Set-ManagedByTenantForAadds

1.0

Set-ManagedByTenantForAadds.ps1

                                <#PSScriptInfo

.VERSION 1.0

.GUID ab5fb1d9-e8dd-42c9-9a58-552e06e97bdb

.AUTHOR aaddsfb@microsoft.com

.COMPANYNAME Microsoft Corporation

.COPYRIGHT (c) Microsoft Corporation

.TAGS Azure-AD-Domain-Services Migration

.LICENSEURI

.PROJECTURI

.ICONURI

.EXTERNALMODULEDEPENDENCIES

.REQUIREDSCRIPTS

.EXTERNALSCRIPTDEPENDENCIES

.RELEASENOTES

    02/18/2023 - Initial release

#>

<#

.SYNOPSIS

    Uses AzureLighthouse to set up the subscription to be managed by the tenant in order

    to temporarily resolve tenant-subscription mismatch scenario. This allows the classic

    AADDS resource to be migrated to ARM.

.DESCRIPTION

    Uses AzureLighthouse to set up the subscription to be managed by the tenant in order

    to temporarily resolve tenant-subscription mismatch scenario. This allows the classic

    AADDS resource to be migrated to ARM.

.PARAMETER managedByTenantId [MANDATORY]

    The tenant id of the AADDS instance.

.PARAMETER VirtualSubnetName [MANADATORY]

    The subscription id of the AADDS instance.

#>

[CmdletBinding()]

Param (

    [Parameter(Mandatory=$true)]

    [string] $managedByTenantId,

    [Parameter(Mandatory=$true)]

    [string] $subscriptionId

)

$VerbosePreference = 'Continue'

# Constants

$armServiceAppId = "443155a6-77f3-45e3-882b-22b3a8d431fb"

$armOpsAppId = "abba844e-bc0e-44b0-947a-dc74e5d09022"

$managedServices = "Microsoft.ManagedServices"

$contributorRoleName = "Contributor"

$contributorRoleId = "b24988ac-6180-42a0-ab88-20f7382dd24c"

$subscriptionScope = "/subscriptions/$subscriptionId"

Write-Verbose "Log on to the Azure AD tenant specified by the AADDS resource's tenant id '$managedByTenantId'"

$context = Connect-AzureAD -TenantId $managedByTenantId

$principalIds = @()

$principalNames = @()

# Obtain admin user's object id

$logonUser = Get-AzureADUser -Filter "userPrincipalName eq '$($context.Account.Id)'" -ErrorAction Ignore

if ($null -eq $logonUser)

{

    Write-Error "Cannot retrieve the object id of the logon user in the tenant '$managedByTenantId'."

    return

}

$adminObjectId = $logonUser.ObjectId

$principalIds += $adminObjectId

$principalNames += "user $($context.Account.Id)"

# Obtain a couple of DCaaS service principals

$appIds = @($armServiceAppId, $armOpsAppId)

foreach ($appId in $appIds)

{

    $app = Get-AzureADServicePrincipal -Filter "AppId eq '$appId'" -ErrorAction Ignore

    if ($null -eq $app)

    {

        Write-Error "Service principal for AppId '$appId' not found."

        return

    }

    $principalIds += $app.ObjectId

    $principalNames += "application $appId"

}

Write-Verbose "Log on to the subscription '$subscriptionId' which contains the AADDS resource"

Connect-AzAccount | Out-Null

Set-AzContext -SubscriptionId $subscriptionId -ErrorAction Stop | Out-Null

$managedServicesRps = Get-AzResourceProvider -ProviderNamespace $managedServices

$registered = $null -ne $managedServicesRps -and ($managedServicesRps | Where-Object { $_.RegistrationState -ne 'Registered'}).Count -eq 0

if ($registered -eq $false)

{

    Write-Verbose "Registering $managedServices ..."

    Register-AzResourceProvider -ProviderNamespace $managedServices -ErrorAction Stop

    Write-Verbose "Registered $managedServices."

}

for ($i = 0; $i -lt $principalIds.Count; $i++)

{

    $principalId = $principalIds[$i]

    $principalName = $principalNames[$i]

    Write-Verbose "Checking ManagedServicesAssignment for $principalName ..."

    $assignment = Get-AzManagedServicesAssignment -Name $principalId -ErrorAction Ignore

    if ($null -eq $assignment)

    {

        $definition = Get-AzManagedServicesDefinition -Name $principalId -ErrorAction Ignore

        if ($null -eq $definition)

        {

            Write-Verbose "Creating ManagedServicesDefinition for $principalName ..."

            $auth = New-AzManagedServicesAuthorizationObject -PrincipalId $principalId -RoleDefinitionId $contributorRoleId

            $definition = New-AzManagedServicesDefinition `

                -Name $principalId `

                -RegistrationDefinitionName "$principalId as $contributorRoleName" `

                -ManagedByTenantId $managedByTenantId `

                -Authorization $auth `

                -Scope $subscriptionScope `

                -Description "$principalName ($principalId) as $contributorRoleName" `

                -ErrorAction Stop

            Write-Verbose "Created ManagedServicesDefinition for $principalName : $($definition.Id)."

