home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
moodle.waes.ac.uk
/
moodle.waes.ac.uk.zip
/
moodle.waes.ac.uk
/
TMG
/
SP1-TMG-KB981324-AMD64-ENU.msp
/
PCW_CAB_SHFx2
/
RevertArrayConfiguration.js
< prev
next >
Wrap
Text File
|
2010-06-15
|
27KB
|
624 lines
ERROR_DS_NO_SUCH_OBJECT = (0x80072030);
fpcISA2008 = 2;
try
{
var arrayName = WScript.Arguments.Named.Item("ArrayName");
if(typeof(arrayName)=="undefined")
{
WriteLine("Error: Mandatory argument /ArrayName is missing.");
Usage();
}
var EMS = WScript.Arguments.Named.Item("EMS");
if(typeof(EMS)=="undefined")
{
WriteLine("/EMS not defined - assuming /EMS:localhost");
EMS = "localhost";
}
var compatibilityVersion = WScript.Arguments.Named.Item("CompatVer");
if(typeof(compatibilityVersion)=="undefined")
{
WriteLine("/CompatVer not defined - assuming /CompatVer:2 (which is fpcISA2008 - TMG RTM)");
compatibilityVersion = fpcISA2008;
}
username = WScript.Arguments.Named.Item("username");
domain = WScript.Arguments.Named.Item("domain");
password = WScript.Arguments.Named.Item("password");
logpath = WScript.Arguments.Named.Item("logpath");
if (typeof(logpath)!="undefined")
{
var fso = new ActiveXObject("Scripting.FileSystemObject");
var logfileName = logpath + "\\ISA_Uninst_RevertArrayConfiguration.log";
logfileHandle = fso.CreateTextFile(logfileName, true);
WScript.Echo("Writing logs to " + logfileName);
}
var arr = GetArray(arrayName, EMS);
ValidateSP1Uninstalled(arr, EMS);
DeleteSP1Objects(arr);
HandleReportingObjects(arr, EMS);
// Change CompatibilityVersion back
var prevVersion = arr.msFPCCompatibilityVersion
arr.msFPCCompatibilityVersion = compatibilityVersion;
WriteLine("Changed CompatibilityVersion of array " + arr.msFPCName + " from " + prevVersion + " to " + arr.msFPCCompatibilityVersion);
arr.SetInfo();
// Explicitly cause full configuration reload
var cmd ="reg add HKLM\\SOFTWARE\\Microsoft\\Fpc\\Storage\\Cache /v InvocationID /t REG_BINARY /f /d 000000000000000000000000000000000000000000000000";
ExecuteShellCommand(cmd);
WScript.Quit(0);
}
catch (err)
{
WriteLine("Script execution error: " + DecimalToHexString(err.number) + ". " + err.description);
WriteLine("Aborting...");
WScript.Quit(err.number);
}
finally
{
if (typeof(logfileHandle)!="undefined")
{
logfileHandle.Close();
}
}
function GetArray(sArrayName, sEMS)
{
var arrays = GetEmsObject("LDAP://" + sEMS + ":2171/CN=Arrays,CN=Array-Root,CN=FPC2");
var mList = new Enumerator(arrays );
for (; !mList.atEnd(); mList.moveNext())
{
array = mList.item();
if (array.msFPCName == sArrayName || array.cn == sArrayName)
{
return (array);
}
}
throw new Error(2, "No matching array name found");
}
function GetEmsObject(path)
{
try
{
var provLdap;
ADS_SECURE_AUTHENTICATION = 1;
if (typeof(username)=="undefined")
{
return GetObject(path);
}
// Create LDAP obj
var provLdap = GetObject("LDAP:") ;
return (provLdap.OpenDSObject(path, domain + "\\" + username, password, ADS_SECURE_AUTHENTICATION));
}
catch(err)
{
if (err.description=="")
{
err.description = "Failed to access path " + path + ". Ensure that the correct EMS name is specified and double check the credentials";
