Public/Common.ps1
|
<#
.SYNOPSIS Generates a report of the current Status of the Exchange Online environment .DESCRIPTION The report will write all needed information of Exchange Online into an HTML file. This is useful for documentation and decisions for the integration. It also makes sense as some sort of snapshot documentation before and after an integration into seppmail.cloud .EXAMPLE PS C:\> New-SC365ExoReport This reads relevant information of Exchange Online and writes a summary report in an HTML in the current directory .EXAMPLE PS C:\> New-SC365ExoReport -FilePath '~/Desktop' -Filepath requires a relative path and may be used with or without filename (auto-generated filename) .EXAMPLE PS C:\> New-SC365ExoReport -LiteralPath c:\temp\expreport.html Literalpath requires a full and valid path .INPUTS FilePath .OUTPUTS HTML Report .NOTES See https://github.com/seppmail/SEPPmail365cloud/blob/main/README.md for more #> function New-SC365ExOReport { [CmdletBinding( SupportsShouldProcess = $true, ConfirmImpact = 'Medium', DefaultParameterSetName = 'FilePath', HelpURI = 'https://github.com/seppmail/SEPPmail365cloud/blob/main/README.md#setup-the-integration' )] Param ( # Define output relative Filepath [Parameter( Mandatory = $false, HelpMessage = 'Relative path of the HTML report on disk', ParameterSetName = 'FilePath', Position = 0 #Position = 0 )] [Alias('Path')] [string]$filePath = '.', [Parameter( Mandatory = $false, HelpMessage = 'Literal path of the HTML report on disk', ParameterSetName = 'LiteralPath', Position = 0 )] [string]$Literalpath = '.' ) begin { if (!(Test-SC365ConnectionStatus)){ throw [System.Exception] "You're not connected to Exchange Online - please connect prior to using this CmdLet" } else { Write-Information "Connected to Exchange Organization `"$Script:ExODefaultDomain`"" -InformationAction Continue Write-verbose 'Defining Function fo read Exo Data and return an info Message in HTML even if nothing is retrieved' } function New-SelfGeneratedReportName { Write-Verbose "Creating self-generated report filename." return ("{0:HHm-ddMMyyy}" -f (Get-Date)) + (Get-AcceptedDomain|where-object default -eq $true|select-object -expandproperty Domainname) + '.html' } #region Filetest only if not $Literalpath is selected if ($PsCmdlet.ParameterSetName -eq "FilePath") { If (Test-Path $FilePath -PathType Container) { Write-Verbose "Filepath $Filepath is a directory" if (Test-Path (Split-Path (Resolve-Path $Filepath) -Parent)) { Write-Verbose "Filepath $Filepath Container exists on disk, creating default ReportFilename" $ReportFilename = New-SelfGeneratedReportName $FinalPath = Join-Path -Path $filePath -ChildPath $ReportFilename } else { throw [System.Exception] "$FilePath is not valid. Enter a valid filepath like ~\Desktop or c:\temp\expreport.html" } } else { Write-Verbose "FilePath $Filepath is a Full Path including Filename" if ((Split-Path $FilePath -Extension) -eq '.html') { $FinalPath = $Filepath } else { throw [System.Exception] "$FilePath is not an HTML file. Enter a valid filepath like ~\Desktop or c:\temp\expreport.html" } } } else { # Literalpath $SplitLiteralPath = Split-Path -Path $LiteralPath -Parent If (Test-Path -Path $SplitLiteralPath) { $finalPath = $LiteralPath } else { throw [System.Exception] "$LiteralPath does not exist. Enter a valid literal path like ~\exoreport.html or c:\temp\expreport.html" } } #endregion function Get-ExoHTMLData { param ( [Parameter( Mandatory = $true, HelpMessage = 'Enter Cmdlte to ')] [string]$ExoCmd ) try { $rawData = Invoke-Expression -Command $exoCmd if ($null -eq $rawData) { $ExoHTMLData = New-object -type PSobject -property @{Result = '--- no information available ---'}|Convertto-HTML -Fragment } else { $ExoHTMLData = $rawData|Convertto-HTML -Fragment } return $ExoHTMLData } catch { Write-Warning "Could not fetch data from command '$exoCmd'" } } } process { try { if ($pscmdlet.ShouldProcess("Target", "Operation")) { #"Whatis is $Whatif and `$pscmdlet.ShouldProcess is $($pscmdlet.ShouldProcess) " #For later Use } $mv = $myInvocation.MyCommand.Version $Top = "<p><h1>Exchange Online Report</h1><p>" $now = Get-Date if ($PSVersionTable.OS -like 'Microsoft Windows*') { $repUser = [System.Security.Principal.WindowsIdentity]::GetCurrent().Name } else { $repUser = (hostname) + '/' + (whoami) } $RepCreationDateTime = "<p><body>Report created on: $now</body><p>" $RepCreatedBy = "<p><body>Report created by: $repUser</body><p>" $ReportFilename = Split-Path $FinalPath -Leaf $moduleVersion = "<p><body>SEPPmail365cloud Module Version: $mv</body><p>" $reportTenantID = Get-SC365TenantID -maildomain (Get-AcceptedDomain|where-object InitialDomain -eq $true|select-object -expandproperty Domainname) $TenantInfo = "<p><body>Microsoft O/M365 AzureAD Tenant ID: $reportTenantID</body><p>" Write-Verbose "Collecting Accepted Domains" $hSplitLine = '<p><h2>---------------------------------------------------------------------------------------------------------------------------</h2><p>' #region General infos $hGeneral = '<p><h2>General Exchange Online and Subscription Information</h2><p>' $hA = '<p><h3>Accepted Domains</h3><p>' $A = Get-ExoHTMLData -ExoCmd 'Get-AcceptedDomain |select-object Domainname,DomainType,Default,EmailOnly,ExternallyManaged,OutboundOnly|Sort-Object -Descending Default ' # Find out Office Configuration Write-Verbose "Collecting M365 Configuration" $hB = '<p><h3>ExO Configuration Details</h3><p>' $B = Get-ExoHTMLData -ExoCmd 'Get-OrganizationConfig |Select-Object DisplayName,ExchangeVersion,AllowedMailboxRegions,DefaultMailboxRegion,DisablePlusAddressInRecipients' # Find out possible Sending Limits for LFT Write-Verbose "Collecting Send and Receive limits for SEPPmail LFT configuration" $hP = '<p><h3>Send and Receive limits (for SEPPmail LFT configuration)</h3><p>' $P = Get-ExoHTMLData -ExoCmd 'Get-TransportConfig |Select-Object