AzureADAssessmentPortable.psm1
<# .SYNOPSIS Produces the Azure AD Hybrid Component data required by the Azure AD Assesment .EXAMPLE PS C:\> Invoke-AADAssessmentHybridDataCollection Collect and package assessment data to "C:\AzureADAssessment". .EXAMPLE PS C:\> Invoke-AADAssessmentHybridDataCollection -OutputDirectory "C:\Temp" Collect and package assessment data to "C:\Temp". #> function Invoke-AADAssessmentHybridDataCollection { [CmdletBinding()] param ( # Specify directory to output data. [Parameter(Mandatory = $false)] [string] $OutputDirectory = (Join-Path $env:SystemDrive 'AzureADAssessment') ) #$OutputDirectory = Join-Path $OutputDirectory "AzureADAssessment" $OutputDirectoryData = Join-Path $OutputDirectory "AzureADAssessmentData" ## ADFS Data Collection $ADFSService = Get-Service adfssrv -ErrorAction SilentlyContinue if ($ADFSService) { ## Create Output Directory $PackagePath = Join-Path $OutputDirectory "AzureADAssessmentData-ADFS-$env:COMPUTERNAME.zip" $OutputDirectoryADFS = Join-Path $OutputDirectoryData 'ADFS' if (!(Test-Path $OutputDirectoryADFS)) { New-Item $OutputDirectoryADFS -ItemType Container -ErrorAction Stop } ## Get ADFS Properties Get-AdfsProperties | Out-File (Join-Path $OutputDirectoryADFS 'ADFSProperties.txt') Get-AdfsProperties | ConvertTo-Json | Set-Content (Join-Path $OutputDirectoryADFS 'ADFSProperties.json') ## Get ADFS Endpoints Get-AADAssessADFSEndpoints | Export-Csv -Path (Join-Path $OutputDirectoryADFS 'ADFSEnabledEndpoints.csv') -NoTypeInformation:$false ## Get ADFS Configuration Export-AADAssessADFSConfiguration -OutputDirectory $OutputDirectoryADFS ## Event Data Export-AADAssessADFSAdminLog -OutputDirectory $OutputDirectoryADFS -DaysToRetrieve 15 ## Package Output if ($PSVersionTable.PSVersion -ge [version]'5.0') { Compress-Archive (Join-Path $OutputDirectoryADFS '\*') -DestinationPath $PackagePath -Force -ErrorAction Stop } else { Add-Type -AssemblyName "System.IO.Compression.FileSystem" [System.IO.Compression.ZipFile]::CreateFromDirectory($OutputDirectoryADFS, $PackagePath) } ## Clean-Up Data Files Remove-Item $OutputDirectoryADFS -Recurse -Force } ## Azure AD Connect Data Collection $AADCService = Get-Service ADSync -ErrorAction SilentlyContinue if ($AADCService) { ## Create Output Directory $PackagePath = Join-Path $OutputDirectory "AzureADAssessmentData-AADC-$env:COMPUTERNAME.zip" $OutputDirectoryAADC = Join-Path $OutputDirectoryData 'AADC' if (!(Test-Path $OutputDirectoryAADC)) { New-Item $OutputDirectoryAADC -ItemType Container -ErrorAction Stop } ## AAD Connect Configuration Remove-Item (Join-Path $OutputDirectoryAADC 'AzureADConnectSyncConfig') -Recurse -Force -ErrorAction SilentlyContinue Get-ADSyncServerConfiguration -Path (Join-Path $OutputDirectoryAADC 'AzureADConnectSyncConfig') ## Event Data Get-AADAssessPasswordWritebackAgentLog -DaysToRetrieve 7 | Export-Csv -Path (Join-Path $OutputDirectoryAADC "AADPasswriteback-$env:COMPUTERNAME.csv") -NoTypeInformation:$false ## Package Output if ($PSVersionTable.PSVersion -ge [version]'5.0') { Compress-Archive (Join-Path $OutputDirectoryAADC '\*') -DestinationPath $PackagePath -Force -ErrorAction Stop } else { Add-Type -AssemblyName "System.IO.Compression.FileSystem" [System.IO.Compression.ZipFile]::CreateFromDirectory($OutputDirectoryAADC, $PackagePath) } ## Clean-Up Data Files Remove-Item $OutputDirectoryAADC -Recurse -Force } ## Azure AD App Proxy Connector Data Collection $AADAPService = Get-Service WAPCSvc -ErrorAction SilentlyContinue if ($AADAPService) { ## Create Output Directory $PackagePath = Join-Path $OutputDirectory "AzureADAssessmentData-AADAP-$env:COMPUTERNAME.zip" $OutputDirectoryAADAP = Join-Path $OutputDirectoryData 'AADAP' if (!