This is a multi-part message in MIME format.
--------------000908080408080501060102
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Transfer-Encoding: 7bit
It works fine, but it kills SSO as user...
Poking in the windows logs I see a failed login as:
myuser(a)mydomain.tld-authz !!
Il 27/10/2015 11:51, Shahar Havivi ha scritto:
On 27.10.15 05:25, Alon Bar-Lev wrote:
> yes, you should probably only customize: $JoinDomain$, $DomainAdminPassword$,
$DomainAdmin$
> maybe, not sure: $JoinDomain$, $MachineObjectOU$
> the rest should be the same as any other.
Please make sure that the file is the full sysprep file such as you can find
in /packaging/conf/sysprep/sysprep.w7 which is a windows 7 sysprep file.
You can leave the variables such as $OrgName$ which will be replaces (exept
from the variables that Alon mentioned which where the original problem).
> ----- Original Message -----
>> From: "Cristian Mammoli" <c.mammoli(a)apra.it>
>> To: "Shahar Havivi" <shaharh(a)redhat.com>, "Alon
Bar-Lev" <alonbl(a)redhat.com>
>> Cc: "users" <users(a)ovirt.org>
>> Sent: Tuesday, October 27, 2015 11:19:02 AM
>> Subject: Re: [ovirt-users] ovirt-engine-extension-aaa-ldap and sysprep domain
join
>>
>> So just pasting there the contents of a modified
>> /usr/share/ovirt-engine/conf/sysprep/sysprep.w7x64 (for example) should
>> work right?
>>
>> The variables like '![CDATA[$OrgName$' will be replaced?
>>
>> Il 26/10/2015 12:43, Shahar Havivi ha scritto:
>>> On 26.10.15 06:23, Alon Bar-Lev wrote:
>>>> Hi,
>>>> The usage of the engine-manage-domain user to anything else but ldap
>>>> searches is something that is unexpected and insecure.
>>>> As a solution, you may either paste a modified sysprep file into the
pool
>>>> at UI or set up a different osinfo profile with modified sysprep file,
>>>> this modified sysprep file can contain the credentials of the user that
>>>> is being used for joining the domain.
>>>> CCing Shahar which may assist farther.
>>> Hi,
>>> You can paste a modified sysprep file to "new
Pool"->"Initial run"->"Custom
>>> Script"
>>> As Alon mentioned.
>> --
>> Mammoli Cristian
>> System administrator
>> T. +39 0731 22911
>> Via Brodolini 6 | 60035 Jesi (an)
>>
>>
--
Mammoli Cristian
System administrator
T. +39 0731 22911
Via Brodolini 6 | 60035 Jesi (an)
--------------000908080408080501060102
Content-Type: multipart/related;
boundary="------------070409000103030101070908"
--------------070409000103030101070908
Content-Type: text/html; charset=windows-1252
Content-Transfer-Encoding: 7bit
<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
It works fine, but it kills SSO as user...<br>
<br>
Poking in the windows logs I see a failed login as:<br>
<br>
<a class="moz-txt-link-abbreviated"
href="mailto:myuser@mydomain.tld-authz">myuser@mydomain.tld-authz</a>
!!<br>
<br>
<div class="moz-cite-prefix">Il 27/10/2015 11:51, Shahar Havivi ha
scritto:<br>
</div>
<blockquote cite="mid:20151027105144.GA16392@redhat.com"
type="cite">
<pre wrap="">On 27.10.15 05:25, Alon Bar-Lev wrote:
</pre>
<blockquote type="cite">
<pre wrap="">yes, you should probably only customize:
$JoinDomain$, $DomainAdminPassword$, $DomainAdmin$
maybe, not sure: $JoinDomain$, $MachineObjectOU$
the rest should be the same as any other.
</pre>
</blockquote>
<pre wrap="">Please make sure that the file is the full sysprep file
such as you can find
in /packaging/conf/sysprep/sysprep.w7 which is a windows 7 sysprep file.
You can leave the variables such as $OrgName$ which will be replaces (exept
from the variables that Alon mentioned which where the original problem).
</pre>
<blockquote type="cite">
<pre wrap="">
----- Original Message -----
</pre>
<blockquote type="cite">
<pre wrap="">From: "Cristian Mammoli" <a
class="moz-txt-link-rfc2396E"
href="mailto:c.mammoli@apra.it"><c.mammoli@apra.it></a>
To: "Shahar Havivi" <a class="moz-txt-link-rfc2396E"
href="mailto:shaharh@redhat.com"><shaharh@redhat.com></a>,
"Alon Bar-Lev" <a class="moz-txt-link-rfc2396E"
href="mailto:alonbl@redhat.com"><alonbl@redhat.com></a>
Cc: "users" <a class="moz-txt-link-rfc2396E"
href="mailto:users@ovirt.org"><users@ovirt.org></a>
Sent: Tuesday, October 27, 2015 11:19:02 AM
Subject: Re: [ovirt-users] ovirt-engine-extension-aaa-ldap and sysprep domain join
So just pasting there the contents of a modified
/usr/share/ovirt-engine/conf/sysprep/sysprep.w7x64 (for example) should
work right?
The variables like '![CDATA[$OrgName$' will be replaced?
Il 26/10/2015 12:43, Shahar Havivi ha scritto:
</pre>
<blockquote type="cite">
<pre wrap="">On 26.10.15 06:23, Alon Bar-Lev wrote:
</pre>
<blockquote type="cite">
<pre wrap="">Hi,
The usage of the engine-manage-domain user to anything else but ldap
searches is something that is unexpected and insecure.
As a solution, you may either paste a modified sysprep file into the pool
at UI or set up a different osinfo profile with modified sysprep file,
this modified sysprep file can contain the credentials of the user that
is being used for joining the domain.
CCing Shahar which may assist farther.
</pre>
</blockquote>
<pre wrap="">Hi,
You can paste a modified sysprep file to "new Pool"->"Initial
run"->"Custom
Script"
As Alon mentioned.
