Microsoft.Entra.Beta.Authentication.psm1
|
# ------------------------------------------------------------------------------ # Copyright (c) Microsoft Corporation. All Rights Reserved. # Licensed under the MIT License. See License in the project root for license information. # ------------------------------------------------------------------------------ Set-StrictMode -Version 5 function Connect-Entra { [CmdletBinding(DefaultParameterSetName = 'UserParameterSet')] param ( [Parameter(ParameterSetName = "UserParameterSet",Position = 1)] [System.String[]] $Scopes, [Parameter(ParameterSetName = "AppCertificateParameterSet",Position = 1)] [Parameter(ParameterSetName = "UserParameterSet")] [Parameter(ParameterSetName = "IdentityParameterSet")] [Alias("AppId", "ApplicationId")][System.String] $ClientId, [Parameter(ParameterSetName = "AppCertificateParameterSet")] [Parameter(ParameterSetName = "AppSecretCredentialParameterSet")] [Parameter(ParameterSetName = "UserParameterSet",Position = 4)] [Alias("Audience", "Tenant")][System.String] $TenantId, [Parameter(ParameterSetName = "AppCertificateParameterSet")] [Parameter(ParameterSetName = "AppSecretCredentialParameterSet")] [Parameter(ParameterSetName = "UserParameterSet")] [Parameter(ParameterSetName = "IdentityParameterSet")] [Parameter(ParameterSetName = "EnvironmentVariableParameterSet")] $ContextScope, [Parameter(ParameterSetName = "AppCertificateParameterSet")] [Parameter(ParameterSetName = "AppSecretCredentialParameterSet")] [Parameter(ParameterSetName = "AccessTokenParameterSet")] [Parameter(ParameterSetName = "UserParameterSet")] [Parameter(ParameterSetName = "IdentityParameterSet")] [Parameter(ParameterSetName = "EnvironmentVariableParameterSet")] [ValidateNotNullOrEmpty()] [Alias("EnvironmentName", "NationalCloud")][System.String] $Environment, [Parameter(ParameterSetName = "EnvironmentVariableParameterSet")] [Switch] $EnvironmentVariable, [Parameter(ParameterSetName = "UserParameterSet")] [Alias("UseDeviceAuthentication", "DeviceCode", "DeviceAuth", "Device")][System.Management.Automation.SwitchParameter] $UseDeviceCode, [Parameter(ParameterSetName = "AppCertificateParameterSet")] [Parameter(ParameterSetName = "AppSecretCredentialParameterSet")] [Parameter(ParameterSetName = "AccessTokenParameterSet")] [Parameter(ParameterSetName = "UserParameterSet")] [Parameter(ParameterSetName = "IdentityParameterSet")] [Parameter(ParameterSetName = "EnvironmentVariableParameterSet")] [ValidateNotNullOrEmpty()] [Double] $ClientTimeout, [Parameter()] [Switch] $NoWelcome, [Parameter(ParameterSetName = "IdentityParameterSet",Position = 1)] [Alias("ManagedIdentity", "ManagedServiceIdentity", "MSI")][System.Management.Automation.SwitchParameter] $Identity, [Parameter(ParameterSetName = "AppCertificateParameterSet",Position = 2)] [Alias("CertificateSubject", "CertificateName")][System.String] $CertificateSubjectName, [Parameter(ParameterSetName = "AppCertificateParameterSet",Position = 3)] [System.String] $CertificateThumbprint, [Parameter(ParameterSetName = "AppCertificateParameterSet")] [System.Security.Cryptography.X509Certificates.X509Certificate2] $Certificate, [Parameter(ParameterSetName = "AppSecretCredentialParameterSet")] [Alias("SecretCredential", "Credential")][System.Management.Automation.PSCredential] $ClientSecretCredential, [Parameter(ParameterSetName = "AccessTokenParameterSet",Position = 1)] [System.Security.SecureString] $AccessToken ) PROCESS { $params = @{} if ($null -ne $PSBoundParameters["Scopes"]) { $params["Scopes"] = $PSBoundParameters["Scopes"] } if ($null -ne $PSBoundParameters["ClientId"]) { $params["ClientId"] = $PSBoundParameters["ClientId"] } if ($null -ne $PSBoundParameters["TenantId"]) { $params["TenantId"] = $PSBoundParameters["TenantId"] } if ($null -ne $PSBoundParameters["ContextScope"]) { $params["ContextScope"] = $PSBoundParameters["ContextScope"] } if ($null -ne $PSBoundParameters["Environment"]) { $params["Environment"] = $PSBoundParameters["Environment"] } if ($PSBoundParameters.ContainsKey("EnvironmentVariable")) { $params["EnvironmentVariable"] = $PSBoundParameters["EnvironmentVariable"] } if ($null -ne $PSBoundParameters["UseDeviceCode"]) { $params["UseDeviceCode"] = $PSBoundParameters["UseDeviceCode"] } if ($null -ne $PSBoundParameters["ClientTimeout"]) { $params["ClientTimeout"] = $PSBoundParameters["ClientTimeout"] } if ($PSBoundParameters.ContainsKey("NoWelcome")) { $params["NoWelcome"] = $PSBoundParameters["NoWelcome"] } if ($PSBoundParameters.ContainsKey("Identity")) { $params["Identity"] = $PSBoundParameters["Identity"] } if ($null -ne $PSBoundParameters["CertificateSubjectName"]) { $params["CertificateSubjectName"] = $PSBoundParameters["CertificateSubjectName"] } if ($null -ne $PSBoundParameters["CertificateThumbprint"]) { $params["CertificateThumbprint"] = $PSBoundParameters["CertificateThumbprint"] } if ($null -ne $PSBoundParameters["Certificate"]) { $params["Certificate"] = $PSBoundParameters["Certificate"] } if ($null -ne $PSBoundParameters["ClientSecretCredential"]) { $params["ClientSecretCredential"] = $PSBoundParameters["ClientSecretCredential"] } if ($null -ne $PSBoundParameters["AccessToken"]) { $params["AccessToken"] = $PSBoundParameters["AccessToken"] } if($PSBoundParameters.ContainsKey("Verbose")) { $params["Verbose"] = $PSBoundParameters["Verbose"] } if($PSBoundParameters.ContainsKey("Debug")) { $params["Debug"] = $PSBoundParameters["Debug"] } if($null -ne $PSBoundParameters["WarningVariable"]) { $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] } if($null -ne $PSBoundParameters["InformationVariable"]) { $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] } if($null -ne $PSBoundParameters["InformationAction"]) { $params["InformationAction"] = $PSBoundParameters["InformationAction"] } if($null -ne $PSBoundParameters["OutVariable"]) { $params["OutVariable"] = $PSBoundParameters["OutVariable"] } if($null -ne $PSBoundParameters["OutBuffer"]) { $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] } if($null -ne $PSBoundParameters["ErrorVariable"]) { $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] } if($null -ne $PSBoundParameters["PipelineVariable"]) { $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] } if($null -ne $PSBoundParameters["ErrorAction"]) { $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] } if($null -ne $PSBoundParameters["WarningAction"]) { $params["WarningAction"] = $PSBoundParameters["WarningAction"] } Write-Debug("============================ TRANSFORMATIONS ============================") $params.Keys | ForEach-Object { "$_ : $($params[$_])" } | Write-Debug Write-Debug("=========================================================================`n") Connect-MgGraph @params } }# ------------------------------------------------------------------------------ function Disconnect-Entra { [CmdletBinding(DefaultParameterSetName = 'GetQuery')] param () Disconnect-MgGraph }# ------------------------------------------------------------------------------ function Get-EntraContext { [CmdletBinding(DefaultParameterSetName = '')] param () PROCESS { $params = @{} if($null -ne $PSBoundParameters["ErrorAction"]) { $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] } if($null -ne $PSBoundParameters["PipelineVariable"]) { $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] } if($null -ne $PSBoundParameters["OutVariable"]) { $params["OutVariable"] = $PSBoundParameters["OutVariable"] } if($null -ne $PSBoundParameters["InformationAction"]) { $params["InformationAction"] = $PSBoundParameters["InformationAction"] } if($null -ne $PSBoundParameters["WarningVariable"]) { $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] } if($PSBoundParameters.ContainsKey("Verbose")) { $params["Verbose"] = $PSBoundParameters["Verbose"] } if($PSBoundParameters.ContainsKey("Debug")) { $params["Debug"] = $PSBoundParameters["Debug"] } if($null -ne $PSBoundParameters["Confirm"]) { $params["Confirm"] = $PSBoundParameters["Confirm"] } if($null -ne $PSBoundParameters["ErrorVariable"]) { $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] } if($null -ne $PSBoundParameters["OutBuffer"]) { $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] } if($null -ne $PSBoundParameters["WarningAction"]) { $params["WarningAction"] = $PSBoundParameters["WarningAction"] } if($null -ne $PSBoundParameters["WhatIf"]) { $params["WhatIf"] = $PSBoundParameters["WhatIf"] } if($null -ne $PSBoundParameters["InformationVariable"]) { $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] } Write-Debug("============================ TRANSFORMATIONS ============================") $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug Write-Debug("=========================================================================`n") $response = Get-MgContext @params $response } } function New-EntraBetaCustomHeaders { <# .SYNOPSIS Creates a custom header for use in telemetry. .DESCRIPTION The custom header created is a User-Agent with header value "<PowerShell version> EntraPowershell/<EntraPowershell version> <Entra PowerShell command>" .EXAMPLE New-EntraBetaCustomHeaders -Command Get-EntraUser #> [CmdletBinding()] param ( [Parameter(Mandatory = $true)] [string] $Command ) $psVersion = $global:PSVersionTable.PSVersion $entraVersion = (Get-module Microsoft.Entra.Beta.Authentication | select version).Version.ToString() $userAgentHeaderValue = "PowerShell/$psVersion EntraPowershell/$entraVersion $Command" $customHeaders = New-Object 'system.collections.generic.dictionary[string,string]' $customHeaders["User-Agent"] = $userAgentHeaderValue $customHeaders }# ------------------------------------------------------------------------------ function Reset-EntraBetaStrongAuthenticationMethodByUpn { [CmdletBinding(DefaultParameterSetName = 'SetAccidentalDeletionThreshold')] param ( [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)][System.String] $UserPrincipalName, [Parameter(ParameterSetName = "SetAccidentalDeletionThreshold", ValueFromPipelineByPropertyName = $true)][System.Guid] $TenantId ) PROCESS { $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand if ($null -ne $PSBoundParameters["UserPrincipalName"]) { $userId = $PSBoundParameters.UserPrincipalName } function DeleteAuthMethod($uid, $method){ switch ($method.AdditionalProperties['@odata.type']) { '#microsoft.graph.emailAuthenticationMethod' { Remove-MgBetaUserAuthenticationEmailMethod -UserId $uid -EmailAuthenticationMethodId $method.Id } '#microsoft.graph.phoneAuthenticationMethod' { Remove-MgBetaUserAuthenticationPhoneMethod -UserId $uid -PhoneAuthenticationMethodId $method.Id } Default { } } return $? # Return true if no error and false if there is an error } $methods = Get-MgBetaUserAuthenticationMethod -UserId $userId -Headers $customHeaders # -1 to account for passwordAuthenticationMethod foreach ($authMethod in $methods) { $deleted = DeleteAuthMethod -uid $userId -method $authMethod if(!$deleted){ # We need to use the error to identify and delete the default method. $defaultMethod = $authMethod } } # Graph API does not support reading default method of a user. # Plus default method can only be deleted when it is the only (last) auth method for a user. # We need to use the error to identify and delete the default method. try { if($null -ne $defaultMethod){ $result = DeleteAuthMethod -uid $userId -method $defaultMethod } } catch {} if($null -ne $methods){ $methods = Get-MgBetaUserAuthenticationMethod -UserId $userId } } }# ------------------------------------------------------------------------------ function Revoke-EntraBetaSignedInUserAllRefreshToken { [CmdletBinding(DefaultParameterSetName = '')] param ( ) PROCESS { $params = @{} $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand Write-Debug("============================ TRANSFORMATIONS ============================") $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug Write-Debug("=========================================================================`n") $response = (Invoke-GraphRequest -Headers $customHeaders -Uri 'https://graph.microsoft.com/beta/me/revokeSignInSessions' -Method POST).value if($response){ $responseType = New-Object Microsoft.Graph.Beta.PowerShell.Models.ComponentsMwc6EoResponsesRevokesigninsessionsresponseContentApplicationJsonSchema $responseType.Value= $response $responseType } } } function Revoke-EntraBetaUserAllRefreshToken { [CmdletBinding(DefaultParameterSetName = '')] param ( [Parameter(Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)] [System.String] $ObjectId ) PROCESS { $params = @{} $customHeaders = New-EntraBetaCustomHeaders -Command $MyInvocation.MyCommand if ($null -ne $PSBoundParameters["ProgressAction"]) { $params["ProgressAction"] = $PSBoundParameters["ProgressAction"] } if($PSBoundParameters.ContainsKey("Debug")) { $params["Debug"] = $PSBoundParameters["Debug"] } if ($null -ne $PSBoundParameters["OutBuffer"]) { $params["OutBuffer"] = $PSBoundParameters["OutBuffer"] } if ($null -ne $PSBoundParameters["ErrorAction"]) { $params["ErrorAction"] = $PSBoundParameters["ErrorAction"] } if ($null -ne $PSBoundParameters["WarningVariable"]) { $params["WarningVariable"] = $PSBoundParameters["WarningVariable"] } if ($null -ne $PSBoundParameters["WarningAction"]) { $params["WarningAction"] = $PSBoundParameters["WarningAction"] } if ($null -ne $PSBoundParameters["ObjectId"]) { $params["UserId"] = $PSBoundParameters["ObjectId"] } if ($null -ne $PSBoundParameters["OutVariable"]) { $params["OutVariable"] = $PSBoundParameters["OutVariable"] } if($PSBoundParameters.ContainsKey("Verbose")) { $params["Verbose"] = $PSBoundParameters["Verbose"] } if ($null -ne $PSBoundParameters["PipelineVariable"]) { $params["PipelineVariable"] = $PSBoundParameters["PipelineVariable"] } if ($null -ne $PSBoundParameters["InformationVariable"]) { $params["InformationVariable"] = $PSBoundParameters["InformationVariable"] } if ($null -ne $PSBoundParameters["InformationAction"]) { $params["InformationAction"] = $PSBoundParameters["InformationAction"] } if ($null -ne $PSBoundParameters["ErrorVariable"]) { $params["ErrorVariable"] = $PSBoundParameters["ErrorVariable"] } Write-Debug("============================ TRANSFORMATIONS ============================") $params.Keys | ForEach-Object {"$_ : $($params[$_])" } | Write-Debug Write-Debug("=========================================================================`n") $response = Revoke-MgBetaUserSignInSession @params -Headers $customHeaders $response | ForEach-Object { if($null -ne $_) { Add-Member -InputObject $_ -MemberType AliasProperty -Name ObjectId -Value Id } } $response } } Export-ModuleMember -Function @('Connect-Entra', 'Disconnect-Entra', 'Get-EntraContext', 'New-EntraBetaCustomHeaders', 'Reset-EntraBetaStrongAuthenticationMethodByUpn', 'Revoke-EntraBetaSignedInUserAllRefreshToken', 'Revoke-EntraBetaUserAllRefreshToken') # Typedefs # ------------------------------------------------------------------------------ # Type definitios required for commands inputs # ------------------------------------------------------------------------------ $def = @" namespace Microsoft.Open.AzureAD.Graph.PowerShell.Custom { using System.Linq; public enum KeyType{ Symmetric = 0, AsymmetricX509Cert = 1, } public enum KeyUsage{ Sign = 0, Verify = 1, Decrypt = 2, Encrypt = 3, } } namespace Microsoft.Open.AzureAD.Model { using System.Linq; public class AlternativeSecurityId { public System.String IdentityProvider; public System.Byte[] Key; public System.Nullable<System.Int32> Type; } public class AppRole { public System.Collections.Generic.List<System.String> AllowedMemberTypes; public System.String Description; public System.String DisplayName; public System.String Id; public System.Nullable<System.Boolean> IsEnabled; public System.String Origin; public System.String Value; } public class AssignedLicense { public System.Collections.Generic.List<System.String> DisabledPlans; public System.String SkuId; } public class AssignedLicenses { public System.Collections.Generic.List<Microsoft.Open.AzureAD.Model.AssignedLicense> AddLicenses; public System.Collections.Generic.List<System.String> RemoveLicenses; } public class CertificateAuthorityInformation { public enum AuthorityTypeEnum{ RootAuthority = 0, IntermediateAuthority = 1, } public System.Nullable<AuthorityTypeEnum> AuthorityType; public System.String CrlDistributionPoint; public System.String DeltaCrlDistributionPoint; public System.Byte[] TrustedCertificate; public System.String TrustedIssuer; public System.String TrustedIssuerSki; } public class CrossCloudVerificationCodeBody { public System.String CrossCloudVerificationCode; public CrossCloudVerificationCodeBody() { } public CrossCloudVerificationCodeBody(System.String value) { CrossCloudVerificationCode = value; } } public class GroupIdsForMembershipCheck { public System.Collections.Generic.List<System.String> GroupIds; public GroupIdsForMembershipCheck() { } public GroupIdsForMembershipCheck(System.Collections.Generic.List<System.String> value) { GroupIds = value; } } public class KeyCredential { public System.Byte[] CustomKeyIdentifier; public System.Nullable<System.DateTime> EndDate; public System.String KeyId; public System.Nullable<System.DateTime> StartDate; public System.String Type; public System.String Usage; public System.Byte[] Value; } public class PasswordCredential { public System.Byte[] CustomKeyIdentifier; public System.Nullable<System.DateTime> EndDate; public System.String KeyId; public System.Nullable<System.DateTime> StartDate; public System.String Value; } public class PasswordProfile { public System.String Password; public System.Nullable<System.Boolean> ForceChangePasswordNextLogin; public System.Nullable<System.Boolean> EnforceChangePasswordPolicy; } public class PrivacyProfile { public System.String ContactEmail; public System.String StatementUrl; } public class RoleMemberInfo { public System.String DisplayName; public System.String ObjectId; public System.String UserPrincipalName; } public class SignInName { public System.String Type; public System.String Value; } } namespace Microsoft.Open.MSGraph.Model { using System.Linq; public class MsRoleMemberInfo{ public System.String Id; } public class AddIn { public System.String Id; public System.String Type; public System.Collections.Generic.List<Microsoft.Open.MSGraph.Model.KeyValue> Properties; } public class ApiApplication { public System.Nullable<System.Int32> RequestedAccessTokenVersion; public System.Collections.Generic.List<Microsoft.Open.MSGraph.Model.PermissionScope> Oauth2PermissionScopes; } public class ApplicationTemplateDisplayName { public System.String DisplayName; public ApplicationTemplateDisplayName() { } public