MaxSendSize,MaxReceiveSize' # Find out possible Office Message Encryption Settings Write-Verbose "Collecting Office Message Encryption Settings" $hP = '<p><h3>Office Message Encryption Settings</h3><p>' $P = Get-ExoHTMLData -ExoCmd 'Get-OMEConfiguration|Select-Object PSComputerName,TemplateName,OTPEnabled,SocialIdSignIn,ExternalMailExpiryInterval,Identity,IsValid' # Get MX Record Report for each domain $hO = '<p><h3>MX Record for each Domain</h3><p>' $O = $Null $oTemp = Get-AcceptedDomain Foreach ($AcceptedDomain in $oTemp.DomainName) { $O += (Get-MxRecordReport -Domain $AcceptedDomain|Select-Object -Unique|Select-Object HighestPriorityMailhost,HighestPriorityMailhostIpAddress,Domain|Convertto-HTML -Fragment) } #endregion #region Security $hSecurity = '<p><h2>Security related Information</h2><p>' $hC = '<p><h3>DKIM Settings</h3><p>' $C = Get-ExoHTMLData -ExoCmd 'Get-DkimSigningConfig|Select-Object Domain,Enabled,Status,Selector1CNAME,Selector2CNAME|sort-object Enabled -Descending' Write-Verbose "Collecting Phishing and Malware Policies" $hD = '<p><h3>Anti Phishing Policies</h3><p>' $D = Get-ExoHTMLData -ExoCmd 'Get-AntiPhishPolicy|Select-Object Identity,isDefault,IsValid,AuthenticationFailAction' $hE = '<p><h3>Anti Malware Policies</h3><p>' $E = Get-ExoHTMLData -ExoCmd 'Get-MalwareFilterPolicy|Select-Object Identity,Action,IsDefault,Filetypes' $hk = '<p><h3>Content Filter Policy</h3><p>' $k= Get-ExoHTMLData -ExoCmd 'Get-HostedContentFilterPolicy|Select-Object QuarantineRetentionPeriod,EndUserSpamNotificationFrequency,TestModeAction,IsValid,BulkSpamAction,PhishSpamAction,OriginatingServer' Write-Verbose "Blocked Sender Addresses" $hH = '<p><h3>Show Senders which are locked due to outbound SPAM</h3><p>' $h = Get-ExoHTMLData -ExoCmd 'Get-BlockedSenderAddress' Write-Verbose "Get Outbound SPAM Filter Policy" $hJ = '<p><h3>Outbound SPAM Filter Policy</h3><p>' $J = Get-ExoHTMLData -ExoCmd 'Get-HostedOutboundSpamFilterPolicy|Select-Object Name,IsDefault,Enabled,ActionWhenThresholdReached' Write-Verbose "Get Filter Policy" $hJ1 = '<p><h3>SPAM Filter Policy</h3><p>' $J1 = Get-ExoHTMLData -ExoCmd 'Get-HostedConnectionFilterPolicy|select-Object Name,IsDefault,Enabled,IPAllowList,IPBlockList' #endregion Security #region other connectors $hOtherConn = '<p><h2>Hybrid and other Connectors</h2><p>' Write-Verbose "Get-HybridMailflow" $hG = '<p><h3>Hybrid Mailflow Information</h3><p>' $g = Get-ExoHTMLData -ExoCmd 'Get-HybridMailflow' Write-Verbose "Get-IntraorgConnector" $hI = '<p><h3>Intra Org Connector Settings</h3><p>' $I = Get-ExoHTMLData -ExoCmd 'Get-IntraOrganizationConnector|Select-Object Identity,TargetAddressDomains,DiscoveryEndpoint,IsValid' #endregion #region connectors $hConnectors = '<p><h2>Existing Exchange Connectors</h2><p>' Write-Verbose "InboundConnectors" $hL = '<p><h3>Inbound Connectors</h3><p>' $L = Get-ExoHTMLData -ExoCmd 'Get-InboundConnector |Select-Object