}
throw err;
}
}
function DeleteSP1Objects(arr)
{
// Rule: "Allow access to directory services on Forefront TMG"
DeleteObject(arr, "msfpcPolicyRule", "CN={109479b2-2acf-4d9c-9f2d-ce9b35dcbd3b},CN=PolicyRules,CN=ArrayPolicy");
// Rule: "Allow Kerberos authentication to Forefront TMG"
DeleteObject(arr, "msfpcPolicyRule", "CN={43b16e09-5b64-4158-887d-72ce0f6b9591},CN=PolicyRules,CN=ArrayPolicy");
// Rule: "Authentication Services: Allow Microsoft CIFS to Forefront TMG"
DeleteObject(arr, "msfpcPolicyRule", "CN={99546388-eed7-41a0-b860-705815d02502},CN=PolicyRules,CN=ArrayPolicy");
// Rule: "Authentication Services: Allow RPC to Forefront TMG"
DeleteObject(arr, "msfpcPolicyRule", "CN={02bd3eb3-8d0c-4af1-a79e-75e2fb6ff823},CN=PolicyRules,CN=ArrayPolicy");
// Rule: "Allow DNS to Forefront TMG"
DeleteObject(arr, "msfpcPolicyRule", "CN={182dbc34-4d1c-42eb-b1a5-34d541d1b6ce},CN=PolicyRules,CN=ArrayPolicy");
// Rule: "Allow Hosted Cache Inbound Connections"
DeleteObject(arr, "msfpcPolicyRule", "CN={5a4f9a28-d2a4-4653-a925-ae0daeebbc49},CN=PolicyRules,CN=ArrayPolicy");
// Rule: This deny rule is required to process inbound BranchCache traffic correctly, and should be in the same state (enabled or disabled) as the rule "Allow Hosted Cache Inbound Connections"
DeleteObject(arr, "msfpcPolicyRule", "CN={92cd6cfc-f15b-4116-b5f4-c7144721dd1f},CN=PolicyRules,CN=ArrayPolicy");
// Rule: "Allow Hosted Cache Outbound Connections"
DeleteObject(arr, "msfpcPolicyRule", "CN={ea0f9161-bb2c-41da-9574-58a5c43fce60},CN=PolicyRules,CN=ArrayPolicy");
// Ref to Kerberos Password V5, rule: "Authentication Services: Allow Kerberos authentication from Forefront TMG to trusted servers"
DeleteObject(arr, "msFPCRef", "CN={d4915ffd-a5c3-43cc-92ce-b57d025c8bd0},CN=ProtocolsUsed,CN=AccessProperties,CN={51e9fca4-d552-41ae-a78b-20c9905049dd},CN=PolicyRules,CN=ArrayPolicy");
// Alert: "BranchCache Initialization Failure"
DeleteObject(arr, "msFPCAlert", "CN={375A038E-E2BA-4B25-8684-8595ADCB3B24},CN=Alerts");
// Alert: "BranchCache Configuration Not Recommended"
DeleteObject(arr, "msFPCAlert", "CN={D0FFBBDB-D762-4A3E-9A3F-FA87AE79564E},CN=Alerts");
// Alert: "BranchCache Operation Failure"
DeleteObject(arr, "msFPCAlert", "CN={C20F06D8-FA13-473F-A4C1-1C5E2956899D},CN=Alerts");
// Alert: "Cache Log Failure"
DeleteObject(arr, "msFPCAlert", "CN={82037DA0-263E-4EB2-969C-8B5FF23AAD5B},CN=Alerts");
// Protocol: "Kerberos Password V5"
DeleteObject(arr, "msFPCProtocol", "CN={e0b0768e-df74-4181-92aa-15a517c3714e},CN=Protocols,CN=RuleElements");
// Protocol: "BranchCache - Retrieval"
DeleteObject(arr, "msFPCProtocol", "CN={46598E66-F1D3-4A64-AB67-F64B8BE2FAB8},CN=Protocols,CN=RuleElements");
// Protocol: "BranchCache - Advertise"
DeleteObject(arr, "msFPCProtocol", "CN={BA271F7C-3D72-4670-B162-FB16E05573F8},CN=Protocols,CN=RuleElements");
// Event: "BranchCache Initialization Failure"
DeleteObject(arr, "msFPCEventDefinition", "CN={F42FEF4C-BA53-4998-B66D-C750BBD23979},CN=Event-Definitions,CN=RuleElements");
// Event: "BranchCache Configuration Not Recommended"