ApplicationTemplateDisplayName(System.String value) { DisplayName = value; } } public class AppRole { public System.Collections.Generic.List<System.String> AllowedMemberTypes; public System.String Description; public System.String DisplayName; public System.String Id; public System.Nullable<System.Boolean> IsEnabled; public System.String Value; } public class AssignedLabel { public System.String LabelId; public System.String DisplayName; } public class AzureADMSPrivilegedRuleSetting { public System.String RuleIdentifier; public System.String Setting; } public class AzureADMSPrivilegedSchedule { public System.Nullable<System.DateTime> StartDateTime; public System.Nullable<System.DateTime> EndDateTime; public System.String Type; public System.String Duration; } public class ConditionalAccessApplicationCondition { public System.Collections.Generic.List<System.String> IncludeApplications; public System.Collections.Generic.List<System.String> ExcludeApplications; public System.Collections.Generic.List<System.String> IncludeUserActions; public System.Collections.Generic.List<System.String> IncludeAuthenticationContextClassReferences; } public class ConditionalAccessApplicationEnforcedRestrictions { public System.Nullable<System.Boolean> IsEnabled; public ConditionalAccessApplicationEnforcedRestrictions() { } public ConditionalAccessApplicationEnforcedRestrictions(System.Nullable<System.Boolean> value) { IsEnabled = value; } } public class ConditionalAccessCloudAppSecurity { public enum CloudAppSecurityTypeEnum{ McasConfigured = 0, MonitorOnly = 1, BlockDownloads = 2, } public System.Nullable<CloudAppSecurityTypeEnum> CloudAppSecurityType; public System.Nullable<System.Boolean> IsEnabled; } public class ConditionalAccessConditionSet { public Microsoft.Open.MSGraph.Model.ConditionalAccessApplicationCondition Applications; public Microsoft.Open.MSGraph.Model.ConditionalAccessUserCondition Users; public Microsoft.Open.MSGraph.Model.ConditionalAccessPlatformCondition Platforms; public Microsoft.Open.MSGraph.Model.ConditionalAccessLocationCondition Locations; public enum ConditionalAccessRiskLevel{ Low = 0, Medium = 1, High = 2, Hidden = 3, None = 4, UnknownFutureValue = 5, } public System.Collections.Generic.List<ConditionalAccessRiskLevel> UserRiskLevels; public System.Collections.Generic.List<ConditionalAccessRiskLevel> SignInRiskLevels; public enum ConditionalAccessClientApp{ All = 0, Browser = 1, MobileAppsAndDesktopClients = 2, ExchangeActiveSync = 3, EasSupported = 4, Other = 5, } public System.Collections.Generic.List<ConditionalAccessClientApp> ClientAppTypes; public Microsoft.Open.MSGraph.Model.ConditionalAccessDevicesCondition Devices; } public class ConditionalAccessDevicesCondition { public System.Collections.Generic.List<System.String> IncludeDevices; public System.Collections.Generic.List<System.String> ExcludeDevices; public Microsoft.Open.MSGraph.Model.ConditionalAccessFilter DeviceFilter; } public class ConditionalAccessFilter { public enum ModeEnum{ Include = 0, Exclude = 1, } public System.Nullable<ModeEnum> Mode; public System.String Rule; } public class ConditionalAccessGrantControls { public System.String _Operator; public enum ConditionalAccessGrantControl{ Block = 0, Mfa = 1, CompliantDevice = 2, DomainJoinedDevice = 3, ApprovedApplication = 4, CompliantApplication = 5, PasswordChange = 6, } public System.Collections.Generic.List<ConditionalAccessGrantControl> BuiltInControls; public System.Collections.Generic.List<System.String> CustomAuthenticationFactors; public System.Collections.Generic.List<System.String> TermsOfUse; } public class ConditionalAccessLocationCondition { public System.Collections.Generic.List<System.String> IncludeLocations; public System.Collections.Generic.List<System.String> ExcludeLocations; } public class ConditionalAccessPersistentBrowser { public enum ModeEnum{ Always = 0, Never = 1, } public System.Nullable<ModeEnum> Mode; public System.Nullable<System.Boolean> IsEnabled; } public class ConditionalAccessPlatformCondition { public enum ConditionalAccessDevicePlatforms{ Android = 0, IOS = 1, Windows = 2, WindowsPhone = 3, MacOS = 4, All = 5, } public System.Collections.Generic.List<ConditionalAccessDevicePlatforms> IncludePlatforms; public System.Collections.Generic.List<ConditionalAccessDevicePlatforms> ExcludePlatforms; } public class ConditionalAccessSessionControls { public Microsoft.Open.MSGraph.Model.ConditionalAccessApplicationEnforcedRestrictions ApplicationEnforcedRestrictions; public Microsoft.Open.MSGraph.Model.ConditionalAccessCloudAppSecurity CloudAppSecurity; public Microsoft.Open.MSGraph.Model.ConditionalAccessSignInFrequency SignInFrequency; public Microsoft.Open.MSGraph.Model.ConditionalAccessPersistentBrowser PersistentBrowser; } public class ConditionalAccessSignInFrequency { public enum TypeEnum{ Days = 0, Hours = 1, } public System.Nullable<TypeEnum> Type; public System.Nullable<System.Int32> Value; public System.Nullable<System.Boolean> IsEnabled; } public class ConditionalAccessUserCondition { public System.Collections.Generic.List<System.String> IncludeUsers; public System.Collections.Generic.List<System.String> ExcludeUsers; public System.Collections.Generic.List<System.String> IncludeGroups; public System.Collections.Generic.List<System.String> ExcludeGroups; public System.Collections.Generic.List<System.String> IncludeRoles; public System.Collections.Generic.List<System.String> ExcludeRoles; } public enum CountriesAndRegion{ AD = 0, AE = 1, AF = 2, AG = 3, AI = 4, AL = 5, AM = 6, AN = 7, AO = 8, AQ = 9, AR = 10, AS = 11, AT = 12, AU = 13, AW = 14, AX = 15, AZ = 16, BA = 17, BB = 18, BD = 19, BE = 20, BF = 21, BG = 22, BH = 23, BI = 24, BJ = 25, BL = 26, BM = 27, BN = 28, BO = 29, BQ = 30, BR = 31, BS = 32, BT = 33, BV = 34, BW = 35, BY = 36, BZ = 37, CA = 38, CC = 39, CD = 40, CF = 41, CG = 42, CH = 43, CI = 44, CK = 45, CL = 46, CM = 47, CN = 48, CO = 49, CR = 50, CU = 51, CV = 52, CW = 53, CX = 54, CY = 55, CZ = 56, DE = 57, DJ = 58, DK = 59, DM = 60, DO = 61, DZ = 62, EC = 63, EE = 64, EG = 65, EH = 66, ER = 67, ES = 68, ET = 69, FI = 70, FJ = 71, FK = 72, FM = 73, FO = 74, FR = 75, GA = 76, GB = 77, GD = 78, GE = 79, GF = 