home *** CD-ROM | disk | FTP | other *** search

---

/ moodle.waes.ac.uk / moodle.waes.ac.uk.zip / moodle.waes.ac.uk / TMG / SP1-TMG-KB981324-AMD64-ENU.msp / PCW_CAB_SHFx2 / RevertArrayConfiguration.js

< prev

next >

Wrap

Text File  |  2010-06-15  |  27KB  |  624 lines

---

1. ERROR_DS_NO_SUCH_OBJECT = (0x80072030);
2. fpcISA2008 = 2;
3.  
4. try
5. {
6.     var arrayName = WScript.Arguments.Named.Item("ArrayName");
7.     if(typeof(arrayName)=="undefined")
8.     { 
9.         WriteLine("Error: Mandatory argument /ArrayName is missing.");
10.         Usage();
11.     }
12.  
13.     var EMS = WScript.Arguments.Named.Item("EMS");
14.     if(typeof(EMS)=="undefined")
15.     { 
16.         WriteLine("/EMS not defined - assuming /EMS:localhost");
17.         EMS = "localhost";
18.     }
19.  
20.     var compatibilityVersion = WScript.Arguments.Named.Item("CompatVer");
21.     if(typeof(compatibilityVersion)=="undefined")
22.     { 
23.         WriteLine("/CompatVer not defined - assuming /CompatVer:2 (which is fpcISA2008 - TMG RTM)");
24.         compatibilityVersion = fpcISA2008;
25.     }
26.  
27.     username = WScript.Arguments.Named.Item("username");
28.     domain = WScript.Arguments.Named.Item("domain");
29.     password = WScript.Arguments.Named.Item("password");
30.  
31.     logpath = WScript.Arguments.Named.Item("logpath");
32.     if (typeof(logpath)!="undefined")
33.     {
34.         var fso  = new ActiveXObject("Scripting.FileSystemObject"); 
35.         var logfileName = logpath + "\\ISA_Uninst_RevertArrayConfiguration.log";
36.         logfileHandle = fso.CreateTextFile(logfileName, true); 
37.         WScript.Echo("Writing logs to " + logfileName);
38.     }
39.     
40.     var arr = GetArray(arrayName, EMS);
41.  
42.     ValidateSP1Uninstalled(arr, EMS);
43.     
44.     DeleteSP1Objects(arr);
45.  
46.     HandleReportingObjects(arr, EMS);
47.  
48.     // Change CompatibilityVersion back
49.     var prevVersion = arr.msFPCCompatibilityVersion
50.     arr.msFPCCompatibilityVersion = compatibilityVersion;
51.     WriteLine("Changed CompatibilityVersion of array " + arr.msFPCName + " from " + prevVersion + " to " + arr.msFPCCompatibilityVersion);
52.     arr.SetInfo();
53.  
54.     // Explicitly cause full configuration reload
55.     var cmd ="reg add HKLM\\SOFTWARE\\Microsoft\\Fpc\\Storage\\Cache /v InvocationID /t REG_BINARY /f /d 000000000000000000000000000000000000000000000000";
56.     ExecuteShellCommand(cmd);
57.  
58.     WScript.Quit(0);
59.  
60. }
61. catch (err)
62. {
63.     WriteLine("Script execution error: " + DecimalToHexString(err.number) + ". " + err.description);
64.     WriteLine("Aborting...");
65.     WScript.Quit(err.number);
66. }
67. finally
68. {
69.     if (typeof(logfileHandle)!="undefined")
70.     {
71.         logfileHandle.Close();
72.     }
73. }
74.  
75. function GetArray(sArrayName, sEMS)
76. {
77.     var arrays = GetEmsObject("LDAP://" + sEMS + ":2171/CN=Arrays,CN=Array-Root,CN=FPC2");
78.     
79.     var mList = new Enumerator(arrays );
80.     for (; !mList.atEnd(); mList.moveNext())
81.     {
82.         array = mList.item();
83.         if (array.msFPCName == sArrayName || array.cn == sArrayName)
84.         {
85.             return (array);
86.         }
87.     }
88.     throw new Error(2, "No matching array name found");
89. }
90.  
91.  
92. function GetEmsObject(path)
93. {
94.     try
95.     { 
96.         var provLdap;
97.         ADS_SECURE_AUTHENTICATION = 1;
98.  
99.         if (typeof(username)=="undefined")
100.         {
101.             return GetObject(path);
102.         }
103.         
104.         // Create LDAP obj
105.         var provLdap = GetObject("LDAP:") ;
106.  
107.         return (provLdap.OpenDSObject(path, domain + "\\" + username, password, ADS_SECURE_AUTHENTICATION));
108.     }
109.     catch(err)
110.     {
111.         if (err.description=="")
112.         {
113.             err.description = "Failed to access path " + path + ". Ensure that the correct EMS name is specified and double check the credentials";
114.         }
115.         throw err;
116.     }
117. }
118.  
119. function DeleteSP1Objects(arr)
120. {
121.     // Rule: "Allow access to directory services on Forefront TMG"
122.     DeleteObject(arr, "msfpcPolicyRule", "CN={109479b2-2acf-4d9c-9f2d-ce9b35dcbd3b},CN=PolicyRules,CN=ArrayPolicy");
123.  
124.     // Rule: "Allow Kerberos authentication to Forefront TMG"
125.     DeleteObject(arr, "msfpcPolicyRule", "CN={43b16e09-5b64-4158-887d-72ce0f6b9591},CN=PolicyRules,CN=ArrayPolicy");
126.  