DeleteObject(arr, "msFPCEventDefinition", "CN={78E5B761-0F10-4ADF-804F-82D883E69190},CN=Event-Definitions,CN=RuleElements");
// Event: "msFPCName: BranchCache Operation Failure"
DeleteObject(arr, "msFPCEventDefinition", "CN={04CE1CC9-1197-4EA7-928F-3E5BC65395CA},CN=Event-Definitions,CN=RuleElements");
// Event: "Cache Log Failure"
DeleteObject(arr, "msFPCEventDefinition", "CN={ADFC163E-40B6-4AD8-946C-CC8FFC7A355E},CN=Event-Definitions,CN=RuleElements");
// Web filter: "User Override Web Filter"
DeleteObject(arr, "msFPCISAPIFilter", "CN={9599218C-CCE6-4C39-B0DB-A0F2DFF0C486},CN=ISAPI-Filters,CN=Extensions");
}
function HandleReportingObjects(arr, EMS)
{
var localizedAttributesQueryParams = [
["msFPCName", "msFPCRdlReportParameterPermittedValue"],
["msFPCDisplayName", "msFPCRdlReportDefinition"],
["msFPCDisplayName", "msFPCRdlReportCategory"],
["msFPCDisplayName", "msFPCRdlReportParameter"],
["msFPCDescription", "msFPCRdlReportParameter"]
];
var localizedAttributesDictionary = ReadLocalizedAttributes(arr, localizedAttributesQueryParams);
// Delete current (SP1) report definitions
DeleteObject(arr, "msFPCReportSummaryDefinitions", "CN=ReportSummaryDefinitions,CN=Reports");
DeleteObject(arr, "msFPCRdlReportDefinitions", "CN=RdlReportDefinitions,CN=Reports");
DeleteObject(arr, "msFPCRdlReportCategories", "CN=RdlReportCategories,CN=Reports");
DeleteObject(arr, "msFPCRdlReportParameters", "CN=RdlReportParameters,CN=Reports");
// Import RTM report definitions. Note: localized attributes in here are in English
ImportRTMReportDefinitions(arr, EMS);
// Reset localized attributes that we read before
WriteLocalizedAttributes(arr, localizedAttributesDictionary);
var rsProperties = arr.GetObject("msFPCReportingServicesProperties", "CN=ReportingServicesProperties,CN=Reports");
rsProperties.msFPCReportingServicesConfigurationId="{57384194-CFE2-4880-A168-2EAC68A22F49}";
rsProperties.SetInfo();
}
function DeleteObject(arr, objClass, objectPathRelativeToArray)
{
try
{
var obj = arr.GetObject(objClass, objectPathRelativeToArray);
}
catch(err)
{
number = err.number;
if (number < 0)
{
number = 0xFFFFFFFF + number + 1;
}
if (number == ERROR_DS_NO_SUCH_OBJECT)
{
WriteLine("Already deleted: " + objectPathRelativeToArray);
return;
}
WriteLine("Error when deleting object " + objectPathRelativeToArray);
return;
}
WriteLine("Deleting: " + objectPathRelativeToArray);
obj.DeleteObject(0);
}
//return triples of [location, name, value]
function ReadLocalizedAttributes(arr, localizedAttributesQueryParams)
{
var localizedAttributes = new Array();
var curElement = 0;
// Example query: <path-to-array>;(&(objectCategory=msFPCRdlReportParameterPermittedValue)(msFPCName=*));ADsPath,msFPCName;subtree
for (var i = 0; i < localizedAttributesQueryParams.length; i++)
{
var attrName = localizedAttributesQueryParams[i][0];
var objCategory = localizedAttributesQueryParams[i][1];
var query = "<" + arr.ADsPath + ">;" + "(&(objectCategory=" + objCategory + ")(" +
attrName + "=*));ADsPath," + attrName + ";subtree";
WriteLine(query);
var conn = new ActiveXObject("ADODB.Connection");
conn.Provider = "ADSDSOObject";
if (typeof(username)!="undefined")