        }

        Write-Verbose "Creating ManagedServicesAssignment for $principalName ..."

        $assignment = New-AzManagedServicesAssignment -Name $principalId -RegistrationDefinitionId $definition.Id -ErrorAction Stop

        Write-Verbose "Created ManagedServicesAssignment for $principalName : $($assignment.Id)."

    }

    else

    {

        Write-Verbose "Found ManagedServicesAssignment for $principalName."

    }

}

# SIG # Begin signature block

# MIIrWgYJKoZIhvcNAQcCoIIrSzCCK0cCAQExDzANBglghkgBZQMEAgEFADB5Bgor

# BgEEAYI3AgEEoGswaTA0BgorBgEEAYI3AgEeMCYCAwEAAAQQH8w7YFlLCE63JNLG

# KX7zUQIBAAIBAAIBAAIBAAIBADAxMA0GCWCGSAFlAwQCAQUABCBfYzuNOGkkhE0P

# nZjLIgwRGz4J9Trphs2TkwkqYCOMjaCCEXgwggiIMIIHcKADAgECAhM2AAABrtGg

# awyYSKRjAAIAAAGuMA0GCSqGSIb3DQEBCwUAMEExEzARBgoJkiaJk/IsZAEZFgNH

# QkwxEzARBgoJkiaJk/IsZAEZFgNBTUUxFTATBgNVBAMTDEFNRSBDUyBDQSAwMTAe

# Fw0yMjA2MTAxODI3MDRaFw0yMzA2MTAxODI3MDRaMC8xLTArBgNVBAMTJE1pY3Jv

# c29mdCBBenVyZSBEZXBlbmRlbmN5IENvZGUgU2lnbjCCASIwDQYJKoZIhvcNAQEB

# BQADggEPADCCAQoCggEBALKu+NphKS+D7sydHrBfyKPPze6NFPivnznPzn0744z/

# N8+g1/Ta2S/OX1G+6wxfalLcxUOHg+AvojK73NW9m4azxoPBmzavK0BH0bqdESZr

# zOx/XR8LZPZFF+qtn5egvKlX1IWZUKCmEACjphupjlIbZq6mngG7hfPWlS3naegL

# I96m10lTMgek3B8tKVIcu9X/fiS5Br0GEtIOfRuPZMqE1CR+nlCI8cEFSYy1D71b

# IcOOof/7tSQipnYMUNd77+sx+rTPNtvsVqOfJajAd03OrvYjtikJbpdKtFtael4S

# tIUTJrEB/FkTMsY6YjwcxwcUHAVO9IUhU4DS7fC0XTkCAwEAAaOCBYkwggWFMCkG

# CSsGAQQBgjcVCgQcMBowDAYKKwYBBAGCN1sDATAKBggrBgEFBQcDAzA8BgkrBgEE

# AYI3FQcELzAtBiUrBgEEAYI3FQiGkOMNhNW0eITxiz6Fm90Wzp0SgWDigi2HkK4D

# AgFkAgEOMIICdgYIKwYBBQUHAQEEggJoMIICZDBiBggrBgEFBQcwAoZWaHR0cDov

# L2NybC5taWNyb3NvZnQuY29tL3BraWluZnJhL0NlcnRzL0JZMlBLSUNTQ0EwMS5B

# TUUuR0JMX0FNRSUyMENTJTIwQ0ElMjAwMSgyKS5jcnQwUgYIKwYBBQUHMAKGRmh0

# dHA6Ly9jcmwxLmFtZS5nYmwvYWlhL0JZMlBLSUNTQ0EwMS5BTUUuR0JMX0FNRSUy

# MENTJTIwQ0ElMjAwMSgyKS5jcnQwUgYIKwYBBQUHMAKGRmh0dHA6Ly9jcmwyLmFt

# ZS5nYmwvYWlhL0JZMlBLSUNTQ0EwMS5BTUUuR0JMX0FNRSUyMENTJTIwQ0ElMjAw

# MSgyKS5jcnQwUgYIKwYBBQUHMAKGRmh0dHA6Ly9jcmwzLmFtZS5nYmwvYWlhL0JZ

# MlBLSUNTQ0EwMS5BTUUuR0JMX0FNRSUyMENTJTIwQ0ElMjAwMSgyKS5jcnQwUgYI

# KwYBBQUHMAKGRmh0dHA6Ly9jcmw0LmFtZS5nYmwvYWlhL0JZMlBLSUNTQ0EwMS5B

# TUUuR0JMX0FNRSUyMENTJTIwQ0ElMjAwMSgyKS5jcnQwga0GCCsGAQUFBzAChoGg

# bGRhcDovLy9DTj1BTUUlMjBDUyUyMENBJTIwMDEsQ049QUlBLENOPVB1YmxpYyUy

# MEtleSUyMFNlcnZpY2VzLENOPVNlcnZpY2VzLENOPUNvbmZpZ3VyYXRpb24sREM9

