = Get-AzureADGroup -SearchString "TestGroupName" PS C:\> $targetAzureADRole = "TestRoleName" PS C:\> $targetADFSRPId = "ADFSRPIdentifier" PS C:\> $RP=Get-AdfsRelyingPartyTrust -Identifier $targetADFSRPId PS C:\> $galleryApp = Get-AzureADApplicationTemplate -DisplayNameFilter $targetGalleryApp PS C:\> $RP=Get-AdfsRelyingPartyTrust -Identifier $targetADFSRPId PS C:\> New-AzureADAppFromADFSRPTrust ` -AzureADAppTemplateId $galleryApp.id ` -ADFSRelyingPartyTrust $RP ` -TestGroupAssignmentObjectId $targetGroup.ObjectId ` -TestGroupAssignmentRoleName $targetAzureADRole #> function Get-AADAssessAppProxyConnectorLog { [CmdletBinding()] param ( # Indicates how far back in the past will the events be retrieved [Parameter(Mandatory = $true)] [int] $DaysToRetrieve ) $TimeFilter = $DaysToRetrieve * 86400000 $EventFilterXml = '<QueryList><Query Id="0" Path="Microsoft-AadApplicationProxy-Connector/Admin"><Select Path="Microsoft-AadApplicationProxy-Connector/Admin">*[System[TimeCreated[timediff(@SystemTime) <= {0}]]]</Select></Query></QueryList>' -f $TimeFilter Get-WinEvent -FilterXml $EventFilterXml } <# .SYNOPSIS Gets the Azure AD Password Writeback Agent Log .DESCRIPTION This functions returns the events from the Azure AD Password Write Bag source from the application Log .EXAMPLE PS C:\> Get-AADAssessPasswordWritebackAgentLog -DaysToRetrieve 7 | Export-Csv -Path ".\AzureADAppProxyLogs-$env:ComputerName.csv" Get the last seven days of logs and saves them on a CSV file #> function Get-AADAssessPasswordWritebackAgentLog { [CmdletBinding()] param ( # Indicates how far back in the past will the events be retrieved [Parameter(Mandatory = $true)] [int] $DaysToRetrieve ) $TimeFilter = $DaysToRetrieve * 86400000 $EventFilterXml = "<QueryList><Query Id='0' Path='Application'><Select Path='Application'>*[System[Provider[@Name='PasswordResetService'] and TimeCreated[timediff(@SystemTime) <= {0}]]]</Select></Query></QueryList>" -f $TimeFilter Get-WinEvent -FilterXml $EventFilterXml } ### ================== ### Helper Functions ### ================== <# .SYNOPSIS Decompose characters to their base character equivilents and remove diacritics. .DESCRIPTION .EXAMPLE PS C:\>Remove-Diacritics 'àáâãäåÀÁÂÃÄÅfi⁵ẛ' Decompose characters to their base character equivilents and remove diacritics. .EXAMPLE PS C:\>Remove-Diacritics 'àáâãäåÀÁÂÃÄÅfi⁵ẛ' -CompatibilityDecomposition Decompose composite characters to their base character equivilents and remove diacritics. .INPUTS System.String .LINK https://github.com/jasoth/Utility.PS #> function Remove-Diacritics { [CmdletBinding()] param ( # String value to transform. [Parameter(Mandatory = $true, Position = 0, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] [AllowEmptyString()] [string[]] $InputStrings, # Use compatibility decomposition instead of canonical decomposition which further decomposes composite characters and many formatting distinctions are removed. [Parameter(Mandatory = $false, ValueFromPipelineByPropertyName = $true)] [switch] $CompatibilityDecomposition ) process { [System.Text.NormalizationForm] $NormalizationForm = [System.Text.NormalizationForm]::FormD if ($CompatibilityDecomposition) { $NormalizationForm = [System.Text.NormalizationForm]::FormKD } foreach ($InputString in $InputStrings) { $NormalizedString = $InputString.Normalize($NormalizationForm) $OutputString = New-Object System.Text.StringBuilder foreach ($char in $NormalizedString.ToCharArray()) { if ([Globalization.CharUnicodeInfo]::GetUnicodeCategory($char) -ne [Globalization.UnicodeCategory]::NonSpacingMark) { [void] $OutputString.Append($char) } } Write-Output $OutputString.ToString() } } } <# .SYNOPSIS Remove invalid filename characters from string. .DESCRIPTION .EXAMPLE PS C:\>Remove-InvalidFileNameCharacters 'à/1\b?2|ć*3<đ>4 ē' Remove invalid filename characters from string. .EXAMPLE PS C:\>Remove-InvalidFileNameCharacters 'à/1\b?2|ć*3<đ>4 ē' -RemoveDiacritics Remove invalid filename characters and diacritics from string. .INPUTS System.String .LINK https://github.com/jasoth/Utility.PS #> function Remove-InvalidFileNameCharacters { [CmdletBinding()] param ( # String value to transform. [Parameter(Mandatory = $true, Position = 0, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] [AllowEmptyString()] [string[]] $InputStrings, # Character used as replacement for invalid characters. Use '' to simply remove. [Parameter(Mandatory = $false)] [string] $ReplacementCharacter = '-', # Replace characters with diacritics to their non-diacritic equivilent. [Parameter(Mandatory = $false)] [switch] $RemoveDiacritics ) process { foreach ($InputString in $InputStrings) { [string] $OutputString = $InputString if ($RemoveDiacritics) { $OutputString = Remove-Diacritics $OutputString -CompatibilityDecomposition } $OutputString = [regex]::Replace($OutputString, ('[{0}]' -f [regex]::Escape([System.IO.Path]::GetInvalidFileNameChars() -join '')), $ReplacementCharacter) Write-Output $OutputString } } } <# .SYNOPSIS Exports events from an event log. .DESCRIPTION .EXAMPLE PS C:\>Export-EventLog 'C:\ADFS-Admin.evtx' -LogName 'AD FS/Admin' Export all logs from "AD FS/Admin" event log. .INPUTS System.String #> function Export-EventLog { [CmdletBinding()] param ( # Path to the file where the exported events will be stored [Parameter(Mandatory = $true)] [string] $Path, # Name of log [Parameter(Mandatory = $true)] [string] $LogName, # Defines the XPath query to filter the events that are read or exported. [Parameter(Mandatory = $false)] [Alias('q')] [string] $Query, # Specifies that the export file should be overwritten. [Parameter(Mandatory = $false)] [Alias('ow')] [switch] $Overwrite ) $argsWevtutil = New-Object 'System.Collections.Generic.List[System.String]' $argsWevtutil.Add('export-log') $argsWevtutil.Add($LogName) $argsWevtutil.Add($Path) if ($Query) { $argsWevtutil.Add(('/q:"{0}"' -f $Query)) } if ($PSBoundParameters.ContainsKey('Overwrite')) { $argsWevtutil.Add(('/ow:{0}' -f $Overwrite)) } wevtutil $argsWevtutil.ToArray() } Export-ModuleMember Invoke-AADAssessmentHybridDataCollection Export-ModuleMember Export-AADAssessADFSConfiguration Export-ModuleMember Get-AADAssessADFSEndpoints Export-ModuleMember Export-AADAssessADFSAdminLog Export-ModuleMember Get-AADAssessAppProxyConnectorLog Export-ModuleMember Get-AADAssessPasswordWritebackAgentLog # SIG # Begin signature block # MIInrQYJKoZIhvcNAQcCoIInnjCCJ5oCAQExDzANBglghkgBZQMEAgEFADB5Bgor # BgEEAYI3AgEEoGswaTA0BgorBgEEAYI3AgEeMCYCAwEAAAQQH8w7YFlLCE63JNLG # KX7zUQIBAAIBAAIBAAIBAAIBADAxMA0GCWCGSAFlAwQCAQUABCCVLWfcvJrlJGJe # EuI3g5WmKXJ05ukp7mlS1huF08NSK6CCDYEwggX/MIID56ADAgECAhMzAAACzI61 # lqa90clOAAAAAALMMA0GCSqGSIb3DQEBCwUAMH4xCzAJBgNVBAYTAlVTMRMwEQYD # VQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMTH01pY3Jvc29mdCBDb2RlIFNpZ25p # bmcgUENBIDIwMTEwHhcNMjIwNTEyMjA0NjAxWhcNMjMwNTExMjA0NjAxWjB0MQsw # CQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9u # ZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMR4wHAYDVQQDExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB # AQCiTbHs68bADvNud97NzcdP0zh0mRr4VpDv68KobjQFybVAuVgiINf9aG2zQtWK # No6+2X2Ix65KGcBXuZyEi0oBUAAGnIe5O5q/Y0Ij0WwDyMWaVad2Te4r1Eic3HWH # UfiiNjF0ETHKg3qa7DCyUqwsR9q5SaXuHlYCwM+m59Nl3jKnYnKLLfzhl13wImV9 # DF8N76ANkRyK6BYoc9I6hHF2MCTQYWbQ4fXgzKhgzj4zeabWgfu+ZJCiFLkogvc0 # RVb0x3DtyxMbl/3e45Eu+sn/x6EVwbJZVvtQYcmdGF1yAYht+JnNmWwAxL8MgHMz # xEcoY1Q1JtstiY3+u3ulGMvhAgMBAAGjggF+MIIBejAfBgNVHSUEGDAWBgorBgEE # AYI3TAgBBggrBgEFBQcDAzAdBgNVHQ4EFgQUiLhHjTKWzIqVIp+sM2rOHH11rfQw # UAYDVR0RBEkwR6RFMEMxKTAnBgNVBAsTIE1pY3Jvc29mdCBPcGVyYXRpb25zIFB1 # ZXJ0byBSaWNvMRYwFAYDVQQFEw0yMzAwMTIrNDcwNTI5MB8GA1UdIwQYMBaAFEhu # ZOVQBdOCqhc3NyK1bajKdQKVMFQGA1UdHwRNMEswSaBHoEWGQ2h0dHA6Ly93d3cu # bWljcm9zb2Z0LmNvbS9wa2lvcHMvY3JsL01pY0NvZFNpZ1BDQTIwMTFfMjAxMS0w # Ny0wOC5jcmwwYQYIKwYBBQUHAQEEVTBTMFEGCCsGAQUFBzAChkVodHRwOi8vd3d3 # Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2NlcnRzL01pY0NvZFNpZ1BDQTIwMTFfMjAx # MS0wNy0wOC5jcnQwDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQsFAAOCAgEAeA8D # sOAHS53MTIHYu8bbXrO6yQtRD6JfyMWeXaLu3Nc8PDnFc1efYq/F3MGx/aiwNbcs # J2MU7BKNWTP5JQVBA2GNIeR3mScXqnOsv1XqXPvZeISDVWLaBQzceItdIwgo6B13 # vxlkkSYMvB0Dr3Yw7/W9U4Wk5K/RDOnIGvmKqKi3AwyxlV1mpefy729FKaWT7edB # d3I4+hldMY8sdfDPjWRtJzjMjXZs41OUOwtHccPazjjC7KndzvZHx/0VWL8n0NT/ # 404vftnXKifMZkS4p2sB3oK+6kCcsyWsgS/3eYGw1Fe4MOnin1RhgrW1rHPODJTG # AUOmW4wc3Q6KKr2zve7sMDZe9tfylonPwhk971rX8qGw6LkrGFv31IJeJSe/aUbG # dUDPkbrABbVvPElgoj5eP3REqx5jdfkQw7tOdWkhn0jDUh2uQen9Atj3RkJyHuR0 # GUsJVMWFJdkIO/gFwzoOGlHNsmxvpANV86/1qgb1oZXdrURpzJp53MsDaBY/pxOc # J0Cvg6uWs3kQWgKk5aBzvsX95BzdItHTpVMtVPW4q41XEvbFmUP1n6oL5rdNdrTM # j/HXMRk1KCksax1Vxo3qv+13cCsZAaQNaIAvt5LvkshZkDZIP//0Hnq7NnWeYR3z # 4oFiw9N2n3bb9baQWuWPswG0Dq9YT9kb+Cs4qIIwggd6MIIFYqADAgECAgphDpDS # AAAAAAADMA0GCSqGSIb3DQEBCwUAMIGIMQswCQYDVQQGEwJVUzETMBEGA1UECBMK # V2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0 # IENvcnBvcmF0aW9uMTIwMAYDVQQDEylNaWNyb3NvZnQgUm9vdCBDZXJ0aWZpY2F0 # ZSBBdXRob3JpdHkgMjAxMTAeFw0xMTA3MDgyMDU5MDlaFw0yNjA3MDgyMTA5MDla # MH4xCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdS # ZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMT # H01pY3Jvc29mdCBDb2RlIFNpZ25pbmcgUENBIDIwMTEwggIiMA0GCSqGSIb3DQEB # AQUAA4ICDwAwggIKAoICAQCr8PpyEBwurdhuqoIQTTS68rZYIZ9CGypr6VpQqrgG # OBoESbp/wwwe3TdrxhLYC/A4wpkGsMg51QEUMULTiQ15ZId+lGAkbK+eSZzpaF7S # 35tTsgosw6/ZqSuuegmv15ZZymAaBelmdugyUiYSL+erCFDPs0S3XdjELgN1q2jz # y23zOlyhFvRGuuA4ZKxuZDV4pqBjDy3TQJP4494HDdVceaVJKecNvqATd76UPe/7 # 4ytaEB9NViiienLgEjq3SV7Y7e1DkYPZe7J7hhvZPrGMXeiJT4Qa8qEvWeSQOy2u # M1jFtz7+MtOzAz2xsq+SOH7SnYAs9U5WkSE1JcM5bmR/U7qcD60ZI4TL9LoDho33 # X/DQUr+MlIe8wCF0JV8YKLbMJyg4JZg5SjbPfLGSrhwjp6lm7GEfauEoSZ1fiOIl # XdMhSz5SxLVXPyQD8NF6Wy/VI+NwXQ9RRnez+ADhvKwCgl/bwBWzvRvUVUvnOaEP # 6SNJvBi4RHxF5MHDcnrgcuck379GmcXvwhxX24ON7E1JMKerjt/sW5+v/N2wZuLB # l4F77dbtS+dJKacTKKanfWeA5opieF+yL4TXV5xcv3coKPHtbcMojyyPQDdPweGF # RInECUzF1KVDL3SV9274eCBYLBNdYJWaPk8zhNqwiBfenk70lrC8RqBsmNLg1oiM # CwIDAQABo4IB7TCCAekwEAYJKwYBBAGCNxUBBAMCAQAwHQYDVR0OBBYEFEhuZOVQ # BdOCqhc3NyK1bajKdQKVMBkGCSsGAQQBgjcUAgQMHgoAUwB1AGIAQwBBMAsGA1Ud # DwQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFHItOgIxkEO5FAVO # 4eqnxzHRI4k0MFoGA1UdHwRTMFEwT6BNoEuGSWh0dHA6Ly9jcmwubWljcm9zb2Z0 # LmNvbS9wa2kvY3JsL3Byb2R1Y3RzL01pY1Jvb0NlckF1dDIwMTFfMjAxMV8wM18y # Mi5jcmwwXgYIKwYBBQUHAQEEUjBQME4GCCsGAQUFBzAChkJodHRwOi8vd3d3Lm1p # Y3Jvc29mdC5jb20vcGtpL2NlcnRzL01pY1Jvb0NlckF1dDIwMTFfMjAxMV8wM18y # Mi5jcnQwgZ8GA1UdIASBlzCBlDCBkQYJKwYBBAGCNy4DMIGDMD8GCCsGAQUFBwIB # FjNodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2RvY3MvcHJpbWFyeWNw # cy5odG0wQAYIKwYBBQUHAgIwNB4yIB0ATABlAGcAYQBsAF8AcABvAGwAaQBjAHkA # XwBzAHQAYQB0AGUAbQBlAG4AdAAuIB0wDQYJKoZIhvcNAQELBQADggIBAGfyhqWY # 4FR5Gi7T2HRnIpsLlhHhY5KZQpZ90nkMkMFlXy4sPvjDctFtg/6+P+gKyju/R6mj # 82nbY78iNaWXXWWEkH2LRlBV2AySfNIaSxzzPEKLUtCw/WvjPgcuKZvmPRul1LUd # d5Q54ulkyUQ9eHoj8xN9ppB0g430yyYCRirCihC7pKkFDJvtaPpoLpWgKj8qa1hJ # Yx8JaW5amJbkg/TAj/NGK978O9C9Ne9uJa7lryft0N3zDq+ZKJeYTQ49C/IIidYf # wzIY4vDFLc5bnrRJOQrGCsLGra7lstnbFYhRRVg4MnEnGn+x9Cf43iw6IGmYslmJ # aG5vp7d0w0AFBqYBKig+gj8TTWYLwLNN9eGPfxxvFX1Fp3blQCplo8NdUmKGwx1j # NpeG39rz+PIWoZon4c2ll9DuXWNB41sHnIc+BncG0QaxdR8UvmFhtfDcxhsEvt9B # xw4o7t5lL+yX9qFcltgA1qFGvVnzl6UJS0gQmYAf0AApxbGbpT9Fdx41xtKiop96 # eiL6SJUfq/tHI4D1nvi/a7dLl+LrdXga7Oo3mXkYS//WsyNodeav+vyL6wuA6mk7 # r/ww7QRMjt/fdW1jkT3RnVZOT7+AVyKheBEyIXrvQQqxP/uozKRdwaGIm1dxVk5I # RcBCyZt2WwqASGv9eZ/BvW1taslScxMNelDNMYIZgjCCGX4CAQEwgZUwfjELMAkG # A1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQx # HjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEoMCYGA1UEAxMfTWljcm9z # b2Z0IENvZGUgU2lnbmluZyBQQ0EgMjAxMQITMwAAAsyOtZamvdHJTgAAAAACzDAN # BglghkgBZQMEAgEFAKCBrjAZBgkqhkiG9w0BCQMxDAYKKwYBBAGCNwIBBDAcBgor # BgEEAYI3AgELMQ4wDAYKKwYBBAGCNwIBFTAvBgkqhkiG9w0BCQQxIgQgGd5eDIIi # aytMVhcpFrkRNO7R47jo6GA4xbWaAllTPwcwQgYKKwYBBAGCNwIBDDE0MDKgFIAS # AE0AaQBjAHIAbwBzAG8AZgB0oRqAGGh0dHA6Ly93d3cubWljcm9zb2Z0LmNvbTAN # BgkqhkiG9w0BAQEFAASCAQBk+jUocB3+lEahnXosBn/d4AsxTUR9fMoueL2+dZ70 # 02JvQKR1khx/QiUQZ2Xlc0hpn2tKebfDa5QkbT3Glbyk8MTU1fKgWpdTLYxZOcGl # Mxe79jnFTLUx59RtpqlmKe5LttPxQ+DD3hvojjxj5Fe9G/YYFxDtk6xei3zJ8Ip2 # c3Se5CjyH5A1w4uSqPX+w8k23466sPvQx5o/iSWRvlEhIU7S8m57ntjwY90QymLP # KzkWJvil61BG4XYO9hgyQ6XcCcw/qa73caubQXs7fFBpZsHTVqDngMrMGLFC80kB # bkSnNxKVKIEh53q7/sfVaVecqEgZ/HSztZGQHtqd0d6DoYIXDDCCFwgGCisGAQQB # gjcDAwExghb4MIIW9AYJKoZIhvcNAQcCoIIW5TCCFuECAQMxDzANBglghkgBZQME # AgEFADCCAVUGCyqGSIb3DQEJEAEEoIIBRASCAUAwggE8AgEBBgorBgEEAYRZCgMB # MDEwDQYJYIZIAWUDBAIBBQAEIOyoIHddU3CjoroZo3pi9mOaWRzvl+zRqQcl6hXQ # jZg0AgZjTqiy494YEzIwMjIxMDI3MjE0NTA2Ljc2NVowBIACAfSggdSkgdEwgc4x # CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRt # b25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xKTAnBgNVBAsTIE1p # Y3Jvc29mdCBPcGVyYXRpb25zIFB1ZXJ0byBSaWNvMSYwJAYDVQQLEx1UaGFsZXMg # VFNTIEVTTjpGN0E2LUUyNTEtMTUwQTElMCMGA1UEAxMcTWljcm9zb2Z0IFRpbWUt # U3RhbXAgU2VydmljZaCCEV8wggcQMIIE+KADAgECAhMzAAABpQDeCMRAB3FOAAEA # AAGlMA0GCSqGSIb3DQEBCwUAMHwxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNo # aW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29y # cG9yYXRpb24xJjAkBgNVBAMTHU1pY3Jvc29mdCBUaW1lLVN0YW1wIFBDQSAyMDEw # MB4XDTIyMDMwMjE4NTExOVoXDTIzMDUxMTE4NTExOVowgc4xCzAJBgNVBAYTAlVT # MRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQK # ExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xKTAnBgNVBAsTIE1pY3Jvc29mdCBPcGVy # YXRpb25zIFB1ZXJ0byBSaWNvMSYwJAYDVQQLEx1UaGFsZXMgVFNTIEVTTjpGN0E2 # LUUyNTEtMTUwQTElMCMGA1UEAxMcTWljcm9zb2Z0IFRpbWUtU3RhbXAgU2Vydmlj # ZTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALqxhuggaki8wuoOMMd7 # rsEQnmAhtV8iU1Y0itsHq30TdCXJDmvZjaZ8yvOHYFVhTyD1b5JGJtwZjWz1fglC # qsx5qBxP1Wx1CZnsQ1tiRsRWQc12VkETmkY8x46MgHsGyAmhPPpsgRnklGai7HqQ # FB31x/Qjkx7rbAlr6PblB4tOmaR1nKxl4VIgstDwfneKaoEEw4iN/xTdztZjwyGi # Y5hNp6beetkcizgJFO3/yRHYh0gtk+bREhrmIgbarrrgbz7MsnA7tlKvGcO9iHc6 # +2symrAVy3CzQ4IMNPFcTTx8wTZ+kpv6lFs1eG8xlfsu2NDWKshrMlKH2JpYzWAW # 1fCOD5irXsE4LOvixZQvbneQE6+iGfIQwabj+fRdouAU2AiE+iaNsIDapdKab8WL # xz6VPRbEL+M6MFkcsoiuKHHoshCp7JhmZ9iM0yrEx2XebOha/XQ342KsRGs2h02g # pX6wByyT8eD3MJVIxSRm4MLIilvWcpd9N3rooawbLU6gdk7goKWS69+w2jtouXCE # Yt6IPfZq8ldi0L/CwYbtv7mbHmIZ9Oc0JEJc6b9gcVDfoPiemMKcz15BLepyx7np # Q2MiDKIscOqKhXuZI+PZerNOHhi/vsy2/Fj9lB6kJrMYSfV0F2frvBSBXMB7xjv8 # pgqX5QXUe8nTxb4UfJ0cDAvBAgMBAAGjggE2MIIBMjAdBgNVHQ4EFgQUX6aPAwCX # rq6tcO773FkXS2ipGt8wHwYDVR0jBBgwFoAUn6cVXQBeYl2D9OXSZacbUzUZ6XIw # XwYDVR0fBFgwVjBUoFKgUIZOaHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraW9w # cy9jcmwvTWljcm9zb2Z0JTIwVGltZS1TdGFtcCUyMFBDQSUyMDIwMTAoMSkuY3Js # MGwGCCsGAQUFBwEBBGAwXjBcBggrBgEFBQcwAoZQaHR0cDovL3d3dy5taWNyb3Nv # ZnQuY29tL3BraW9wcy9jZXJ0cy9NaWNyb3NvZnQlMjBUaW1lLVN0YW1wJTIwUENB # JTIwMjAxMCgxKS5jcnQwDAYDVR0TAQH/BAIwADATBgNVHSUEDDAKBggrBgEFBQcD # CDANBgkqhkiG9w0BAQsFAAOCAgEAlpsLF+UwMKKER2p0WJno4G6GGGnfg3qjDdaH # c5uvXYtG6KmHrqAf/YqHkmNotSr6ZEEnlGCJYR7W3uJ+5bpvj03wFqGefvQsKIR2 # +q6TrzozvP4NsodWTT5SVp/C6TEDGuLC9mOQKA4tyL40HTW7txb0cAdfgnyHFoI/ # BsZo/FaXezQ8hO4xUjhDpyNNeJ6WYvX5NC+Hv9nmTyzjqyEg/L2cXAOmxEWvfPAQ # 1lfxvrtUwG75jGeUaewkhwtzanCnP3l6YjwJFKB6n7/TXtrfik1xY1kgev1JwQ5a # UdPxwSdDmGE4XTN2s6pPOi8IO199Of6AEvh41eDxRz+11VUcpuGn7tJUeSTUSHsv # zQ8ECOj5w77Mv55/F8hWu07egnG8SrWj5+TFxNPCpx/AFNvzz+odTRTZd4LWuomc # MHUmLFiUGOAdetF6SofHG5EcFn0DTD1apBZzCP8xsGQcZgwVqo7ov23/uIJlMCLA # yTYZV9ITCP09ciUJbKBVCQNrGEnQ/XLFO9mysyyDRrvHhU5uGPdXz4Jt2/ZN7JQY # RuVNSuCpNwoK0Jr1s6ciDvHEeLyiczxoIe9GH3SyfbHx6v/phI+iE3DWo1TCK75E # L6pt6k5i36/kn2uSVXdTH44ZVkh3/ihV3vEws78uGlvsiMcrKBgpo3HdcjDHiHoW # sUf4GIwwggdxMIIFWaADAgECAhMzAAAAFcXna54Cm0mZAAAAAAAVMA0GCSqGSIb3 # DQEBCwUAMIGIMQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4G # A1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMTIw # MAYDVQQDEylNaWNyb3NvZnQgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgMjAx # MDAeFw0yMTA5MzAxODIyMjVaFw0zMDA5MzAxODMyMjVaMHwxCzAJBgNVBAYTAlVT # MRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQK # ExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xJjAkBgNVBAMTHU1pY3Jvc29mdCBUaW1l # LVN0YW1wIFBDQSAyMDEwMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA # 5OGmTOe0ciELeaLL1yR5vQ7VgtP97pwHB9KpbE51yMo1V/YBf2xK4OK9uT4XYDP/ # XE/HZveVU3Fa4n5KWv64NmeFRiMMtY0Tz3cywBAY6GB9alKDRLemjkZrBxTzxXb1 # hlDcwUTIcVxRMTegCjhuje3XD9gmU3w5YQJ6xKr9cmmvHaus9ja+NSZk2pg7uhp7 # M62AW36MEBydUv626GIl3GoPz130/o5Tz9bshVZN7928jaTjkY+yOSxRnOlwaQ3K # Ni1wjjHINSi947SHJMPgyY9+tVSP3PoFVZhtaDuaRr3tpK56KTesy+uDRedGbsoy # 1cCGMFxPLOJiss254o2I5JasAUq7vnGpF1tnYN74kpEeHT39IM9zfUGaRnXNxF80 # 3RKJ1v2lIH1+/NmeRd+2ci/bfV+AutuqfjbsNkz2K26oElHovwUDo9Fzpk03dJQc # NIIP8BDyt0cY7afomXw/TNuvXsLz1dhzPUNOwTM5TI4CvEJoLhDqhFFG4tG9ahha # YQFzymeiXtcodgLiMxhy16cg8ML6EgrXY28MyTZki1ugpoMhXV8wdJGUlNi5UPkL # iWHzNgY1GIRH29wb0f2y1BzFa/ZcUlFdEtsluq9QBXpsxREdcu+N+VLEhReTwDwV # 2xo3xwgVGD94q0W29R6HXtqPnhZyacaue7e3PmriLq0CAwEAAaOCAd0wggHZMBIG # CSsGAQQBgjcVAQQFAgMBAAEwIwYJKwYBBAGCNxUCBBYEFCqnUv5kxJq+gpE8RjUp # zxD/LwTuMB0GA1UdDgQWBBSfpxVdAF5iXYP05dJlpxtTNRnpcjBcBgNVHSAEVTBT # MFEGDCsGAQQBgjdMg30BATBBMD8GCCsGAQUFBwIBFjNodHRwOi8vd3d3Lm1pY3Jv # c29mdC5jb20vcGtpb3BzL0RvY3MvUmVwb3NpdG9yeS5odG0wEwYDVR0lBAwwCgYI # KwYBBQUHAwgwGQYJKwYBBAGCNxQCBAweCgBTAHUAYgBDAEEwCwYDVR0PBAQDAgGG # MA8GA1UdEwEB/wQFMAMBAf8wHwYDVR0jBBgwFoAU1fZWy4/oolxiaNE9lJBb186a # GMQwVgYDVR0fBE8wTTBLoEmgR4ZFaHR0cDovL2NybC5taWNyb3NvZnQuY29tL3Br # aS9jcmwvcHJvZHVjdHMvTWljUm9vQ2VyQXV0XzIwMTAtMDYtMjMuY3JsMFoGCCsG # AQUFBwEBBE4wTDBKBggrBgEFBQcwAoY+aHR0cDovL3d3dy5taWNyb3NvZnQuY29t # L3BraS9jZXJ0cy9NaWNSb29DZXJBdXRfMjAxMC0wNi0yMy5jcnQwDQYJKoZIhvcN # AQELBQADggIBAJ1VffwqreEsH2cBMSRb4Z5yS/ypb+pcFLY+TkdkeLEGk5c9MTO1 # OdfCcTY/2mRsfNB1OW27DzHkwo/7bNGhlBgi7ulmZzpTTd2YurYeeNg2LpypglYA # A7AFvonoaeC6Ce5732pvvinLbtg/SHUB2RjebYIM9W0jVOR4U3UkV7ndn/OOPcbz # aN9l9qRWqveVtihVJ9AkvUCgvxm2EhIRXT0n4ECWOKz3+SmJw7wXsFSFQrP8DJ6L # GYnn8AtqgcKBGUIZUnWKNsIdw2FzLixre24/LAl4FOmRsqlb30mjdAy87JGA0j3m # Sj5mO0+7hvoyGtmW9I/2kQH2zsZ0/fZMcm8Qq3UwxTSwethQ/gpY3UA8x1RtnWN0 # SCyxTkctwRQEcb9k+SS+c23Kjgm9swFXSVRk2XPXfx5bRAGOWhmRaw2fpCjcZxko # JLo4S5pu+yFUa2pFEUep8beuyOiJXk+d0tBMdrVXVAmxaQFEfnyhYWxz/gq77EFm # PWn9y8FBSX5+k77L+DvktxW/tM4+pTFRhLy/AsGConsXHRWJjXD+57XQKBqJC482 # 2rpM+Zv/Cuk0+CQ1ZyvgDbjmjJnW4SLq8CdCPSWU5nR0W2rRnj7tfqAxM328y+l7 # vzhwRNGQ8cirOoo6CGJ/2XBjU02N7oJtpQUQwXEGahC0HVUzWLOhcGbyoYIC0jCC # AjsCAQEwgfyhgdSkgdEwgc4xCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5n # dG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9y # YXRpb24xKTAnBgNVBAsTIE1pY3Jvc29mdCBPcGVyYXRpb25zIFB1ZXJ0byBSaWNv # MSYwJAYDVQQLEx1UaGFsZXMgVFNTIEVTTjpGN0E2LUUyNTEtMTUwQTElMCMGA1UE # AxMcTWljcm9zb2Z0IFRpbWUtU3RhbXAgU2VydmljZaIjCgEBMAcGBSsOAwIaAxUA # s8lw20WzmxDKiN1Lhh7mZWXutKiggYMwgYCkfjB8MQswCQYDVQQGEwJVUzETMBEG # A1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWlj # cm9zb2Z0IENvcnBvcmF0aW9uMSYwJAYDVQQDEx1NaWNyb3NvZnQgVGltZS1TdGFt # cCBQQ0EgMjAxMDANBgkqhkiG9w0BAQUFAAIFAOcFBF4wIhgPMjAyMjEwMjcxNzIx # MzRaGA8yMDIyMTAyODE3MjEzNFowdzA9BgorBgEEAYRZCgQBMS8wLTAKAgUA5wUE # XgIBADAKAgEAAgIKtAIB/zAHAgEAAgISWjAKAgUA5wZV3gIBADA2BgorBgEEAYRZ # CgQCMSgwJjAMBgorBgEEAYRZCgMCoAowCAIBAAIDB6EgoQowCAIBAAIDAYagMA0G # CSqGSIb3DQEBBQUAA4GBAEVuHnTe315ZhvAGlR2UZqHuKGwHhGNv+WAsz+xY/QJ1 # dJ4sdou2/U6Q20z1JrjUb7Tmx2zkv/B+A+82VDw4qqt05J1F/TJcQGHVMqENU+6f # GbTVk8NQ3GbDvAXJJQLIwKdenhqs2EG+vvflcT8i0W+v6ys2RYYdg9wX5GDK+nkP # MYIEDTCCBAkCAQEwgZMwfDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0 # b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3Jh # dGlvbjEmMCQGA1UEAxMdTWljcm9zb2Z0IFRpbWUtU3RhbXAgUENBIDIwMTACEzMA # AAGlAN4IxEAHcU4AAQAAAaUwDQYJYIZIAWUDBAIBBQCgggFKMBoGCSqGSIb3DQEJ # AzENBgsqhkiG9w0BCRABBDAvBgkqhkiG9w0BCQQxIgQgtpbiheX+uUmTGO9i7ABV # cdHegP2yG2yCQ+oYUyYtaZswgfoGCyqGSIb3DQEJEAIvMYHqMIHnMIHkMIG9BCC4 # CjhxfmYEsaCt2AU83Khh+6JHlyk3B70vfMHMlBLcXDCBmDCBgKR+MHwxCzAJBgNV # BAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4w # HAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xJjAkBgNVBAMTHU1pY3Jvc29m # dCBUaW1lLVN0YW1wIFBDQSAyMDEwAhMzAAABpQDeCMRAB3FOAAEAAAGlMCIEIAAA # aMfXbCTcNJaWvLUX8O1s1/JYWSRLutkHwGWjrTmSMA0GCSqGSIb3DQEBCwUABIIC # AEVyyY5+ZoqoCVDyMYo++32VsXkXlHyjNELLHdF1uId/k+sAOkSb1njdnm93nzLd # qxmkNcTBsaOLMJESNrhnNALl/eC5iG9ITAxxxFDO62mDR11wmSC3D/eD9m2uER4V # 9TImLF6lZ2AA4K7GduOpln0hMJehdbGHZ5Grte/FLNjt+LEvX6YueL5BpCxPH7k0 # +qVjiX8zMD1404qGajJQrF8yvqRRzzaZXpL1bFzyjS8ZNZCCk7dip3wrWMRRZ62Q # kiAGxTyhrvGo41fH9SdtDkDl2HG6F0MXRcp7HjDw0l0yntSX8FIzSgJOej4NqZTJ # XaJDIrjsAWawmJPBW7/Qs1LUDHMh+m+x5NGM5Nbjnn7rvpY6zvCP64u1Bx+fQnU0 # xRwGcjFXR0YdY66eBymRC3RnUqqsZ74WRdtuSsL+Z6/VYjzajbP6Oyt1LWKId7N+ # 9N2rhNpcadriUrklfpqWBxhIsj7If/19lr9EiEv5rDF+//v3JjnQWZz5AyllpLf1 # qLDUW3G/CFqYhXdc7O8YW5D2u242xClJd4s0ksQJtnDg+FU9b8dUGvXcNzyTxCrk # Q2rN7YRxIwZIW85MgdWqfKKfp9V0z/HTZ4yQj0A0tsEA1pnEL/aZFvqpMkWnqwj6 # LYGSVnARQg9YLLYe7/lEYjznldoegtGk2c5k4j7WFLjL # SIG # End signature block |