</pre>
<blockquote type="cite">
<pre wrap="">
</pre>
</blockquote>
</blockquote>
<pre wrap="">
--
Mammoli Cristian
System administrator
T. +39 0731 22911
Via Brodolini 6 | 60035 Jesi (an)
</pre>
</blockquote>
</blockquote>
</blockquote>
<br>
<div class="moz-signature">-- <br>
<span style=" font-family:'Helvetica Neue', Helvetica, Arial,
sans-serif; font-size:16px; font-weight:bold; color:#000;
margin-left:10px;">Mammoli Cristian</span><br>
<span style=" font-family:'Helvetica Neue', Helvetica, Arial,
sans-serif; font-size:12px;color:#000;margin-left:10px;">System
administrator</span><br>
<span style=" font-family:'Helvetica Neue', Helvetica, Arial,
sans-serif; font-size:12px;color:#000;margin-left:10px;">T. +39
0731 22911</span><br>
<span style=" font-family:'Helvetica Neue', Helvetica, Arial,
sans-serif; font-size:12px;color:#000;margin-left:10px;">Via
Brodolini 6 | 60035 Jesi (an)</span><br>
<br>
<img src="cid:part1.00060709.09020100@apra.it" alt=""
usemap="#Map">
<map name="Map">
<area shape="rect" coords="9,4,27,24"
href="https://www.facebook.com/aprainformatica" style="
cursor:pointer" title="Facebook">
<area shape="rect" coords="40,4,60,22"
href="https://twitter.com/ApraInformatica" style="
cursor:pointer" title="Twitter">
<area shape="rect" coords="75,3,94,25"
href="https://plus.google.com/u/0/+ApraIt/posts" style="
cursor:pointer" title="Google Plus">
<area shape="rect" coords="106,4,126,22"
href="http://www.linkedin.com/company/apra_2" style="
cursor:pointer" title="Linkedin">
<area shape="rect" coords="7,60,182,117"
href="http://www.apra.it/" style=" cursor:pointer"
title="Apra">
</map>
</div>
</body>
</html>
--------------070409000103030101070908
Content-Type: image/jpeg;
name="Firma2.jpg"
Content-Transfer-Encoding: base64
Content-ID: <part1.00060709.09020100(a)apra.it>
Content-Disposition: inline;
filename="Firma2.jpg"
/9j/4QAYRXhpZgAASUkqAAgAAAAAAAAAAAAAAP/sABFEdWNreQABAAQAAABQAAD/4QP4aHR0
cDovL25zLmFkb2JlLmNvbS94YXAvMS4wLwA8P3hwYWNrZXQgYmVnaW49Iu+7vyIgaWQ9Ilc1
TTBNcENlaGlIenJlU3pOVGN6a2M5ZCI/PiA8eDp4bXBtZXRhIHhtbG5zOng9ImFkb2JlOm5z
Om1ldGEvIiB4OnhtcHRrPSJBZG9iZSBYTVAgQ29yZSA1LjUtYzAyMSA3OS4xNTQ5MTEsIDIw
MTMvMTAvMjktMTE6NDc6MTYgICAgICAgICI+IDxyZGY6UkRGIHhtbG5zOnJkZj0iaHR0cDov
L3d3dy53My5vcmcvMTk5OS8wMi8yMi1yZGYtc3ludGF4LW5zIyI+IDxyZGY6RGVzY3JpcHRp
b24gcmRmOmFib3V0PSIiIHhtbG5zOnhtcE1NPSJodHRwOi8vbnMuYWRvYmUuY29tL3hhcC8x
LjAvbW0vIiB4bWxuczpzdFJlZj0iaHR0cDovL25zLmFkb2JlLmNvbS94YXAvMS4wL3NUeXBl
L1Jlc291cmNlUmVmIyIgeG1sbnM6eG1wPSJodHRwOi8vbnMuYWRvYmUuY29tL3hhcC8xLjAv
IiB4bWxuczpkYz0iaHR0cDovL3B1cmwub3JnL2RjL2VsZW1lbnRzLzEuMS8iIHhtcE1NOk9y
aWdpbmFsRG9jdW1lbnRJRD0ieG1wLmRpZDphYzgzNzU2NS00ZDU3LTQ2MzktODU1OC1kYTI4