Identity,Enabled,SenderDomains,SenderIPAddresses,OrganizationalUnitRootInternal,TlsSenderCertificateName,OriginatingServer,IsValid' Write-Verbose "OutboundConnectors" $hM = '<p><h3>Outbound Connectors</h3><p>' $M = Get-ExoHTMLData -ExoCmd 'Get-OutboundConnector -IncludeTestModeConnectors:$true|Select-Object Identity,Enabled,SmartHosts,TlsDomain,TlsSettings,RecipientDomains,OriginatingServer,IsValid' #endregion connectors #region mailflow rules $hTransPortRules = '<p><h2>Existing Mailflow Rules</h2><p>' Write-Verbose "TransportRules" $hN = '<p><h3>Existing Transport Rules</h3><p>' $N = Get-ExoHTMLData -ExoCmd 'Get-TransportRule | select-object Name,State,Mode,Priority,FromScope,SentToScope' #endregion transport rules $HeaderLogo = [Convert]::ToBase64String((Get-Content -path $PSScriptRoot\..\HTML\SEPPmailLogo_T.png -AsByteStream)) $LogoHTML = @" <img src="data:image/jpg;base64,$($HeaderLogo)" style="left:150px alt="Exchange Online System Report"> "@ $hEndOfReport = '<p><h2>--- End of Report ---</h2><p>' $style = Get-Content -Path $PSScriptRoot\..\HTML\SEPPmailReport.css $finalreport = Convertto-HTML -Body "$LogoHTML $Top $RepCreationDatetime $RepCreatedBy $moduleVersion $TenantInfo` $hSplitLine $hGeneral $hSplitLine $hA $a $hB $b $hO $o` $hSplitLine $hSecurity $hSplitLine $hC $c $hd $d $hE $e $hP $P $hH $H $hK $k $hJ $j $hJ1 $J1 ` $hSplitLine $hOtherConn $hSplitLine $hG $g $hI $i ` $hSplitLine $hConnectors $hSplitLine $hL $l $hM $m ` $hSplitLine $hTransPortRules $hSplitLine $hN $n $hEndofReport " -Title "SEPPmail365 Exo Report" -Head $style # Write Report to Disk try { $finalReport|Out-File -FilePath $FinalPath -Force } catch{ Write-Warning "Could not write report to $FinalPath" if ($IsWindows) { $FinalPath = Join-Path -Path $env:localappdata -ChildPath $ReportFilename } if ($IsMacOs) { $Finalpath = Join-Path -Path $env:HOME -ChildPath $ReportFilename } Write-Verbose "Writing report to $finalPath" try { $finalReport|Out-File -FilePath $finalPath -Force } catch { $error[0] } } if ($IsWindows) { Write-Information -MessageData "Opening $finalPath with default browser" Invoke-Expression "& '$finalpath'" } if ($IsMacOs) { "Report is stored on your disk at $finalpath. Open with your favorite browser." } } catch { throw [System.Exception] "Error: $($_.Exception.Message)" } } end { } } function Remove-SC365Setup { [CmdletBinding()] param() Begin {} Process { Remove-SC365Rules Remove-SC365Connectors } End{} } function Get-SC365Setup { [CmdletBinding()] param() Begin {} Process { Get-SC365Connectors Get-SC365Rules } End{} } <# .SYNOPSIS Read Office/Microsoft365 Azure TenantID .DESCRIPTION Every Exchange Online is part of some sort of Microsoft Subscription and each subscription has an Azure Active Directory included. We need the TenantId to identify managed domains in seppmail.cloud .EXAMPLE PS C:\> Get-SC365TenantID -maildomain 'contoso.de' Explanation of what the example does .INPUTS Maildomain as string (mandatory) .OUTPUTS TenantID (GUID) as string .NOTES See https://github.com/seppmail/SEPPmail365cloud/blob/main/README.md for more #> Function Get-SC365TenantID { [CmdLetBinding( HelpURI = 'https://github.com/seppmail/SEPPmail365cloud/blob/main/README.md#setup-the-integration' )] param ( [Parameter(Mandatory=$true)] <#[ValidateScript( { if (Get-AcceptedDomain -Identity $_ -Erroraction silentlycontinue) { $true } else { Write-Error "Domain $_ could not get validated, please check accepted domains with 'Get-AcceptedDomains'" } } )]#> [string]$maildomain ) $uri = 'https://login.windows.net/' + $maildomain + '/.well-known/openid-configuration' $TenantId = (Invoke-WebRequest $uri| ConvertFrom-Json).token_endpoint.Split('/')[3] Return $tenantid } <# .SYNOPSIS Test Exchange Online connectivity .DESCRIPTION When staying in a Powershell Session with Exchange Online many things can occur to disturb the session. The Test-SC365connectivity CmdLet figures out if the session is still valid .EXAMPLE PS C:\> Test-SC365ConnectionStatus Whithout any parameter the CmdLet emits just true or false .EXAMPLE PS C:\> Test-SC365ConnectionStatus -verbose For deeper analisys of connectivity issues the verbose switch provides a lot of relevant information. .EXAMPLE PS C:\> Test-SC365ConnectionStatus -showDefaultDomain ShowDefaultdomain will also emit the current default e-mail domain .EXAMPLE PS C:\> Test-SC365ConnectionStatus -Connect Connnect will try to connect via the standard method (web-browser) .INPUTS Inputs (if any) .OUTPUTS true/false .NOTES See https://github.com/seppmail/SEPPmail365cloud/blob/main/README.md for more #> function Test-SC365ConnectionStatus { [CmdLetBinding( HelpURI = 'https://github.com/seppmail/SEPPmail365cloud/blob/main/README.md#setup-the-integration' )] Param ( [Parameter( Mandatory=$false, HelpMessage = 'If turned on, the CmdLet will emit the current default domain' )] [switch]$showDefaultDomain, [Parameter( Mandatory=$false, HelpMessage = 'If turned on, the CmdLet will try to connect to Exchange Online is disconnected' )] [switch]$Connect ) [bool]$isConnected = $false Write-Verbose "Check if module ExchangeOnlineManagement is imported" if(!(Get-Module ExchangeOnlineManagement -ErrorAction SilentlyContinue)) { Write-Warning "ExchangeOnlineManagement module not yet imported, importing ..." if(!(Import-Module ExchangeOnlineManagement -PassThru -ErrorAction SilentlyContinue)) {throw [System.Exception] "ExchangeOnlineManagement module does not seem to be installed! Use 'Install-Module ExchangeOnlineManagement' to install.'"