127.     // Rule: "Authentication Services: Allow Microsoft CIFS to Forefront TMG"
128.     DeleteObject(arr, "msfpcPolicyRule", "CN={99546388-eed7-41a0-b860-705815d02502},CN=PolicyRules,CN=ArrayPolicy");
129.  
130.     // Rule: "Authentication Services: Allow RPC to Forefront TMG"
131.     DeleteObject(arr, "msfpcPolicyRule", "CN={02bd3eb3-8d0c-4af1-a79e-75e2fb6ff823},CN=PolicyRules,CN=ArrayPolicy");
132.  
133.     // Rule: "Allow DNS to Forefront TMG"
134.     DeleteObject(arr, "msfpcPolicyRule", "CN={182dbc34-4d1c-42eb-b1a5-34d541d1b6ce},CN=PolicyRules,CN=ArrayPolicy");
135.  
136.     // Rule: "Allow Hosted Cache Inbound Connections"
137.     DeleteObject(arr, "msfpcPolicyRule", "CN={5a4f9a28-d2a4-4653-a925-ae0daeebbc49},CN=PolicyRules,CN=ArrayPolicy");
138.  
139.     // Rule: This deny rule is required to process inbound BranchCache traffic correctly, and should be in the same state (enabled or disabled) as the rule "Allow Hosted Cache Inbound Connections"
140.     DeleteObject(arr, "msfpcPolicyRule", "CN={92cd6cfc-f15b-4116-b5f4-c7144721dd1f},CN=PolicyRules,CN=ArrayPolicy");
141.  
142.     // Rule: "Allow Hosted Cache Outbound Connections"
143.     DeleteObject(arr, "msfpcPolicyRule", "CN={ea0f9161-bb2c-41da-9574-58a5c43fce60},CN=PolicyRules,CN=ArrayPolicy");
144.  
145.     // Ref to Kerberos Password V5, rule: "Authentication Services: Allow Kerberos authentication from Forefront TMG to trusted servers"
146.     DeleteObject(arr, "msFPCRef", "CN={d4915ffd-a5c3-43cc-92ce-b57d025c8bd0},CN=ProtocolsUsed,CN=AccessProperties,CN={51e9fca4-d552-41ae-a78b-20c9905049dd},CN=PolicyRules,CN=ArrayPolicy");
147.  
148.     // Alert: "BranchCache Initialization Failure"
149.     DeleteObject(arr, "msFPCAlert", "CN={375A038E-E2BA-4B25-8684-8595ADCB3B24},CN=Alerts");
150.  
151.     // Alert: "BranchCache Configuration Not Recommended"
152.     DeleteObject(arr, "msFPCAlert", "CN={D0FFBBDB-D762-4A3E-9A3F-FA87AE79564E},CN=Alerts");
153.  
154.     // Alert: "BranchCache Operation Failure"
155.     DeleteObject(arr, "msFPCAlert", "CN={C20F06D8-FA13-473F-A4C1-1C5E2956899D},CN=Alerts");
156.  
157.     // Alert: "Cache Log Failure"
158.     DeleteObject(arr, "msFPCAlert", "CN={82037DA0-263E-4EB2-969C-8B5FF23AAD5B},CN=Alerts");
159.  
160.     // Protocol: "Kerberos Password V5"
161.     DeleteObject(arr, "msFPCProtocol", "CN={e0b0768e-df74-4181-92aa-15a517c3714e},CN=Protocols,CN=RuleElements");
162.  
163.     // Protocol: "BranchCache - Retrieval"
164.     DeleteObject(arr, "msFPCProtocol", "CN={46598E66-F1D3-4A64-AB67-F64B8BE2FAB8},CN=Protocols,CN=RuleElements");
165.  
166.     // Protocol: "BranchCache - Advertise"
167.     DeleteObject(arr, "msFPCProtocol", "CN={BA271F7C-3D72-4670-B162-FB16E05573F8},CN=Protocols,CN=RuleElements");
168.  
169.     // Event: "BranchCache Initialization Failure"
170.     DeleteObject(arr, "msFPCEventDefinition", "CN={F42FEF4C-BA53-4998-B66D-C750BBD23979},CN=Event-Definitions,CN=RuleElements");
171.  
172.     // Event: "BranchCache Configuration Not Recommended"
173.     DeleteObject(arr, "msFPCEventDefinition", "CN={78E5B761-0F10-4ADF-804F-82D883E69190},CN=Event-Definitions,CN=RuleElements");
174.  
175.     // Event: "msFPCName: BranchCache Operation Failure"
176.     DeleteObject(arr, "msFPCEventDefinition", "CN={04CE1CC9-1197-4EA7-928F-3E5BC65395CA},CN=Event-Definitions,CN=RuleElements");
177.  
178.     // Event: "Cache Log Failure"
179.     DeleteObject(arr, "msFPCEventDefinition", "CN={ADFC163E-40B6-4AD8-946C-CC8FFC7A355E},CN=Event-Definitions,CN=RuleElements");
180.  
181.     // Web filter: "User Override Web Filter"
182.     DeleteObject(arr, "msFPCISAPIFilter", "CN={9599218C-CCE6-4C39-B0DB-A0F2DFF0C486},CN=ISAPI-Filters,CN=Extensions");
183. }
184.  
185. function HandleReportingObjects(arr, EMS)
186. {
187.     var localizedAttributesQueryParams = [
188.         ["msFPCName",        "msFPCRdlReportParameterPermittedValue"],
189.         ["msFPCDisplayName", "msFPCRdlReportDefinition"],
190.         ["msFPCDisplayName", "msFPCRdlReportCategory"],
191.         ["msFPCDisplayName", "msFPCRdlReportParameter"],
192.         ["msFPCDescription", "msFPCRdlReportParameter"]
193.     ];
194.  