MjczNDhlMDciIHhtcE1NOkRvY3VtZW50SUQ9InhtcC5kaWQ6RURGMjgyREQ5M0QwMTFFMzhE
Mjg4RDRGNzEzQzA1Q0YiIHhtcE1NOkluc3RhbmNlSUQ9InhtcC5paWQ6RURGMjgyREM5M0Qw
MTFFMzhEMjg4RDRGNzEzQzA1Q0YiIHhtcDpDcmVhdG9yVG9vbD0iQWRvYmUgUGhvdG9zaG9w
IENDIChNYWNpbnRvc2gpIj4gPHhtcE1NOkRlcml2ZWRGcm9tIHN0UmVmOmluc3RhbmNlSUQ9
InhtcC5paWQ6RDc5NzEzQkU4NEU5MTFFMzhCMTZDOUZENkZCN0M4NjciIHN0UmVmOmRvY3Vt
ZW50SUQ9InhtcC5kaWQ6RDc5NzEzQkY4NEU5MTFFMzhCMTZDOUZENkZCN0M4NjciLz4gPGRj
OnRpdGxlPiA8cmRmOkFsdD4gPHJkZjpsaSB4bWw6bGFuZz0ieC1kZWZhdWx0Ij5GaXJtYTwv
cmRmOmxpPiA8L3JkZjpBbHQ+IDwvZGM6dGl0bGU+IDwvcmRmOkRlc2NyaXB0aW9uPiA8L3Jk
ZjpSREY+IDwveDp4bXBtZXRhPiA8P3hwYWNrZXQgZW5kPSJyIj8+/+0ASFBob3Rvc2hvcCAz
LjAAOEJJTQQEAAAAAAAPHAFaAAMbJUccAgAAAgACADhCSU0EJQAAAAAAEPzhH4nIt8l4LzRi
NAdYd+v/7gAOQWRvYmUAZMAAAAAB/9sAhAACAgICAgICAgICAwICAgMEAwICAwQFBAQEBAQF
BgUFBQUFBQYGBwcIBwcGCQkKCgkJDAwMDAwMDAwMDAwMDAwMAQMDAwUEBQkGBgkNCwkLDQ8O
Dg4ODw8MDAwMDA8PDAwMDAwMDwwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAz/wAARCAB/
AV4DAREAAhEBAxEB/8QApQABAAEEAwEBAAAAAAAAAAAAAAkFBwgKAwQGAQIBAQEBAAMBAQEA
AAAAAAAAAAABAgMEBQYHCBAAAQMDAwIEBQMDAwQDAQAAAgEDBAAFBhESByEIMRMUCUEilVYX
USMVYTIWQlIkcZEzU4GzdDURAAIBAgIIBQMEAQIHAAAAAAABAhEDIRIxQZJTBAUVFlEik1QG
YTITcYGRQqFScrHB0fFDFAf/2gAMAwEAAhEDEQA/AJ758r0MGbNUFd9Gw4+rSLopeWKlpr8N
dKA12E95zm9/c8xw/g7cdwiKO25JuRGIKq7RIkcRCVE6KqImvjonhVoZzF6uHPcN74Of5V1j
cRdsOJZg1YfLS93JuZLiQ4puopA05KmSmGvMJE1QBJS066aUoE6kiHZ1z5nncBgGb3fk3C7f
gecce53eMGyPH7a+b7ASrQMdXepkehCbxNloZCu3ci6LokKjLqhSAXlT3dOYMK5S5JwqycTY
g/ZsNyq749bJdwkXEpDwWyU5GQ3TaMG95o3v2iiaIunXTVbQzmKPaPdo7psht15vOO9uVhyK
zY42juR3i1Rb9Ni28FTchS3mFMGk06/MqdOvhShamfvYP3k533YpyxFz3BLXhVy43kWgGQth
yk84bo3KIgeZl6mBNrGRddeu7Tam3VTCZIrUKQ7c9+4ZzvgvcxyDwJxbxDjGTwsDitTp19vM
uUz5EBq1s3O4XOe+LjMeLFjA6u4zXREROqkSDVoSp4Dkj3IO5vi/DsHzu8YLw1fcZ5IWQuEz
8evtxuSTxhKgTCDyi0H0zhI26JqJCfy7ei6KBuhensT9wPkHuq5WyjjnM8Bx7G41lxVzIodz
sr8sjVxmbGiqy4EkjRUJJG5FRU02/Hd8poJ1JX6hSL7ux70uduI+4PGOA+DeF7dypfr/AIq1
kSR3yluTHScflg4LTUYmxBtluLuIjLru+GnzCVMFp/vEdwdrnzrVdOFMLtl2tUl2FdbZKcur
UiNJjmrbzDzZOIQG2YqJCvVFSrQmYyD7Svc25Q5+7gcI4fyzjXF7LaMwaum+72iRN9THOBBe
mASDIIwISVnYqaIvza69NFUClUmnqGhQCgFAKAUAoBQCgFAKAUAoBQCgFAKAUAoBQCgFAKAU
AoBQCgFAUjIP/wCDe/8A8En/AOoqA0WIpq3AFwQUyBsiEE8SVNV0/wDmtnEbFnBfC+K2D28s
jxTGe7ay4HEzi/w8ivnNVrfahNY9OnfxRyLLIfauLSo8PlDHNSfbJd6CoInyrg2tBdT2rIDd
p4a5ntTGVJnjFr5qymIznYmTg3wGWIADc0MjcIklInm6qRKu7xXxqsqJPqhTX97P7JxFy53E
98vbly/ZG8pt2dZxecislilRxFoXLRdpzD8qLcG3G5MaU2MoEHyl1IFJdURDQqyIl74z4v4j
7PeHL5aMdkP2HjrFFuuU326XZ8X3mxJFkSXXn9gK5sAEEd2pbREdV0qFIzvaIzO88jZn3h57
kEl2VeMwvuP3ea+8gI4qy1uzooSAiCiiJImiJ8KrIibioU1secMwv+L+4l3U2i18cTeVce5J