} } else { $ExoConnInfo = if (Get-Connectioninformation) {(Get-ConnectionInformation)[-1]} if ($ExoConnInfo) { Write-Verbose "Connected to Exchange Online Tenant $($ExoConnInfo.TenantID)" [datetime]$TokenExpiryTimeLocal = $ExoConnInfo.TokenExpiryTimeUTC.Datetime.ToLocalTime() $delta = New-TimeSpan -Start (Get-Date) -End $TokenExpiryTimeLocal $ticks = $delta.Ticks if ($ticks -like '-*') # Token expired { $isconnected = $false Write-Warning "You're not actively connected to your Exchange Online organization. TOKEN is EXPIRED" if(($InteractiveSession) -and ($Connect))# defined in public/Functions.ps1 { try { # throws an exception if authentication fails Write-Verbose "Reconnecting to Exchange Online" Connect-ExchangeOnline -SkipLoadingFormatData $isConnected = $true } catch { throw [System.Exception] "Could not connect to Exchange Online, please retry."} } else { $isConnected = $false } } else # Valid connection { $tokenLifeTime = [math]::Round($delta.TotalHours) Write-verbose "Active session token exipry time is $TokenExpiryTimeLocal (roughly $tokenLifeTime hours)" $tmpModuleName = Split-Path -Path $ExoConnInfo.ModuleName -Leaf Write-verbose "Active session Module name is $tmpModuleName" $isConnected = $true [string] $Script:ExODefaultDomain = Get-AcceptedDomain | Where-Object{$_.Default} | Select-Object -ExpandProperty DomainName -First 1 if ($showDefaultDomain) {"$Script:ExoDefaultdomain"} } } else # No Connection { if(($InteractiveSession) -and ($connect)) # defined in public/Functions.ps1 { try { # throws an exception if authentication fails Write-Verbose "Connecting to Exchange Online" Connect-ExchangeOnline -SkipLoadingFormatData } catch { throw [System.Exception] "Could not connect to Exchange Online, please retry."} } else { $isConnected = $false } } } return $isConnected } Register-ArgumentCompleter -CommandName Get-SC365TenantId -ParameterName MailDomain -ScriptBlock $paramDomSB # SIG # Begin signature block # MIIL1wYJKoZIhvcNAQcCoIILyDCCC8QCAQExCzAJBgUrDgMCGgUAMGkGCisGAQQB # gjcCAQSgWzBZMDQGCisGAQQBgjcCAR4wJgIDAQAABBAfzDtgWUsITrck0sYpfvNR # AgEAAgEAAgEAAgEAAgEAMCEwCQYFKw4DAhoFAAQUdO+lEzGQAj/kfjoGyZngLgm/ # QxWggglAMIIEmTCCA4GgAwIBAgIQcaC3NpXdsa/COyuaGO5UyzANBgkqhkiG9w0B # AQsFADCBqTELMAkGA1UEBhMCVVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEoMCYG # A1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjE4MDYGA1UECxMv # KGMpIDIwMDYgdGhhd3RlLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkx # HzAdBgNVBAMTFnRoYXd0ZSBQcmltYXJ5IFJvb3QgQ0EwHhcNMTMxMjEwMDAwMDAw # WhcNMjMxMjA5MjM1OTU5WjBMMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3Rl # LCBJbmMuMSYwJAYDVQQDEx10aGF3dGUgU0hBMjU2IENvZGUgU2lnbmluZyBDQTCC # ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJtVAkwXBenQZsP8KK3TwP7v # 4Ol+1B72qhuRRv31Fu2YB1P6uocbfZ4fASerudJnyrcQJVP0476bkLjtI1xC72Ql # WOWIIhq+9ceu9b6KsRERkxoiqXRpwXS2aIengzD5ZPGx4zg+9NbB/BL+c1cXNVeK # 3VCNA/hmzcp2gxPI1w5xHeRjyboX+NG55IjSLCjIISANQbcL4i/CgOaIe1Nsw0Rj # gX9oR4wrKs9b9IxJYbpphf1rAHgFJmkTMIA4TvFaVcnFUNaqOIlHQ1z+TXOlScWT # af53lpqv84wOV7oz2Q7GQtMDd8S7Oa2R+fP3llw6ZKbtJ1fB6EDzU/K+KTT+X/kC # AwEAAaOCARcwggETMC8GCCsGAQUFBwEBBCMwITAfBggrBgEFBQcwAYYTaHR0cDov # L3QyLnN5bWNiLmNvbTASBgNVHRMBAf8ECDAGAQH/AgEAMDIGA1UdHwQrMCkwJ6Al # oCOGIWh0dHA6Ly90MS5zeW1jYi5jb20vVGhhd3RlUENBLmNybDAdBgNVHSUEFjAU # BggrBgEFBQcDAgYIKwYBBQUHAwMwDgYDVR0PAQH/BAQDAgEGMCkGA1UdEQQiMCCk # HjAcMRowGAYDVQQDExFTeW1hbnRlY1BLSS0xLTU2ODAdBgNVHQ4EFgQUV4abVLi+ # pimK5PbC4hMYiYXN3LcwHwYDVR0jBBgwFoAUe1tFz6/Oy3r9MZIaarbzRutXSFAw # DQYJKoZIhvcNAQELBQADggEBACQ79degNhPHQ/7wCYdo0ZgxbhLkPx4flntrTB6H # novFbKOxDHtQktWBnLGPLCm37vmRBbmOQfEs9tBZLZjgueqAAUdAlbg9nQO9ebs1 # tq2cTCf2Z0UQycW8h05Ve9KHu93cMO/G1GzMmTVtHOBg081ojylZS4mWCEbJjvx1 # T8XcCcxOJ4tEzQe8rATgtTOlh5/03XMMkeoSgW/jdfAetZNsRBfVPpfJvQcsVncf # hd1G6L/eLIGUo/flt6fBN591ylV3TV42KcqF2EVBcld1wHlb+jQQBm1kIEK3Osgf # HUZkAl/GR77wxDooVNr2Hk+aohlDpG9J+PxeQiAohItHIG4wggSfMIIDh6ADAgEC # AhBdMTrn+ZR0fTH9F/xerQI2MA0GCSqGSIb3DQEBCwUAMEwxCzAJBgNVBAYTAlVT # MRUwEwYDVQQKEwx0aGF3dGUsIEluYy4xJjAkBgNVBAMTHXRoYXd0ZSBTSEEyNTYg # Q29kZSBTaWduaW5nIENBMB4XDTIwMDMxNjAwMDAwMFoXDTIzMDMxNjIzNTk1OVow # XTELMAkGA1UEBhMCQ0gxDzANBgNVBAgMBkFhcmdhdTERMA8GA1UEBwwITmV1ZW5o # b2YxFDASBgNVBAoMC1NFUFBtYWlsIEFHMRQwEgYDVQQDDAtTRVBQbWFpbCBBRzCC # ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKE54Nn5Vr8YcEcTv5k0vFyW # 26kzBt9Pe2UcawfjnyqvYpWeCuOXxy9XXif24RNuBROEc3eqV4EHbA9v+cOrE1me # 4HTct7byRM0AQCzobeFAyei3eyeDbvb963pUD+XrluCQS+L80n8yCmcOwB+weX+Y # j2CY7s3HZfbArzTxBHo5AKEDp9XxyoCc/tUQOq6vy+wdbOOfLhrNMkDDCsBWSLqi # jx3t1E+frAYF7tXaO5/FEGTeb/OjXqOpoooNL38FmCJh0CKby090sBJP5wSienn1 # NdhmBOKRL+0K3bomozoYmQscpT5AfWo4pFQm+8bG4QdNaT8AV4AHPb4zf23bxWUC # AwEAAaOCAWowggFmMAkGA1UdEwQCMAAwHwYDVR0jBBgwFoAUV4abVLi+pimK5PbC # 4hMYiYXN3LcwHQYDVR0OBBYEFPKf1Ta/8vAMTng2ZeBzXX5uhp8jMCsGA1UdHwQk # MCIwIKAeoByGGmh0dHA6Ly90bC5zeW1jYi5jb20vdGwuY3JsMA4GA1UdDwEB/wQE # AwIHgDATBgNVHSUEDDAKBggrBgEFBQcDAzBuBgNVHSAEZzBlMGMGBmeBDAEEATBZ # MCYGCCsGAQUFBwIBFhpodHRwczovL3d3dy50aGF3dGUuY29tL2NwczAvBggrBgEF # BQcCAjAjDCFodHRwczovL3d3dy50aGF3dGUuY29tL3JlcG9zaXRvcnkwVwYIKwYB # BQUHAQEESzBJMB8GCCsGAQUFBzABhhNodHRwOi8vdGwuc3ltY2QuY29tMCYGCCsG # AQUFBzAChhpodHRwOi8vdGwuc3ltY2IuY29tL3RsLmNydDANBgkqhkiG9w0BAQsF # AAOCAQEAdszNU8RMB6w9ylqyXG3EjWnvii7aigN0/8BNwZIeqLP9aVrHhDEIqz0R # u+KJG729SgrtLgc7OenqubaDLiLp7YICAsZBUae3a+MS7ifgVLuDKBSdsMEH+oRu # N1iGMfnAhykg0P5ltdRlNfDvQlIFiqGCcRaaGVC3fqo/pbPttbW37osyIxTgmB4h # EWs1jo8uDEHxw5qyBw/3CGkBhf5GNc9mUOHeEBMnzOesmlq7h9R2Q5FaPH74G9FX # xAG2z/rCA7Cwcww1Qgb1k+3d+FGvUmVGxJE45d2rVj1+alNc+ZcB9Ya9+8jhMssM # LjhJ1BfzUWeWdZqRGNsfFj+aZskwxjGCAgEwggH9AgEBMGAwTDELMAkGA1UEBhMC # VVMxFTATBgNVBAoTDHRoYXd0ZSwgSW5jLjEmMCQGA1UEAxMddGhhd3RlIFNIQTI1 # NiBDb2RlIFNpZ25pbmcgQ0ECEF0xOuf5lHR9Mf0X/F6tAjYwCQYFKw4DAhoFAKB4 # MBgGCisGAQQBgjcCAQwxCjAIoAKAAKECgAAwGQYJKoZIhvcNAQkDMQwGCisGAQQB # gjcCAQQwHAYKKwYBBAGCNwIBCzEOMAwGCisGAQQBgjcCARUwIwYJKoZIhvcNAQkE # MRYEFOOTKr+sovKSl8523yVp/BDMJzbJMA0GCSqGSIb3DQEBAQUABIIBAJmXPE8h # Z0L5fyfQRbeWQFJpHDgn6GEEUDSL75SEiQU9zo4KEBQaF5vcb21UF2kti3Gg67nQ # B5qq6N/64z1vowzW3cPJHv/fIXaYiU7zpXnvItsUbKzvv+1VZLv1+JqWkVHwTVL8 # uKyNtUULqZR72G+wZZhWOYywtrggpB1NTW8Yeen+3s2CLMBaVEQQjnW2ufN5EwNI # 3DnaGJaiTG55XQPo9Xq5Blov3TCXUcL+6pi7Zskyde5meXg7pLn+IoMKxd+d0geW # 9JbM6OK4hl3lvBkGFyLdwgi+BwrAF12eDmwpU1Ln6E1ZrcAns8tyN+txHNykYzej # Iykp7XWqYmRi/Bs= # SIG # End signature block |