{
conn.Properties("User ID") = domain + "\\" + username;
conn.Properties("Password") = password;
conn.Properties("ADSI Flag") = ADS_SECURE_AUTHENTICATION;
}
conn.Open("ADs Provider");
var rs = conn.Execute(query);
while (!rs.EOF)
{
localizedAttributes[curElement] = [rs.Fields(0).Value, attrName, rs.Fields(1).Value];
curElement++;
rs.moveNext();
}
}
WriteLine("Finished reading localized attributes");
return localizedAttributes;
}
function ImportRTMReportDefinitions(arr, sEMS)
{
var fso = new ActiveXObject("Scripting.FileSystemObject");
var RunDir = fso.GetParentFolderName(WScript.ScriptFullName);
var cmd = "ldifde.exe -i -k" +
" -f \"" + RunDir + "\\RTM-report-definitions.ldif\"" +
" -s " + sEMS + ":2171" +
" -c CN=Array " + arr.distinguishedName;
if (typeof(logpath)!="undefined")
{
cmd = cmd + " -j \"" + logpath + "\"";
}
var cmdToLog = cmd;
if (typeof(username)!="undefined")
{
cmd = cmd + " -b " + username + " " + domain + " " + password;
cmdToLog = cmdToLog + " -b " + username + " " + domain + " ********";
}
ExecuteShellCommand(cmd, cmdToLog);
}
function ExecuteShellCommand(cmd, cmdToLog)
{
if (typeof(cmdToLog)=="undefined")
{
cmdToLog = cmd;
}
WriteLine("Executing: " + cmdToLog);
var WSHShell = new ActiveXObject("WScript.Shell");
var oExec = WSHShell.Exec(cmd);
var oExecOut = oExec.StdOut;
while(!oExecOut.AtEndOfStream)
{
line = oExecOut.ReadLine();
WriteLine(" " + line);
}
while (oExec.Status != 1) // Wait until command finishes, so we can check ExitCode
{
WScript.Sleep(100);
}
if (oExec.ExitCode != 0)
{
throw new Error(oExec.ExitCode, "Failed to execute shell command " + cmdToLog);
}
}
function WriteLocalizedAttributes(arr, localizedAttributes)
{
for (i = 0; i < localizedAttributes.length; i++)
{
var location = localizedAttributes[i][0];
var attrName = localizedAttributes[i][1];
var attrValue = localizedAttributes[i][2];
try
{
var obj = GetEmsObject(location);
obj.Put(attrName, attrValue);
obj.SetInfo();
WriteLine("Set attribute " + attrName + " at " + location + " to " + attrValue);
}
catch(err)
{
number = err.number;
if (number < 0)
{
number = 0xFFFFFFFF + number + 1;
}
if (number == ERROR_DS_NO_SUCH_OBJECT)
{
WriteLine("Object doesn't exist anymore, not re-setting attribute " + attrName + "at" + location
+ " to " + attrValue);
}
else
{
throw err;
}
}
}
}
function Usage()
{
WriteLine("\n" +
"Transforms an array configuration from SP1 to RTM state.\n" +
"Usage: RevertArrayConfiguration.js [/EMS:<EMS machine FQDN>] /ArrayName:<array name>|<array guid> " +
"[/CompatVer:<compatibility version>] [/username:<username> /domain:<domain> /password:<password>] " +
"[/logpath:<log path>]\n" +
"Example: RevertArrayConfiguration.js /ArrayName:Contoso\n\n");
WScript.Quit(1);
}
function ValidateSP1Uninstalled(arr, sEMS)
{
var servers = arr.GetObject("msFPCServers", "CN=Servers");
var mList = new Enumerator(servers);
for (; !mList.atEnd(); mList.moveNext())
{
server = mList.item();
if (!(server.msFPCVersion.indexOf("7.0.7") === 0))
{
throw new Error(0x4005, "Array " + arr.msFPCName + " cannot revert its configuration, since it still contain a non-RTM server " + server.msFPCName);
