classes/OSConfig.ps1
|
# Copyright (c) Microsoft Corporation. All rights reserved. function Get-ServerType() { try { $Value = Get-ItemPropertyValue -LiteralPath "HKLM:\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters" -Name "SysvolReady" if (-not [String]::IsNullOrWhiteSpace($Value)) { return "Domain Controller" } } catch { # Ignored. } try { $Value = Get-ItemPropertyValue -LiteralPath "HKLM:\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters" -Name "Domain" if (-not [String]::IsNullOrWhiteSpace($Value)) { return "Member Server" } } catch { # Ignored. } return "Workgroup Member" } function Get-EnvironmentType { $Properties = Get-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion" if ($Properties.InstallationType -match "Server") { if ($Properties.EditionId -eq "ServerAzureStackHCICor") { $InstallationType = "AzureLocal" if ($Properties.DisplayVersion -eq "24H2") { $Version = "24H2" } elseif ($Properties.DisplayVersion -eq "23H2") { $Version = "23H2" } else { return } } else { $InstallationType = "WindowsServer" # We need to have the necessary update for Windows Server 2022 and Windows Server 23H2 # but not for Windows Server 2025. We can use the UBR (Update Build Revision) to # determine the version. if ($Properties.DisplayVersion -eq "24H2") { $Version = "2025" } elseif (($Properties.DisplayVersion -eq "23H2") -and ($Properties.UBR -ge 1369)) { $Version = "2022" } elseif (($Properties.DisplayVersion -eq "21H2") -and ($Properties.UBR -ge 3091)) { $Version = "2022" } else { return } } } else { return } $Role = (Get-ServerType) -replace " ", "" "$InstallationType\$Version\$Role" } function ConvertFrom-Expression($Expression) { if ($Expression -isnot [String] -or [String]::IsNullOrWhiteSpace($Expression)) { throw [InvalidValueException]::new($Strings.ErrorInvalidExpression -f $Expression) } $InQuotes = $False $ProcessedExpression = $Expression.Clone() for ($i = 0; $i -lt $Expression.Length; $i++) { if ($Expression[$i] -eq '"') { $InQuotes = -not $InQuotes continue } if ($InQuotes) { continue } if ($Expression[$i] -eq ";") { $ProcessedExpression = $ProcessedExpression.Remove($i, 1).Insert($i, "`n") } } try { $Result = @($ProcessedExpression | ConvertFrom-Csv -Header @("Name", "Value") -Delimiter ":") if (($Result.Count -eq 1) -and (-not $Result.Value)) { $Result[0].Value = $Result[0].Name $Result[0].Name = "*" } , $Result } catch { throw [InvalidValueException]::new($Strings.ErrorInvalidExpression -f $Expression) } } function Find-Rule($Name, $Rules) { foreach ($Rule in $Rules) { $InclusionRule = -not $Rule.Name.StartsWith("!") if ($InclusionRule -and ($Name -like $Rule.Name)) { return $Rule } if (-not $InclusionRule -and ($Name -like $Rule.Name.Substring(1))) { return $null } } } # Temporary