# QU1FLERDPUdCTD9jQUNlcnRpZmljYXRlP2Jhc2U/b2JqZWN0Q2xhc3M9Y2VydGlm

# aWNhdGlvbkF1dGhvcml0eTAdBgNVHQ4EFgQU2qSRZ/U4+8zhu4qj+cefLecAfY8w

# DgYDVR0PAQH/BAQDAgeAMEUGA1UdEQQ+MDykOjA4MR4wHAYDVQQLExVNaWNyb3Nv

# ZnQgQ29ycG9yYXRpb24xFjAUBgNVBAUTDTIzNjE2OSs0NzA4NjYwggHmBgNVHR8E

# ggHdMIIB2TCCAdWgggHRoIIBzYY/aHR0cDovL2NybC5taWNyb3NvZnQuY29tL3Br

# aWluZnJhL0NSTC9BTUUlMjBDUyUyMENBJTIwMDEoMikuY3JshjFodHRwOi8vY3Js

# MS5hbWUuZ2JsL2NybC9BTUUlMjBDUyUyMENBJTIwMDEoMikuY3JshjFodHRwOi8v

# Y3JsMi5hbWUuZ2JsL2NybC9BTUUlMjBDUyUyMENBJTIwMDEoMikuY3JshjFodHRw

# Oi8vY3JsMy5hbWUuZ2JsL2NybC9BTUUlMjBDUyUyMENBJTIwMDEoMikuY3JshjFo

# dHRwOi8vY3JsNC5hbWUuZ2JsL2NybC9BTUUlMjBDUyUyMENBJTIwMDEoMikuY3Js

# hoG9bGRhcDovLy9DTj1BTUUlMjBDUyUyMENBJTIwMDEoMiksQ049QlkyUEtJQ1ND

# QTAxLENOPUNEUCxDTj1QdWJsaWMlMjBLZXklMjBTZXJ2aWNlcyxDTj1TZXJ2aWNl

# cyxDTj1Db25maWd1cmF0aW9uLERDPUFNRSxEQz1HQkw/Y2VydGlmaWNhdGVSZXZv

# Y2F0aW9uTGlzdD9iYXNlP29iamVjdENsYXNzPWNSTERpc3RyaWJ1dGlvblBvaW50

# MB8GA1UdIwQYMBaAFJZRhOBrb3v+2Aarw/KF5imuavnUMB8GA1UdJQQYMBYGCisG

# AQQBgjdbAwEGCCsGAQUFBwMDMA0GCSqGSIb3DQEBCwUAA4IBAQBHvlNi7Gk6Vqrf

# hyFijoE7EW8Sm3vZVK8Sdz/FuwGlqdL6zuWiL39Ljcl84Za88Sr5F9ybWSq9OmvP

# pC3dyIkAinpGd5K5i19kKYiGgKzLZZ1AsAy7M0f05UcdNb6A3LLw5MrHJU3GjQfL

# Zb4fWlfxVVOzfuhm9bk4/50r/u3a3yrM+2HhqdtJhqhYSuTYEo6EMwyV+UsIWZDb

# qphHduHtmRZjFr1mdubeyd25xucXz95Djg/2IP+7iEqvL3NKKRPMlA4YJs2yaDy/

# XnHqIAmjl09J/J79uBqk+K04OELQFgmFqqaXOPHg7BBGuSO2gIv3JWCN5+GkT80P

# p0KonbVWMIII6DCCBtCgAwIBAgITHwAAAFHqj/accwyoOwAAAAAAUTANBgkqhkiG

# 9w0BAQsFADA8MRMwEQYKCZImiZPyLGQBGRYDR0JMMRMwEQYKCZImiZPyLGQBGRYD

# QU1FMRAwDgYDVQQDEwdhbWVyb290MB4XDTIxMDUyMTE4NDQxNFoXDTI2MDUyMTE4

# NTQxNFowQTETMBEGCgmSJomT8ixkARkWA0dCTDETMBEGCgmSJomT8ixkARkWA0FN

# RTEVMBMGA1UEAxMMQU1FIENTIENBIDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A

# MIIBCgKCAQEAyZpSCX0Bno1W1yqXMhT6BUlJZWpa4p3xFeiTHO4vm2Q6C/azR5xw

# xnyYHrkSGDtS2P9X+KDE64V20mmEQkubxnPNeOVnE2RvdPGxgwlq+BhS3ONdVsQP

# j79q7XgHM9HhzB9+qk0PC9KN1zm9p/seyiRS6JF1dbOqRf1pUl7FAVxmgiCFgV8h

# HIb/rDPXig7FDi3S0yEx2CUDVpIq8jEhG8anUFE1WYxM+ni0S5KHwwKPKV4qyGDo

# DO+9AmDoma3Chyu5WDlW5cdtqXTWsGPE3umtnX6AmlldUFLms4OVR4guKf+n5LIB

# CC6bTiocfXPomqYjYTKx7AGMfaVLaaXmhQIDAQABo4IE3DCCBNgwEgYJKwYBBAGC

# NxUBBAUCAwIAAjAjBgkrBgEEAYI3FQIEFgQUEmgkQiFHy9RrvjHPIKTACyN/P0cw

# HQYDVR0OBBYEFJZRhOBrb3v+2Aarw/KF5imuavnUMIIBBAYDVR0lBIH8MIH5Bgcr