xD/D+ScWtzvpJjePXCyWspM5i4G24zDOM402SOPp5f8ApXRVFU2Z1nheUeOMYwrCu1rAbxkV
xuvanPv0y/TOVLclvvEsstvSsjOsFyajTgjwPRR2vLcQX13L57w71HywwDIr26bRxlYe/fnu
0cQ3iZecEgYhfWLQ9KjtstMttZJFbbYgutypfqooNCHlSCNCcH5lEarKtJP9UKQy874eeee6
vxJjLeXZJgxS+J3XkyPE5yW+5tenK8ObAeJt4dh7dpiQKip/XRaGdZijcO2/tNxPhG59x3PV
15QvLzvMOS4xelstyYlzLurF5uUVk5JSAb0Mm4/nvvI4hmQkg9XESrUtC4vH3bbi/bL7n3Ae
MYJeZt3wbMMWu2UY2NzNHZsQJNrukd2M48gh5goUfeBKKFtLaWqjuWEpibAdDQoBQCgFAKAU
AoBQCgFAKAUAoBQCgFAKAUAoBQCgFAKAUAoBQCgKbd47su1XOKwiK/JiPNMiq6Ipm2Qiir8O
q0Bp8tdkfd5EH0rvbvmJOxiJtw24rTgKQkqLsMXlEk18FRdF8U6Vqpx5SRrDe3PnKH7YHMHE
k3iXIIvJN75GZudqwpyMHrpMNJlmdWQ20hrqCCy51Vf9C/DRayapgZr+1vxPyPw9275Bj3J2
HTsHvdzzq6XWBZrkgBIWE7Egsg6TYEWxFNk0RC0Xpr4KirWVEk9QprSrxL3dcNdzPMHI2Kdn
8DlYp3IF6veJXvI7OdyaYB64vSYky2yos6OrakBiXVC08FRCToJQ/fcRcfc77mrWmM51whkm
P4MrwSH8Fxi1+kgSnGiQ2lmuPSnn5KNkKEIGexCRC2bkRUEdTM32m+DeYOHGeepXKvH11wJv
KJOOjYW7uINOylhNT/UKDYmRbQ84PmXouuiaqhaViKoTFVDRBD3B8X80n3Dd3WOXLtvzTkvg
zuRaxEpeX4Y9HZusRzG4sZ6I/Cdf81hwRkgYvRnwTdtEkIdEUgMM8r7bO4+HxxK4Z4w7Z+T2
8Cu2Tx8wyK6ZMzEO4TLhBiOQoTLUWGYxYrLTb7hGo73HTUd5ILYjQy0Ze+1n24c68T89Zrln
JXFd8wTHJGBvWmLcbu22wLkxy5Q3m2WgQyIv22TVVRNE066ajrWypUJ7ahSHDu2x/uVwTvj4
/wC4rhfgq4cv22wcefwYDHL/AIvqn3ri1IbeJo/MbJtuSBjqOha9PBdBNZhJyRjXe7yXwPI4
Dndod+s9jk57c8+O/wARtxyUku5zZs44qNOu7PLbKcQCWuqiIqqaqtCGVnEFu7sOZe+HgbmL
lntwn8R45xpitzx+dP3EsNI/orgjDhHINTUzeloCAKKunXwQlQXWTfUKKAUAoBQCgFAKAUAo
BQCgFAKAUAoBQCgFAKAUAoBQCgFAKAUAoBQCgFAKAUAoBQCgFAKAUAoBQCgFAKAUAoBQCgFA
KAUAoBQCgFAKAUAoBQCgFAKAUAoBQCgFAKAUBQr7frJjNufvGQ3SNZ7XFJsZFwluC002rpo2
CEZKiJqRIiVzcNwt3iZq3ai5SehLF4YnU43jrHBWndvzUIKlW3RYui/yVVp1t9tt1pwXWnRQ
mnRVFEhVNUVFToqKlcLVMHpOzGSkk06pnYoaFAKAUAoBQCgFAKAUAoBQCgFAKAUAoBQCgFAK
AUAoBQCgFAKAUAoBQCgFAKAUAoBQCgFAKAUAoDrPOK20bgtk6oCpI0GikWia7U1VE1X4daqx
dDMnlTdKkZ3cQ7yhlFghZznEN3EMWO+fxeLcfO6k+2nlvKU+cors8wkbUQTVei/LonzH+w/E
48Bw158NwzVy5kzTuatK8kNdMcfrpxwX84//AEWXNuN4aPGcXWzZ/Jkt2cc2iTdyeqvlotdG
8qUcZZS8FXDLMVZTiDPIBpcsbiI/iWRxgcct9ytSKiCIPqKIjkdSQVEtC27enRVX4r5Na4fi
n/7/AAsvLN0nF0UoT+q8JaaqqrXE/T/hV/jOBj0rjo+e3Gtuaq4XLfgpU0w0UdHlphhV5K18
kfoJxGG8CDco7kVNwroqa/FF+C0TxI1VUPAJx6yiaf5fln1d6vV6q91a2EeB29H3F/1ZH38f
M/d2WfV3qvVXurWwh29H3F/1ZD8fM/d2WfV3qdVe6tbCHb0fcX/VkPx8z93ZZ9Xep1V7q1sI
dvR9xf8AVkPx8z93ZZ9Xep1V7q1sIdvR9xf9WQ/HzP3dln1d6nVXurWwh29H3F/1ZD8fM/d2
WfV3qdVe6tbCHb0fcX/VkPx8z93ZZ9Xep1V7q1sIdvR9xf8AVkPx8z93ZZ9Xep1V7q1sIdvR
9xf9WQ/HzP3dln1d6nVXurWwh29H3F/1ZD8fM/d2WfV3qdVe6tbCHb0fcX/VkPx8z93ZZ9Xe
p1V7q1sIdvR9xf8AVkPx8z93ZZ9Xep1V7q1sIdvR9xf9WQ/HzP3dln1d6nVXurWwh29H3F/1
ZD8fM/d2WfV3qdVe6tbCHb0fcX/VkPx8z93ZZ9Xep1V7q1sIdvR9xf8AVkPx8z93ZZ9Xep1V
7q1sIdvR9xf9WQ/HzP3dln1d6nVXurWwh29H3F/1ZD8fM/d2WfV3qdVe6tbCHb0fcX/VkPx8
z93ZZ9Xep1V7q1sIdvR9xf8AVkPx8z93ZZ9Xep1V7q1sIdvR9xf9WQ/HzP3dln1d6nVXurWw