80, GG = 81, GH = 82, GI = 83, GL = 84, GM = 85, GN = 86, GP = 87, GQ = 88, GR = 89, GS = 90, GT = 91, GU = 92, GW = 93, GY = 94, HK = 95, HM = 96, HN = 97, HR = 98, HT = 99, HU = 100, ID = 101, IE = 102, IL = 103, IM = 104, IN = 105, IO = 106, IQ = 107, IR = 108, IS = 109, IT = 110, JE = 111, JM = 112, JO = 113, JP = 114, KE = 115, KG = 116, KH = 117, KI = 118, KM = 119, KN = 120, KP = 121, KR = 122, KW = 123, KY = 124, KZ = 125, LA = 126, LB = 127, LC = 128, LI = 129, LK = 130, LR = 131, LS = 132, LT = 133, LU = 134, LV = 135, LY = 136, MA = 137, MC = 138, MD = 139, ME = 140, MF = 141, MG = 142, MH = 143, MK = 144, ML = 145, MM = 146, MN = 147, MO = 148, MP = 149, MQ = 150, MR = 151, MS = 152, MT = 153, MU = 154, MV = 155, MW = 156, MX = 157, MY = 158, MZ = 159, NA = 160, NC = 161, NE = 162, NF = 163, NG = 164, NI = 165, NL = 166, NO = 167, NP = 168, NR = 169, NU = 170, NZ = 171, OM = 172, PA = 173, PE = 174, PF = 175, PG = 176, PH = 177, PK = 178, PL = 179, PM = 180, PN = 181, PR = 182, PS = 183, PT = 184, PW = 185, PY = 186, QA = 187, RE = 188, RO = 189, RS = 190, RU = 191, RW = 192, SA = 193, SB = 194, SC = 195, SD = 196, SE = 197, SG = 198, SH = 199, SI = 200, SJ = 201, SK = 202, SL = 203, SM = 204, SN = 205, SO = 206, SR = 207, SS = 208, ST = 209, SV = 210, SX = 211, SY = 212, SZ = 213, TC = 214, TD = 215, TF = 216, TG = 217, TH = 218, TJ = 219, TK = 220, TL = 221, TM = 222, TN = 223, TO = 224, TR = 225, TT = 226, TV = 227, TW = 228, TZ = 229, UA = 230, UG = 231, UM = 232, US = 233, UY = 234, UZ = 235, VA = 236, VC = 237, VE = 238, VG = 239, VI = 240, VN = 241, VU = 242, WF = 243, WS = 244, YE = 245, YT = 246, ZA = 247, ZM = 248, ZW = 249, } public class DefaultUserRolePermissions { public System.Nullable<System.Boolean> AllowedToCreateApps; public System.Nullable<System.Boolean> AllowedToCreateSecurityGroups; public System.Nullable<System.Boolean> AllowedToReadOtherUsers; } public class DelegatedPermissionClassification { public enum ClassificationEnum{ Low = 0, Medium = 1, High = 2, } public System.Nullable<ClassificationEnum> Classification; public System.String Id; public System.String PermissionId; public System.String PermissionName; } public class DirectoryRoleDefinition { public System.String Id; public System.String OdataType; public System.String Description; public System.String DisplayName; public System.Nullable<System.Boolean> IsBuiltIn; public System.Collections.Generic.List<System.String> ResourceScopes; public System.Nullable<System.Boolean> IsEnabled; public System.Collections.Generic.List<Microsoft.Open.MSGraph.Model.RolePermission> RolePermissions; public System.String TemplateId; public System.String Version; public System.Collections.Generic.List<Microsoft.Open.MSGraph.Model.DirectoryRoleDefinition> InheritsPermissionsFrom; } public class DirectorySetting { public System.String Id; public System.String DisplayName; public System.String TemplateId; public System.Collections.Generic.List<Microsoft.Open.MSGraph.Model.SettingValue> Values; public string this[string name] { get { SettingValue setting = this.Values.FirstOrDefault(namevaluepair => namevaluepair.Name.Equals(name)); return (setting != null) ? setting.Value : string.Empty; } set { SettingValue setting = this.Values.FirstOrDefault(namevaluepair => namevaluepair.Name.Equals(name)); if (setting != null) { // Capitalize the forst character of the value. if (string.IsNullOrEmpty(value)) { setting.Value = value; } else if (value.Length == 1) { setting.Value = value.ToUpper(); } else { setting.Value = char.ToUpper(value[0]) + value.Substring(1); } } } } } public class DirectorySettingTemplate { public System.String Id; public System.String DisplayName; public System.String Description; public System.Collections.Generic.List<Microsoft.Open.MSGraph.Model.SettingTemplateValue> Values; public DirectorySetting CreateDirectorySetting() { DirectorySetting directorySetting = new DirectorySetting(); directorySetting.TemplateId = this.Id; directorySetting.Values = new System.Collections.Generic.List<SettingValue>(); foreach (var definition in this.Values) { SettingValue item = new SettingValue(); item.Name = definition.Name; string value = definition.DefaultValue; if (string.IsNullOrEmpty(value)) { item.Value = value; } else if (value.Length == 1) { item.Value = value.ToUpper(); } else { item.Value = char.ToUpper(value[0]) + value.Substring(1); } directorySetting.Values.Add(item); } return directorySetting; } } public class EmailAddress { public System.String Name; public System.String Address; } public class ImplicitGrantSettings { public System.Nullable<System.Boolean> EnableIdTokenIssuance; public System.Nullable<System.Boolean> EnableAccessTokenIssuance; } public class InformationalUrl { public System.String TermsOfServiceUrl; public System.String MarketingUrl; public System.String PrivacyStatementUrl; public System.String SupportUrl; public System.String LogoUrl; } public class InvitedUserMessageInfo { public System.Collections.Generic.List<Microsoft.Open.MSGraph.Model.Recipient> CcRecipients; public System.String CustomizedMessageBody; public System.String MessageLanguage; } public class IpRange { public System.String CidrAddress; public IpRange() { } public IpRange(System.String value) { CidrAddress = value; } } public class KeyCredential { public System.Byte[] CustomKeyIdentifier; public System.Nullable<System.DateTime> EndDateTime; public System.String KeyId; public System.Nullable<System.DateTime> StartDateTime; public System.String Type; public System.String Usage; public System.Byte[] Key; } public class KeyValue { public System.String Key; public System.String Value; } public class MsDirectoryObject { public System.String Id; public System.String OdataType; } public class MsFeatureRolloutPolicy { public enum FeatureEnum{ PassthroughAuthentication = 0, SeamlessSso = 1, PasswordHashSync = 2, EmailAsAlternateId = 3, } public System.Nullable<FeatureEnum> Feature; public System.String Id; public System.String DisplayName; public System.String Description; public System.Nullable<System.Boolean> IsEnabled; public System.Nullable<System.Boolean> IsAppliedToOrganization; public System.Collections.Generic.List<Microsoft.Open.MSGraph.Model.MsDirectoryObject> AppliesTo; } public