}
}
}
function DecimalToHexString(number)
{
if (number < 0)
{
number = 0xFFFFFFFF + number + 1;
}
return "0x" + number.toString(16).toUpperCase();
}
function WriteLine(str)
{
if (typeof(logfileHandle)!="undefined")
{
logfileHandle.WriteLine(str);
}
else
{
WScript.Echo(str);
}
}
// SIG // Begin signature block
// SIG // MIIbYwYJKoZIhvcNAQcCoIIbVDCCG1ACAQExCzAJBgUr
// SIG // DgMCGgUAMGcGCisGAQQBgjcCAQSgWTBXMDIGCisGAQQB
// SIG // gjcCAR4wJAIBAQQQEODJBs441BGiowAQS9NQkAIBAAIB
// SIG // AAIBAAIBAAIBADAhMAkGBSsOAwIaBQAEFHz1s6mQfwKN
// SIG // D0FXDFEfv0PTjEb2oIIV6jCCBIUwggNtoAMCAQICCmEF
// SIG // 9x4AAAAAADIwDQYJKoZIhvcNAQEFBQAweTELMAkGA1UE
// SIG // BhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNV
// SIG // BAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBD
// SIG // b3Jwb3JhdGlvbjEjMCEGA1UEAxMaTWljcm9zb2Z0IENv
// SIG // ZGUgU2lnbmluZyBQQ0EwHhcNMDkwNzEzMjMwMDE4WhcN
// SIG // MTAxMDEzMjMxMDE4WjCBgzELMAkGA1UEBhMCVVMxEzAR
// SIG // BgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1v
// SIG // bmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlv
// SIG // bjENMAsGA1UECxMETU9QUjEeMBwGA1UEAxMVTWljcm9z
// SIG // b2Z0IENvcnBvcmF0aW9uMIIBIjANBgkqhkiG9w0BAQEF
// SIG // AAOCAQ8AMIIBCgKCAQEAtYypnJSEYRrMLiLEoJNkCd6F
// SIG // obCQXfzJbGi18e/8jmv0+KBu11HeYKMnY9T237ZM0kUL
// SIG // pz3Yb/7tpxhj0x/GgdS/BzeXQCt/519aNdmTT6vzKpLw
// SIG // po2B7AUk3Nu4YWNTYQI1ONa49e57VKbJWDXp9BXv2gds
// SIG // BS1NpLa6mzu4MTB+RbypoSU5DEOkRzuXnCBEcjfPUKBN
// SIG // TfTDZdxE0Qg7ON0+xRdsRsetcyTAj4nB6uq6zWipEtZY
// SIG // DFMWDP45A9aB8j5cV/N622bhBxjZGQMU9uZFmSpRTJDX
// SIG // Wu+vtzsMKU1tIK4Ht5Iu6GnKnzBC58MyigsiSjLonAzG
// SIG // UQMmAW2ScwIDAQABo4IBAjCB/zATBgNVHSUEDDAKBggr
// SIG // BgEFBQcDAzAdBgNVHQ4EFgQUh4G33+76d/pZBWM3BArX
// SIG // 6dqg4OAwDgYDVR0PAQH/BAQDAgeAMB8GA1UdIwQYMBaA
// SIG // FFdFdBxdsPbIQwXgjFQtjzKn/kiWMEkGA1UdHwRCMEAw
// SIG // PqA8oDqGOGh0dHA6Ly9jcmwubWljcm9zb2Z0LmNvbS9w
// SIG // a2kvY3JsL3Byb2R1Y3RzL0NvZGVTaWdQQ0EuY3JsME0G
// SIG // CCsGAQUFBwEBBEEwPzA9BggrBgEFBQcwAoYxaHR0cDov
// SIG // L3d3dy5taWNyb3NvZnQuY29tL3BraS9jZXJ0cy9Db2Rl
// SIG // U2lnUENBLmNydDANBgkqhkiG9w0BAQUFAAOCAQEANiGE
// SIG // 9Y+DIU2HqD+L58WkD0wwbll0mwuXdBapsfNwpK/CDDMk
// SIG // 86BK+sHkIca22epcW5Fh9yJt/zH8F07XzUDjndLltNL6
// SIG // jWwH2neayivuDVlHzwTCEGf66ulDO7fm0ZzZjiNgbhKb
// SIG // w9l+XFcy3ZQN333FSJJNSHa3osBTlT78OqOTfPKFBMfG
// SIG // hTiXNvgSkyIAmU55r5brWiCDrNBcWjCwAOJrOY8kido9
// SIG // DKRGeWI2U2rXyc2SCPuH5VT1fFnFxHd9sMEsmMeXbEOn
// SIG // +CD4g1RknmD44kqlZ9RJv1SIfVJE81HAJtHFfPCJ1hEJ
// SIG // KMJFRYAdkCK9jqIFPjyzT73XOeCIkzCCBM0wggO1oAMC
// SIG // AQICCmEWtSkAAAAAABAwDQYJKoZIhvcNAQEFBQAwdzEL
// SIG // MAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24x
// SIG // EDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jv
// SIG // c29mdCBDb3Jwb3JhdGlvbjEhMB8GA1UEAxMYTWljcm9z
// SIG // b2Z0IFRpbWUtU3RhbXAgUENBMB4XDTEwMDEwNDIxMTIw
// SIG // M1oXDTEzMDEwNDIxMjIwM1owgbYxCzAJBgNVBAYTAlVT
// SIG // MRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdS
// SIG // ZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9y
// SIG // YXRpb24xEDAOBgNVBAsTB25DaXBoZXIxJzAlBgNVBAsT