h29H3F/1ZD8fM/d2WfV3qdVe6tbCHb0fcX/VkPx8z93ZZ9Xep1V7q1sIdvR9xf8AVkPx8z93
ZZ9Xep1V7q1sIdvR9xf9WQ/HzP3dln1d6nVXurWwh29H3F/1ZD8fM/d2WfV3qdVe6tbCHb0f
cX/VkPx8z93ZZ9Xep1V7q1sIdvR9xf8AVkPx8z93ZZ9Xep1V7q1sIdvR9xf9WQ/HzP3dln1d
6nVXurWwh29H3F/1ZD8fM/d2WfV3qdVe6tbCHb0fcX/VkPx8z93ZZ9Xep1V7q1sIdvR9xf8A
VkPx8z93ZZ9Xep1V7q1sIdvR9xf9WQ/HzP3dln1d6nVXurWwh29H3F/1ZD8fM/d2WfV3qdVe
6tbCHb0fcX/VkPx8z93ZZ9Xep1V7q1sIdvR9xf8AVkPx8z93ZZ9Xep1V7q1sIdvR9xf9WQ/H
zP3dln1d6nVXurWwh29H3F/1ZD8fM/d2WfV3qdVe6tbCHb0fcX/VkPx8z93ZZ9Xep1V7q1sI
dvR9xf8AVkeeyLhXE8vgha8rn3/ILc08MhuDNuskmxeESEXEQCFdUQiROvxrn4X5DxPCTz2I
24SpSqgq08Dpcd8N4Pj4K3xU7tyKdUpXJNVxVdWNG/5LtMMNxmGY7SbWmQRtsNVXQRTRE1Xr
4JXhyk5Nt6WfVQgoRUVoSodqobFAKAUAoBQCgFAKAUAoBQCgFAKAUAoBQCgFAKAUAoBQCgFA
KAUAoBQCgFAKAUAoBQCgFAKAUAoBQCgFAKAUAoBQHSlSo8KNIly324sSK2T0mQ6SA22AIpGZ
kXREFE1VVqpOTUYqrehGJzjCLlJ0Sxb8EeD495WwLlS3yrlg2QsXlmA8TE5lEJp9kkJUFXGX
EExE9NRLTQk8Frv8y5RxXLpqPEQcaqq8H+jWGGvwPP5ZzjhOZQcuHmpU0+K/YuTXnnpigFAK
AUAoBQCgFAKAUAoBQCgFAKAUAoBQCgFAKAUAoBQCgFAKAUAoBQCgFAKAUAoBQCgFAKAUBTbj
cINpgy7ncpTUC3QGTfmzXiQG2mm03EZEuiIiIlatW5XZqEE3JuiS1s4b96FmDuXGoxiqtvQk
iKzuB5zzLmlnI8e48YlQOKcbaCRk14QSbdntk4LQlI6psYVwkQG+hH/cSaJon7B8b+OWOVOF
zimnxE3SK/04Vw8ZU0vQtR+FfLfml7m0LtvgVJ8PbVZySpXFJVepVeC0vX9LMcC5zK4W5Atm
ZGy9Kxq5iVmyMUEwFYzhAZuNkKKJuR1RHNnio6omm5Fr3vknK1zXhJWU0px80f1x/hS0V/6H
yvw75LLlPGRvXIv8UvLJ40xp/lYP/uTeQZ8O6QYlyt8luZAnshIhS2l3A424KEBiqeKKi61+
A3IStycJKjTo19T+oLV2N2CnB1i1VNa0yoVk5RQCgFAKAUAoBQCgFAKAUAoBQCgFAKAUAoBQ
CgFAKAUAoBQCgFAKAUAoBQCgFAKAUAoBQCgFARzc6d5XCcfPB4UyW0O5Zx+8ZQOTcyhvmjFq
liYqyDIs/PIRhwdZBAX7fTRDJCFO1wXF3eDuxvWnScdD0/8AE6XMeXWOYWJWL8c0JaVVr/KL
u8n4XguN9reW2zABZdxgrczdLbcYj3q/WIUlp8X1kApechp4FqqbdPglfTci5pf43nVq9elW
TdPBJZWqJaj4r5NyPheX/Hb/AA/DxyxST8W3mTq3r/5Itb2j4xjnIHE/IGI5Pbm7paXL8hKB
/wBzRuxGkR1ktdW3B26oQ6LXu/NuMvcDzCzfsyyyyfzSTwfivofLf/NOXcPzLlHEcNxEM0HP
XqrFYrwappRY+5d6/HnalnVr4QstwuPLmEY/eZTXIGVh5aHjjbqIKQIDbKKk1yM9uckCm1AR
VAEVz5E+K51zTqd787tqEmkpUr5mteOjDA/Tfj3JHyjhv/X/ACyuQT8uZYxj/prrxx1foSu4
xk+P5lj9oyrFbxFv+O36K3Ns15hOI6xIYdTUTAx8f6p4ovReteOe8ehoDxvIGZ2rjvB8szm9
OI3a8Ttcq6S9V03JHbI0bHX/AFGqIIp+qpQGv493191jpuPryU1DWS4bqQwtFtUWUMlJGhUm
FVUbRduqrr01rNQSjdhvcNk3OeAZTB5Au7d4z/CburU+cLDMZZFunCr0J1WmBAE2qjjSqidd
iKvVaqBVe/bljkHhvhKBlnG1/THchfyq121y4LGYl6xZAvK635cgDD5tiddNaMET+Ld4nfPn
16TG8Dy+bl+QlHclDZLVYLU9JVhlRRx3arAptBSTVdfjVB3bn3x98vFWRN2nkGakC6MoEp3F
8uxhiGrzCroiiTAxnFAtNN7ZqmtAZeZd355JyF2c5nypxuY8cct4LkFjsuV21G2bizHWfLaF
H43qWyE2JLSlsUh3CqEK9R1UDBDGO9rvszq/RMWwfOJeWZNcAdcgWC14/aXpTwsArjqgCxxR
UAEUl6+CUBVcr7z/AHCuJrnCi8jXK4YnLuAE5At+UYlBYalA2qb/ACTBltHNNfm8tzVP6UBJ
v2N97z/c4uQ4Rm9hhY7ydikJu5G5a1c/jrrbzcRkpDDbxE4y404oo42pEnzCQloqoIGdGdZh