(Test-Path $OutputDirectoryAADAP)) { New-Item $OutputDirectoryAADAP -ItemType Container -ErrorAction Stop } ## Event Data Get-AADAssessAppProxyConnectorLog -DaysToRetrieve 7 | Export-Csv -Path (Join-Path $OutputDirectoryAADAP "AzureADAppProxyConnectorLog-$env:COMPUTERNAME.csv") -NoTypeInformation:$false ## Package Output if ($PSVersionTable.PSVersion -ge [version]'5.0') { Compress-Archive (Join-Path $OutputDirectoryAADAP '\*') -DestinationPath $PackagePath -Force -ErrorAction Stop } else { Add-Type -AssemblyName "System.IO.Compression.FileSystem" [System.IO.Compression.ZipFile]::CreateFromDirectory($OutputDirectoryAADAP, $PackagePath) } ## Clean-Up Data Files Remove-Item $OutputDirectoryAADAP -Recurse -Force } } <# .SYNOPSIS Exports the configuration of Relying Party Trusts and Claims Provider Trusts .DESCRIPTION Creates and zips a set of files that hold the configuration of AD FS claim providers and relying parties. The output files are created under a directory called "ADFS" in the system drive. .EXAMPLE PS C:\> Export-AADAssessADFSConfiguration "C:\AzureADAssessment" Export ADFS configuration to "C:\AzureADAssessment". #> function Export-AADAssessADFSConfiguration { [CmdletBinding()] param ( # Specify directory to output data. [Parameter(Mandatory = $true)] [string] $OutputDirectory ) $filePathBase = Join-Path $OutputDirectory 'apps' #$zipfileBase = Join-Path $OutputDirectory 'zip' #$zipfileName = Join-Path $zipfileBase "ADFSApps.zip" mkdir $filePathBase -ErrorAction SilentlyContinue #mkdir $zipfileBase -ErrorAction SilentlyContinue $AdfsRelyingPartyTrusts = Get-AdfsRelyingPartyTrust foreach ($AdfsRelyingPartyTrust in $AdfsRelyingPartyTrusts) { $RPfileName = $AdfsRelyingPartyTrust.Name.ToString() $CleanedRPFileName = Remove-InvalidFileNameCharacters $RPfileName $RPName = "RPT - " + $CleanedRPFileName $filePath = Join-Path $filePathBase ($RPName + '.xml') $AdfsRelyingPartyTrust | Export-Clixml -LiteralPath $filePath -ErrorAction SilentlyContinue } $AdfsClaimsProviderTrusts = Get-AdfsClaimsProviderTrust foreach ($AdfsClaimsProviderTrust in $AdfsClaimsProviderTrusts) { $CPfileName = $AdfsClaimsProviderTrust.Name.ToString() $CleanedCPFileName = Remove-InvalidFileNameCharacters $CPfileName $CPTName = "CPT - " + $CleanedCPFileName $filePath = Join-Path $filePathBase ($CPTName + '.xml') $AdfsClaimsProviderTrust | Export-Clixml -LiteralPath $filePath -ErrorAction SilentlyContinue } #If (Test-Path $zipfileName) { # Remove-Item $zipfileName #} #Add-Type -assembly "system.io.compression.filesystem" #[io.compression.zipfile]::CreateFromDirectory($filePathBase, $zipfileName) # try { # Invoke-Item $zipfileBase -ErrorAction SilentlyContinue # } # catch {} } <# .SYNOPSIS Gets the list of all enabled endpoints in ADFS .DESCRIPTION Gets the list of all enabled endpoints in ADFS .EXAMPLE PS C:\> Get-AADAssessADFSEndpoints | Export-Csv -Path ".\ADFSEnabledEndpoints.csv" Export ADFS enabled endpoints to CSV. #> function Get-AADAssessADFSEndpoints { Get-AdfsEndpoint | Where-Object { $_.Enabled -eq "True" } } <# .SYNOPSIS Gets the AD FS Admin Log .DESCRIPTION This function exports the events from the AD FS Admin log .EXAMPLE PS C:\> Export-AADAssessADFSAdminLog -DaysToRetrieve 7 Get the last seven days of logs. #> function Export-AADAssessADFSAdminLog { [CmdletBinding()] param ( # Specify directory to output data. [Parameter(Mandatory = $true)] [string] $OutputDirectory, # Specify how far back in the past