// SIG // Hm5DaXBoZXIgRFNFIEVTTjpBQ0QzLUFFNjYtRTBCNTEl
// SIG // MCMGA1UEAxMcTWljcm9zb2Z0IFRpbWUtU3RhbXAgU2Vy
// SIG // dmljZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
// SIG // ggEBAOMoqtk8Q0L4BhO64sf5wS9ZyzyV51SQbMNYlWKz
// SIG // D2y9g9stWIgIkgvbzXbHVsbg7irTiDtcyqlwowAjIixT
// SIG // OOhQx/EUCY0dy3yL9aYza6/IRl9Le17556bHL0KFZzaN
// SIG // YEryE2bcsDltzhDK3XIFWHKd8gA7ADntJlM+Hs3uUJLN
// SIG // hfQ6/YGhBV8L6UQO79VZQCYoy4JOTivIFCK7cB3kPdH9
// SIG // YHZUTDns73c4i4z+dK/nFvRwMbjLrdTdi7b6AK3tdBSw
// SIG // Rb78ZYjhrfxJ21/R1M50edSNhm+z9ZcHIS2aYcn8uhtM
// SIG // 0uiruVDk0yv0wdlN1kCsFKeIhXNeaD5jt0HUZr0CAwEA
// SIG // AaOCARkwggEVMB0GA1UdDgQWBBTh8K4PDQX8MvMcfRl/
// SIG // z8TFv5FVTTAfBgNVHSMEGDAWgBQjNPjZUkZwCu1A+3b7
// SIG // syuwwzWzDzBUBgNVHR8ETTBLMEmgR6BFhkNodHRwOi8v
// SIG // Y3JsLm1pY3Jvc29mdC5jb20vcGtpL2NybC9wcm9kdWN0
// SIG // cy9NaWNyb3NvZnRUaW1lU3RhbXBQQ0EuY3JsMFgGCCsG
// SIG // AQUFBwEBBEwwSjBIBggrBgEFBQcwAoY8aHR0cDovL3d3
// SIG // dy5taWNyb3NvZnQuY29tL3BraS9jZXJ0cy9NaWNyb3Nv
// SIG // ZnRUaW1lU3RhbXBQQ0EuY3J0MBMGA1UdJQQMMAoGCCsG
// SIG // AQUFBwMIMA4GA1UdDwEB/wQEAwIGwDANBgkqhkiG9w0B
// SIG // AQUFAAOCAQEAjVtJKFSHyYqpk/6b+I1UcSCdwDiTJym5
// SIG // y5ZTios1tZQ3Fli9nj4XJ19ZL+Rdfh3iWdwH+2IY5WO/
// SIG // 9AvPTdpbMPbImv8mWb8ZwxCy8OMewQyZ2lWSxswS38BY
// SIG // TN2a1B0j+YYSROcmAuiAQWgWVDYdp2WzxDOh46SY2b5i
// SIG // kE+SN7apiBdUSB+dwiLYciq5wzCTPjfsKam5zgvVwskW
// SIG // pudeVQ3MgYRh6SwD25umG1MCOIsKWJEXyHFwFs4uxmP8
// SIG // eZ+DBIK0gecvV2mtuKUfIzZ29hWUhgoe6t0RO2ZE0hVa
// SIG // z6YrKB9OxQpzV0uVA2Ci6+kyfr09j6a9SSopwVcxwBDf
// SIG // UTCCBgcwggPvoAMCAQICCmEWaDQAAAAAABwwDQYJKoZI
// SIG // hvcNAQEFBQAwXzETMBEGCgmSJomT8ixkARkWA2NvbTEZ
// SIG // MBcGCgmSJomT8ixkARkWCW1pY3Jvc29mdDEtMCsGA1UE
// SIG // AxMkTWljcm9zb2Z0IFJvb3QgQ2VydGlmaWNhdGUgQXV0
// SIG // aG9yaXR5MB4XDTA3MDQwMzEyNTMwOVoXDTIxMDQwMzEz
// SIG // MDMwOVowdzELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldh
// SIG // c2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNV
// SIG // BAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEhMB8GA1UE
// SIG // AxMYTWljcm9zb2Z0IFRpbWUtU3RhbXAgUENBMIIBIjAN
// SIG // BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn6Fssd/b
// SIG // SJIqfGsuGeG94uPFmVEjUK3O3RhOJA/u0afRTK10MCAR
// SIG // 6wfVVJUVSZQbQpKumFwwJtoAa+h7veyJBw/3DgSY8InM
// SIG // H8szJIed8vRnHCz8e+eIHernTqOhwSNTyo36Rc8J0F6v
// SIG // 0LBCBKL5pmyTZ9co3EZTsIbQ5ShGLieshk9VUgzkAyz7
// SIG // apCQMG6H81kwnfp+1pez6CGXfvjSE/MIt1NtUrRFkJ9I
// SIG // AEpHZhEnKWaol+TTBoFKovmEpxFHFAmCn4TtVXj+AZod
// SIG // UAiFABAwRu233iNGu8QtVJ+vHnhBMXfMm987g5OhYQK1
// SIG // HQ2x/PebsgHOIktU//kFw8IgCwIDAQABo4IBqzCCAacw
// SIG // DwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUIzT42VJG
// SIG // cArtQPt2+7MrsMM1sw8wCwYDVR0PBAQDAgGGMBAGCSsG
// SIG // AQQBgjcVAQQDAgEAMIGYBgNVHSMEgZAwgY2AFA6sgmBA
// SIG // VieX5SUT/CrhClOVWeSkoWOkYTBfMRMwEQYKCZImiZPy
// SIG // LGQBGRYDY29tMRkwFwYKCZImiZPyLGQBGRYJbWljcm9z
// SIG // b2Z0MS0wKwYDVQQDEyRNaWNyb3NvZnQgUm9vdCBDZXJ0
// SIG // aWZpY2F0ZSBBdXRob3JpdHmCEHmtFqFKoKWtTHNY9AcT
// SIG // LmUwUAYDVR0fBEkwRzBFoEOgQYY/aHR0cDovL2NybC5t