Z+PsLyvOsgeSNZMPtMy8XV5V00Yhsk8aJ/VUHRP60BrFzPcj7x5sqXPj8oMWmPcJDsiJaRsd
qMYrTpkbccSOOpF5YKg6qqqunWgJGO07u05q544H5FtVwvZXzmHBL8x6y8Q4bLDzthujLhw3
/IiMrtFuS0TLzjTRGLepCKkiLQEl3DE3Mp+DQZGapK/klcUYz05vypTjKAGpODtAlHzd6NEY
iZtIBmiES0BdqgFAKAUAoBQCgFAKAUAoBQCgFAKAUAoBQCgFAKAUAoCLvvA7uXY4XXibh+6/
81UOJm2dQHUX0viLkCA4Cr+94o66n/j6iP7mqhUiojG4+hcXsZZb3eXivQYLbkR6bZrDGR6X
cSEk2xCM3WfJaLqrhoqkqfKOiluTRGTG433udv4cW5rkVgxy+2XD+Ko9qtqY6VrjxkfK5q6x
AgwGG3yb6+QSKhbREU1VdNazRp1RJRTVHoKFx53x8BSeOeSuTYOD3fD3MNm2xc5xuHAiHPeS
6PpEhTAVh0GngU1USVSQh0XVPDXmvcRevKKuTcsuCq26fodfh+CscO5O1CMXLF0SVf1oRWd4
PIfbLzJfPyNxBasmw7kCe6KZfZ59qYjWq8CvT1m9mS55MsE03Eg6Op/d86IS8aqdkpvZ93j5
J2wZEliviSsi4Vv0rzMjxprV2RaH3V+e52sFXx+LzCdHE+YdHP7jVQbJ+KZXjmc47ZsuxC9R
Mixi/wAVuZZr3BcR1iQw4mokBJ/2VF6ouqKiKlYBGd7pfOltwPjjEeLAkuldeR563C6QY3Vx
bTaCBxUPVUQRdkk0PXx2kn61GCO7t44svHNvAndjyNAx9kbjgdkiMcdK9vfM7nAJLxO2abUU
jjNgx0/9ipUQPPe3r3ET8E7mcKi3mUw1ivKrK4ndCEEbEX5ao9bHSVV06SRRvX9HFogSs+6r
c27T2z2mW6yT7f8AndjbIAVEL5hk9U16VWCJ3s157wThfmqPyPlAXKfZ2MfuNscgWtgHpyPS
yYJtfJccaRQTyl1VC6VED3fe93VY13L3zCX8axeZjOO4C1PRu7XpWW5s124eUhIoNG4LbTaM
oqIpqqkvgmnXQKJiPGOWY72T8/8AJ98tki1WDkS/YXbsQGU2TRzWLZdN705sD0LyiN7Y2Wnz
bSVNR0VQLQds/L1n4D5uxLli/wBonX61Y0xcmpFqtqtDJcKdDcjAoK+QBoJHquq+HhQF/O9H
vgt3dNjeKYbjnH8rE7Bjt3/nJN2u77D05+SDDsdtlkI6mDTe14lNVNVJdqaIidQMnPan7f8A
ILddck7ib49EYsl4s543hVvYlMyJDyHIB+ZJktsmfp9qsgANuaOLqRKIjt3AXc92Pl7/ABPh
XH+JbZJ8u78u3REuzYloSWS0EEmTuTx0dfVlv+qKSUBF52sdtMjnHijuvyxIXqZuFYg3DwJx
RQl/ngL+VcJpV/1+RFFldPg8v60BQ/b65nHiPuc4+uEmV6bGOSR/w3JEItAEboQFAcPX/wBU
wG01+CEX60Btc0AoBQCgFAKAUAoBQCgFAKAUAoBQCgFAKAUAoBQCgFAKAhM9wD2/np53vnzt
+tDoXv8Acncj8bWxCD13ibtztbLemkjxJ5kf/N1Mf3dUclARJcK5RhX+a2qBzDleW2njq6f8
abkGPyGnJFrdMkQJbzEtiSjzAdUdARQxT5k127VJsE6OYdtfbrwt2vcwZddsxy7OeNsmt9jv
0q/2h23y5jZW+Qv8fOtaNhHjuLrM1JDLYQapWqgtN2m8WdsXPnHvM/F+BZFn8p+/fwEvMc1u
se3W+SkeJLORDhw2GTlA2IuskTm8dxa+PRNFQYh92PE3b7wvfl4+4xy3KM8z6A6K5bMmy4bl
qtAIiqsQ0YjNk7LPVFUULRpP7/mVBrSYOl2jdnWRdzuTLdLssrHuG8dlI3lOTt6tv3J5tUU7
ZbDVP718Hnk6NJ0TVxURNN0BsmYnieN4Jjlmw/DrLExzGMeihDs1kgto2xHZbTRBEU/7qq9V
XVVVVVVriBqpd9nMicz9zfJGRR5nn4vhr3+IYo5u3NejsxGMh4P6OyyePX4ppWWD3XGnD3uM
43hUGLxNYeRMYwHJG/5mHbbPcrfDiShuDYEskmXH0PV5vbruRF00TRK0DDTLMRzTjDLLjimT
2iXhOeYjKjuyLa/tGRBloLcyK6itEQr0JtwVElRUWsAmw74eXInOnt08R8pRVAZGUZNjTl7j
Aqf8e5sDJYns6fDZIbNE1+Gi1sGAXt7cWYBzJ3KxcJ5NxqPluLLil3uX8PJN5sPVRnIosuoT
BtmiijhafN8aygbDOM9nfbBiFwZuli4Rxhq4R1QmJUuKs8gIV1Qh9YTyIqfr41oFk/cwKNC7
R8q3KEaMze8dAURNBFEuTCCiIidE+FAQ1di9hwvkDun46xLLLRbctsFziXs5tguTAyYrysW1
51sjacFRJQIUJNfBaAzD90HgTh7ijCeNM747wK2YNcblkjlivf8ABxxisS47sJ+Q0jrDeje8
DY1E0RF0VUVVRegHjPaFy+Y3zLyzhsd55uyXrEo97kwVLRlZsGaEcX9idN6tyFFS8VRERfBK