195.     var localizedAttributesDictionary = ReadLocalizedAttributes(arr, localizedAttributesQueryParams);
196.  
197.     // Delete current (SP1) report definitions
198.     DeleteObject(arr, "msFPCReportSummaryDefinitions", "CN=ReportSummaryDefinitions,CN=Reports");
199.     DeleteObject(arr, "msFPCRdlReportDefinitions",     "CN=RdlReportDefinitions,CN=Reports");
200.     DeleteObject(arr, "msFPCRdlReportCategories",      "CN=RdlReportCategories,CN=Reports");
201.     DeleteObject(arr, "msFPCRdlReportParameters",      "CN=RdlReportParameters,CN=Reports");
202.  
203.     // Import RTM report definitions. Note: localized attributes in here are in English
204.     ImportRTMReportDefinitions(arr, EMS);
205.  
206.     // Reset localized attributes that we read before
207.     WriteLocalizedAttributes(arr, localizedAttributesDictionary);
208.  
209.     var rsProperties = arr.GetObject("msFPCReportingServicesProperties", "CN=ReportingServicesProperties,CN=Reports");
210.     rsProperties.msFPCReportingServicesConfigurationId="{57384194-CFE2-4880-A168-2EAC68A22F49}";
211.     rsProperties.SetInfo();
212. }
213.  
214. function DeleteObject(arr, objClass, objectPathRelativeToArray)
215. {
216.     try
217.     {
218.         var obj = arr.GetObject(objClass, objectPathRelativeToArray);
219.     }
220.     catch(err)
221.     {
222.         number = err.number;
223.         if (number < 0) 
224.         { 
225.             number = 0xFFFFFFFF + number + 1; 
226.         }
227.         if (number == ERROR_DS_NO_SUCH_OBJECT)
228.         {
229.             WriteLine("Already deleted: " + objectPathRelativeToArray);
230.             return;
231.         }
232.         WriteLine("Error when deleting object " + objectPathRelativeToArray);
233.         return;
234.     }
235.  
236.     WriteLine("Deleting: " + objectPathRelativeToArray);
237.     obj.DeleteObject(0);
238. }
239.  
240. //return triples of [location, name, value]
241. function ReadLocalizedAttributes(arr, localizedAttributesQueryParams)
242. {
243.     var localizedAttributes = new Array();
244.     var curElement = 0;
245.     // Example query: <path-to-array>;(&(objectCategory=msFPCRdlReportParameterPermittedValue)(msFPCName=*));ADsPath,msFPCName;subtree
246.     for (var i = 0; i < localizedAttributesQueryParams.length; i++)
247.     {
248.         var attrName = localizedAttributesQueryParams[i][0];
249.         var objCategory = localizedAttributesQueryParams[i][1];
250.         var query = "<" + arr.ADsPath + ">;" + "(&(objectCategory=" + objCategory + ")(" + 
251.             attrName + "=*));ADsPath," + attrName + ";subtree";
252.         WriteLine(query);
253.  
254.         var conn = new ActiveXObject("ADODB.Connection");
255.         conn.Provider = "ADSDSOObject";
256.         if (typeof(username)!="undefined")
257.         {
258.             conn.Properties("User ID") = domain + "\\" + username;
259.             conn.Properties("Password") = password; 
260.             conn.Properties("ADSI Flag") = ADS_SECURE_AUTHENTICATION;
261.         }
262.         conn.Open("ADs Provider");
263.  
264.         var rs = conn.Execute(query);
265.  
266.  
267.         while (!rs.EOF)
268.         {
269.             localizedAttributes[curElement] = [rs.Fields(0).Value, attrName, rs.Fields(1).Value];
270.             curElement++;
271.             rs.moveNext();
272.         }
273.     }
274.     WriteLine("Finished reading localized attributes");
275.     return localizedAttributes;
276. }
277.  
278. function ImportRTMReportDefinitions(arr, sEMS)
279. {
280.     var fso = new ActiveXObject("Scripting.FileSystemObject");
281.     var RunDir = fso.GetParentFolderName(WScript.ScriptFullName);
282.     var cmd = "ldifde.exe -i -k" +
283.           " -f \"" + RunDir + "\\RTM-report-definitions.ldif\"" +
284.           " -s " + sEMS + ":2171" +
285.           " -c CN=Array " + arr.distinguishedName;
286.  
287.     if (typeof(logpath)!="undefined")
288.     {
289.           cmd = cmd + " -j \"" + logpath + "\"";
290.     }
291.     var cmdToLog = cmd;
292.     if (typeof(username)!="undefined")
293.     {
294.         cmd = cmd + " -b " + username + " " + domain + " " + password;
295.         cmdToLog = cmdToLog + " -b " + username + " " + domain + " ********";
296.     }
297.     ExecuteShellCommand(cmd, cmdToLog);
298. }
299.  
300. function ExecuteShellCommand(cmd, cmdToLog)
301. {
302.     if (typeof(cmdToLog)=="undefined")
303.     {
304.         cmdToLog = cmd;
305.     }
306.     WriteLine("Executing: " + cmdToLog);
307.     var WSHShell = new ActiveXObject("WScript.Shell");
308.     var oExec  = WSHShell.Exec(cmd);
309.     var oExecOut = oExec.StdOut;
310.     while(!oExecOut.AtEndOfStream)
311.     {
312.         line = oExecOut.ReadLine();
313.         WriteLine("  " + line);
314.     }
315.  