// SIG // aWNyb3NvZnQuY29tL3BraS9jcmwvcHJvZHVjdHMvbWlj
// SIG // cm9zb2Z0cm9vdGNlcnQuY3JsMFQGCCsGAQUFBwEBBEgw
// SIG // RjBEBggrBgEFBQcwAoY4aHR0cDovL3d3dy5taWNyb3Nv
// SIG // ZnQuY29tL3BraS9jZXJ0cy9NaWNyb3NvZnRSb290Q2Vy
// SIG // dC5jcnQwEwYDVR0lBAwwCgYIKwYBBQUHAwgwDQYJKoZI
// SIG // hvcNAQEFBQADggIBABCXisNcA0Q23em0rXfbznlRTQGx
// SIG // LnRxW20ME6vOvnuPuC7UEqKMbWK4VwLLTiATUJndekDi
// SIG // V7uvWJoc4R0Bhqy7ePKL0Ow7Ae7ivo8KBciNSOLwUxXd
// SIG // T6uS5OeNatWAweaU8gYvhQPpkSokInD79vzkeJkuDfcH
// SIG // 4nC8GE6djmsKcpW4oTmcZy3FUQ7qYlw/FpiLID/iBxoy
// SIG // +cwxSnYxPStyC8jqcD3/hQoT38IKYY7w17gX606Lf8U1
// SIG // K16jv+u8fQtCe9RTciHuMMq7eGVcWwEXChQO0toUmPU8
// SIG // uWZYsy0v5/mFhsxRVuidcJRsrDlM1PZ5v6oYemIp76Kb
// SIG // KTQGdxpiyT0ebR+C8AvHLLvPQ7Pl+ex9teOkqHQ1uE7F
// SIG // cSMSJnYLPFKMcVpGQxS8s7OwTWfIn0L/gHkhgJ4VMGbo
// SIG // QhJeGsieIiHQQ+kr6bv0SMws1NgygEwmKkgkX1rqVu+m
// SIG // 3pmdyjpvvYEndAYR7nYhv5uCwSdUtrFqPYmhdmG0bqET
// SIG // pr+qR/ASb/2KMmyy/t9RyIwjyWa9nR2HEmQCPS2vWY+4
// SIG // 5CHltbDKY7R4VAXUQS5QrJSwpXirs6CWdRrZkocTdSIv
// SIG // MqgIbqBbjCW/oO+EyiHW6x5PyZruSeD3AWVviQt9yGnI
// SIG // 5m7qp5fOMSn/DsVbXNhNG6HY+i+ePy5VFmvJE6P9MIIG
// SIG // gTCCBGmgAwIBAgIKYRUIJwAAAAAADDANBgkqhkiG9w0B
// SIG // AQUFADBfMRMwEQYKCZImiZPyLGQBGRYDY29tMRkwFwYK
// SIG // CZImiZPyLGQBGRYJbWljcm9zb2Z0MS0wKwYDVQQDEyRN
// SIG // aWNyb3NvZnQgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3Jp
// SIG // dHkwHhcNMDYwMTI1MjMyMjMyWhcNMTcwMTI1MjMzMjMy
// SIG // WjB5MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGlu
// SIG // Z3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMV
// SIG // TWljcm9zb2Z0IENvcnBvcmF0aW9uMSMwIQYDVQQDExpN
// SIG // aWNyb3NvZnQgQ29kZSBTaWduaW5nIFBDQTCCASIwDQYJ
// SIG // KoZIhvcNAQEBBQADggEPADCCAQoCggEBAJ+N34U3jLEG
// SIG // VmY2TtQK6zYjkR6vq41Y6cTPwZ86CiTExMResO4VFMX6
// SIG // PpkzaxlpcvR8BV/lmSVE1zUZipDcKI6QDO/VkGGt3twY
// SIG // cC2DyW+vhSz43bm5MP1xeByD/cipuYJnDXq4wQnCvBaX
// SIG // Vz8cmNNp1zCQkJCNMB/YJtSee4jZ4gntl0lF6wRSgXV7
// SIG // uLUiuC5Wu9fPqU48CoOiqDrFrbYBDmrPIrQjH2zVJ+e3
// SIG // fsG01TKteSUcQobinYX0V9obWS8tJpIpxbPXhaOeYFqU
// SIG // 5nuce16CNEtt/9TuJ9Ci3NGQDM59DhV8iKw0x8BsmIRK
// SIG // yUR5aCjfIoMNuIosSGHi/hECAwEAAaOCAiMwggIfMBAG
// SIG // CSsGAQQBgjcVAQQDAgEAMB0GA1UdDgQWBBRXRXQcXbD2
// SIG // yEMF4IxULY8yp/5IljALBgNVHQ8EBAMCAcYwDwYDVR0T
// SIG // AQH/BAUwAwEB/zCBmAYDVR0jBIGQMIGNgBQOrIJgQFYn
// SIG // l+UlE/wq4QpTlVnkpKFjpGEwXzETMBEGCgmSJomT8ixk
// SIG // ARkWA2NvbTEZMBcGCgmSJomT8ixkARkWCW1pY3Jvc29m
// SIG // dDEtMCsGA1UEAxMkTWljcm9zb2Z0IFJvb3QgQ2VydGlm
// SIG // aWNhdGUgQXV0aG9yaXR5ghB5rRahSqClrUxzWPQHEy5l
// SIG // MFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwubWlj
// SIG // cm9zb2Z0LmNvbS9wa2kvY3JsL3Byb2R1Y3RzL21pY3Jv
// SIG // c29mdHJvb3RjZXJ0LmNybDBUBggrBgEFBQcBAQRIMEYw
// SIG // RAYIKwYBBQUHMAKGOGh0dHA6Ly93d3cubWljcm9zb2Z0
// SIG // LmNvbS9wa2kvY2VydHMvTWljcm9zb2Z0Um9vdENlcnQu
// SIG // Y3J0MHYGA1UdIARvMG0wawYJKwYBBAGCNxUvMF4wXAYI
// SIG // KwYBBQUHAgIwUB5OAEMAbwBwAHkAcgBpAGcAaAB0ACAA
// SIG // qQAgADIAMAAwADYAIABNAGkAYwByAG8AcwBvAGYAdAAg
// SIG // AEMAbwByAHAAbwByAGEAdABpAG8AbgAuMBMGA1UdJQQM
// SIG // MAoGCCsGAQUFBwMDMA0GCSqGSIb3DQEBBQUAA4ICAQAw