will the events be retrieved [Parameter(Mandatory = $true)] [int] $DaysToRetrieve ) $TimeSpan = New-TimeSpan -Day $DaysToRetrieve $XPathQuery = '*[System[TimeCreated[timediff(@SystemTime) <= {0}]]]' -f $TimeSpan.TotalMilliseconds #Get-WinEvent -FilterXPath $XPathQuery #Get-WinEvent -FilterHashtable @{ LogName = 'AD FS/Admin'; StartTime = ((Get-Date) - $TimeSpan) } Export-EventLog -Path (Join-Path $OutputDirectory "ADFS-$env:COMPUTERNAME.evtx") -LogName 'AD FS/Admin' -Query $XPathQuery -Overwrite } <# .SYNOPSIS Gets Azure AD Application Proxy Connector Logs .DESCRIPTION This functions returns the events from the Azure AD Application Proxy Connector Admin Log .EXAMPLE PS C:\> $targetGalleryApp = "GalleryAppName" PS C:\> $targetGroup = Get-AzureADGroup -SearchString "TestGroupName" PS C:\> $targetAzureADRole = "TestRoleName" PS C:\> $targetADFSRPId = "ADFSRPIdentifier" PS C:\> $RP=Get-AdfsRelyingPartyTrust -Identifier $targetADFSRPId PS C:\> $galleryApp = Get-AzureADApplicationTemplate -DisplayNameFilter $targetGalleryApp PS C:\> $RP=Get-AdfsRelyingPartyTrust -Identifier $targetADFSRPId PS C:\> New-AzureADAppFromADFSRPTrust ` -AzureADAppTemplateId $galleryApp.id ` -ADFSRelyingPartyTrust $RP ` -TestGroupAssignmentObjectId $targetGroup.ObjectId ` -TestGroupAssignmentRoleName $targetAzureADRole #> function Get-AADAssessAppProxyConnectorLog { [CmdletBinding()] param ( # Indicates how far back in the past will the events be retrieved [Parameter(Mandatory = $true)] [int] $DaysToRetrieve ) $TimeFilter = $DaysToRetrieve * 86400000 $EventFilterXml = '<QueryList><Query Id="0" Path="Microsoft-AadApplicationProxy-Connector/Admin"><Select Path="Microsoft-AadApplicationProxy-Connector/Admin">*[System[TimeCreated[timediff(@SystemTime) <= {0}]]]</Select></Query></QueryList>' -f $TimeFilter Get-WinEvent -FilterXml $EventFilterXml } <# .SYNOPSIS Gets the Azure AD Password Writeback Agent Log .DESCRIPTION This functions returns the events from the Azure AD Password Write Bag source from the application Log .EXAMPLE PS C:\> Get-AADAssessPasswordWritebackAgentLog -DaysToRetrieve 7 | Export-Csv -Path ".\AzureADAppProxyLogs-$env:ComputerName.csv" Get the last seven days of logs and saves them on a CSV file #> function Get-AADAssessPasswordWritebackAgentLog { [CmdletBinding()] param ( # Indicates how far back in the past will the events be retrieved [Parameter(Mandatory = $true)] [int] $DaysToRetrieve ) $TimeFilter = $DaysToRetrieve * 86400000 $EventFilterXml = "<QueryList><Query Id='0' Path='Application'><Select Path='Application'>*[System[Provider[@Name='PasswordResetService'] and TimeCreated[timediff(@SystemTime) <= {0}]]]</Select></Query></QueryList>" -f $TimeFilter Get-WinEvent -FilterXml $EventFilterXml } ### ================== ### Helper Functions ### ================== <# .SYNOPSIS Decompose characters to their base character equivilents and remove diacritics. .DESCRIPTION .EXAMPLE PS C:\>Remove-Diacritics 'àáâãäåÀÁÂÃÄÅfi⁵ẛ' Decompose characters to their base character equivilents and remove diacritics. .EXAMPLE PS C:\>Remove-Diacritics 'àáâãäåÀÁÂÃÄÅfi⁵ẛ' -CompatibilityDecomposition Decompose composite characters to their base character equivilents and remove diacritics. .INPUTS System.String .LINK https://github.com/jasoth/Utility.PS #> function Remove-Diacritics { [CmdletBinding()] param ( # String value to transform. [Parameter(Mandatory = $true, Position = 0, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] [AllowEmptyString()] [string[]] $InputStrings, # Use compatibility decomposition instead of canonical decomposition