316.     while (oExec.Status != 1) // Wait until command finishes, so we can check ExitCode
317.     {
318.         WScript.Sleep(100);
319.     }
320.     if (oExec.ExitCode != 0)
321.     {
322.         throw new Error(oExec.ExitCode, "Failed to execute shell command " + cmdToLog);
323.     }
324. }
325.  
326. function WriteLocalizedAttributes(arr, localizedAttributes)
327. {
328.     for (i = 0; i < localizedAttributes.length; i++)
329.     {
330.         var location = localizedAttributes[i][0];
331.         var attrName = localizedAttributes[i][1];
332.         var attrValue = localizedAttributes[i][2];
333.         try
334.         {
335.             var obj = GetEmsObject(location);
336.             obj.Put(attrName, attrValue);
337.             obj.SetInfo();
338.             WriteLine("Set attribute " + attrName + " at " + location + " to " + attrValue);
339.         }
340.         catch(err)
341.         {
342.             number = err.number;
343.             if (number < 0) 
344.             { 
345.                 number = 0xFFFFFFFF + number + 1; 
346.             }
347.             if (number == ERROR_DS_NO_SUCH_OBJECT)
348.             {
349.                 WriteLine("Object doesn't exist anymore, not re-setting attribute " + attrName + "at" + location
350.                     + " to " + attrValue);
351.             }
352.             else
353.             {
354.                 throw err;
355.             }
356.         }
357.     }
358. }    
359.  
360. function Usage()
361. {
362.     WriteLine("\n" +
363.                 "Transforms an array configuration from SP1 to RTM state.\n" +
364.                 "Usage:   RevertArrayConfiguration.js [/EMS:<EMS machine FQDN>] /ArrayName:<array name>|<array guid> " +
365.                  "[/CompatVer:<compatibility version>] [/username:<username> /domain:<domain> /password:<password>] " +
366.                  "[/logpath:<log path>]\n" +
367.                 "Example: RevertArrayConfiguration.js /ArrayName:Contoso\n\n");
368.     WScript.Quit(1);
369. }
370.  
371. function ValidateSP1Uninstalled(arr, sEMS)
372. {
373.     var servers = arr.GetObject("msFPCServers", "CN=Servers");
374.     var mList = new Enumerator(servers);
375.     
376.     for (; !mList.atEnd(); mList.moveNext())
377.     {
378.         server = mList.item();
379.         if (!(server.msFPCVersion.indexOf("7.0.7") === 0))
380.         {
381.             throw new Error(0x4005, "Array " + arr.msFPCName + " cannot revert its configuration, since it still contain a non-RTM server " +  server.msFPCName);
382.         }
383.     }
384. }
385.  
386. function DecimalToHexString(number) 
387. { 
388.     if (number < 0) 
389.     { 
390.         number = 0xFFFFFFFF + number + 1; 
391.     } 
392.  
393.     return "0x" + number.toString(16).toUpperCase(); 
394. } 
395.  
396. function WriteLine(str)
397. {
398.     if (typeof(logfileHandle)!="undefined")
399.     {
400.         logfileHandle.WriteLine(str);
401.     }
402.     else
403.     {
404.         WScript.Echo(str);
405.     }
406. }
407.  
408.  
409. // SIG // Begin signature block
410. // SIG // MIIbYwYJKoZIhvcNAQcCoIIbVDCCG1ACAQExCzAJBgUr
411. // SIG // DgMCGgUAMGcGCisGAQQBgjcCAQSgWTBXMDIGCisGAQQB