# BgEFAgMFBggrBgEFBQcDAQYIKwYBBQUHAwIGCisGAQQBgjcUAgEGCSsGAQQBgjcV

# BgYKKwYBBAGCNwoDDAYJKwYBBAGCNxUGBggrBgEFBQcDCQYIKwYBBQUIAgIGCisG

# AQQBgjdAAQEGCysGAQQBgjcKAwQBBgorBgEEAYI3CgMEBgkrBgEEAYI3FQUGCisG

# AQQBgjcUAgIGCisGAQQBgjcUAgMGCCsGAQUFBwMDBgorBgEEAYI3WwEBBgorBgEE

# AYI3WwIBBgorBgEEAYI3WwMBBgorBgEEAYI3WwUBBgorBgEEAYI3WwQBBgorBgEE

# AYI3WwQCMBkGCSsGAQQBgjcUAgQMHgoAUwB1AGIAQwBBMAsGA1UdDwQEAwIBhjAS

# BgNVHRMBAf8ECDAGAQH/AgEAMB8GA1UdIwQYMBaAFCleUV5krjS566ycDaeMdQHR

# CQsoMIIBaAYDVR0fBIIBXzCCAVswggFXoIIBU6CCAU+GMWh0dHA6Ly9jcmwubWlj

# cm9zb2Z0LmNvbS9wa2lpbmZyYS9jcmwvYW1lcm9vdC5jcmyGI2h0dHA6Ly9jcmwy

# LmFtZS5nYmwvY3JsL2FtZXJvb3QuY3JshiNodHRwOi8vY3JsMy5hbWUuZ2JsL2Ny

# bC9hbWVyb290LmNybIYjaHR0cDovL2NybDEuYW1lLmdibC9jcmwvYW1lcm9vdC5j

# cmyGgapsZGFwOi8vL0NOPWFtZXJvb3QsQ049QU1FUm9vdCxDTj1DRFAsQ049UHVi

# bGljJTIwS2V5JTIwU2VydmljZXMsQ049U2VydmljZXMsQ049Q29uZmlndXJhdGlv

# bixEQz1BTUUsREM9R0JMP2NlcnRpZmljYXRlUmV2b2NhdGlvbkxpc3Q/YmFzZT9v

# YmplY3RDbGFzcz1jUkxEaXN0cmlidXRpb25Qb2ludDCCAasGCCsGAQUFBwEBBIIB

# nTCCAZkwRwYIKwYBBQUHMAKGO2h0dHA6Ly9jcmwubWljcm9zb2Z0LmNvbS9wa2lp

# bmZyYS9jZXJ0cy9BTUVSb290X2FtZXJvb3QuY3J0MDcGCCsGAQUFBzAChitodHRw

# Oi8vY3JsMi5hbWUuZ2JsL2FpYS9BTUVSb290X2FtZXJvb3QuY3J0MDcGCCsGAQUF

# BzAChitodHRwOi8vY3JsMy5hbWUuZ2JsL2FpYS9BTUVSb290X2FtZXJvb3QuY3J0

# MDcGCCsGAQUFBzAChitodHRwOi8vY3JsMS5hbWUuZ2JsL2FpYS9BTUVSb290X2Ft

# ZXJvb3QuY3J0MIGiBggrBgEFBQcwAoaBlWxkYXA6Ly8vQ049YW1lcm9vdCxDTj1B

# SUEsQ049UHVibGljJTIwS2V5JTIwU2VydmljZXMsQ049U2VydmljZXMsQ049Q29u

# ZmlndXJhdGlvbixEQz1BTUUsREM9R0JMP2NBQ2VydGlmaWNhdGU/YmFzZT9vYmpl

# Y3RDbGFzcz1jZXJ0aWZpY2F0aW9uQXV0aG9yaXR5MA0GCSqGSIb3DQEBCwUAA4IC

# AQBQECO3Tw/o317Rrd7yadqcswPx1LvIYymkaTN6KcmuRt6HKa0Xe73Ux2/AQ30T

# fgA9GBJngweRykKBusRzyOU17iIubJvy3gA21dwtqtB0DsoEv1U/ptVu2v++doTC

# J/i+GbssVXkgaX8H+6EOGEmT4evp4GbwR4HwWlc+Dvf8HH8PdUA2Z04CvcwIfckS

# ipbNm84jxJ8XjmTFTWscldL9edj2NsY6iGnyJFIyur2PS7VRYyV3p1VAJp91gj1j

# RQtWEyCB8P5g9nE3z8u0ANaU/hjwEQCrdGyravWgnf2JtG+bT26YAokbc8m+32zU

# tXRO+NK3tAjhOu2FdsG3qNrF4sc7y37R/C+7Pcb/cFfhttqsirepZii4xStcjMOD

# YuXzGm3IJs0b0owHG6oKd7ZOGvHpmmh9K8/DLriD/sq8bURD10qi/wuW8zM7IpLg

# 1vcR9dIK2mc0pj44pc6UX0XbttP/VEJgu3lT2eI9VjWtaKjx38xE9woSMyekPRtz

# TwgfuysF9DkJisr+yA4po/FPxpbBw9c/hBf32DH/GFxteS2pmjgKIbMP8sDukmEq

# 3lVvuWNJsybrZwQvQpvaM49fv+JKpLK5YWYEfwksYRR9wU8Hh/ID9hRCEkbUoQ2W

# 