iYMVPcD5rXl7ufzyVBli9i/HKJhmOOIqEG22kRXB4VToqOSzcTX/AGgP6UbBVeKeJfcTx/Db
fK4YsvIeN4LloN3+C1Y7jAhRpyTWW1CWTTr6Hq60If3Ii7dOlUGHuc4Rm3GuVXbDc4sszDs3
shsvz7XIUEkRXXwGVHeQmSIF1QhcFRJUrANtrtW5ja544B405LUxK63i1NxsoZFU/au8FViz
wVE8P3myJE/2qlbBkNQCgFAKAUAoBQCgFAKAUAoBQCgFAKAUAoBQCgFAKAUAoCJjum9vviWd
m917jYlivU/GrTEm5ByfwjisdFkZVOjijjIwiQh9N6g9fVoCKrg6kG01JSlARa3/AL7uUM74
55q4sy23W0+POU7SzCwfGLOy1Di4csN1hYkaAIgPmRUZYRtwC+bf+4OmpCsqC23BPcvmnbti
/L0Djkf4/MuU2LVAiZgWw/4eLBKQUh1hkxJDkOecgtkXyh1JUVdqUqCQzgThW1e4BbrVyxk9
vncaZFYLuNp5svVohI1aM5FlpS/kLW4hIkW4Eoi1NURIfm3D8+mm1IE5WK4rjuD45ZsRxGzR
bBjWPxW4dms8MEbYYZbTRBFE8VXxVV6kqqqqqqq1AdjIbbMvNgvdot92esU+6wJMOFfI4C49
DdfaJsJDYH8pE0pISIXTVOtARDRvZr4uB2N6zmjMLhFbdA5kRyJb09QCGhOARo3uTzE1RV11
661KAmKhxY0CJGgw2Rjw4TQMRY4JoLbbYoICKfoiIiJVBHn3Me3Nx93J8ovcqXDPb9hN4nWq
HbbtBtUeG8zJKErgtSCWQBEh+WaAui6aCNSgKSx7beLh29XHtzkcw5PMxSRmjGaW26ORIPqo
UltogdjtIgbFbdNfMXVNULX9Vqgq3bN7dWGds/KTfKdk5MyHLLg3Z5lnG1XONDaY8uaTREe5
gBLUfKTSpQEi9UFhO5Lge09yXFN34pveQzsYt93mQJrl4tzbTkhsoEkJICIvIoKhKGi6pQGJ
nb37auEdvnLeM8uWflLJMmuOMsz2Y9muEWE1HdSfFcikpky2JptRzcmnxSpQGTXdJ20Yr3T8
dw+P8ovdxxpLZeI18tF9taNG+xJjg40qK28JAYm28Yqip8dfhVBjDwN7b1r7eOQWuRMF52yx
LkVtm2i4wJMG3LHlxJjaogOoLaL+08jbwqiou4ETwVUqUBZsvZs40fMym84ZnNSS6TtwRyJb
tz6uHve3H5e7VxVXVddetKAmFtdsh2W2W6zW1gY1utMVmHAjimgtssAjbYIn6IIolUGAndB7
eOAdznJMbk2551fMIvKWaPZ7kxaWIjzUsYjjhsvOeoAlQxF1Q6fBEqUBeHtR7XoPapiOR4TZ
c+vGbWK+3b+ZisXdiO0sKQ40LUjyljiKKLuwCVFToqap4rVBlXQCgFAKAUAoBQCgFAKAUAoB
QCgFAKAUAoBQCgFAKAUAoBQEIfuCe32c877z7wHYt1yNXLhyZxtAb6zPE3rpa2QT/wA/iTzI
p+7/AHgnmaocaBgp2Vdl2R91OSDfbwsrHuE8fkoGTZQ0itvXR4NCK2WwlT+9U0R53waRdE1c
VESJA2gcTxPGsExqyYbh1li49jGORG4VkssJtG2I7DaaIIinxXxVV6kqqqqqqq1oHpqAp82Q
9FhyH2IbtweaBSbhsqAuOqn+kVcIRRV/qqVq3FSkk3ReL1fwcV6bhByjFya1KlX/ADRFsF5U
jhCt8t3F7nEW6SZMe3syXoDKuek3I+Sm5JQBQSHaiKWq/BNK9fozzyirkXlSbopP7tH9anzz
+RxyRm7M1mbSTcFXL92LlTSqaasrH+fNElykM45dJFptIyEn3sEY8gXorROOttoTqG5tIFb3
iKjv6a6da4OmvypzipSpSONaN0T0UXjR40O31pPNJWpuEa1lhlrFVaWNXR+WqVM2vWcJcm2R
yJbZFvh3C4v3hhpy2W9llBfcdcdNlYxC4Qo240TZ+YhqiBtLVelaXJ7qlJScUot1beFEk82G
lOqy001Rh/ILDjFwjKTmllSWLbbjlxapKLTzV+2jqVK0ZrEutzSyPWydaby2shJkCUAfs+nF
ktVcbMwIXBfFQUVVF666KmlcN/l8rUPyKSlHCjWutdTxwyutfodjhebQvXfwuEozxqmlhlyv
Sm001JUarr8CjflC1tx2brNs91t+OTReW15C6yCsSfJAnB2tgZOh5wgvlbwTf0ROqoi9hcnu
N5Iyi5qlY1xVcNNKOn9qPA6ncVpRV2cJxtOuWbSpKib0J5lmp5KpZv3RU4GbDIeZYuFhnWaR
ImR4LUeQcZ098ltx0FcFh5xW9EbXchaL1Txrhu8vcU3Gakkm8KrQ0sKpV06js2ebqTUZ25Qb
kopPK35k3jlk6aManNBzywzrLfr8KyGIGPPSG5qutKjhgwm4Xmmx1IweFUJtdPmRazc5bdhd
hbwcppUx8dTepr+3gW1znh7lm5exUbbdcMaLGqWlqSxj4nAznTDJwEyC0TcTG6SPIgO3Q4wN
kvpzkakYPGgKgtqiiXXdolaly5yr+KSuZVV5a+KXhjp/gxHnMYuKvwlazOiz5UvtctKbpopR