412. // SIG // gjcCAR4wJAIBAQQQEODJBs441BGiowAQS9NQkAIBAAIB
413. // SIG // AAIBAAIBAAIBADAhMAkGBSsOAwIaBQAEFHz1s6mQfwKN
414. // SIG // D0FXDFEfv0PTjEb2oIIV6jCCBIUwggNtoAMCAQICCmEF
415. // SIG // 9x4AAAAAADIwDQYJKoZIhvcNAQEFBQAweTELMAkGA1UE
416. // SIG // BhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNV
417. // SIG // BAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBD
418. // SIG // b3Jwb3JhdGlvbjEjMCEGA1UEAxMaTWljcm9zb2Z0IENv
419. // SIG // ZGUgU2lnbmluZyBQQ0EwHhcNMDkwNzEzMjMwMDE4WhcN
420. // SIG // MTAxMDEzMjMxMDE4WjCBgzELMAkGA1UEBhMCVVMxEzAR
421. // SIG // BgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1v
422. // SIG // bmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlv
423. // SIG // bjENMAsGA1UECxMETU9QUjEeMBwGA1UEAxMVTWljcm9z
424. // SIG // b2Z0IENvcnBvcmF0aW9uMIIBIjANBgkqhkiG9w0BAQEF
425. // SIG // AAOCAQ8AMIIBCgKCAQEAtYypnJSEYRrMLiLEoJNkCd6F
426. // SIG // obCQXfzJbGi18e/8jmv0+KBu11HeYKMnY9T237ZM0kUL
427. // SIG // pz3Yb/7tpxhj0x/GgdS/BzeXQCt/519aNdmTT6vzKpLw
428. // SIG // po2B7AUk3Nu4YWNTYQI1ONa49e57VKbJWDXp9BXv2gds
429. // SIG // BS1NpLa6mzu4MTB+RbypoSU5DEOkRzuXnCBEcjfPUKBN
430. // SIG // TfTDZdxE0Qg7ON0+xRdsRsetcyTAj4nB6uq6zWipEtZY
431. // SIG // DFMWDP45A9aB8j5cV/N622bhBxjZGQMU9uZFmSpRTJDX
432. // SIG // Wu+vtzsMKU1tIK4Ht5Iu6GnKnzBC58MyigsiSjLonAzG
433. // SIG // UQMmAW2ScwIDAQABo4IBAjCB/zATBgNVHSUEDDAKBggr
434. // SIG // BgEFBQcDAzAdBgNVHQ4EFgQUh4G33+76d/pZBWM3BArX
435. // SIG // 6dqg4OAwDgYDVR0PAQH/BAQDAgeAMB8GA1UdIwQYMBaA
436. // SIG // FFdFdBxdsPbIQwXgjFQtjzKn/kiWMEkGA1UdHwRCMEAw
437. // SIG // PqA8oDqGOGh0dHA6Ly9jcmwubWljcm9zb2Z0LmNvbS9w
438. // SIG // a2kvY3JsL3Byb2R1Y3RzL0NvZGVTaWdQQ0EuY3JsME0G
439. // SIG // CCsGAQUFBwEBBEEwPzA9BggrBgEFBQcwAoYxaHR0cDov
440. // SIG // L3d3dy5taWNyb3NvZnQuY29tL3BraS9jZXJ0cy9Db2Rl
441. // SIG // U2lnUENBLmNydDANBgkqhkiG9w0BAQUFAAOCAQEANiGE
442. // SIG // 9Y+DIU2HqD+L58WkD0wwbll0mwuXdBapsfNwpK/CDDMk
443. // SIG // 86BK+sHkIca22epcW5Fh9yJt/zH8F07XzUDjndLltNL6
444. // SIG // jWwH2neayivuDVlHzwTCEGf66ulDO7fm0ZzZjiNgbhKb
445. // SIG // w9l+XFcy3ZQN333FSJJNSHa3osBTlT78OqOTfPKFBMfG
446. // SIG // hTiXNvgSkyIAmU55r5brWiCDrNBcWjCwAOJrOY8kido9
447. // SIG // DKRGeWI2U2rXyc2SCPuH5VT1fFnFxHd9sMEsmMeXbEOn
448. // SIG // +CD4g1RknmD44kqlZ9RJv1SIfVJE81HAJtHFfPCJ1hEJ
449. // SIG // KMJFRYAdkCK9jqIFPjyzT73XOeCIkzCCBM0wggO1oAMC
450. // SIG // AQICCmEWtSkAAAAAABAwDQYJKoZIhvcNAQEFBQAwdzEL
451. // SIG // MAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24x
452. // SIG // EDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jv
453. // SIG // c29mdCBDb3Jwb3JhdGlvbjEhMB8GA1UEAxMYTWljcm9z
454. // SIG // b2Z0IFRpbWUtU3RhbXAgUENBMB4XDTEwMDEwNDIxMTIw
455. // SIG // M1oXDTEzMDEwNDIxMjIwM1owgbYxCzAJBgNVBAYTAlVT
456. // SIG // MRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdS
457. // SIG // ZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9y
458. // SIG // YXRpb24xEDAOBgNVBAsTB25DaXBoZXIxJzAlBgNVBAsT
459. // SIG // Hm5DaXBoZXIgRFNFIEVTTjpBQ0QzLUFFNjYtRTBCNTEl
460. // SIG // MCMGA1UEAxMcTWljcm9zb2Z0IFRpbWUtU3RhbXAgU2Vy
461. // SIG // dmljZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
462. // SIG // ggEBAOMoqtk8Q0L4BhO64sf5wS9ZyzyV51SQbMNYlWKz
463. // SIG // D2y9g9stWIgIkgvbzXbHVsbg7irTiDtcyqlwowAjIixT
464. // SIG // OOhQx/EUCY0dy3yL9aYza6/IRl9Le17556bHL0KFZzaN