workaround until `$Parameters` is implemented function ConvertTo-ResourceValue($Type, $Properties, $Value) { if ($null -eq $Value) { return $Value } switch ($Type) { 'Microsoft.Windows/CSP' { switch ($Properties.Type) { 'string' { return $Value } 'integer' { return [Int64] $Value } 'boolean' { return [Bool]::Parse($Value) } } } 'Microsoft.Windows/Registry' { switch ($Properties.Type) { 'REG_SZ' { return $Value } 'REG_MULTI_SZ' { return $Value -split ',' | ForEach-Object { $_.Trim() } } 'REG_DWORD' { return [Int32] $Value } } } } } class OSConfigReason { [DscProperty()] [String] $Code [DscProperty()] [String] $Phrase OSConfigReason() { } OSConfigReason([String] $RuleId, [String] $Severity, [Bool] $IsCompliant, [String] $Reason) { $Status = if ($IsCompliant) { 'BaselineSettingCompliant' } else { 'BaselineSettingNotCompliant' } if ($RuleId) { $Status = "$Status`:$RuleId" } $this.Code = $Status if (-not [String]::IsNullOrWhiteSpace($Severity)) { $this.Phrase = "[$Severity] $Reason" } else { $this.Phrase = $Reason } } } [DscResource()] class OSConfig { [DscProperty()] [String] $RuleId [DscProperty()] [String] $Severity [DscProperty(Key)] [String] $Name [DscProperty(Key)] [String] $Type [DscProperty(Key)] [String] $Properties # [DscProperty()] # [String] $Parameters [DscProperty()] [String] $Value [DscProperty()] [String] $Compliance [DscProperty()] [String] $RoleFilter [DscProperty()] [String] $VersionFilter [DscProperty(NotConfigurable)] [OSConfigReason[]] $Reasons hidden [Bool] $IsCompliant = $True [OSConfig] Get() { $CurrentState = [OSConfig]::new() $CurrentState.RuleId = $this.RuleId $CurrentState.Severity = $this.Severity $CurrentState.Name = $this.Name $CurrentState.Type = $this.Type $CurrentState.Properties = $this.Properties # $CurrentState.Parameters = $this.Parameters $CurrentState.Value = $this.Value $CurrentState.Compliance = $this.Compliance $CurrentState.RoleFilter = $this.RoleFilter $CurrentState.VersionFilter = $this.VersionFilter $CurrentState.Reasons = @() try { $ErrorActionPreference = 'Stop' $Schema = $this.GetSchema() if ((-not $this.IsApplicable()) -or ($null -eq $Schema)) { $CurrentState.IsCompliant = $True $CurrentState.Reasons += [OSConfigReason]::new($this.RuleId, $CurrentState.Severity, $CurrentState.IsCompliant, 'Not applicable') return $CurrentState } $Resource = @{ 'name' = $this.Name 'type' = 'Microsoft.OSConfig/Test' 'properties' = @{ 'resource' = @{ 'name' = $this.Name 'type' = $this.Type 'properties' = $this.Properties | ConvertFrom-Json } 'schema' = $Schema } } $Output = Invoke-Native resource status show --name $Resource.Name --type $Resource.Type --properties ($Resource.Properties | ConvertTo-Json -Depth $Script:Constants.MaxJsonDepth -Compress) $CurrentState.IsCompliant = $Output.Properties.Compliance.Status -eq 'compliant' $CurrentState.Reasons += [OSConfigReason]::new($this.RuleId, $CurrentState.Severity, $CurrentState.IsCompliant, $Output.Properties.Compliance.Reason) } catch { $CurrentState.IsCompliant = $False $CurrentState.Reasons += [OSConfigReason]::new($this.RuleId, $CurrentState.Severity, $CurrentState.IsCompliant, "Failed to get reported configuration: $_") Write-Verbose "Error: $_" } return $CurrentState } [Bool] Test() { try { return $this.Get().IsCompliant } catch { Write-Verbose "Error: $_" } return $False } [Void] Set() { try { if ($this.Test()) { return } throw 'Not implemented!' } catch { Write-Verbose "Error: $_" } } [Bool] IsApplicable() { if (-not [String]::IsNullOrWhiteSpace($this.RoleFilter)) { $CurrentRole = Get-ServerType $AllowedRoles = $this.RoleFilter -split ',' | ForEach-Object { $_.Trim() } if ($AllowedRoles -notcontains $CurrentRole) { return $False } } if (-not [String]::IsNullOrWhiteSpace($this.VersionFilter)) { $CurrentVersion = Get-WindowsServerVersion if (-not $CurrentVersion) { return $False } $AllowedVersions = $this.VersionFilter -split ',' | ForEach-Object { $_.Trim() } if ($AllowedVersions -notcontains $CurrentVersion) { return $False } } return $True } [PSCustomObject] GetSchema() { if ($this.Compliance) { return ConvertFrom-Json -InputObject $this.Compliance } $Rules = if (-not [String]::IsNullOrWhiteSpace($this.Value)) { ConvertFrom-Expression -Expression $this.Value } $EnvironmentType = Get-EnvironmentType $Rule = Find-Rule -Name $EnvironmentType -Rules $Rules if ($Rules -and (-not $Rule)) { return $null # Not applicable } if (-not $Rules -and [String]::IsNullOrWhiteSpace($this.Value)) { throw 'No rules or value specified.' } $StringValue = if ($null -ne $Rule) { $Rule.Value } else { $this.Value } return @{ 'const' = ConvertTo-ResourceValue -Type $this.Type -Properties $this.Properties -Value $StringValue } } } # SIG # Begin signature block # MIIoUgYJKoZIhvcNAQcCoIIoQzCCKD8CAQExDzANBglghkgBZQMEAgEFADB5Bgor # BgEEAYI3AgEEoGswaTA0BgorBgEEAYI3AgEeMCYCAwEAAAQQH8w7YFlLCE63JNLG # KX7zUQIBAAIBAAIBAAIBAAIBADAxMA0GCWCGSAFlAwQCAQUABCB2C/XQG2sqOC+r # Z2qne/OyCZ94GMvMwcLPqab/48CKvKCCDYUwggYDMIID66ADAgECAhMzAAAEhJji # EuB4ozFdAAAAAASEMA0GCSqGSIb3DQEBCwUAMH4xCzAJBgNVBAYTAlVTMRMwEQYD # VQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMTH01pY3Jvc29mdCBDb2RlIFNpZ25p # bmcgUENBIDIwMTEwHhcNMjUwNjE5MTgyMTM1WhcNMjYwNjE3MTgyMTM1WjB0MQsw # CQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9u # ZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMR4wHAYDVQQDExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB # AQDtekqMKDnzfsyc1T1QpHfFtr+rkir8ldzLPKmMXbRDouVXAsvBfd6E82tPj4Yz # aSluGDQoX3NpMKooKeVFjjNRq37yyT/h1QTLMB8dpmsZ/70UM+U/sYxvt1PWWxLj # MNIXqzB8PjG6i7H2YFgk4YOhfGSekvnzW13dLAtfjD0wiwREPvCNlilRz7XoFde5 # KO01eFiWeteh48qUOqUaAkIznC4XB3sFd1LWUmupXHK05QfJSmnei9qZJBYTt8Zh # ArGDh7nQn+Y1jOA3oBiCUJ4n1CMaWdDhrgdMuu026oWAbfC3prqkUn8LWp28H+2S # LetNG5KQZZwvy3Zcn7+PQGl5AgMBAAGjggGCMIIBfjAfBgNVHSUEGDAWBgorBgEE # AYI3TAgBBggrBgEFBQcDAzAdBgNVHQ4EFgQUBN/0b6Fh6nMdE4FAxYG9kWCpbYUw # VAYDVR0RBE0wS6RJMEcxLTArBgNVBAsTJE1pY3Jvc29mdCBJcmVsYW5kIE9wZXJh # dGlvbnMgTGltaXRlZDEWMBQGA1UEBRMNMjMwMDEyKzUwNTM2MjAfBgNVHSMEGDAW # gBRIbmTlUAXTgqoXNzcitW2oynUClTBUBgNVHR8ETTBLMEmgR6BFhkNodHRwOi8v # d3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2NybC9NaWNDb2RTaWdQQ0EyMDExXzIw # MTEtMDctMDguY3JsMGEGCCsGAQUFBwEBBFUwUzBRBggrBgEFBQcwAoZFaHR0cDov # L3d3dy5taWNyb3NvZnQuY29tL3BraW9wcy9jZXJ0cy9NaWNDb2RTaWdQQ0EyMDEx # XzIwMTEtMDctMDguY3J0MAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQELBQADggIB # AGLQps1XU4RTcoDIDLP6QG3NnRE3p/WSMp61Cs8Z+JUv3xJWGtBzYmCINmHVFv6i # 8pYF/e79FNK6P1oKjduxqHSicBdg8Mj0k8kDFA/0eU26bPBRQUIaiWrhsDOrXWdL # m7Zmu516oQoUWcINs4jBfjDEVV4bmgQYfe+4/MUJwQJ9h6mfE+kcCP4HlP4ChIQB # UHoSymakcTBvZw+Qst7sbdt5KnQKkSEN01CzPG1awClCI6zLKf/vKIwnqHw/+Wvc # Ar7gwKlWNmLwTNi807r9rWsXQep1Q8YMkIuGmZ0a1qCd3GuOkSRznz2/0ojeZVYh # ZyohCQi1Bs+xfRkv/fy0HfV3mNyO22dFUvHzBZgqE5FbGjmUnrSr1x8lCrK+s4A+ # bOGp2IejOphWoZEPGOco/HEznZ5Lk6w6W+E2Jy3PHoFE0Y8TtkSE4/80Y2lBJhLj # 27d8ueJ8IdQhSpL/WzTjjnuYH7Dx5o9pWdIGSaFNYuSqOYxrVW7N4AEQVRDZeqDc # fqPG3O6r5SNsxXbd71DCIQURtUKss53ON+vrlV0rjiKBIdwvMNLQ9zK0jy77owDy # XXoYkQxakN2uFIBO1UNAvCYXjs4rw3SRmBX9qiZ5ENxcn/pLMkiyb68QdwHUXz+1 # fI6ea3/jjpNPz6Dlc/RMcXIWeMMkhup/XEbwu73U+uz/MIIHejCCBWKgAwIBAgIK # YQ6Q0gAAAAAAAzANBgkqhkiG9w0BAQsFADCBiDELMAkGA1UEBhMCVVMxEzARBgNV # BAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jv # c29mdCBDb3Jwb3JhdGlvbjEyMDAGA1UEAxMpTWljcm9zb2Z0IFJvb3QgQ2VydGlm # aWNhdGUgQXV0aG9yaXR5IDIwMTEwHhcNMTEwNzA4MjA1OTA5WhcNMjYwNzA4MjEw # OTA5WjB+MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UE # BxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSgwJgYD # VQQDEx9NaWNyb3NvZnQgQ29kZSBTaWduaW5nIFBDQSAyMDExMIICIjANBgkqhkiG # 9w0BAQEFAAOCAg8AMIICCgKCAgEAq/D6chAcLq3YbqqCEE00uvK2WCGfQhsqa+la # UKq4BjgaBEm6f8MMHt03a8YS2AvwOMKZBrDIOdUBFDFC04kNeWSHfpRgJGyvnkmc # 6Whe0t+bU7IKLMOv2akrrnoJr9eWWcpgGgXpZnboMlImEi/nqwhQz7NEt13YxC4D # dato88tt8zpcoRb0RrrgOGSsbmQ1eKagYw8t00CT+OPeBw3VXHmlSSnnDb6gE3e+ # lD3v++MrWhAfTVYoonpy4BI6t0le2O3tQ5GD2Xuye4Yb2T6xjF3oiU+EGvKhL1nk # kDstrjNYxbc+/jLTswM9sbKvkjh+0p2ALPVOVpEhNSXDOW5kf1O6nA+tGSOEy/S6 # A4aN91/w0FK/jJSHvMAhdCVfGCi2zCcoOCWYOUo2z3yxkq4cI6epZuxhH2rhKEmd # X4jiJV3TIUs+UsS1Vz8kA/DRelsv1SPjcF0PUUZ3s/gA4bysAoJf28AVs70b1FVL # 5zmhD+kjSbwYuER8ReTBw3J64HLnJN+/RpnF78IcV9uDjexNSTCnq47f7Fufr/zd # sGbiwZeBe+3W7UvnSSmnEyimp31ngOaKYnhfsi+E11ecXL93KCjx7W3DKI8sj0A3 # T8HhhUSJxAlMxdSlQy90lfdu+HggWCwTXWCVmj5PM4TasIgX3p5O9JawvEagbJjS # 4NaIjAsCAwEAAaOCAe0wggHpMBAGCSsGAQQBgjcVAQQDAgEAMB0GA1UdDgQWBBRI # bmTlUAXTgqoXNzcitW2oynUClTAZBgkrBgEEAYI3FAIEDB4KAFMAdQBiAEMAQTAL # BgNVHQ8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAWgBRyLToCMZBD # uRQFTuHqp8cx0SOJNDBaBgNVHR8EUzBRME+gTaBLhklodHRwOi8vY3JsLm1pY3Jv # c29mdC5jb20vcGtpL2NybC9wcm9kdWN0cy9NaWNSb29DZXJBdXQyMDExXzIwMTFf # MDNfMjIuY3JsMF4GCCsGAQUFBwEBBFIwUDBOBggrBgEFBQcwAoZCaHR0cDovL3d3 # dy5taWNyb3NvZnQuY29tL3BraS9jZXJ0cy9NaWNSb29DZXJBdXQyMDExXzIwMTFf # MDNfMjIuY3J0MIGfBgNVHSAEgZcwgZQwgZEGCSsGAQQBgjcuAzCBgzA/BggrBgEF # BQcCARYzaHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraW9wcy9kb2NzL3ByaW1h # cnljcHMuaHRtMEAGCCsGAQUFBwICMDQeMiAdAEwAZQBnAGEAbABfAHAAbwBsAGkA # YwB5AF8AcwB0AGEAdABlAG0AZQBuAHQALiAdMA0GCSqGSIb3DQEBCwUAA4ICAQBn # 8oalmOBUeRou09h0ZyKbC5YR4WOSmUKWfdJ5DJDBZV8uLD74w3LRbYP+vj/oCso7 # v0epo/Np22O/IjWll11lhJB9i0ZQVdgMknzSGksc8zxCi1LQsP1r4z4HLimb5j0b # pdS1HXeUOeLpZMlEPXh6I/MTfaaQdION9MsmAkYqwooQu6SpBQyb7Wj6aC6VoCo/ # KmtYSWMfCWluWpiW5IP0wI/zRive/DvQvTXvbiWu5a8n7dDd8w6vmSiXmE0OPQvy # CInWH8MyGOLwxS3OW560STkKxgrCxq2u5bLZ2xWIUUVYODJxJxp/sfQn+N4sOiBp # mLJZiWhub6e3dMNABQamASooPoI/E01mC8CzTfXhj38cbxV9Rad25UAqZaPDXVJi # hsMdYzaXht/a8/jyFqGaJ+HNpZfQ7l1jQeNbB5yHPgZ3BtEGsXUfFL5hYbXw3MYb # BL7fQccOKO7eZS/sl/ahXJbYANahRr1Z85elCUtIEJmAH9AAKcWxm6U/RXceNcbS # oqKfenoi+kiVH6v7RyOA9Z74v2u3S5fi63V4GuzqN5l5GEv/1rMjaHXmr/r8i+sL # gOppO6/8MO0ETI7f33VtY5E90Z1WTk+/gFcioXgRMiF670EKsT/7qMykXcGhiJtX # cVZOSEXAQsmbdlsKgEhr/Xmfwb1tbWrJUnMTDXpQzTGCGiMwghofAgEBMIGVMH4x # CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRt # b25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMTH01p # Y3Jvc29mdCBDb2RlIFNpZ25pbmcgUENBIDIwMTECEzMAAASEmOIS4HijMV0AAAAA # BIQwDQYJYIZIAWUDBAIBBQCgga4wGQYJKoZIhvcNAQkDMQwGCisGAQQBgjcCAQQw # HAYKKwYBBAGCNwIBCzEOMAwGCisGAQQBgjcCARUwLwYJKoZIhvcNAQkEMSIEICLh # EQfmvL0iy41Mj539U1j6OF/dHALXjFwUrodAbCW0MEIGCisGAQQBgjcCAQwxNDAy # oBSAEgBNAGkAYwByAG8AcwBvAGYAdKEagBhodHRwOi8vd3d3Lm1pY3Jvc29mdC5j # b20wDQYJKoZIhvcNAQEBBQAEggEAPmRio1eL5b132rm34B3UOdPtLWvpjpQJplHA # AyDI7oengK40ydpKnPMH0btw06eAU4Ul50vq2znYF/ihiKenuYLDHUsfEkGIL0EP # hjdW0EvjLYjYLKcHbZBllW4EZ4BSkVJiy8ZhLrNStGAgMfALJdtQNxI7WMtIdElG # allqcykUzi1oYrNfSaKkGu04FSyNUX9jqS5B1p2UIhO1w90gtdHs1cdjSN7PZZW6 # Po2iXrZRWKVjzI3w7xpsYC4Az9SWOZsiuJKMH2RSu1U48mdDIlWQa1DQNaIHEL0B # s49Za3Z2t9I13gW0btFcn2UxHzmgSNwE9O/SKfKmxdCkQOq4IaGCF60wghepBgor # BgEEAYI3AwMBMYIXmTCCF5UGCSqGSIb3DQEHAqCCF4YwgheCAgEDMQ8wDQYJYIZI # AWUDBAIBBQAwggFaBgsqhkiG9w0BCRABBKCCAUkEggFFMIIBQQIBAQYKKwYBBAGE # WQoDATAxMA0GCWCGSAFlAwQCAQUABCBzHhs0TVJHq/ghO60Ek/0+URHG809lf7TI # XMBKaSCPbwIGaQIf7r0wGBMyMDI1MTExNDIzMzIyMy40NTRaMASAAgH0oIHZpIHW # MIHTMQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMH # UmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMS0wKwYDVQQL # EyRNaWNyb3NvZnQgSXJlbGFuZCBPcGVyYXRpb25zIExpbWl0ZWQxJzAlBgNVBAsT # Hm5TaGllbGQgVFNTIEVTTjo1NzFBLTA1RTAtRDk0NzElMCMGA1UEAxMcTWljcm9z # b2Z0IFRpbWUtU3RhbXAgU2VydmljZaCCEfswggcoMIIFEKADAgECAhMzAAACFtaT # zvuTH+3hAAEAAAIWMA0GCSqGSIb3DQEBCwUAMHwxCzAJBgNVBAYTAlVTMRMwEQYD # VQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24xJjAkBgNVBAMTHU1pY3Jvc29mdCBUaW1lLVN0YW1w # IFBDQSAyMDEwMB4XDTI1MDgxNDE4NDgyMloXDTI2MTExMzE4NDgyMlowgdMxCzAJ # BgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25k # MR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xLTArBgNVBAsTJE1pY3Jv # c29mdCBJcmVsYW5kIE9wZXJhdGlvbnMgTGltaXRlZDEnMCUGA1UECxMeblNoaWVs # ZCBUU1MgRVNOOjU3MUEtMDVFMC1EOTQ3MSUwIwYDVQQDExxNaWNyb3NvZnQgVGlt # ZS1TdGFtcCBTZXJ2aWNlMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA # v2gMH2/jMTYMazrMpHcKp2gvaq1lknMuq8VShK15JWEAAlFPkdJm81RlPVitzr+e # ocrzZ+2M2NrPuUoFZLGVA5k6dXOIsMFbv8KdssHDSAe1SiwtqZdOiYiLFp25TlgW # whf1plSBalJiMUpTG5xnZ3epa42K++QDBO3mpAYg9dYyLzIRevXk8Mgn5V14oWXe # di5NfGqmwZwR2DT1DtDNNhsi09L4DMD/Z82Yc84haKTszLs1IFDxmNg0M1sDj3sy # AeH0ApXb8pIjH8mcDM8UH2rFV/fFDgLRjZZdvhPv9T68hW+DijevmDe/oysyPt9H # 8bqyNOp3vihUbB0OFFoPq5OlMu6BGeU9mWi/IR3Yx0bT2mNdzuMBybeyGf6l5xFi # wuycWFCtn4VfiA2ZyAftmQAKaP2a92u0+bmSidHXv3vN136EFtt+b3Hbwmd1ZNYq # SSJ9DFihN3ZH/fyNbQJpVe+DVVNygYreJvlibZqOMxvAS/nAZFXjUVDLzOHRYoBz # ERFaX4nb4wigty8UefGyARetZI24vrZOYc/cDHbFKXdSqKaUUjdSRNiNrcUXMeOB # PySPeT12mehLf/AUwq1vEWyOL9k6HyiNYuOgSJbpikmR8EbNeP03+hovK2GLChTU # RzKX9o2F0gKv/Qw2eG3QdnEC2E9h9SMU7dclqPtXWTcCAwEAAaOCAUkwggFFMB0G # A1UdDgQWBBQEMJr2Wp/vbkoHARzwyDBf2453+TAfBgNVHSMEGDAWgBSfpxVdAF5i # XYP05dJlpxtTNRnpcjBfBgNVHR8EWDBWMFSgUqBQhk5odHRwOi8vd3d3Lm1pY3Jv # c29mdC5jb20vcGtpb3BzL2NybC9NaWNyb3NvZnQlMjBUaW1lLVN0YW1wJTIwUENB # JTIwMjAxMCgxKS5jcmwwbAYIKwYBBQUHAQEEYDBeMFwGCCsGAQUFBzAChlBodHRw # Oi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2NlcnRzL01pY3Jvc29mdCUyMFRp # bWUtU3RhbXAlMjBQQ0ElMjAyMDEwKDEpLmNydDAMBgNVHRMBAf8EAjAAMBYGA1Ud # JQEB/wQMMAoGCCsGAQUFBwMIMA4GA1UdDwEB/wQEAwIHgDANBgkqhkiG9w0BAQsF # AAOCAgEAwzLCEkKyPwWT3YBte/UnTkDHD+zng4Z+0O63IuCFOs8Ndnp5J39opYtz # GaW7JVfwFiqXLap9ACf3801TLXaJIC/kt/JLJgUTm/aN5I/WNEz0Lkg3VwyDSu+r # Scw27GwvjLXgJ6MXDF8XdQ82SZe3h17EV7BdqpHUimsGWRd82pncaC7gPauqNJoj # fu2PrhvL87vZDGzYnWSdn24hcfVEHdrUxQo2usEkZ54XnXEWj4XvufYtpcY0SveF # yjgA9kMdFRydpAB1DGqOBo9rviUBUddXzUbN8hpcC88lMMNSB0c3JBGHT6LfMPRk # FZqwRwoNWJD5p9JgowxY+PBLoAMpGr8Yu602ITkhGaHK14AF+YASJJzbHR69Acyf # 4YBUKnp5Pv1FMcZ38pabosHFKBfOURCZuoPrTHvGAm9tVTo9uEqmescWWgzm5G4D # JfU5zp3maBKpFVQ2nrh8HDuxxSEjE8xc6z+07VHdOuct6B+Kw+iT650iKGvbBe3l # SyScJ+CLg+vodIBEYNK/uH+nEJ/AYrx2c/RWjqDFQ7k37lJt0Mcm7gNKZjVrFKlZ # 5nfw8Kg8buUfh9WWwMpreq5P3wiPMv6PZQQ/vYWi9NU9FlxQAfuUcMEtjNZ4nWiO # E3WaeJJVQWomjLVMycmLaFI97d61Vv31tLL5vqUYy4LfqsMUUbEwggdxMIIFWaAD # AgECAhMzAAAAFcXna54Cm0mZAAAAAAAVMA0GCSqGSIb3DQEBCwUAMIGIMQswCQYD # VQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEe # MBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMTIwMAYDVQQDEylNaWNyb3Nv # ZnQgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgMjAxMDAeFw0yMTA5MzAxODIy # MjVaFw0zMDA5MzAxODMyMjVaMHwxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNo # aW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29y # cG9yYXRpb24xJjAkBgNVBAMTHU1pY3Jvc29mdCBUaW1lLVN0YW1wIFBDQSAyMDEw # MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA5OGmTOe0ciELeaLL1yR5 # vQ7VgtP97pwHB9KpbE51yMo1V/YBf2xK4OK9uT4XYDP/XE/HZveVU3Fa4n5KWv64 # NmeFRiMMtY0Tz3cywBAY6GB9alKDRLemjkZrBxTzxXb1hlDcwUTIcVxRMTegCjhu # je3XD9gmU3w5YQJ6xKr9cmmvHaus9ja+NSZk2pg7uhp7M62AW36MEBydUv626GIl # 3GoPz130/o5Tz9bshVZN7928jaTjkY+yOSxRnOlwaQ3KNi1wjjHINSi947SHJMPg # yY9+tVSP3PoFVZhtaDuaRr3tpK56KTesy+uDRedGbsoy1cCGMFxPLOJiss254o2I # 5JasAUq7vnGpF1tnYN74kpEeHT39IM9zfUGaRnXNxF803RKJ1v2lIH1+/NmeRd+2 # ci/bfV+AutuqfjbsNkz2K26oElHovwUDo9Fzpk03dJQcNIIP8BDyt0cY7afomXw/ # TNuvXsLz1dhzPUNOwTM5TI4CvEJoLhDqhFFG4tG9ahhaYQFzymeiXtcodgLiMxhy # 16cg8ML6EgrXY28MyTZki1ugpoMhXV8wdJGUlNi5UPkLiWHzNgY1GIRH29wb0f2y # 1BzFa/ZcUlFdEtsluq9QBXpsxREdcu+N+VLEhReTwDwV2xo3xwgVGD94q0W29R6H # XtqPnhZyacaue7e3PmriLq0CAwEAAaOCAd0wggHZMBIGCSsGAQQBgjcVAQQFAgMB # AAEwIwYJKwYBBAGCNxUCBBYEFCqnUv5kxJq+gpE8RjUpzxD/LwTuMB0GA1UdDgQW # BBSfpxVdAF5iXYP05dJlpxtTNRnpcjBcBgNVHSAEVTBTMFEGDCsGAQQBgjdMg30B # ATBBMD8GCCsGAQUFBwIBFjNodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpb3Bz # L0RvY3MvUmVwb3NpdG9yeS5odG0wEwYDVR0lBAwwCgYIKwYBBQUHAwgwGQYJKwYB # BAGCNxQCBAweCgBTAHUAYgBDAEEwCwYDVR0PBAQDAgGGMA8GA1UdEwEB/wQFMAMB # Af8wHwYDVR0jBBgwFoAU1fZWy4/oolxiaNE9lJBb186aGMQwVgYDVR0fBE8wTTBL # oEmgR4ZFaHR0cDovL2NybC5taWNyb3NvZnQuY29tL3BraS9jcmwvcHJvZHVjdHMv # TWljUm9vQ2VyQXV0XzIwMTAtMDYtMjMuY3JsMFoGCCsGAQUFBwEBBE4wTDBKBggr # BgEFBQcwAoY+aHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraS9jZXJ0cy9NaWNS # b29DZXJBdXRfMjAxMC0wNi0yMy5jcnQwDQYJKoZIhvcNAQELBQADggIBAJ1Vffwq # reEsH2cBMSRb4Z5yS/ypb+pcFLY+TkdkeLEGk5c9MTO1OdfCcTY/2mRsfNB1OW27 # DzHkwo/7bNGhlBgi7ulmZzpTTd2YurYeeNg2LpypglYAA7AFvonoaeC6Ce5732pv # vinLbtg/SHUB2RjebYIM9W0jVOR4U3UkV7ndn/OOPcbzaN9l9qRWqveVtihVJ9Ak # vUCgvxm2EhIRXT0n4ECWOKz3+SmJw7wXsFSFQrP8DJ6LGYnn8AtqgcKBGUIZUnWK # NsIdw2FzLixre24/LAl4FOmRsqlb30mjdAy87JGA0j3mSj5mO0+7hvoyGtmW9I/2 # kQH2zsZ0/fZMcm8Qq3UwxTSwethQ/gpY3UA8x1RtnWN0SCyxTkctwRQEcb9k+SS+ # c23Kjgm9swFXSVRk2XPXfx5bRAGOWhmRaw2fpCjcZxkoJLo4S5pu+yFUa2pFEUep # 8beuyOiJXk+d0tBMdrVXVAmxaQFEfnyhYWxz/gq77EFmPWn9y8FBSX5+k77L+Dvk # txW/tM4+pTFRhLy/AsGConsXHRWJjXD+57XQKBqJC4822rpM+Zv/Cuk0+CQ1Zyvg # DbjmjJnW4SLq8CdCPSWU5nR0W2rRnj7tfqAxM328y+l7vzhwRNGQ8cirOoo6CGJ/ # 2XBjU02N7oJtpQUQwXEGahC0HVUzWLOhcGbyoYIDVjCCAj4CAQEwggEBoYHZpIHW # MIHTMQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMH # UmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMS0wKwYDVQQL # EyRNaWNyb3NvZnQgSXJlbGFuZCBPcGVyYXRpb25zIExpbWl0ZWQxJzAlBgNVBAsT # Hm5TaGllbGQgVFNTIEVTTjo1NzFBLTA1RTAtRDk0NzElMCMGA1UEAxMcTWljcm9z # b2Z0IFRpbWUtU3RhbXAgU2VydmljZaIjCgEBMAcGBSsOAwIaAxUA6UTLnqhqEB2Z # 1pfHwWFPiQB7WTuggYMwgYCkfjB8MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2Fz # aGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENv # cnBvcmF0aW9uMSYwJAYDVQQDEx1NaWNyb3NvZnQgVGltZS1TdGFtcCBQQ0EgMjAx # MDANBgkqhkiG9w0BAQsFAAIFAOzBtTMwIhgPMjAyNTExMTQxNDAzMzFaGA8yMDI1 # MTExNTE0MDMzMVowdDA6BgorBgEEAYRZCgQBMSwwKjAKAgUA7MG1MwIBADAHAgEA # AgIOqzAHAgEAAgIS+TAKAgUA7MMGswIBADA2BgorBgEEAYRZCgQCMSgwJjAMBgor # BgEEAYRZCgMCoAowCAIBAAIDB6EgoQowCAIBAAIDAYagMA0GCSqGSIb3DQEBCwUA # A4IBAQABUSZ4wEShQj5O35OGKynjJh+wHbphxdLIMlQycLjlGrcU9/t3iZ0ZdEfl # 7lR68gOrW7ozxXsbWFKbPk5WcRl5222Q5CJRik6+f0vXGu0nRjK9immEnE4Co3ly # Nm5D2eBQ5yJeMEkdupeZyaQSPsh7cBTMqKlSh4APwvPqLoy2OIkpx7YCeXWTNOtq # v4vQJfMyeiCFbitBj8/wBpQlN8SelkuphRuDpmcdT2xmzz197D17g53ErUQ0PBwm # FkKGAfy0DCM1ZssFzx0eH+xPrV/8KXR6ujnrc95NHaI6a0x+XzC/B/KtKVlEAzFn # 4cJdNVBuC6DFpDA7Hooy8IjgRVLYMYIEDTCCBAkCAQEwgZMwfDELMAkGA1UEBhMC # VVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNV # BAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEmMCQGA1UEAxMdTWljcm9zb2Z0IFRp # bWUtU3RhbXAgUENBIDIwMTACEzMAAAIW1pPO+5Mf7eEAAQAAAhYwDQYJYIZIAWUD # BAIBBQCgggFKMBoGCSqGSIb3DQEJAzENBgsqhkiG9w0BCRABBDAvBgkqhkiG9w0B # CQQxIgQg5+Pk9bPv/TCn1rgmJ0RDKJObKF4+jgnp+arcYXn8EFMwgfoGCyqGSIb3 # DQEJEAIvMYHqMIHnMIHkMIG9BCCdpN7UuFJ4acsslFfWpSZY3oOnEd4M75GFiYWd # CwYiDzCBmDCBgKR+MHwxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9u # MRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRp # b24xJjAkBgNVBAMTHU1pY3Jvc29mdCBUaW1lLVN0YW1wIFBDQSAyMDEwAhMzAAAC # FtaTzvuTH+3hAAEAAAIWMCIEIH6TAfS7Yt0e0GTtGJz1Bsjb7trMsEz72dJs0Ywo # HSpbMA0GCSqGSIb3DQEBCwUABIICAFZf20DIFYzfL3ciCr4g1Vsh36QPFM99CWt+ # lPg0yDJzCHj44VzOd7CTAcGojvDsYcTGGR++WIJGy/HVIpBKfFrkcvX4iFboahjJ # SKCkTSSNSd7YxOEykElCWANFhmIFpq3vNKoTINJPatLsGkY8lZhIigHnt5NQhX36 # pXzTERw3oW2T1v1WsPAaKfvYnB/dUufQ27lp7DD4EjrDJ5IrhLJN6QnudW3Oe3sd # uuKVXQAVg5SH8KsPQaV0s7/SVyKLxg7IByQmfC8mbjyozx7bhNGRP6H499wvFb5a # yUR9q/Fz6Im6q8KHPex14qm6EYK8YRm4X1WEZT0jKI4LLJFcCNLnsfduIz20AciL # aEx52lPQrGR0B4yInHvBiJhgS6koCO0P2RnDPQXQMztIq4s3DBzNwkoMtCSam+AO # wCbvF6+9Voa0hsJ7Uh6yXL8mULv81g+NtFNqMco+WwvNh4pzJ7V+GykifmyipY9S # ox3pZApu2sJH1UC/Qc+NbaXPoHeJA+hUvHzvrFGZBLfALZDdlh16ii9Qv4tQhMZq # j58+U2oKtdmrHymkO5fO/JN/346s6hPysTXQAAzO9/aOM8qMxSzztx0gfZnofAx7 # Zp6Gv4HvqunTI8CkFJdfBeubAdmxe6uD4pTd1hycVTndJZlN4YrZVNN7BpUnwp1o # Ka3BGpRp # SIG # End signature block |