7mMpsp2Nbp/kcn4ivfolUy3Q9Yf0scsQ6WTLYpm+AoCUJTGCGTgwghk0AgEBMFgw

# QTETMBEGCgmSJomT8ixkARkWA0dCTDETMBEGCgmSJomT8ixkARkWA0FNRTEVMBMG

# A1UEAxMMQU1FIENTIENBIDAxAhM2AAABrtGgawyYSKRjAAIAAAGuMA0GCWCGSAFl

# AwQCAQUAoIGuMBkGCSqGSIb3DQEJAzEMBgorBgEEAYI3AgEEMBwGCisGAQQBgjcC

# AQsxDjAMBgorBgEEAYI3AgEVMC8GCSqGSIb3DQEJBDEiBCAGWyl96582HQmimQnt

# dl2it+uVZ2Cp7x/2BJK/nm63mTBCBgorBgEEAYI3AgEMMTQwMqAUgBIATQBpAGMA

# cgBvAHMAbwBmAHShGoAYaHR0cDovL3d3dy5taWNyb3NvZnQuY29tMA0GCSqGSIb3

# DQEBAQUABIIBAGqH1WQLzUkdCDwxRwANiVYb6DunBFHSN/dmRJ4Uk+xVaUCxUfcx

# QoVheyhJZ8vaMA05u8eOqxM5feylIqxfkBHov4eP/jj9M9lNaa2CzarO4+Ym06B6

# S0qO62KiLbF7XR/sOkG/DoSZ0eqn97UIfPqGrE6WDr7WA+JyF7d0upVZe5GwWqez

# aJ3W25zcAkyTwvFS58rvQ58Ffp5Hgula3loIlnMCf242Vwpy7RTMEE6rj2pdB5Go

# 1ulxfKvUNMCsscNWU3zIfIuzpbR4ohB2+urMjjAJidfkX7GVkI7i70TAMJe3qBYh

# Bpc2zMLIrodUiy4q+WEcvIsFRnNHIwPBfo6hghcAMIIW/AYKKwYBBAGCNwMDATGC

# FuwwghboBgkqhkiG9w0BBwKgghbZMIIW1QIBAzEPMA0GCWCGSAFlAwQCAQUAMIIB

# UQYLKoZIhvcNAQkQAQSgggFABIIBPDCCATgCAQEGCisGAQQBhFkKAwEwMTANBglg

# hkgBZQMEAgEFAAQgLZOQMZBJEUpYY8NLbikE2Z3hc9wt364Wz2wzD8JYqgUCBmPu

# H8jXkxgTMjAyMzAyMjMxOTAzNDguODY1WjAEgAIB9KCB0KSBzTCByjELMAkGA1UE

# BhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAc

# BgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjElMCMGA1UECxMcTWljcm9zb2Z0

# IEFtZXJpY2EgT3BlcmF0aW9uczEmMCQGA1UECxMdVGhhbGVzIFRTUyBFU046M0JC

# RC1FMzM4LUU5QTExJTAjBgNVBAMTHE1pY3Jvc29mdCBUaW1lLVN0YW1wIFNlcnZp

# Y2WgghFXMIIHDDCCBPSgAwIBAgITMwAAAcYwzS7W06HA9AABAAABxjANBgkqhkiG

# 9w0BAQsFADB8MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4G

# A1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSYw

# JAYDVQQDEx1NaWNyb3NvZnQgVGltZS1TdGFtcCBQQ0EgMjAxMDAeFw0yMjExMDQx

# OTAxMzRaFw0yNDAyMDIxOTAxMzRaMIHKMQswCQYDVQQGEwJVUzETMBEGA1UECBMK

# V2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0

# IENvcnBvcmF0aW9uMSUwIwYDVQQLExxNaWNyb3NvZnQgQW1lcmljYSBPcGVyYXRp

# b25zMSYwJAYDVQQLEx1UaGFsZXMgVFNTIEVTTjozQkJELUUzMzgtRTlBMTElMCMG

# A1UEAxMcTWljcm9zb2Z0IFRpbWUtU3RhbXAgU2VydmljZTCCAiIwDQYJKoZIhvcN

# AQEBBQADggIPADCCAgoCggIBAO+9Ijq+r+B5NZt0mY/tQUf4rqH7/n+nlW+x3NtW

# McwM66OBupClxeO2ALBIK1lk9aIL6dCK6BZvAnUWU3/w5UNH2zTTvaQgNNSidN8x

# /NgpZpPc3va9YzydWSWjJ7GZgMu1aWPZjal/XYT751tf2cW24h7+6sMIMPVNkk+Z

# n3KT7rbCP0K/4CwumkyN1AmM4lT2f0H2oPDUISpKR2Ttyq+a/N3Mu48+Dlj8uTNl

# orVr+WySeawU1udfEDxMxcM6vHvD+9tglimSRYzfHrQYLCtOYB3h2jfZJpaWCSS/