465. // SIG // YEryE2bcsDltzhDK3XIFWHKd8gA7ADntJlM+Hs3uUJLN
466. // SIG // hfQ6/YGhBV8L6UQO79VZQCYoy4JOTivIFCK7cB3kPdH9
467. // SIG // YHZUTDns73c4i4z+dK/nFvRwMbjLrdTdi7b6AK3tdBSw
468. // SIG // Rb78ZYjhrfxJ21/R1M50edSNhm+z9ZcHIS2aYcn8uhtM
469. // SIG // 0uiruVDk0yv0wdlN1kCsFKeIhXNeaD5jt0HUZr0CAwEA
470. // SIG // AaOCARkwggEVMB0GA1UdDgQWBBTh8K4PDQX8MvMcfRl/
471. // SIG // z8TFv5FVTTAfBgNVHSMEGDAWgBQjNPjZUkZwCu1A+3b7
472. // SIG // syuwwzWzDzBUBgNVHR8ETTBLMEmgR6BFhkNodHRwOi8v
473. // SIG // Y3JsLm1pY3Jvc29mdC5jb20vcGtpL2NybC9wcm9kdWN0
474. // SIG // cy9NaWNyb3NvZnRUaW1lU3RhbXBQQ0EuY3JsMFgGCCsG
475. // SIG // AQUFBwEBBEwwSjBIBggrBgEFBQcwAoY8aHR0cDovL3d3
476. // SIG // dy5taWNyb3NvZnQuY29tL3BraS9jZXJ0cy9NaWNyb3Nv
477. // SIG // ZnRUaW1lU3RhbXBQQ0EuY3J0MBMGA1UdJQQMMAoGCCsG
478. // SIG // AQUFBwMIMA4GA1UdDwEB/wQEAwIGwDANBgkqhkiG9w0B
479. // SIG // AQUFAAOCAQEAjVtJKFSHyYqpk/6b+I1UcSCdwDiTJym5
480. // SIG // y5ZTios1tZQ3Fli9nj4XJ19ZL+Rdfh3iWdwH+2IY5WO/
481. // SIG // 9AvPTdpbMPbImv8mWb8ZwxCy8OMewQyZ2lWSxswS38BY
482. // SIG // TN2a1B0j+YYSROcmAuiAQWgWVDYdp2WzxDOh46SY2b5i
483. // SIG // kE+SN7apiBdUSB+dwiLYciq5wzCTPjfsKam5zgvVwskW
484. // SIG // pudeVQ3MgYRh6SwD25umG1MCOIsKWJEXyHFwFs4uxmP8
485. // SIG // eZ+DBIK0gecvV2mtuKUfIzZ29hWUhgoe6t0RO2ZE0hVa
486. // SIG // z6YrKB9OxQpzV0uVA2Ci6+kyfr09j6a9SSopwVcxwBDf
487. // SIG // UTCCBgcwggPvoAMCAQICCmEWaDQAAAAAABwwDQYJKoZI
488. // SIG // hvcNAQEFBQAwXzETMBEGCgmSJomT8ixkARkWA2NvbTEZ
489. // SIG // MBcGCgmSJomT8ixkARkWCW1pY3Jvc29mdDEtMCsGA1UE
490. // SIG // AxMkTWljcm9zb2Z0IFJvb3QgQ2VydGlmaWNhdGUgQXV0
491. // SIG // aG9yaXR5MB4XDTA3MDQwMzEyNTMwOVoXDTIxMDQwMzEz
492. // SIG // MDMwOVowdzELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldh
493. // SIG // c2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNV
494. // SIG // BAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEhMB8GA1UE
495. // SIG // AxMYTWljcm9zb2Z0IFRpbWUtU3RhbXAgUENBMIIBIjAN
496. // SIG // BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn6Fssd/b
497. // SIG // SJIqfGsuGeG94uPFmVEjUK3O3RhOJA/u0afRTK10MCAR
498. // SIG // 6wfVVJUVSZQbQpKumFwwJtoAa+h7veyJBw/3DgSY8InM
499. // SIG // H8szJIed8vRnHCz8e+eIHernTqOhwSNTyo36Rc8J0F6v
500. // SIG // 0LBCBKL5pmyTZ9co3EZTsIbQ5ShGLieshk9VUgzkAyz7
501. // SIG // apCQMG6H81kwnfp+1pez6CGXfvjSE/MIt1NtUrRFkJ9I
502. // SIG // AEpHZhEnKWaol+TTBoFKovmEpxFHFAmCn4TtVXj+AZod
503. // SIG // UAiFABAwRu233iNGu8QtVJ+vHnhBMXfMm987g5OhYQK1
504. // SIG // HQ2x/PebsgHOIktU//kFw8IgCwIDAQABo4IBqzCCAacw
505. // SIG // DwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUIzT42VJG
506. // SIG // cArtQPt2+7MrsMM1sw8wCwYDVR0PBAQDAgGGMBAGCSsG
507. // SIG // AQQBgjcVAQQDAgEAMIGYBgNVHSMEgZAwgY2AFA6sgmBA
508. // SIG // VieX5SUT/CrhClOVWeSkoWOkYTBfMRMwEQYKCZImiZPy
509. // SIG // LGQBGRYDY29tMRkwFwYKCZImiZPyLGQBGRYJbWljcm9z
510. // SIG // b2Z0MS0wKwYDVQQDEyRNaWNyb3NvZnQgUm9vdCBDZXJ0
511. // SIG // aWZpY2F0ZSBBdXRob3JpdHmCEHmtFqFKoKWtTHNY9AcT
512. // SIG // LmUwUAYDVR0fBEkwRzBFoEOgQYY/aHR0cDovL2NybC5t
513. // SIG // aWNyb3NvZnQuY29tL3BraS9jcmwvcHJvZHVjdHMvbWlj
514. // SIG // cm9zb2Z0cm9vdGNlcnQuY3JsMFQGCCsGAQUFBwEBBEgw
515. // SIG // RjBEBggrBgEFBQcwAoY4aHR0cDovL3d3dy5taWNyb3Nv
516. // SIG // ZnQuY29tL3BraS9jZXJ0cy9NaWNyb3NvZnRSb290Q2Vy
517. // SIG // dC5jcnQwEwYDVR0lBAwwCgYIKwYBBQUHAwgwDQYJKoZI