41Oi1ybaZt0g2u3Qn5qTS0Scj8RppB9W9DQw818SdRSYIk8tC6afFdK5ZcouQtuc2lTVSTf2
qWpYYSWmhww+Q2bl2Nu3FyrrrFL7pQqqyTljFvy1wprOebyHAgXaZb37TPWHBuDFqk3kPJVk
ZcloHGwRvzUeVF8wR3IGmv8ARFWs2+VTnbU1JVcXJRxrlTaeNKavE3e57btXpW3CWWMlBywp
mkk0qVza0q0/wdeNybZpUmUAw5TcC3Qxn3W4unHH0zJxBmbiY83zyHYYpuAFHcu1FXRas+U3
IxWKq3RLHF5summXTqbrTEzb+QWZydIvLGOaUnl8qyqf21zNUaVVFquB+m+R4zRxQu+O3iyF
cUZctSSW2S9Q29Iaj6/tOnsIFeAiE9CQV1TXRaPlUpVyTjKla0rhRN60q1yujWFQufRjRXbU
4ZqONUvMnJR1N0azJtOjoVaZnFohLPGQ1JGTbroNrdiI2iuE4bPqBcBNeoKzqev6CXxSuGHL
rk8tGqOOaurTlp+tcP3R2bvOLNvMpJ1jPJSmNWs1V9Mvmr4JnJiOXsZfCOfGgPQWEFpxnzX4
rxELwbxVUjPO7FRPFC0Wpx3AvhJZXKrx1NaP9yVf2N8r5nHj4OcYuKw0uL0qv9XKn70Pa10j
0xQCgFAKAUAoBQCgFAKAUAoBQCgFAKAUAoBQCgFAKAUB81RPjQDcP60BTLZa7VZIbdus9uiW
i3tG44EGEyDDIm84TrpI22giimZkRLp1VVVeq0BU9w/rQH3VP1oBQFtZvHcCVDtERie8wVkf
mvxjeZjS0JZxk46htyGjDopfKqIion/Va9O3zWcJSk4p5lFOjcftwWKdf1PCvcjtzhCMZNZH
JqqjL7226qSa/Q/SYGqNXKAOSXBuxXhJCzrKIR/L82W2oPK04rSm2BESubBXRCXpoPy1FzLG
MvxxzxpSWOiLwqq0b1V8PriXouE4K7JW51rHy0rJUlR0qk35sqwzaMMDhk8aWc7k/d4Fwn2u
5ujDNl6O4Cg1Kh7kSSLRgQ73QPy3UX5THTVN3zVqHNrigoSjGUcdNcVL+ta6E8Y60/pgZucg
su47sJSjPy4qmEoV81GqVknlnqktVcT63gL7M4Ly1lVw/wAgM3yn3Q2Yp+cD4Mt+X5JNKAAA
sDtQURf7tVVVWo+Zpx/G7ccmFFV4Uq61rVt1da/QR5JKM/yq9L8uNZUi61SVMtKJLKqU+ta1
OsfGMJ+HHss6/wBynYzAF0bXYTJoRj+YBgC+eLaOueQhr5W4vl6Ku5RSt9XlGTuRhFXHSssc
f2rRZqeamn6VMP49CUFZncm7Ua5YYeWqaXmpmeWvkq8MNNEfseNYzsqRcbhfJk27vCDY3UGo
sd1AbB0BUvJZFDNfN1UyReojpomqKfNpKKhGCUfCsmtKet4LDQvFlXIYym7k7knN0WakYuiT
WpYvzaX4KlDsweMcatsO626GU9u3Xq2NWufDOW66nlsIQtONm4pEBgJqiKK6eHTpWLnN79yU
Zyy5oyck6JadKdNKZuz8e4azCduGbLOCg1mbwVaNN4pqur+DttYUMh23u5HepOU/xT6vwW5z
MVG0/YcY+cG2RQiVHFVSXrqiaaJ0rEuYZVJWoKGZUdG/FPW8NGg5Y8pzuLv3HdyOqzKNNDji
ksdNa+J0I/G9ugXSNcrdMKKMctfSHEiPgg+qfloLROMqTKIUgh/bVOmnxTWuSfNZzg4TVa66
yX9VHGj832rScMOQ27V1XLcqU1ZYv+0p4VVY4ya8tMKazuSOPLC/encjUXBvZz1mpctrSuoh
xRhmwhK2q+UTY66KuqF1RUrjjzS7G3+L+mWlMafdmrp01/wck+R8PK87/wD5M2bNhX7cjjo+
1rV44opsrjG2XD+LjT7lJmWi0MtsQ4BtRxdEGmFYQElA0LyAqKpEKF1Vf9vy1zW+bzt5nGKU
pNturpi6/bXLX60/zicFz49au5Izm3CCSSpGuCy0zpZqa2q6fpgfJHHJzmmkueW3a4PwGmmb
HJMYwlGRp9l/eoiygumasAJEaLqOuiJqq1I81UH5LcUm25LHGqa8cEszolrE+RO6l+S9OTik
oPy+WjUq6KSbypNy1eFWVEsChyLol5ud1mT562163ySTymWnCe3gMlW2wREebacNoSTptJdU
VetcfUpRh+OEUo5lLW2qf1q39raUmvFHM+TQnd/LcnKUsji9CTrVZ6JfdGLcU/BvAqOJYo1i
cFYDM31rAgy20XpY8ckFkNib1jNt71VPFSri47jHxUszVHjrb0/7m6HY5Zy5cDDIpVWC+2Md
CpjlSr+rPZ10z0xQCgFAKAUAoBQCgFAKAUAoBQCgFAKAUAoBQCgFAKA6z3maLt8f6UBQ5BTt
V2CS/pQFEfO+Iv7QKv8A1RaA4m3MhVfnbVEoCpslc1/vEkoCsxlkrpvRUoCrhrp1oD9UAoBQ
CgFAKAUAoBQCgFAKAUAoBQCgFAKAUAoBQCgFAKAUAoBQCgFAKAUAoBQCgFAKA//Z
--------------070409000103030101070908--
--------------000908080408080501060102--