# OL/SYml+zRSZDkYQKRBWYlCGmaC8SbeKXAQ83/lg/VAI0SgqwLHif3JM0Lzp/eV+

# DreGrJzrjYXAnXEFnK2aMpBZhGqGJK7A+5/+JxRR8CQylGgWGWS8D4+7sePEtWHv

# nDHHDMXUUo7qBuK6iaqRHeoM389t/b9+i/i7TpUIXy+XJ3JYTUlnZisNUx8npB/e

# kTbTqSBO3PvU57L9WhPYaYXoyzicX7F05MsNBSHYpXNAj+881LKmghhdphV0cC+I

# 319Ucle0BihHjqbxmakCix1WWyw99s7VvC37/fcUNuHf0yMTvS0Xrh7J8KLZ/vAb

# Aq87vv9uLznAPV3KXe5CHluM5lMYRbL+Cgn4qjKbWYYTAANEqg7o9t3I9dLJl0Ti

# 1J4VAgMBAAGjggE2MIIBMjAdBgNVHQ4EFgQUcV/5R4koRAqdZ9pTGuhtbi7zYJQw

# HwYDVR0jBBgwFoAUn6cVXQBeYl2D9OXSZacbUzUZ6XIwXwYDVR0fBFgwVjBUoFKg

# UIZOaHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraW9wcy9jcmwvTWljcm9zb2Z0

# JTIwVGltZS1TdGFtcCUyMFBDQSUyMDIwMTAoMSkuY3JsMGwGCCsGAQUFBwEBBGAw

# XjBcBggrBgEFBQcwAoZQaHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraW9wcy9j

# ZXJ0cy9NaWNyb3NvZnQlMjBUaW1lLVN0YW1wJTIwUENBJTIwMjAxMCgxKS5jcnQw

# DAYDVR0TAQH/BAIwADATBgNVHSUEDDAKBggrBgEFBQcDCDANBgkqhkiG9w0BAQsF

# AAOCAgEAC8xe9uI17oA1OPOjzAWEewnOmh69pyQ5xrJ5KsGWJo0YtvKr+ktS8u+9

# s8JuQyNfPc4AEPfcYRI1urmJK1+VK7VbuyVED+mwQQSffHNvBQCDyCt35EDQr9q8

# UY30DCUnXMLCXkyuy3dPTrgOYWOD1ggYCaX2O9S3Gl89xUfADTxV+s3CmG4GDma3

# oLaQ7m9+DdEIUe8HPxXJlfoOCNyHUwKDA9v1iOWbHyk8wVJ/1NwKVITcGzpeWEgv

# n/UtS0rW2S8D8zEvnyz1yVEnu0kr7KX0rK/1RHtKEIZmkfub3KvuzC8POtVgVYWK

# Se0weWAUuTkTvV3SG3KWwRcHBz5m/ImakiKlvSaYBu+vuTUFCz1c2e+c+VtkeWYs

# kJLYh6TMI19jjtvWfPp08NrTrFQnMMx/S6BC3nb9z43KW8Dsi47ZtU+Fx2Hd6m3f

# Q16AYzWJEo3Yt+6TaefLvqyE5bSyjo40AicI9RaZ7gWPNuQeQtLgvzWBEhCrE4nB

# I4Uv+LowVy3DRg4VQZdrxxOqmP2FuJMtb3Mqb1K7BvNYKb9vvP4oTsIOMEyzu16o

# pHiIlN2VgFAKDqU5deLXnUKsWx0w73iWEdzlNMigdscH/OxFggG9AiYpoQ5skGih

# L0ldHy1vYlciNMGHBuFdmlTek62eJq/n32qg0A/Rfh6T4T9KZQMwggdxMIIFWaAD

# AgECAhMzAAAAFcXna54Cm0mZAAAAAAAVMA0GCSqGSIb3DQEBCwUAMIGIMQswCQYD

# VQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEe

# MBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMTIwMAYDVQQDEylNaWNyb3Nv

# ZnQgUm9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgMjAxMDAeFw0yMTA5MzAxODIy

# MjVaFw0zMDA5MzAxODMyMjVaMHwxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNo

# aW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29y

# cG9yYXRpb24xJjAkBgNVBAMTHU1pY3Jvc29mdCBUaW1lLVN0YW1wIFBDQSAyMDEw

# MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA5OGmTOe0ciELeaLL1yR5

# vQ7VgtP97pwHB9KpbE51yMo1V/YBf2xK4OK9uT4XYDP/XE/HZveVU3Fa4n5KWv64