518. // SIG // hvcNAQEFBQADggIBABCXisNcA0Q23em0rXfbznlRTQGx
519. // SIG // LnRxW20ME6vOvnuPuC7UEqKMbWK4VwLLTiATUJndekDi
520. // SIG // V7uvWJoc4R0Bhqy7ePKL0Ow7Ae7ivo8KBciNSOLwUxXd
521. // SIG // T6uS5OeNatWAweaU8gYvhQPpkSokInD79vzkeJkuDfcH
522. // SIG // 4nC8GE6djmsKcpW4oTmcZy3FUQ7qYlw/FpiLID/iBxoy
523. // SIG // +cwxSnYxPStyC8jqcD3/hQoT38IKYY7w17gX606Lf8U1
524. // SIG // K16jv+u8fQtCe9RTciHuMMq7eGVcWwEXChQO0toUmPU8
525. // SIG // uWZYsy0v5/mFhsxRVuidcJRsrDlM1PZ5v6oYemIp76Kb
526. // SIG // KTQGdxpiyT0ebR+C8AvHLLvPQ7Pl+ex9teOkqHQ1uE7F
527. // SIG // cSMSJnYLPFKMcVpGQxS8s7OwTWfIn0L/gHkhgJ4VMGbo
528. // SIG // QhJeGsieIiHQQ+kr6bv0SMws1NgygEwmKkgkX1rqVu+m
529. // SIG // 3pmdyjpvvYEndAYR7nYhv5uCwSdUtrFqPYmhdmG0bqET
530. // SIG // pr+qR/ASb/2KMmyy/t9RyIwjyWa9nR2HEmQCPS2vWY+4
531. // SIG // 5CHltbDKY7R4VAXUQS5QrJSwpXirs6CWdRrZkocTdSIv
532. // SIG // MqgIbqBbjCW/oO+EyiHW6x5PyZruSeD3AWVviQt9yGnI
533. // SIG // 5m7qp5fOMSn/DsVbXNhNG6HY+i+ePy5VFmvJE6P9MIIG
534. // SIG // gTCCBGmgAwIBAgIKYRUIJwAAAAAADDANBgkqhkiG9w0B
535. // SIG // AQUFADBfMRMwEQYKCZImiZPyLGQBGRYDY29tMRkwFwYK
536. // SIG // CZImiZPyLGQBGRYJbWljcm9zb2Z0MS0wKwYDVQQDEyRN
537. // SIG // aWNyb3NvZnQgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3Jp
538. // SIG // dHkwHhcNMDYwMTI1MjMyMjMyWhcNMTcwMTI1MjMzMjMy
539. // SIG // WjB5MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGlu
540. // SIG // Z3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMV
541. // SIG // TWljcm9zb2Z0IENvcnBvcmF0aW9uMSMwIQYDVQQDExpN
542. // SIG // aWNyb3NvZnQgQ29kZSBTaWduaW5nIFBDQTCCASIwDQYJ
543. // SIG // KoZIhvcNAQEBBQADggEPADCCAQoCggEBAJ+N34U3jLEG
544. // SIG // VmY2TtQK6zYjkR6vq41Y6cTPwZ86CiTExMResO4VFMX6
545. // SIG // PpkzaxlpcvR8BV/lmSVE1zUZipDcKI6QDO/VkGGt3twY
546. // SIG // cC2DyW+vhSz43bm5MP1xeByD/cipuYJnDXq4wQnCvBaX
547. // SIG // Vz8cmNNp1zCQkJCNMB/YJtSee4jZ4gntl0lF6wRSgXV7
548. // SIG // uLUiuC5Wu9fPqU48CoOiqDrFrbYBDmrPIrQjH2zVJ+e3
549. // SIG // fsG01TKteSUcQobinYX0V9obWS8tJpIpxbPXhaOeYFqU
550. // SIG // 5nuce16CNEtt/9TuJ9Ci3NGQDM59DhV8iKw0x8BsmIRK
551. // SIG // yUR5aCjfIoMNuIosSGHi/hECAwEAAaOCAiMwggIfMBAG
552. // SIG // CSsGAQQBgjcVAQQDAgEAMB0GA1UdDgQWBBRXRXQcXbD2
553. // SIG // yEMF4IxULY8yp/5IljALBgNVHQ8EBAMCAcYwDwYDVR0T
554. // SIG // AQH/BAUwAwEB/zCBmAYDVR0jBIGQMIGNgBQOrIJgQFYn
555. // SIG // l+UlE/wq4QpTlVnkpKFjpGEwXzETMBEGCgmSJomT8ixk
556. // SIG // ARkWA2NvbTEZMBcGCgmSJomT8ixkARkWCW1pY3Jvc29m
557. // SIG // dDEtMCsGA1UEAxMkTWljcm9zb2Z0IFJvb3QgQ2VydGlm
558. // SIG // aWNhdGUgQXV0aG9yaXR5ghB5rRahSqClrUxzWPQHEy5l
559. // SIG // MFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwubWlj
560. // SIG // cm9zb2Z0LmNvbS9wa2kvY3JsL3Byb2R1Y3RzL21pY3Jv
561. // SIG // c29mdHJvb3RjZXJ0LmNybDBUBggrBgEFBQcBAQRIMEYw
562. // SIG // RAYIKwYBBQUHMAKGOGh0dHA6Ly93d3cubWljcm9zb2Z0
563. // SIG // LmNvbS9wa2kvY2VydHMvTWljcm9zb2Z0Um9vdENlcnQu
564. // SIG // Y3J0MHYGA1UdIARvMG0wawYJKwYBBAGCNxUvMF4wXAYI
565. // SIG // KwYBBQUHAgIwUB5OAEMAbwBwAHkAcgBpAGcAaAB0ACAA
566. // SIG // qQAgADIAMAAwADYAIABNAGkAYwByAG8AcwBvAGYAdAAg
567. // SIG // AEMAbwByAHAAbwByAGEAdABpAG8AbgAuMBMGA1UdJQQM
568. // SIG // MAoGCCsGAQUFBwMDMA0GCSqGSIb3DQEBBQUAA4ICAQAw
569. // SIG // vLAgpGKgp+85JmE93KzGmdCGxC71gzJlXiI+m9aG+Oi2
570. // SIG // n8qL1jt1C6GRPkzdZHSMSfKIjBhnbP4VZka4OkZCl8iR