class OptionalClaim { public System.String Name; public System.String Source; public System.Nullable<System.Boolean> Essential; public System.Collections.Generic.List<System.String> AdditionalProperties; } public class OptionalClaims { public System.Collections.Generic.List<Microsoft.Open.MSGraph.Model.OptionalClaim> IdToken; public System.Collections.Generic.List<Microsoft.Open.MSGraph.Model.OptionalClaim> AccessToken; public System.Collections.Generic.List<Microsoft.Open.MSGraph.Model.OptionalClaim> SamlToken; } public class ParentalControlSettings { public enum LegalAgeGroupRuleEnum{ Allow = 0, RequireConsentForPrivacyServices = 1, RequireConsentForMinors = 2, RequireConsentForKids = 3, BlockMinors = 4, } public System.Nullable<LegalAgeGroupRuleEnum> LegalAgeGroupRule; public System.Collections.Generic.List<System.String> CountriesBlockedForMinors; } public class PasswordCredential { public System.Byte[] CustomKeyIdentifier; public System.Nullable<System.DateTime> EndDateTime; public System.String KeyId; public System.Nullable<System.DateTime> StartDateTime; public System.String SecretText; public System.String Hint; } public class PasswordSSOCredential { public System.String FieldId; public System.String Value; public System.String Type; } public class PasswordSSOCredentials { public System.String Id; public System.Collections.Generic.List<Microsoft.Open.MSGraph.Model.PasswordSSOCredential> Credentials; } public class PasswordSSOObjectId { public System.String Id; public PasswordSSOObjectId() { } public PasswordSSOObjectId(System.String value) { Id = value; } } public class PermissionScope { public System.String AdminConsentDescription; public System.String AdminConsentDisplayName; public System.String Id; public System.Nullable<System.Boolean> IsEnabled; public System.String Type; public System.String UserConsentDescription; public System.String UserConsentDisplayName; public System.String Value; } public class PreAuthorizedApplication { public System.String AppId; public System.Collections.Generic.List<System.String> PermissionIds; } public class PublicClientApplication { public System.Collections.Generic.List<System.String> RedirectUris; public PublicClientApplication() { } public PublicClientApplication(System.Collections.Generic.List<System.String> value) { RedirectUris = value; } } public class Recipient { public Microsoft.Open.MSGraph.Model.EmailAddress EmailAddress; public Recipient() { } public Recipient(Microsoft.Open.MSGraph.Model.EmailAddress value) { EmailAddress = value; } } public class RequiredResourceAccess { public System.String ResourceAppId; public System.Collections.Generic.List<Microsoft.Open.MSGraph.Model.ResourceAccess> ResourceAccess; } public class ResourceAccess { public System.String Id; public System.String Type; } public class RolePermission { public System.Collections.Generic.List<System.String> AllowedResourceActions; public System.String Condition; } public class SettingTemplateValue { public System.String Name; public System.String Description; public System.String Type; public System.String DefaultValue; } public class SettingValue { public System.String Name; public System.String Value; } public class SetVerifiedPublisherRequest { public System.String VerifiedPublisherId; public SetVerifiedPublisherRequest() { } public SetVerifiedPublisherRequest(System.String value) { VerifiedPublisherId = value; } } public class User { public System.String Id; public System.String OdataType; } public class WebApplication { public System.String LogoutUrl; public System.Nullable<System.Boolean> Oauth2AllowImplicitFlow; public System.Collections.Generic.List<System.String> RedirectUris; public Microsoft.Open.MSGraph.Model.ImplicitGrantSettings ImplicitGrantSettings; } } "@ try{ Add-Type -TypeDefinition $def } catch{} # ------------------------------------------------------------------------------ # End of Type definitios required for commands inputs # ------------------------------------------------------------------------------ # SIG # Begin signature block # MIIoLQYJKoZIhvcNAQcCoIIoHjCCKBoCAQExDzANBglghkgBZQMEAgEFADB5Bgor # BgEEAYI3AgEEoGswaTA0BgorBgEEAYI3AgEeMCYCAwEAAAQQH8w7YFlLCE63JNLG # KX7zUQIBAAIBAAIBAAIBAAIBADAxMA0GCWCGSAFlAwQCAQUABCDQWFV6NZE/0su9 # ShPF0IEu7GOVDTzExFzqK9JBsWAHcaCCDXYwggX0MIID3KADAgECAhMzAAAEBGx0 # Bv9XKydyAAAAAAQEMA0GCSqGSIb3DQEBCwUAMH4xCzAJBgNVBAYTAlVTMRMwEQYD # VQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMTH01pY3Jvc29mdCBDb2RlIFNpZ25p # bmcgUENBIDIwMTEwHhcNMjQwOTEyMjAxMTE0WhcNMjUwOTExMjAxMTE0WjB0MQsw # CQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9u # ZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMR4wHAYDVQQDExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB # AQC0KDfaY50MDqsEGdlIzDHBd6CqIMRQWW9Af1LHDDTuFjfDsvna0nEuDSYJmNyz # NB10jpbg0lhvkT1AzfX2TLITSXwS8D+mBzGCWMM/wTpciWBV/pbjSazbzoKvRrNo # DV/u9omOM2Eawyo5JJJdNkM2d8qzkQ0bRuRd4HarmGunSouyb9NY7egWN5E5lUc3 # a2AROzAdHdYpObpCOdeAY2P5XqtJkk79aROpzw16wCjdSn8qMzCBzR7rvH2WVkvF # HLIxZQET1yhPb6lRmpgBQNnzidHV2Ocxjc8wNiIDzgbDkmlx54QPfw7RwQi8p1fy # 4byhBrTjv568x8NGv3gwb0RbAgMBAAGjggFzMIIBbzAfBgNVHSUEGDAWBgorBgEE # AYI3TAgBBggrBgEFBQcDAzAdBgNVHQ4EFgQU8huhNbETDU+ZWllL4DNMPCijEU4w # RQYDVR0RBD4wPKQ6MDgxHjAcBgNVBAsTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEW # MBQGA1UEBRMNMjMwMDEyKzUwMjkyMzAfBgNVHSMEGDAWgBRIbmTlUAXTgqoXNzci # tW2oynUClTBUBgNVHR8ETTBLMEmgR6BFhkNodHRwOi8vd3d3Lm1pY3Jvc29mdC5j # b20vcGtpb3BzL2NybC9NaWNDb2RTaWdQQ0EyMDExXzIwMTEtMDctMDguY3JsMGEG # CCsGAQUFBwEBBFUwUzBRBggrBgEFBQcwAoZFaHR0cDovL3d3dy5taWNyb3NvZnQu # Y29tL3BraW9wcy9jZXJ0cy9NaWNDb2RTaWdQQ0EyMDExXzIwMTEtMDctMDguY3J0 # MAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQELBQADggIBAIjmD9IpQVvfB1QehvpC # Ge7QeTQkKQ7j3bmDMjwSqFL4ri6ae9IFTdpywn5smmtSIyKYDn3/nHtaEn0X1NBj # L5oP0BjAy1sqxD+uy35B+V8wv5GrxhMDJP8l2QjLtH/UglSTIhLqyt8bUAqVfyfp # h4COMRvwwjTvChtCnUXXACuCXYHWalOoc0OU2oGN+mPJIJJxaNQc1sjBsMbGIWv3 # cmgSHkCEmrMv7yaidpePt6V+yPMik+eXw3IfZ5eNOiNgL1rZzgSJfTnvUqiaEQ0X # dG1HbkDv9fv6CTq6m4Ty3IzLiwGSXYxRIXTxT4TYs5VxHy2uFjFXWVSL0J2ARTYL # E4Oyl1wXDF1PX4bxg1yDMfKPHcE1Ijic5lx1KdK1SkaEJdto4hd++05J9Bf9TAmi # u6EK6C9Oe5vRadroJCK26uCUI4zIjL/qG7mswW+qT0CW0gnR9JHkXCWNbo8ccMk1 # sJatmRoSAifbgzaYbUz8+lv+IXy5GFuAmLnNbGjacB3IMGpa+lbFgih57/fIhamq # 5VhxgaEmn/UjWyr+cPiAFWuTVIpfsOjbEAww75wURNM1Imp9NJKye1O24EspEHmb # DmqCUcq7NqkOKIG4PVm3hDDED/WQpzJDkvu4FrIbvyTGVU01vKsg4UfcdiZ0fQ+/ # V0hf8yrtq9CkB8iIuk5bBxuPMIIHejCCBWKgAwIBAgIKYQ6Q0gAAAAAAAzANBgkq # hkiG9w0BAQsFADCBiDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24x # EDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlv # bjEyMDAGA1UEAxMpTWljcm9zb2Z0IFJvb3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5 # IDIwMTEwHhcNMTEwNzA4MjA1OTA5WhcNMjYwNzA4MjEwOTA5WjB+MQswCQYDVQQG # EwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwG # A1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSgwJgYDVQQDEx9NaWNyb3NvZnQg # Q29kZSBTaWduaW5nIFBDQSAyMDExMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIIC # CgKCAgEAq/D6chAcLq3YbqqCEE00uvK2WCGfQhsqa+laUKq4BjgaBEm6f8MMHt03 # a8YS2AvwOMKZBrDIOdUBFDFC04kNeWSHfpRgJGyvnkmc6Whe0t+bU7IKLMOv2akr # rnoJr9eWWcpgGgXpZnboMlImEi/nqwhQz7NEt13YxC4Ddato88tt8zpcoRb0Rrrg # OGSsbmQ1eKagYw8t00CT+OPeBw3VXHmlSSnnDb6gE3e+lD3v++MrWhAfTVYoonpy # 4BI6t0le2O3tQ5GD2Xuye4Yb2T6xjF3oiU+EGvKhL1nkkDstrjNYxbc+/jLTswM9 # sbKvkjh+0p2ALPVOVpEhNSXDOW5kf1O6nA+tGSOEy/S6A4aN91/w0FK/jJSHvMAh # dCVfGCi2zCcoOCWYOUo2z3yxkq4cI6epZuxhH2rhKEmdX4jiJV3TIUs+UsS1Vz8k # A/DRelsv1SPjcF0PUUZ3s/gA4bysAoJf28AVs70b1FVL5zmhD+kjSbwYuER8ReTB # w3J64HLnJN+/RpnF78IcV9uDjexNSTCnq47f7Fufr/zdsGbiwZeBe+3W7UvnSSmn # Eyimp31ngOaKYnhfsi+E11ecXL93KCjx7W3DKI8sj0A3T8HhhUSJxAlMxdSlQy90 # lfdu+HggWCwTXWCVmj5PM4TasIgX3p5O9JawvEagbJjS4NaIjAsCAwEAAaOCAe0w # ggHpMBAGCSsGAQQBgjcVAQQDAgEAMB0GA1UdDgQWBBRIbmTlUAXTgqoXNzcitW2o # ynUClTAZBgkrBgEEAYI3FAIEDB4KAFMAdQBiAEMAQTALBgNVHQ8EBAMCAYYwDwYD # VR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAWgBRyLToCMZBDuRQFTuHqp8cx0SOJNDBa # BgNVHR8EUzBRME+gTaBLhklodHRwOi8vY3JsLm1pY3Jvc29mdC5jb20vcGtpL2Ny # bC9wcm9kdWN0cy9NaWNSb29DZXJBdXQyMDExXzIwMTFfMDNfMjIuY3JsMF4GCCsG # AQUFBwEBBFIwUDBOBggrBgEFBQcwAoZCaHR0cDovL3d3dy5taWNyb3NvZnQuY29t # L3BraS9jZXJ0cy9NaWNSb29DZXJBdXQyMDExXzIwMTFfMDNfMjIuY3J0MIGfBgNV # HSAEgZcwgZQwgZEGCSsGAQQBgjcuAzCBgzA/BggrBgEFBQcCARYzaHR0cDovL3d3 # dy5taWNyb3NvZnQuY29tL3BraW9wcy9kb2NzL3ByaW1hcnljcHMuaHRtMEAGCCsG # AQUFBwICMDQeMiAdAEwAZQBnAGEAbABfAHAAbwBsAGkAYwB5AF8AcwB0AGEAdABl # AG0AZQBuAHQALiAdMA0GCSqGSIb3DQEBCwUAA4ICAQBn8oalmOBUeRou09h0ZyKb # C5YR4WOSmUKWfdJ5DJDBZV8uLD74w3LRbYP+vj/oCso7v0epo/Np22O/IjWll11l # hJB9i0ZQVdgMknzSGksc8zxCi1LQsP1r4z4HLimb5j0bpdS1HXeUOeLpZMlEPXh6 # I/MTfaaQdION9MsmAkYqwooQu6SpBQyb7Wj6aC6VoCo/KmtYSWMfCWluWpiW5IP0 # wI/zRive/DvQvTXvbiWu5a8n7dDd8w6vmSiXmE0OPQvyCInWH8MyGOLwxS3OW560 # STkKxgrCxq2u5bLZ2xWIUUVYODJxJxp/sfQn+N4sOiBpmLJZiWhub6e3dMNABQam # ASooPoI/E01mC8CzTfXhj38cbxV9Rad25UAqZaPDXVJihsMdYzaXht/a8/jyFqGa # J+HNpZfQ7l1jQeNbB5yHPgZ3BtEGsXUfFL5hYbXw3MYbBL7fQccOKO7eZS/sl/ah # XJbYANahRr1Z85elCUtIEJmAH9AAKcWxm6U/RXceNcbSoqKfenoi+kiVH6v7RyOA # 9Z74v2u3S5fi63V4GuzqN5l5GEv/1rMjaHXmr/r8i+sLgOppO6/8MO0ETI7f33Vt # Y5E90Z1WTk+/gFcioXgRMiF670EKsT/7qMykXcGhiJtXcVZOSEXAQsmbdlsKgEhr # /Xmfwb1tbWrJUnMTDXpQzTGCGg0wghoJAgEBMIGVMH4xCzAJBgNVBAYTAlVTMRMw # EQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVN # aWNyb3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMTH01pY3Jvc29mdCBDb2RlIFNp # Z25pbmcgUENBIDIwMTECEzMAAAQEbHQG/1crJ3IAAAAABAQwDQYJYIZIAWUDBAIB # BQCgga4wGQYJKoZIhvcNAQkDMQwGCisGAQQBgjcCAQQwHAYKKwYBBAGCNwIBCzEO # MAwGCisGAQQBgjcCARUwLwYJKoZIhvcNAQkEMSIEIFf2yxwHWT0o9psydsTpzgKh # X3rNS0KsOkylAFZ4mpJVMEIGCisGAQQBgjcCAQwxNDAyoBSAEgBNAGkAYwByAG8A # cwBvAGYAdKEagBhodHRwOi8vd3d3Lm1pY3Jvc29mdC5jb20wDQYJKoZIhvcNAQEB # BQAEggEAh+2qcwMaaSHb9NiSZzMLeRdqA+8EuEayurDe3QFDNpEpewZSOpqBvrkL # 82hbNs0AQ3TZxMBXm5lyv0ujc+3ZAwctOj2eUNVq2Wx6YE0uFiNCs+Mt6dqYBi3x # 8z1C20JiJcPNlhKtVRPx7Rfb8b8OV+7tYltjG/hlqG1M/ArZ59JADI2D1zB8ZoIJ # ye+9WkDsTAIPEcZxFP0d+XSVCtn0zUOfCPZ6GaO0e0b1pndJCHR29qVfXt3F5z4G # EE4GOGBZlGxgAOcAySVxOJ3ktfXSodFwg3JBDhUw+fs8a9zYZVWjvoyAJmXMp05p # 0ww40J3DNhQoSIORhr16WD79kaLcPKGCF5cwgheTBgorBgEEAYI3AwMBMYIXgzCC # F38GCSqGSIb3DQEHAqCCF3AwghdsAgEDMQ8wDQYJYIZIAWUDBAIBBQAwggFSBgsq # hkiG9w0BCRABBKCCAUEEggE9MIIBOQIBAQYKKwYBBAGEWQoDATAxMA0GCWCGSAFl # AwQCAQUABCBk2/CpNogG3JB5LZv9iPa1fvi5VsSvbju7/fjeWESPkQIGZz8mjLxF # GBMyMDI0MTEyMjExNDMzNS43MjVaMASAAgH0oIHRpIHOMIHLMQswCQYDVQQGEwJV # UzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UE # ChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSUwIwYDVQQLExxNaWNyb3NvZnQgQW1l # cmljYSBPcGVyYXRpb25zMScwJQYDVQQLEx5uU2hpZWxkIFRTUyBFU046OEQwMC0w # NUUwLUQ5NDcxJTAjBgNVBAMTHE1pY3Jvc29mdCBUaW1lLVN0YW1wIFNlcnZpY2Wg # ghHtMIIHIDCCBQigAwIBAgITMwAAAfPFCkOuA8wdMQABAAAB8zANBgkqhkiG9w0B # AQsFADB8MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UE # BxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSYwJAYD # VQQDEx1NaWNyb3NvZnQgVGltZS1TdGFtcCBQQ0EgMjAxMDAeFw0yMzEyMDYxODQ2 # MDJaFw0yNTAzMDUxODQ2MDJaMIHLMQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2Fz # aGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENv # cnBvcmF0aW9uMSUwIwYDVQQLExxNaWNyb3NvZnQgQW1lcmljYSBPcGVyYXRpb25z # MScwJQYDVQQLEx5uU2hpZWxkIFRTUyBFU046OEQwMC0wNUUwLUQ5NDcxJTAjBgNV # BAMTHE1pY3Jvc29mdCBUaW1lLVN0YW1wIFNlcnZpY2UwggIiMA0GCSqGSIb3DQEB # AQUAA4ICDwAwggIKAoICAQD+n6ba4SuB9iSO5WMhbngqYAb+z3IfzNpZIWS/sgfX # hlLYmGnsUtrGX3OVcg+8krJdixuNUMO7ZAOqCZsXUjOz8zcn1aUD5D2r2PhzVKjH # tivWGgGj4x5wqWe1Qov3vMz8WHsKsfadIlWjfBMnVKVomOybQ7+2jc4afzj2XJQQ # SmE9jQRoBogDwmqZakeYnIx0EmOuucPr674T6/YaTPiIYlGf+XV2u6oQHAkMG56x # YPQikitQjjNWHADfBqbBEaqppastxpRNc4id2S1xVQxcQGXjnAgeeVbbPbAoELhb # w+z3VetRwuEFJRzT6hbWEgvz9LMYPSbioHL8w+ZiWo3xuw3R7fJsqe7pqsnjwvni # P7sfE1utfi7k0NQZMpviOs//239H6eA6IOVtF8w66ipE71EYrcSNrOGlTm5uqq+s # yO1udZOeKM0xY728NcGDFqnjuFPbEEm6+etZKftU9jxLCSzqXOVOzdqA8O5Xa3E4 # 1j3s7MlTF4Q7BYrQmbpxqhTvfuIlYwI2AzeO3OivcezJwBj2FQgTiVHacvMQDgSA # 7E5vytak0+MLBm0AcW4IPer8A4gOGD9oSprmyAu1J6wFkBrf2Sjn+ieNq6Fx0tWj # 8Ipg3uQvcug37jSadF6q1rUEaoPIajZCGVk+o5wn6rt+cwdJ39REU43aWCwn0C+X # xwIDAQABo4IBSTCCAUUwHQYDVR0OBBYEFMNkFfalEVEMjA3ApoUx9qDrDQokMB8G # A1UdIwQYMBaAFJ+nFV0AXmJdg/Tl0mWnG1M1GelyMF8GA1UdHwRYMFYwVKBSoFCG # Tmh0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2lvcHMvY3JsL01pY3Jvc29mdCUy # MFRpbWUtU3RhbXAlMjBQQ0ElMjAyMDEwKDEpLmNybDBsBggrBgEFBQcBAQRgMF4w # XAYIKwYBBQUHMAKGUGh0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2lvcHMvY2Vy # dHMvTWljcm9zb2Z0JTIwVGltZS1TdGFtcCUyMFBDQSUyMDIwMTAoMSkuY3J0MAwG # A1UdEwEB/wQCMAAwFgYDVR0lAQH/BAwwCgYIKwYBBQUHAwgwDgYDVR0PAQH/BAQD # AgeAMA0GCSqGSIb3DQEBCwUAA4ICAQDfxByP/NH+79vc3liO4c7nXM/UKFcAm5w6 # 1FxRxPxCXRXliNjZ7sDqNP0DzUTBU9tS5DqkqRSiIV15j7q8e6elg8/cD3bv0sW4 # Go9AML4lhA5MBg3wzKdihfJ0E/HIqcHX11mwtbpTiC2sgAUh7+OZnb9TwJE7pbEB # PJQUxxuCiS5/r0s2QVipBmi/8MEW2eIi4mJ+vHI5DCaAGooT4A15/7oNj9zyzRAB # TUICNNrS19KfryEN5dh5kqOG4Qgca9w6L7CL+SuuTZi0SZ8Zq65iK2hQ8IMAOVxe # wCpD4lZL6NDsVNSwBNXOUlsxOAO3G0wNT+cBug/HD43B7E2odVfs6H2EYCZxUS1r # gReGd2uqQxgQ2wrMuTb5ykO+qd+4nhaf/9SN3getomtQn5IzhfCkraT1KnZF8TI3 # ye1Z3pner0Cn/p15H7wNwDkBAiZ+2iz9NUEeYLfMGm9vErDVBDRMjGsE/HqqY7QT # STtDvU7+zZwRPGjiYYUFXT+VgkfdHiFpKw42Xsm0MfL5aOa31FyCM17/pPTIKTRi # KsDF370SwIwZAjVziD/9QhEFBu9pojFULOZvzuL5iSEJIcqopVAwdbNdroZi2HN8 # nfDjzJa8CMTkQeSfQsQpKr83OhBmE3MF2sz8gqe3loc05DW8JNvZ328Jps3LJCAL # t0rQPJYnOzCCB3EwggVZoAMCAQICEzMAAAAVxedrngKbSZkAAAAAABUwDQYJKoZI # hvcNAQELBQAwgYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAw # DgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24x # MjAwBgNVBAMTKU1pY3Jvc29mdCBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eSAy # MDEwMB4XDTIxMDkzMDE4MjIyNVoXDTMwMDkzMDE4MzIyNVowfDELMAkGA1UEBhMC # VVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNV # BAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEmMCQGA1UEAxMdTWljcm9zb2Z0IFRp # bWUtU3RhbXAgUENBIDIwMTAwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoIC # AQDk4aZM57RyIQt5osvXJHm9DtWC0/3unAcH0qlsTnXIyjVX9gF/bErg4r25Phdg # M/9cT8dm95VTcVrifkpa/rg2Z4VGIwy1jRPPdzLAEBjoYH1qUoNEt6aORmsHFPPF # dvWGUNzBRMhxXFExN6AKOG6N7dcP2CZTfDlhAnrEqv1yaa8dq6z2Nr41JmTamDu6 # GnszrYBbfowQHJ1S/rboYiXcag/PXfT+jlPP1uyFVk3v3byNpOORj7I5LFGc6XBp # Dco2LXCOMcg1KL3jtIckw+DJj361VI/c+gVVmG1oO5pGve2krnopN6zL64NF50Zu # yjLVwIYwXE8s4mKyzbnijYjklqwBSru+cakXW2dg3viSkR4dPf0gz3N9QZpGdc3E # XzTdEonW/aUgfX782Z5F37ZyL9t9X4C626p+Nuw2TPYrbqgSUei/BQOj0XOmTTd0 # lBw0gg/wEPK3Rxjtp+iZfD9M269ewvPV2HM9Q07BMzlMjgK8QmguEOqEUUbi0b1q # GFphAXPKZ6Je1yh2AuIzGHLXpyDwwvoSCtdjbwzJNmSLW6CmgyFdXzB0kZSU2LlQ # +QuJYfM2BjUYhEfb3BvR/bLUHMVr9lxSUV0S2yW6r1AFemzFER1y7435UsSFF5PA # PBXbGjfHCBUYP3irRbb1Hode2o+eFnJpxq57t7c+auIurQIDAQABo4IB3TCCAdkw # EgYJKwYBBAGCNxUBBAUCAwEAATAjBgkrBgEEAYI3FQIEFgQUKqdS/mTEmr6CkTxG # NSnPEP8vBO4wHQYDVR0OBBYEFJ+nFV0AXmJdg/Tl0mWnG1M1GelyMFwGA1UdIARV # MFMwUQYMKwYBBAGCN0yDfQEBMEEwPwYIKwYBBQUHAgEWM2h0dHA6Ly93d3cubWlj # cm9zb2Z0LmNvbS9wa2lvcHMvRG9jcy9SZXBvc2l0b3J5Lmh0bTATBgNVHSUEDDAK # BggrBgEFBQcDCDAZBgkrBgEEAYI3FAIEDB4KAFMAdQBiAEMAQTALBgNVHQ8EBAMC # AYYwDwYDVR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAWgBTV9lbLj+iiXGJo0T2UkFvX # zpoYxDBWBgNVHR8ETzBNMEugSaBHhkVodHRwOi8vY3JsLm1pY3Jvc29mdC5jb20v # cGtpL2NybC9wcm9kdWN0cy9NaWNSb29DZXJBdXRfMjAxMC0wNi0yMy5jcmwwWgYI # KwYBBQUHAQEETjBMMEoGCCsGAQUFBzAChj5odHRwOi8vd3d3Lm1pY3Jvc29mdC5j # b20vcGtpL2NlcnRzL01pY1Jvb0NlckF1dF8yMDEwLTA2LTIzLmNydDANBgkqhkiG # 9w0BAQsFAAOCAgEAnVV9/Cqt4SwfZwExJFvhnnJL/Klv6lwUtj5OR2R4sQaTlz0x # M7U518JxNj/aZGx80HU5bbsPMeTCj/ts0aGUGCLu6WZnOlNN3Zi6th542DYunKmC # VgADsAW+iehp4LoJ7nvfam++Kctu2D9IdQHZGN5tggz1bSNU5HhTdSRXud2f8449 # xvNo32X2pFaq95W2KFUn0CS9QKC/GbYSEhFdPSfgQJY4rPf5KYnDvBewVIVCs/wM # nosZiefwC2qBwoEZQhlSdYo2wh3DYXMuLGt7bj8sCXgU6ZGyqVvfSaN0DLzskYDS # PeZKPmY7T7uG+jIa2Zb0j/aRAfbOxnT99kxybxCrdTDFNLB62FD+CljdQDzHVG2d # Y3RILLFORy3BFARxv2T5JL5zbcqOCb2zAVdJVGTZc9d/HltEAY5aGZFrDZ+kKNxn # GSgkujhLmm77IVRrakURR6nxt67I6IleT53S0Ex2tVdUCbFpAUR+fKFhbHP+Crvs # QWY9af3LwUFJfn6Tvsv4O+S3Fb+0zj6lMVGEvL8CwYKiexcdFYmNcP7ntdAoGokL # jzbaukz5m/8K6TT4JDVnK+ANuOaMmdbhIurwJ0I9JZTmdHRbatGePu1+oDEzfbzL # 6Xu/OHBE0ZDxyKs6ijoIYn/ZcGNTTY3ugm2lBRDBcQZqELQdVTNYs6FwZvKhggNQ # MIICOAIBATCB+aGB0aSBzjCByzELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hp # bmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jw # b3JhdGlvbjElMCMGA1UECxMcTWljcm9zb2Z0IEFtZXJpY2EgT3BlcmF0aW9uczEn # MCUGA1UECxMeblNoaWVsZCBUU1MgRVNOOjhEMDAtMDVFMC1EOTQ3MSUwIwYDVQQD # ExxNaWNyb3NvZnQgVGltZS1TdGFtcCBTZXJ2aWNloiMKAQEwBwYFKw4DAhoDFQBu # +gYs2LRha5pFO79g3LkfwKRnKKCBgzCBgKR+MHwxCzAJBgNVBAYTAlVTMRMwEQYD # VQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24xJjAkBgNVBAMTHU1pY3Jvc29mdCBUaW1lLVN0YW1w # IFBDQSAyMDEwMA0GCSqGSIb3DQEBCwUAAgUA6upNtjAiGA8yMDI0MTEyMjAwMjQy # MloYDzIwMjQxMTIzMDAyNDIyWjB3MD0GCisGAQQBhFkKBAExLzAtMAoCBQDq6k22 # AgEAMAoCAQACAgLrAgH/MAcCAQACAhOXMAoCBQDq6582AgEAMDYGCisGAQQBhFkK # BAIxKDAmMAwGCisGAQQBhFkKAwKgCjAIAgEAAgMHoSChCjAIAgEAAgMBhqAwDQYJ # KoZIhvcNAQELBQADggEBAJ7ZWV07FGOtvoOJlhcP5O4Bnfxh8uoQTNeFRBm6ITng # i9BFlmJkh0v4JC4Vu1l/a6z8IBVWjt5LIe2QYeuZ3ptmsKyqNX3h1ocMrbCHbecW # sYMupJqpwz8QUuszQ5yMRbx3UT487K7NTsLA7jF2iR46pHmrouhIXhG7D/c7MpzG # H+MDA87BLNcT58RPb8TUfErOzeZ81tnxB7Jm4SPJvaN3ncmgJFu3sfJYHmkFCZuJ # UR7ZG6fsXFoyzMI0PGsShzTKItHFO9yFlGdgxxU7hb3s166KiFP4cx3YMlaZ4r7r # 5Fdk4lOgRmnLWTn0o50joeNOdnezGrifuhvsOvQ0wXMxggQNMIIECQIBATCBkzB8 # MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVk # bW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSYwJAYDVQQDEx1N # aWNyb3NvZnQgVGltZS1TdGFtcCBQQ0EgMjAxMAITMwAAAfPFCkOuA8wdMQABAAAB # 8zANBglghkgBZQMEAgEFAKCCAUowGgYJKoZIhvcNAQkDMQ0GCyqGSIb3DQEJEAEE # MC8GCSqGSIb3DQEJBDEiBCAE2M631VYgiVZZGtakF+xhSKV8XvGIHILK6/i6R/Pu # BzCB+gYLKoZIhvcNAQkQAi8xgeowgecwgeQwgb0EIBi82TSLtuG4Vkp8wBmJk/T+ # RAh841sG/aDOwxg6O2LoMIGYMIGApH4wfDELMAkGA1UEBhMCVVMxEzARBgNVBAgT # Cldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29m # dCBDb3Jwb3JhdGlvbjEmMCQGA1UEAxMdTWljcm9zb2Z0IFRpbWUtU3RhbXAgUENB # IDIwMTACEzMAAAHzxQpDrgPMHTEAAQAAAfMwIgQg4Wc9b133Dg1AWj7mL2eg1x6I # vgHzNmxBPF0gvvgXG+0wDQYJKoZIhvcNAQELBQAEggIAN+hm9ZbIA27iF3cpaYg+ # vpkxxvkeao9xy9jE3acu2VxTw0+5tykw9dd9RpxqGP9csfk4xlA3DYNSESQ0iDVR # o5kyQBoKGw4ZMvUtCbhf+kZHOGhiqUWVeNKmBpfK4I0mkVI3QwtaAUspexkwzYZ2 # a7fU08uPxEsk/4jg8iF5/XR5WUpKKNZ4+GWCfCqV0HRx+K/ek+/V3OC15YimxgBT # NXUqEpQLtsL+vPKYp5vYNaB6czF9F6EM69VdaqWXwyP3gqdAuaIUItVAFM2idmCx # KqqqhucoleC70pOi6YTHT4vLe+B8yuMPmZjTKicDCo/I1v5iX366o3wfWVvUIJuq # wdJDKscLbJwALQo10LtkrtskGGtFYGZMnwL6TzhOnSV8lDAXRT1+XacRZ8gLXgmn # xeQUTov9qA+S3fCWllHqqXCTuEW/jGwV6x4SDCPZ6TCzV4QgS+JsFlCETSfESPz7 # dtUok5rQN+nQGNFPr7l9R32FIyLbUWmqokQl4WkaxjQ580RyOG3SEkvy2Y3+dydV # mfXgaiXzuP7WPCLfUou8Ehpocd0h92Ssw6POwkVbn4V1K2HWha9zJTsb6b6V7/cV # Ra39P5uwims1G53FGZ2Y/pNPULNSMeTlJZoVq+6j1KcZ/nrwbJRnbE5zClbj+S4b # aNGHZoTdpY+UvO2cLq5VwLM= # SIG # End signature block |