which further decomposes composite characters and many formatting distinctions are removed. [Parameter(Mandatory = $false, ValueFromPipelineByPropertyName = $true)] [switch] $CompatibilityDecomposition ) process { [System.Text.NormalizationForm] $NormalizationForm = [System.Text.NormalizationForm]::FormD if ($CompatibilityDecomposition) { $NormalizationForm = [System.Text.NormalizationForm]::FormKD } foreach ($InputString in $InputStrings) { $NormalizedString = $InputString.Normalize($NormalizationForm) $OutputString = New-Object System.Text.StringBuilder foreach ($char in $NormalizedString.ToCharArray()) { if ([Globalization.CharUnicodeInfo]::GetUnicodeCategory($char) -ne [Globalization.UnicodeCategory]::NonSpacingMark) { [void] $OutputString.Append($char) } } Write-Output $OutputString.ToString() } } } <# .SYNOPSIS Remove invalid filename characters from string. .DESCRIPTION .EXAMPLE PS C:\>Remove-InvalidFileNameCharacters 'à/1\b?2|ć*3<đ>4 ē' Remove invalid filename characters from string. .EXAMPLE PS C:\>Remove-InvalidFileNameCharacters 'à/1\b?2|ć*3<đ>4 ē' -RemoveDiacritics Remove invalid filename characters and diacritics from string. .INPUTS System.String .LINK https://github.com/jasoth/Utility.PS #> function Remove-InvalidFileNameCharacters { [CmdletBinding()] param ( # String value to transform. [Parameter(Mandatory = $true, Position = 0, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] [AllowEmptyString()] [string[]] $InputStrings, # Character used as replacement for invalid characters. Use '' to simply remove. [Parameter(Mandatory = $false)] [string] $ReplacementCharacter = '-', # Replace characters with diacritics to their non-diacritic equivilent. [Parameter(Mandatory = $false)] [switch] $RemoveDiacritics ) process { foreach ($InputString in $InputStrings) { [string] $OutputString = $InputString if ($RemoveDiacritics) { $OutputString = Remove-Diacritics $OutputString -CompatibilityDecomposition } $OutputString = [regex]::Replace($OutputString, ('[{0}]' -f [regex]::Escape([System.IO.Path]::GetInvalidFileNameChars() -join '')), $ReplacementCharacter) Write-Output $OutputString } } } <# .SYNOPSIS Exports events from an event log. .DESCRIPTION .EXAMPLE PS C:\>Export-EventLog 'C:\ADFS-Admin.evtx' -LogName 'AD FS/Admin' Export all logs from "AD FS/Admin" event log. .INPUTS System.String #> function Export-EventLog { [CmdletBinding()] param ( # Path to the file where the exported events will be stored [Parameter(Mandatory = $true)] [string] $Path, # Name of log [Parameter(Mandatory = $true)] [string] $LogName, # Defines the XPath query to filter the events that are read or exported. [Parameter(Mandatory = $false)] [Alias('q')] [string] $Query, # Specifies that the export file should be overwritten. [Parameter(Mandatory = $false)] [Alias('ow')] [switch] $Overwrite ) $argsWevtutil = New-Object 'System.Collections.Generic.List[System.String]' $argsWevtutil.Add('export-log') $argsWevtutil.Add($LogName) $argsWevtutil.Add($Path) if ($Query) { $argsWevtutil.Add(('/q:"{0}"' -f $Query)) } if ($PSBoundParameters.ContainsKey('Overwrite')) { $argsWevtutil.Add(('/ow:{0}' -f $Overwrite)) } wevtutil $argsWevtutil.ToArray() } Export-ModuleMember Invoke-AADAssessmentHybridDataCollection Export-ModuleMember Export-AADAssessADFSConfiguration Export-ModuleMember Get-AADAssessADFSEndpoints Export-ModuleMember Export-AADAssessADFSAdminLog Export-ModuleMember Get-AADAssessAppProxyConnectorLog Export-ModuleMember Get-AADAssessPasswordWritebackAgentLog # SIG # Begin signature block # MIInzgYJKoZIhvcNAQcCoIInvzCCJ7sCAQExDzANBglghkgBZQMEAgEFADB5Bgor # BgEEAYI3AgEEoGswaTA0BgorBgEEAYI3AgEeMCYCAwEAAAQQH8w7YFlLCE63JNLG # KX7zUQIBAAIBAAIBAAIBAAIBADAxMA0GCWCGSAFlAwQCAQUABCCVLWfcvJrlJGJe # EuI3g5WmKXJ05ukp7mlS1huF08NSK6CCDYUwggYDMIID66ADAgECAhMzAAACzfNk # v/jUTF1RAAAAAALNMA0GCSqGSIb3DQEBCwUAMH4xCzAJBgNVBAYTAlVTMRMwEQYD # VQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMTH01pY3Jvc29mdCBDb2RlIFNpZ25p # bmcgUENBIDIwMTEwHhcNMjIwNTEyMjA0NjAyWhcNMjMwNTExMjA0NjAyWjB0MQsw # CQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9u # ZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMR4wHAYDVQQDExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB # AQDrIzsY62MmKrzergm7Ucnu+DuSHdgzRZVCIGi9CalFrhwtiK+3FIDzlOYbs/zz # HwuLC3hir55wVgHoaC4liQwQ60wVyR17EZPa4BQ28C5ARlxqftdp3H8RrXWbVyvQ # aUnBQVZM73XDyGV1oUPZGHGWtgdqtBUd60VjnFPICSf8pnFiit6hvSxH5IVWI0iO # nfqdXYoPWUtVUMmVqW1yBX0NtbQlSHIU6hlPvo9/uqKvkjFUFA2LbC9AWQbJmH+1 # uM0l4nDSKfCqccvdI5l3zjEk9yUSUmh1IQhDFn+5SL2JmnCF0jZEZ4f5HE7ykDP+ # oiA3Q+fhKCseg+0aEHi+DRPZAgMBAAGjggGCMIIBfjAfBgNVHSUEGDAWBgorBgEE # AYI3TAgBBggrBgEFBQcDAzAdBgNVHQ4EFgQU0WymH4CP7s1+yQktEwbcLQuR9Zww # VAYDVR0RBE0wS6RJMEcxLTArBgNVBAsTJE1pY3Jvc29mdCBJcmVsYW5kIE9wZXJh # dGlvbnMgTGltaXRlZDEWMBQGA1UEBRMNMjMwMDEyKzQ3MDUzMDAfBgNVHSMEGDAW # gBRIbmTlUAXTgqoXNzcitW2oynUClTBUBgNVHR8ETTBLMEmgR6BFhkNodHRwOi8v # d3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2NybC9NaWNDb2RTaWdQQ0EyMDExXzIw # MTEtMDctMDguY3JsMGEGCCsGAQUFBwEBBFUwUzBRBggrBgEFBQcwAoZFaHR0cDov # L3d3dy5taWNyb3NvZnQuY29tL3BraW9wcy9jZXJ0cy9NaWNDb2RTaWdQQ0EyMDEx # XzIwMTEtMDctMDguY3J0MAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQELBQADggIB # AE7LSuuNObCBWYuttxJAgilXJ92GpyV/fTiyXHZ/9LbzXs/MfKnPwRydlmA2ak0r # GWLDFh89zAWHFI8t9JLwpd/VRoVE3+WyzTIskdbBnHbf1yjo/+0tpHlnroFJdcDS # MIsH+T7z3ClY+6WnjSTetpg1Y/pLOLXZpZjYeXQiFwo9G5lzUcSd8YVQNPQAGICl # 2JRSaCNlzAdIFCF5PNKoXbJtEqDcPZ8oDrM9KdO7TqUE5VqeBe6DggY1sZYnQD+/ # LWlz5D0wCriNgGQ/TWWexMwwnEqlIwfkIcNFxo0QND/6Ya9DTAUykk2SKGSPt0kL # tHxNEn2GJvcNtfohVY/b0tuyF05eXE3cdtYZbeGoU1xQixPZAlTdtLmeFNly82uB # VbybAZ4Ut18F//UrugVQ9UUdK1uYmc+2SdRQQCccKwXGOuYgZ1ULW2u5PyfWxzo4 # BR++53OB/tZXQpz4OkgBZeqs9YaYLFfKRlQHVtmQghFHzB5v/WFonxDVlvPxy2go # a0u9Z+ZlIpvooZRvm6OtXxdAjMBcWBAsnBRr/Oj5s356EDdf2l/sLwLFYE61t+ME # iNYdy0pXL6gN3DxTVf2qjJxXFkFfjjTisndudHsguEMk8mEtnvwo9fOSKT6oRHhM # 9sZ4HTg/TTMjUljmN3mBYWAWI5ExdC1inuog0xrKmOWVMIIHejCCBWKgAwIBAgIK # YQ6Q0gAAAAAAAzANBgkqhkiG9w0BAQsFADCBiDELMAkGA1UEBhMCVVMxEzARBgNV # BAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jv # c29mdCBDb3Jwb3JhdGlvbjEyMDAGA1UEAxMpTWljcm9zb2Z0IFJvb3QgQ2VydGlm # aWNhdGUgQXV0aG9yaXR5IDIwMTEwHhcNMTEwNzA4MjA1OTA5WhcNMjYwNzA4MjEw # OTA5WjB+MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UE # BxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSgwJgYD # VQQDEx9NaWNyb3NvZnQgQ29kZSBTaWduaW5nIFBDQSAyMDExMIICIjANBgkqhkiG # 9w0BAQEFAAOCAg8AMIICCgKCAgEAq/D6chAcLq3YbqqCEE00uvK2WCGfQhsqa+la # UKq4BjgaBEm6f8MMHt03a8YS2AvwOMKZBrDIOdUBFDFC04kNeWSHfpRgJGyvnkmc # 6Whe0t+bU7IKLMOv2akrrnoJr9eWWcpgGgXpZnboMlImEi/nqwhQz7NEt13YxC4D # dato88tt8zpcoRb0RrrgOGSsbmQ1eKagYw8t00CT+OPeBw3VXHmlSSnnDb6gE3e+ # lD3v++MrWhAfTVYoonpy4BI6t0le2O3tQ5GD2Xuye4Yb2T6xjF3oiU+EGvKhL1nk # kDstrjNYxbc+/jLTswM9sbKvkjh+0p2ALPVOVpEhNSXDOW5kf1O6nA+tGSOEy/S6 # A4aN91/w0FK/jJSHvMAhdCVfGCi2zCcoOCWYOUo2z3yxkq4cI6epZuxhH2rhKEmd # X4jiJV3TIUs+UsS1Vz8kA/DRelsv1SPjcF0PUUZ3s/gA4bysAoJf28AVs70b1FVL # 5zmhD+kjSbwYuER8ReTBw3J64HLnJN+/RpnF78IcV9uDjexNSTCnq47f7Fufr/zd # sGbiwZeBe+3W7UvnSSmnEyimp31ngOaKYnhfsi+E11ecXL93KCjx7W3DKI8sj0A3 # T8HhhUSJxAlMxdSlQy90lfdu+HggWCwTXWCVmj5PM4TasIgX3p5O9JawvEagbJjS # 4NaIjAsCAwEAAaOCAe0wggHpMBAGCSsGAQQBgjcVAQQDAgEAMB0GA1UdDgQWBBRI # bmTlUAXTgqoXNzcitW2oynUClTAZBgkrBgEEAYI3FAIEDB4KAFMAdQBiAEMAQTAL # BgNVHQ8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAWgBRyLToCMZBD # uRQFTuHqp8cx0SOJNDBaBgNVHR8EUzBRME+gTaBLhklodHRwOi8vY3JsLm1pY3Jv # c29mdC5jb20vcGtpL2NybC9wcm9kdWN0cy9NaWNSb29DZXJBdXQyMDExXzIwMTFf # MDNfMjIuY3JsMF4GCCsGAQUFBwEBBFIwUDBOBggrBgEFBQcwAoZCaHR0cDovL3d3 # dy5taWNyb3NvZnQuY29tL3BraS9jZXJ0cy9NaWNSb29DZXJBdXQyMDExXzIwMTFf # MDNfMjIuY3J0MIGfBgNVHSAEgZcwgZQwgZEGCSsGAQQBgjcuAzCBgzA/BggrBgEF # BQcCARYzaHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraW9wcy9kb2NzL3ByaW1h # cnljcHMuaHRtMEAGCCsGAQUFBwICMDQeMiAdAEwAZQBnAGEAbABfAHAAbwBsAGkA # YwB5AF8AcwB0AGEAdABlAG0AZQBuAHQALiAdMA0GCSqGSIb3DQEBCwUAA4ICAQBn # 8oalmOBUeRou09h0ZyKbC5YR4WOSmUKWfdJ5DJDBZV8uLD74w3LRbYP+vj/oCso7 # v0epo/Np22O/IjWll11lhJB9i0ZQVdgMknzSGksc8zxCi1LQsP1r4z4HLimb5j0b # pdS1HXeUOeLpZMlEPXh6I/MTfaaQdION9MsmAkYqwooQu6SpBQyb7Wj6aC6VoCo/ # KmtYSWMfCWluWpiW5IP0wI/zRive/DvQvTXvbiWu5a8n7dDd8w6vmSiXmE0OPQvy # CInWH8MyGOLwxS3OW560STkKxgrCxq2u5bLZ2xWIUUVYODJxJxp/sfQn+N4sOiBp # mLJZiWhub6e3dMNABQamASooPoI/E01mC8CzTfXhj38cbxV9Rad25UAqZaPDXVJi # hsMdYzaXht/a8/jyFqGaJ+HNpZfQ7l1jQeNbB5yHPgZ3BtEGsXUfFL5hYbXw3MYb # BL7fQccOKO7eZS/sl/ahXJbYANahRr1Z85elCUtIEJmAH9AAKcWxm6U/RXceNcbS # oqKfenoi+kiVH6v7RyOA9Z74v2u3S5fi63V4GuzqN5l5GEv/1rMjaHXmr/r8i+sL # gOppO6/8MO0ETI7f33VtY5E90Z1WTk+/gFcioXgRMiF670EKsT/7qMykXcGhiJtX # cVZOSEXAQsmbdlsKgEhr/Xmfwb1tbWrJUnMTDXpQzTGCGZ8wghmbAgEBMIGVMH4x # CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRt # b25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMTH01p # Y3Jvc29mdCBDb2RlIFNpZ25pbmcgUENBIDIwMTECEzMAAALN82S/+NRMXVEAAAAA # As0wDQYJYIZIAWUDBAIBBQCgga4wGQYJKoZIhvcNAQkDMQwGCisGAQQBgjcCAQQw # HAYKKwYBBAGCNwIBCzEOMAwGCisGAQQBgjcCARUwLwYJKoZIhvcNAQkEMSIEIBne # XgyCImsrTFYXKRa5ETTu0eO46OhgOMW1mgJZUz8HMEIGCisGAQQBgjcCAQwxNDAy # oBSAEgBNAGkAYwByAG8AcwBvAGYAdKEagBhodHRwOi8vd3d3Lm1pY3Jvc29mdC5j # b20wDQYJKoZIhvcNAQEBBQAEggEA5t9k6HfDAS7jg3WTOUeM8PYZ2u2gn19GqrBw # 6Clin1Ds6nHsGqwfcqfUjFjeIEWURaqrc5I1aZYHOMISFqMptPeTBY0YwwsJ8cRU # GUDiplmVcAkgzb0bhqWoYHC8GNVUZYADsH4gffJdVOq5vkSVYrbaAduntpLLZW3G # UIsSVSJGkrhcdTA0RIESti5nlVhdo/W2wk/CAaK2CYg99LjfeE2wAwufJoa+BOwD # BIJN61fAnWae2MfoW2xyQj1jw4RsIooX9L/Iwf7ZbOGGQTVhy/gEI0LZ9dmD8G1X # mRtGeda+9RdWYTF8xdaVI5wo39wOcO3tO/ZVIcX62rwo0PNrqqGCFykwghclBgor # BgEEAYI3AwMBMYIXFTCCFxEGCSqGSIb3DQEHAqCCFwIwghb+AgEDMQ8wDQYJYIZI # AWUDBAIBBQAwggFZBgsqhkiG9w0BCRABBKCCAUgEggFEMIIBQAIBAQYKKwYBBAGE # WQoDATAxMA0GCWCGSAFlAwQCAQUABCBc79aX5NUM8ye51yXFyoIowr61MCIdA+nM # XVACiEiMCgIGZBsIEw6oGBMyMDIzMDMyNDE3MjgxNi44NzRaMASAAgH0oIHYpIHV # MIHSMQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMH # UmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMS0wKwYDVQQL # EyRNaWNyb3NvZnQgSXJlbGFuZCBPcGVyYXRpb25zIExpbWl0ZWQxJjAkBgNVBAsT # HVRoYWxlcyBUU1MgRVNOOjNCRDQtNEI4MC02OUMzMSUwIwYDVQQDExxNaWNyb3Nv # ZnQgVGltZS1TdGFtcCBTZXJ2aWNloIIReDCCBycwggUPoAMCAQICEzMAAAG0+4AI # RAXSLfoAAQAAAbQwDQYJKoZIhvcNAQELBQAwfDELMAkGA1UEBhMCVVMxEzARBgNV # BAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jv # c29mdCBDb3Jwb3JhdGlvbjEmMCQGA1UEAxMdTWljcm9zb2Z0IFRpbWUtU3RhbXAg # UENBIDIwMTAwHhcNMjIwOTIwMjAyMjA5WhcNMjMxMjE0MjAyMjA5WjCB0jELMAkG # A1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQx # HjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEtMCsGA1UECxMkTWljcm9z # b2Z0IElyZWxhbmQgT3BlcmF0aW9ucyBMaW1pdGVkMSYwJAYDVQQLEx1UaGFsZXMg # VFNTIEVTTjozQkQ0LTRCODAtNjlDMzElMCMGA1UEAxMcTWljcm9zb2Z0IFRpbWUt # U3RhbXAgU2VydmljZTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALRH # pp5lBzJCH7zortuyvOmW8FoZLBsFe9g5dbhnaq9qSpvpn86E/mJ4JKvWixH/lw7Q # A8gPtiiGVNIjvFhu/XiY889vX5WaQSmyoPMZdj9zvXa5XrkMN05zXzTePkCIIzF6 # RN7cTxezOyESymTIjrdxX5BVlZolyQAOxNziMCYKYYNPbYd0786fDE/PhzrRt23a # 0Xf8trvFa0LEEy2YlcE2eqg2CjU/D0GZe8Ra0kjt0M12vdS4qWZ2Dpd7IhiQwnnt # QWu19Ytd3UBR8SpeRX+Ccw3bjgWfOXtla6chctWt2shlMwayMOfY4TG4yMPWFXEL # fZFFp7cgpjZNeVsmwkvoV6RAwy1Y9V+VvbJ5qFtartN/rp6a0I1kGlbjuwX3L0HT # VXcikqgHistXk9h3HOZ9WgFXlxZurG1SZmcz0BEEdya+1vGHE45KguYU9qq2LiHG # Bjn9z4+DqnV5tUKobsLbJMb4r+8st2fj8SacSsftnusxkWqEJiJS34P2uNlzVR03 # +ls6+ZO0NcO79LgP7BbIMipiOx8yh19PMQw0piaKFwOW7Q+gdJcfy6rOkG+CrYZw # OzdiBHSebIzCIch2cAa+38w7JFP/koKdlJ36qzdVXWv4G/qZpWycIvDKYbxJWM40 # +z2Stg5uHqK3I8e09kFXtxCHpS7hm8c8m25WaEU5AgMBAAGjggFJMIIBRTAdBgNV # HQ4EFgQUy0SF5fGUuDqcuxIot07eOMwy2X4wHwYDVR0jBBgwFoAUn6cVXQBeYl2D # 9OXSZacbUzUZ6XIwXwYDVR0fBFgwVjBUoFKgUIZOaHR0cDovL3d3dy5taWNyb3Nv # ZnQuY29tL3BraW9wcy9jcmwvTWljcm9zb2Z0JTIwVGltZS1TdGFtcCUyMFBDQSUy # MDIwMTAoMSkuY3JsMGwGCCsGAQUFBwEBBGAwXjBcBggrBgEFBQcwAoZQaHR0cDov # L3d3dy5taWNyb3NvZnQuY29tL3BraW9wcy9jZXJ0cy9NaWNyb3NvZnQlMjBUaW1l # LVN0YW1wJTIwUENBJTIwMjAxMCgxKS5jcnQwDAYDVR0TAQH/BAIwADAWBgNVHSUB # Af8EDDAKBggrBgEFBQcDCDAOBgNVHQ8BAf8EBAMCB4AwDQYJKoZIhvcNAQELBQAD # ggIBABLRDwWMKbeCYqEqtI6Bs8KmF+kqDR+2G6qYAK3ZZ63bert7pCkRJbihFakt # l2o18cdFJFxnOF4vXadm0sabskJ05KviEMJIO6dXSq8AGtr3Zmjc895q0mnlBLuN # Mgk4R8KrkJMHqBuHqkUWXtfTrVUpgwzQt2UOiINKs+/b4r14MuXRVpOJ6cQOS8Uh # keMAWl2iLlYaBGtOr3f/f9mLEPfWwoke0sSUbdV60OZCRh1ItBYYM9efKr14H5qu # 6jan6n00prEEa7W3uGb/1/qj6P5emnvkqy5HI0X69DjVdLxVbjSsegm/dA+S4DaX # PcfFf6iBxK/iV21l1upgEVVajUApl5VR40wY4XF8EpmnUdTqLXDf7CqdhDjPST2K # /OjvWPyQGQvc7oPapYyk66GU32AOyyHXJj6+vbtRUg/+ory+h0R2Xf5NhC+xbWcM # zXEUXRRf1YKZDsRyH6r412pm8KDKE/r7Rk7aoKK7oYUpNGzNRf6QaYv5z2bVTSxk # zWivFrepLHGwvRun9PYM/8AQSTgZr0yzzjk/97WghkqCaAwAVpyvg3uaYnuCl/Ac # cSkGyb8c+70bFSeUephsfgb2r+QI7Mb2WcOnkJpCNLz0XJMS/UwlQn1ktLsiCpsq # Ok3aLJ2wTv6LK3u69I0vQB/LKRKlZYRXKUDXzoPwr3UtsTVTMIIHcTCCBVmgAwIB # AgITMwAAABXF52ueAptJmQAAAAAAFTANBgkqhkiG9w0BAQsFADCBiDELMAkGA1UE # BhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAc # BgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEyMDAGA1UEAxMpTWljcm9zb2Z0 # IFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IDIwMTAwHhcNMjEwOTMwMTgyMjI1 # WhcNMzAwOTMwMTgzMjI1WjB8MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGlu # Z3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBv # cmF0aW9uMSYwJAYDVQQDEx1NaWNyb3NvZnQgVGltZS1TdGFtcCBQQ0EgMjAxMDCC # AiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAOThpkzntHIhC3miy9ckeb0O # 1YLT/e6cBwfSqWxOdcjKNVf2AX9sSuDivbk+F2Az/1xPx2b3lVNxWuJ+Slr+uDZn # hUYjDLWNE893MsAQGOhgfWpSg0S3po5GawcU88V29YZQ3MFEyHFcUTE3oAo4bo3t # 1w/YJlN8OWECesSq/XJprx2rrPY2vjUmZNqYO7oaezOtgFt+jBAcnVL+tuhiJdxq # D89d9P6OU8/W7IVWTe/dvI2k45GPsjksUZzpcGkNyjYtcI4xyDUoveO0hyTD4MmP # frVUj9z6BVWYbWg7mka97aSueik3rMvrg0XnRm7KMtXAhjBcTyziYrLNueKNiOSW # rAFKu75xqRdbZ2De+JKRHh09/SDPc31BmkZ1zcRfNN0Sidb9pSB9fvzZnkXftnIv # 231fgLrbqn427DZM9ituqBJR6L8FA6PRc6ZNN3SUHDSCD/AQ8rdHGO2n6Jl8P0zb # r17C89XYcz1DTsEzOUyOArxCaC4Q6oRRRuLRvWoYWmEBc8pnol7XKHYC4jMYcten # IPDC+hIK12NvDMk2ZItboKaDIV1fMHSRlJTYuVD5C4lh8zYGNRiER9vcG9H9stQc # xWv2XFJRXRLbJbqvUAV6bMURHXLvjflSxIUXk8A8FdsaN8cIFRg/eKtFtvUeh17a # j54WcmnGrnu3tz5q4i6tAgMBAAGjggHdMIIB2TASBgkrBgEEAYI3FQEEBQIDAQAB # MCMGCSsGAQQBgjcVAgQWBBQqp1L+ZMSavoKRPEY1Kc8Q/y8E7jAdBgNVHQ4EFgQU # n6cVXQBeYl2D9OXSZacbUzUZ6XIwXAYDVR0gBFUwUzBRBgwrBgEEAYI3TIN9AQEw # QTA/BggrBgEFBQcCARYzaHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraW9wcy9E # b2NzL1JlcG9zaXRvcnkuaHRtMBMGA1UdJQQMMAoGCCsGAQUFBwMIMBkGCSsGAQQB # gjcUAgQMHgoAUwB1AGIAQwBBMAsGA1UdDwQEAwIBhjAPBgNVHRMBAf8EBTADAQH/ # MB8GA1UdIwQYMBaAFNX2VsuP6KJcYmjRPZSQW9fOmhjEMFYGA1UdHwRPME0wS6BJ # oEeGRWh0dHA6Ly9jcmwubWljcm9zb2Z0LmNvbS9wa2kvY3JsL3Byb2R1Y3RzL01p # Y1Jvb0NlckF1dF8yMDEwLTA2LTIzLmNybDBaBggrBgEFBQcBAQROMEwwSgYIKwYB # BQUHMAKGPmh0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2kvY2VydHMvTWljUm9v # Q2VyQXV0XzIwMTAtMDYtMjMuY3J0MA0GCSqGSIb3DQEBCwUAA4ICAQCdVX38Kq3h # LB9nATEkW+Geckv8qW/qXBS2Pk5HZHixBpOXPTEztTnXwnE2P9pkbHzQdTltuw8x # 5MKP+2zRoZQYIu7pZmc6U03dmLq2HnjYNi6cqYJWAAOwBb6J6Gngugnue99qb74p # y27YP0h1AdkY3m2CDPVtI1TkeFN1JFe53Z/zjj3G82jfZfakVqr3lbYoVSfQJL1A # oL8ZthISEV09J+BAljis9/kpicO8F7BUhUKz/AyeixmJ5/ALaoHCgRlCGVJ1ijbC # HcNhcy4sa3tuPywJeBTpkbKpW99Jo3QMvOyRgNI95ko+ZjtPu4b6MhrZlvSP9pEB # 9s7GdP32THJvEKt1MMU0sHrYUP4KWN1APMdUbZ1jdEgssU5HLcEUBHG/ZPkkvnNt # yo4JvbMBV0lUZNlz138eW0QBjloZkWsNn6Qo3GcZKCS6OEuabvshVGtqRRFHqfG3 # rsjoiV5PndLQTHa1V1QJsWkBRH58oWFsc/4Ku+xBZj1p/cvBQUl+fpO+y/g75LcV # v7TOPqUxUYS8vwLBgqJ7Fx0ViY1w/ue10CgaiQuPNtq6TPmb/wrpNPgkNWcr4A24 # 5oyZ1uEi6vAnQj0llOZ0dFtq0Z4+7X6gMTN9vMvpe784cETRkPHIqzqKOghif9lw # Y1NNje6CbaUFEMFxBmoQtB1VM1izoXBm8qGCAtQwggI9AgEBMIIBAKGB2KSB1TCB # 0jELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1Jl # ZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEtMCsGA1UECxMk # TWljcm9zb2Z0IElyZWxhbmQgT3BlcmF0aW9ucyBMaW1pdGVkMSYwJAYDVQQLEx1U # aGFsZXMgVFNTIEVTTjozQkQ0LTRCODAtNjlDMzElMCMGA1UEAxMcTWljcm9zb2Z0 # IFRpbWUtU3RhbXAgU2VydmljZaIjCgEBMAcGBSsOAwIaAxUAZZzYkPObl/ZzeCkS # bf4B5CceCQiggYMwgYCkfjB8MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGlu # Z3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBv # cmF0aW9uMSYwJAYDVQQDEx1NaWNyb3NvZnQgVGltZS1TdGFtcCBQQ0EgMjAxMDAN # BgkqhkiG9w0BAQUFAAIFAOfIKXAwIhgPMjAyMzAzMjQyMTUxNDRaGA8yMDIzMDMy # NTIxNTE0NFowdDA6BgorBgEEAYRZCgQBMSwwKjAKAgUA58gpcAIBADAHAgEAAgIX # HjAHAgEAAgIRSzAKAgUA58l68AIBADA2BgorBgEEAYRZCgQCMSgwJjAMBgorBgEE # AYRZCgMCoAowCAIBAAIDB6EgoQowCAIBAAIDAYagMA0GCSqGSIb3DQEBBQUAA4GB # AAZkpv1lkSKYvpZuHL/WREAgWdXalJEhDdT2VtLPdvZGaG95tYpFFoyPuouDr590 # Wj8eZ522B9VDr5IZL//BL6b6BdeSVedEXFgKlU08DSeozPeypkKDNUgEI8k0oNpk # 3MtZxuQ2lQBRf/czEMc5WU1/ia9v4/o19vpBvItAgchOMYIEDTCCBAkCAQEwgZMw # fDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1Jl # ZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEmMCQGA1UEAxMd # TWljcm9zb2Z0IFRpbWUtU3RhbXAgUENBIDIwMTACEzMAAAG0+4AIRAXSLfoAAQAA # AbQwDQYJYIZIAWUDBAIBBQCgggFKMBoGCSqGSIb3DQEJAzENBgsqhkiG9w0BCRAB # BDAvBgkqhkiG9w0BCQQxIgQg85naeSb5jFJJfwZwENVuHkNpPD78Spf8bjuOQUJb # UlAwgfoGCyqGSIb3DQEJEAIvMYHqMIHnMIHkMIG9BCDTyPd75qMwcAZRcb36/6xJ # a3hT0eLse71ysdp4twH3BjCBmDCBgKR+MHwxCzAJBgNVBAYTAlVTMRMwEQYDVQQI # EwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3Nv # ZnQgQ29ycG9yYXRpb24xJjAkBgNVBAMTHU1pY3Jvc29mdCBUaW1lLVN0YW1wIFBD # QSAyMDEwAhMzAAABtPuACEQF0i36AAEAAAG0MCIEIA4jAjI+zsVGYAzgpX+IvTYS # nR3VcPvMXWpbVUfXgjU6MA0GCSqGSIb3DQEBCwUABIICAJMXBhjnXKkVFctkxUzO # 9zcr3c8J7buChZyCWBBuSZBEyawZ3ODX2RYFM0vaOKt5t2nNekoUWxCjqjjWgmQg # Ds3zb3HOr6xDhYvCOdjGEjD69LFqohnGrY7UCFZKSaDjebLIH2bnftZ3EG4atuS/ # +XIbvTaSYYKn/ObQzpB5Fsff7gljImbMyEc3V5Da99yB5L1L1CV+dLJtwh4DtRIn # mOXiWas1B6oSi8s2InAB90mkOD7mDRbqfR0rvSh4bGFJuPBp/aBELUyQigeycExa # L8MwcM9etOqYHI6HHwDvU0z3dtz9chQO4YCBqjnHNd2z4DwMXLnqGx9LxiUpELpR # mT0YhbbigvV8dkah0EX2tCVGQKW0NC5HVINEIghQ4mjf//qP6Crkk98cOVUjrBWx # XgSkwCaEDuHuwnIAyUau8knzZfvsssLzvMXwEQUjA4hid+trk49f0V443Q+DrKwo # 9lmCt5o0xw4H6SoPhq5oKDPGH7+YqrYeGqzUhJAX/fmKIifD32b8k3uoxd3//EMI # Cjocc5jkQkF7JdO6Y9tpTvIDB0BiWVSFpOn89CzAJbjjtIGGARe/nR5iZmvBWCFb # gOOFF0XKGMqFfASO48RH+jNAN/KG891RfpqyAG3huWTpSlG3avLzh2xD5bHMlig8 # t2I62NRoRxyaMufNzFK4TJqZ # SIG # End signature block |