# NmeFRiMMtY0Tz3cywBAY6GB9alKDRLemjkZrBxTzxXb1hlDcwUTIcVxRMTegCjhu

# je3XD9gmU3w5YQJ6xKr9cmmvHaus9ja+NSZk2pg7uhp7M62AW36MEBydUv626GIl

# 3GoPz130/o5Tz9bshVZN7928jaTjkY+yOSxRnOlwaQ3KNi1wjjHINSi947SHJMPg

# yY9+tVSP3PoFVZhtaDuaRr3tpK56KTesy+uDRedGbsoy1cCGMFxPLOJiss254o2I

# 5JasAUq7vnGpF1tnYN74kpEeHT39IM9zfUGaRnXNxF803RKJ1v2lIH1+/NmeRd+2

# ci/bfV+AutuqfjbsNkz2K26oElHovwUDo9Fzpk03dJQcNIIP8BDyt0cY7afomXw/

# TNuvXsLz1dhzPUNOwTM5TI4CvEJoLhDqhFFG4tG9ahhaYQFzymeiXtcodgLiMxhy

# 16cg8ML6EgrXY28MyTZki1ugpoMhXV8wdJGUlNi5UPkLiWHzNgY1GIRH29wb0f2y

# 1BzFa/ZcUlFdEtsluq9QBXpsxREdcu+N+VLEhReTwDwV2xo3xwgVGD94q0W29R6H

# XtqPnhZyacaue7e3PmriLq0CAwEAAaOCAd0wggHZMBIGCSsGAQQBgjcVAQQFAgMB

# AAEwIwYJKwYBBAGCNxUCBBYEFCqnUv5kxJq+gpE8RjUpzxD/LwTuMB0GA1UdDgQW

# BBSfpxVdAF5iXYP05dJlpxtTNRnpcjBcBgNVHSAEVTBTMFEGDCsGAQQBgjdMg30B

# ATBBMD8GCCsGAQUFBwIBFjNodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20vcGtpb3Bz

# L0RvY3MvUmVwb3NpdG9yeS5odG0wEwYDVR0lBAwwCgYIKwYBBQUHAwgwGQYJKwYB

# BAGCNxQCBAweCgBTAHUAYgBDAEEwCwYDVR0PBAQDAgGGMA8GA1UdEwEB/wQFMAMB

# Af8wHwYDVR0jBBgwFoAU1fZWy4/oolxiaNE9lJBb186aGMQwVgYDVR0fBE8wTTBL

# oEmgR4ZFaHR0cDovL2NybC5taWNyb3NvZnQuY29tL3BraS9jcmwvcHJvZHVjdHMv

# TWljUm9vQ2VyQXV0XzIwMTAtMDYtMjMuY3JsMFoGCCsGAQUFBwEBBE4wTDBKBggr

# BgEFBQcwAoY+aHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraS9jZXJ0cy9NaWNS

# b29DZXJBdXRfMjAxMC0wNi0yMy5jcnQwDQYJKoZIhvcNAQELBQADggIBAJ1Vffwq

# reEsH2cBMSRb4Z5yS/ypb+pcFLY+TkdkeLEGk5c9MTO1OdfCcTY/2mRsfNB1OW27

# DzHkwo/7bNGhlBgi7ulmZzpTTd2YurYeeNg2LpypglYAA7AFvonoaeC6Ce5732pv

# vinLbtg/SHUB2RjebYIM9W0jVOR4U3UkV7ndn/OOPcbzaN9l9qRWqveVtihVJ9Ak

# vUCgvxm2EhIRXT0n4ECWOKz3+SmJw7wXsFSFQrP8DJ6LGYnn8AtqgcKBGUIZUnWK

# NsIdw2FzLixre24/LAl4FOmRsqlb30mjdAy87JGA0j3mSj5mO0+7hvoyGtmW9I/2

# kQH2zsZ0/fZMcm8Qq3UwxTSwethQ/gpY3UA8x1RtnWN0SCyxTkctwRQEcb9k+SS+

# c23Kjgm9swFXSVRk2XPXfx5bRAGOWhmRaw2fpCjcZxkoJLo4S5pu+yFUa2pFEUep

# 8beuyOiJXk+d0tBMdrVXVAmxaQFEfnyhYWxz/gq77EFmPWn9y8FBSX5+k77L+Dvk

# txW/tM4+pTFRhLy/AsGConsXHRWJjXD+57XQKBqJC4822rpM+Zv/Cuk0+CQ1Zyvg

# DbjmjJnW4SLq8CdCPSWU5nR0W2rRnj7tfqAxM328y+l7vzhwRNGQ8cirOoo6CGJ/

# 2XBjU02N7oJtpQUQwXEGahC0HVUzWLOhcGbyoYICzjCCAjcCAQEwgfihgdCkgc0w

# gcoxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdS

# ZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xJTAjBgNVBAsT

# HE1pY3Jvc29mdCBBbWVyaWNhIE9wZXJhdGlvbnMxJjAkBgNVBAsTHVRoYWxlcyBU