// SIG // vLAgpGKgp+85JmE93KzGmdCGxC71gzJlXiI+m9aG+Oi2
// SIG // n8qL1jt1C6GRPkzdZHSMSfKIjBhnbP4VZka4OkZCl8iR
// SIG // N9Qksees0+pBFIN308lPBV+jFFK/lqQvPlZbEHXOU8PO
// SIG // BVRptGXJJKUP4SW4GrlN5QK5UB5Ps5gMHZUC7iJZrSLL
// SIG // BXQLBEV7BFng2A+z60z4YN3CeJ7Rup9r9/PufkQRQNK9
// SIG // uptLFghupL5V5KY4EqNI9BxVeoog0X3+kduUjy/Ce2um
// SIG // ZIVPo+UsNCldC7/1xzgvxCDEVjH2ac6F+AqR7NDWrro4
// SIG // BQzrbk9MnAMpqqL8GKApDA1cXFYjV9oclg3IJjbBRMvl
// SIG // 4eZvieeP6Zi1c9N44+2jATx05V68bPYhiWcF7JedtbH9
// SIG // r6bpcqXDNOEvn/n0ajniLQSCW/zQnK58nRH55rVTGXS6
// SIG // OUo5631Cs0o7Nz3CSnsnmOfiTpsbSlQ4aiM3vmq3SO7q
// SIG // Qg1JJJGOtwQul2/k50W7j039YNnXWcLYgNZgNHu3oZMg
// SIG // /oG4qqVcCemKDb4oTX7X6A/tZXjRMV+5ZtvfQucLzAIH
// SIG // jd//IAajRWW0szKNLpHiTbSpyfq8awQOsp/qn96kyQqW
// SIG // 9I332Jio8IUCCFmkIKYsCxryUgbtaeVkGBvgo6veynwU
// SIG // YUO4ZfU2o1UTK2csTRswTDGCBOUwggThAgEBMIGHMHkx
// SIG // CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9u
// SIG // MRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNy
// SIG // b3NvZnQgQ29ycG9yYXRpb24xIzAhBgNVBAMTGk1pY3Jv
// SIG // c29mdCBDb2RlIFNpZ25pbmcgUENBAgphBfceAAAAAAAy
// SIG // MAkGBSsOAwIaBQCgggERMBkGCSqGSIb3DQEJAzEMBgor
// SIG // BgEEAYI3AgEEMBwGCisGAQQBgjcCAQsxDjAMBgorBgEE
// SIG // AYI3AgEVMCMGCSqGSIb3DQEJBDEWBBRAk6ITUT0xBLr+
// SIG // WNzS53evIfxnkDCBsAYKKwYBBAGCNwIBDDGBoTCBnqBw
// SIG // gG4ARgBvAHIAZQBmAHIAbwBuAHQAIABUAGgAcgBlAGEA
// SIG // dAAgAE0AYQBuAGEAZwBlAG0AZQBuAHQAIABHAGEAdABl
// SIG // AHcAYQB5ACAALQAgAEsAQgAxADkAOAAxADQAMAA5ACAA
// SIG // RQBuAGcAbABpAHMAaKEqgChodHRwOi8vc3VwcG9ydC5t
// SIG // aWNyb3NvZnQuY29tP2tiaWQ9OTgxMzI0MA0GCSqGSIb3
// SIG // DQEBAQUABIIBADi0onTsDQOPkm6+75AWnc22H8fQuoGv
// SIG // fmqxZtbmAo6qpdp8FgWr4XjCf/K7t70gz+4ESaaDsuDg
// SIG // KMVtUdG95qdXUcvu7ZTxJSRrEVYsQazpeCcIrns4oz2O
// SIG // cqiDZLYSa8oi2J3SpPawx89dY+HIeF7z6dF1DKB9XlJn
// SIG // ygtLH3iBUyYE+YBQETLt3lCZoTTjOFtewf3HmSzpW3rR
// SIG // xJR84/9SObb2QjSyfp/RhGoUbd5CtXBTAWALQZaOpZxa
// SIG // YVJE4ormuGiQhfBZq1ZGF2zK0ZTGd18klWoITrxw+UNa
// SIG // pQU+sTtA92NylEUNHn36IeAXqj+KN74K2WPr/w9RSUhS
// SIG // +q6hggIdMIICGQYJKoZIhvcNAQkGMYICCjCCAgYCAQEw
// SIG // gYUwdzELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hp
// SIG // bmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoT
// SIG // FU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEhMB8GA1UEAxMY
// SIG // TWljcm9zb2Z0IFRpbWUtU3RhbXAgUENBAgphFrUpAAAA
// SIG // AAAQMAcGBSsOAwIaoF0wGAYJKoZIhvcNAQkDMQsGCSqG
// SIG // SIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMTAwNjE1MTgz
// SIG // MzMwWjAjBgkqhkiG9w0BCQQxFgQUeF2MyQnCPBe8WnOv
// SIG // vHKnhk8dty4wDQYJKoZIhvcNAQEFBQAEggEApF/IOUTv
// SIG // cGiewchP+r+Rv5FN5nmjHI49DByrrS4kpWEUnAsh5y9Z
// SIG // P8tD617WBG7dWuiz7WSfrCm4Px9v9d7twyLlkHYNJ1kM
// SIG // rKsir6SfnSl90dwF+OrfoFTDqgpIO3MllopF4HXfzM+d
// SIG // MBqHT9QUJsc8s5V/ljMIE6fkduGy1zNPfLgc+A3C3oRg
// SIG // N/yxY5K6gPNZanM6ggC7I4CKf8zTtiLb08FBh8rBBcX2
// SIG // lVV+h41gW7mFgs2B7huv0SIRfWBOKzCXsvs/XwEzuQrT
// SIG // 7os8Gnjp/F7ycHCDJATHWFIK306q6WgPt0YD5B7t7mJz
// SIG // vg4wkXZ+RLNbu4YNXpSOnSUA2Q==
// SIG // End signature block