571. // SIG // N9Qksees0+pBFIN308lPBV+jFFK/lqQvPlZbEHXOU8PO
572. // SIG // BVRptGXJJKUP4SW4GrlN5QK5UB5Ps5gMHZUC7iJZrSLL
573. // SIG // BXQLBEV7BFng2A+z60z4YN3CeJ7Rup9r9/PufkQRQNK9
574. // SIG // uptLFghupL5V5KY4EqNI9BxVeoog0X3+kduUjy/Ce2um
575. // SIG // ZIVPo+UsNCldC7/1xzgvxCDEVjH2ac6F+AqR7NDWrro4
576. // SIG // BQzrbk9MnAMpqqL8GKApDA1cXFYjV9oclg3IJjbBRMvl
577. // SIG // 4eZvieeP6Zi1c9N44+2jATx05V68bPYhiWcF7JedtbH9
578. // SIG // r6bpcqXDNOEvn/n0ajniLQSCW/zQnK58nRH55rVTGXS6
579. // SIG // OUo5631Cs0o7Nz3CSnsnmOfiTpsbSlQ4aiM3vmq3SO7q
580. // SIG // Qg1JJJGOtwQul2/k50W7j039YNnXWcLYgNZgNHu3oZMg
581. // SIG // /oG4qqVcCemKDb4oTX7X6A/tZXjRMV+5ZtvfQucLzAIH
582. // SIG // jd//IAajRWW0szKNLpHiTbSpyfq8awQOsp/qn96kyQqW
583. // SIG // 9I332Jio8IUCCFmkIKYsCxryUgbtaeVkGBvgo6veynwU
584. // SIG // YUO4ZfU2o1UTK2csTRswTDGCBOUwggThAgEBMIGHMHkx
585. // SIG // CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9u
586. // SIG // MRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNy
587. // SIG // b3NvZnQgQ29ycG9yYXRpb24xIzAhBgNVBAMTGk1pY3Jv
588. // SIG // c29mdCBDb2RlIFNpZ25pbmcgUENBAgphBfceAAAAAAAy
589. // SIG // MAkGBSsOAwIaBQCgggERMBkGCSqGSIb3DQEJAzEMBgor
590. // SIG // BgEEAYI3AgEEMBwGCisGAQQBgjcCAQsxDjAMBgorBgEE
591. // SIG // AYI3AgEVMCMGCSqGSIb3DQEJBDEWBBRAk6ITUT0xBLr+
592. // SIG // WNzS53evIfxnkDCBsAYKKwYBBAGCNwIBDDGBoTCBnqBw
593. // SIG // gG4ARgBvAHIAZQBmAHIAbwBuAHQAIABUAGgAcgBlAGEA
594. // SIG // dAAgAE0AYQBuAGEAZwBlAG0AZQBuAHQAIABHAGEAdABl
595. // SIG // AHcAYQB5ACAALQAgAEsAQgAxADkAOAAxADQAMAA5ACAA
596. // SIG // RQBuAGcAbABpAHMAaKEqgChodHRwOi8vc3VwcG9ydC5t
597. // SIG // aWNyb3NvZnQuY29tP2tiaWQ9OTgxMzI0MA0GCSqGSIb3
598. // SIG // DQEBAQUABIIBADi0onTsDQOPkm6+75AWnc22H8fQuoGv
599. // SIG // fmqxZtbmAo6qpdp8FgWr4XjCf/K7t70gz+4ESaaDsuDg
600. // SIG // KMVtUdG95qdXUcvu7ZTxJSRrEVYsQazpeCcIrns4oz2O
601. // SIG // cqiDZLYSa8oi2J3SpPawx89dY+HIeF7z6dF1DKB9XlJn
602. // SIG // ygtLH3iBUyYE+YBQETLt3lCZoTTjOFtewf3HmSzpW3rR
603. // SIG // xJR84/9SObb2QjSyfp/RhGoUbd5CtXBTAWALQZaOpZxa
604. // SIG // YVJE4ormuGiQhfBZq1ZGF2zK0ZTGd18klWoITrxw+UNa
605. // SIG // pQU+sTtA92NylEUNHn36IeAXqj+KN74K2WPr/w9RSUhS
606. // SIG // +q6hggIdMIICGQYJKoZIhvcNAQkGMYICCjCCAgYCAQEw
607. // SIG // gYUwdzELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hp
608. // SIG // bmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoT
609. // SIG // FU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEhMB8GA1UEAxMY
610. // SIG // TWljcm9zb2Z0IFRpbWUtU3RhbXAgUENBAgphFrUpAAAA
611. // SIG // AAAQMAcGBSsOAwIaoF0wGAYJKoZIhvcNAQkDMQsGCSqG
612. // SIG // SIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMTAwNjE1MTgz
613. // SIG // MzMwWjAjBgkqhkiG9w0BCQQxFgQUeF2MyQnCPBe8WnOv
614. // SIG // vHKnhk8dty4wDQYJKoZIhvcNAQEFBQAEggEApF/IOUTv
615. // SIG // cGiewchP+r+Rv5FN5nmjHI49DByrrS4kpWEUnAsh5y9Z
616. // SIG // P8tD617WBG7dWuiz7WSfrCm4Px9v9d7twyLlkHYNJ1kM
617. // SIG // rKsir6SfnSl90dwF+OrfoFTDqgpIO3MllopF4HXfzM+d
618. // SIG // MBqHT9QUJsc8s5V/ljMIE6fkduGy1zNPfLgc+A3C3oRg
619. // SIG // N/yxY5K6gPNZanM6ggC7I4CKf8zTtiLb08FBh8rBBcX2
620. // SIG // lVV+h41gW7mFgs2B7huv0SIRfWBOKzCXsvs/XwEzuQrT
621. // SIG // 7os8Gnjp/F7ycHCDJATHWFIK306q6WgPt0YD5B7t7mJz
622. // SIG // vg4wkXZ+RLNbu4YNXpSOnSUA2Q==
623. // SIG // End signature block
624.