# U1MgRVNOOjNCQkQtRTMzOC1FOUExMSUwIwYDVQQDExxNaWNyb3NvZnQgVGltZS1T

# dGFtcCBTZXJ2aWNloiMKAQEwBwYFKw4DAhoDFQAtNcrmJiFb7KJEmnCZlnvDLtkB

# baCBgzCBgKR+MHwxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAw

# DgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24x

# JjAkBgNVBAMTHU1pY3Jvc29mdCBUaW1lLVN0YW1wIFBDQSAyMDEwMA0GCSqGSIb3

# DQEBBQUAAgUA56HYKDAiGA8yMDIzMDIyMzIwMTg0OFoYDzIwMjMwMjI0MjAxODQ4

# WjB3MD0GCisGAQQBhFkKBAExLzAtMAoCBQDnodgoAgEAMAoCAQACAgXYAgH/MAcC

# AQACAhJqMAoCBQDnoymoAgEAMDYGCisGAQQBhFkKBAIxKDAmMAwGCisGAQQBhFkK

# AwKgCjAIAgEAAgMHoSChCjAIAgEAAgMBhqAwDQYJKoZIhvcNAQEFBQADgYEABEur

# cLlrznJMdpIaKdS84sxuTX2jm+dnozKxxggvNnjDyn8dcT3qeZsZUGOTFs0WBg2H

# ajfIYxsWpzMZLz+DsnaceZfbHC7Nme9yEX3ZFzAZxbxBid8X0UVLsMN3vPdp1pwn

# WUL5MMMM1SyaNaupzAuE7ZJwyOCrDQ7pD5Quio0xggQNMIIECQIBATCBkzB8MQsw

# CQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9u

# ZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSYwJAYDVQQDEx1NaWNy

# b3NvZnQgVGltZS1TdGFtcCBQQ0EgMjAxMAITMwAAAcYwzS7W06HA9AABAAABxjAN

# BglghkgBZQMEAgEFAKCCAUowGgYJKoZIhvcNAQkDMQ0GCyqGSIb3DQEJEAEEMC8G

# CSqGSIb3DQEJBDEiBCAz+hH4XY+sJNWIqmo+BJsHqInENEDRgQIQBI/s4JyzTzCB

# +gYLKoZIhvcNAQkQAi8xgeowgecwgeQwgb0EIFYxE1xVyb2YKcYmapPwcA1gOT8c

# OoXoVC6ZBa/a468tMIGYMIGApH4wfDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldh

# c2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBD

# b3Jwb3JhdGlvbjEmMCQGA1UEAxMdTWljcm9zb2Z0IFRpbWUtU3RhbXAgUENBIDIw

# MTACEzMAAAHGMM0u1tOhwPQAAQAAAcYwIgQgK5F1VJNSVXsb7s/sEYJDqs1rLfF/

# a+ZX5RdO3wtlJgAwDQYJKoZIhvcNAQELBQAEggIAIMKzI2j2FeRf23ePw76S/K7h

# iM9JOFzhHCqJedCJnj6J30voC+YF5gCHH/7o3ObahqKUe3BQdgYEGfoXxj0A1lyQ

# 4mKyaBRMT6t2xvfXzOpF3rDYdMU5dtRB2LJhMMgBVxwrKz5EDriN8ySF4HmnujhT

# xKl9YeW2IeC0xfHp9oExQQ1FgtrmBB4AhQNvdz//Km5ZHyjC2HfefuxxgNtq1c7N

# bop964q81U48YfdQwEC4tb67WKFhgVa4gqc6y8OB8FxJmiOVtFw4OTlgwdzp19HU

# iJuatCODNqVS665AOGmHCZCQHNX/KSzMeOozd3Vas5NLmw+5qeYNblUbVjmWCzxg

# oG5a3HjWGau6fWbe0nQ3mSCg8EqdA/Exza/h0tcNkbbD68gEOLZY+r2g8z1mIZVR

# pdTwjLWoUHMbwRsjatF3c/Ac2OmGOGCg3zSOwqtYnEWo0RdyW5N8OzkLzPEZNUAr

# NvCizY4F9GDABWWnlX9JvIkGMm56NEnxrWGwpc5+X5Q0S9oK/4Ln8mX+EC+gp197

# Wi3dDfyGJWwUUigzFKhFuN7LYB2HPds1FIiSf14XJCofYydmGqwDyIpcqupShXiq

# uC183P0B9x1Njn0Hwkwev8htWRUdRbcL4a96vILdBkJMz692WS3Gxs6ryMnYHqfQ

# o7d6yASLjUlR4OYTnQY=

# SIG # End signature block