From 8c92bd6aea7fdcce68bdf135ae33eb7b11efd9f9 Mon Sep 17 00:00:00 2001
From: "kickler@blackhillsinfosec.com" <kickler@blackhillsinfosec.com>
Date: Tue, 15 Nov 2022 23:54:07 -0700
Subject: [PATCH] init 11152022

---
 .gitignore                                    |    5 +
 1-AD/1-AD-azuredeploy.json                    | 1097 +++++++++++++++++
 1-AD/DSC/ADCS.zip                             |  Bin 0 -> 1220 bytes
 1-AD/DSC/AddUsers1.zip                        |  Bin 0 -> 13623 bytes
 1-AD/DSC/Create-AD.zip                        |  Bin 0 -> 2775 bytes
 1-AD/DSC/Install-Sysmon.zip                   |  Bin 0 -> 1477 bytes
 1-AD/DSC/Join-Domain.zip                      |  Bin 0 -> 1075 bytes
 1-AD/DSC/badblood.zip                         |  Bin 0 -> 1253 bytes
 1-AD/DSC/fileshares.zip                       |  Bin 0 -> 1312 bytes
 1-AD/DSC/lab_dc.zip                           |  Bin 0 -> 1080 bytes
 1-AD/DSC/lab_svr.zip                          |  Bin 0 -> 1090 bytes
 1-AD/DSC/lab_ws.zip                           |  Bin 0 -> 1087 bytes
 1-AD/DSC/pivotlab.zip                         |  Bin 0 -> 2089 bytes
 1-AD/DSC/spns.zip                             |  Bin 0 -> 1851 bytes
 1-AD/DSC/src/ADCS.ps1                         |  105 ++
 1-AD/DSC/src/AddUsers1.ps1                    |  369 ++++++
 1-AD/DSC/src/Create-AD.ps1                    |  270 ++++
 1-AD/DSC/src/Install-Sysmon.ps1               |  107 ++
 1-AD/DSC/src/Join-Domain.ps1                  |   91 ++
 1-AD/DSC/src/badblood.ps1                     |   91 ++
 1-AD/DSC/src/fileshares.ps1                   |  114 ++
 1-AD/DSC/src/lab_dc.ps1                       |   94 ++
 1-AD/DSC/src/lab_svr.ps1                      |   94 ++
 1-AD/DSC/src/lab_ws.ps1                       |   94 ++
 1-AD/DSC/src/pivotlab.ps1                     |  136 ++
 1-AD/DSC/src/spns.ps1                         |  126 ++
 1-AD/resources/AS.jpg                         |  Bin 0 -> 28142 bytes
 1-AD/resources/asazlab.bgi                    |  Bin 0 -> 1568 bytes
 .../1-vmbootstrap/1-Set-Initial-Settings.ps1  |   36 +
 .../1-vmbootstrap/2-Install-DSC-Modules.ps1   |   25 +
 1-AD/scripts/1-vmbootstrap/3-Prepare-Box.ps1  |  212 ++++
 .../4-Enable-WinAuditCategories.ps1           |   70 ++
 .../5-Enable-PowerShell-Logging.ps1           |   21 +
 1-AD/scripts/1-vmbootstrap/6-Set-SACLs.ps1    |   85 ++
 .../scripts/1-vmbootstrap/7-Set-WallPaper.ps1 |   21 +
 .../1-vmbootstrap/8-disable-defender.ps1      |    9 +
 1-AD/scripts/1-vmbootstrap/Set-AuditRule.ps1  |  326 +++++
 1-AD/templates/AddADUsers.json                |   60 +
 1-AD/templates/acds.json                      |   60 +
 1-AD/templates/addspns.json                   |   60 +
 1-AD/templates/badblood.json                  |   60 +
 1-AD/templates/createADForest.json            |   64 +
 1-AD/templates/fileshares.json                |   60 +
 1-AD/templates/joinDomain.json                |   68 +
 1-AD/templates/lab_dc.json                    |   60 +
 1-AD/templates/lab_svr.json                   |   60 +
 1-AD/templates/lab_ws.json                    |   60 +
 1-AD/templates/pivotlab.json                  |   60 +
 1-AD/templates/sysmonInstall.json             |   44 +
 1-AD/templates/vnet-dns-server.json           |   55 +
 2-C2/2-C2-azuredeploy.json                    |  428 +++++++
 2-C2/artifacts/.gitkeep                       |    0
 2-C2/scripts/Install-C2s.sh                   |  123 ++
 CNAME                                         |    1 +
 LICENSE                                       |  674 ++++++++++
 README.md                                     |   40 +
 _config.yml                                   |   12 +
 azure-deploy.json                             |  245 ++++
 images/AS.png                                 |  Bin 0 -> 28142 bytes
 uidefinition.json                             |  116 ++
 60 files changed, 6008 insertions(+)
 create mode 100644 .gitignore
 create mode 100644 1-AD/1-AD-azuredeploy.json
 create mode 100644 1-AD/DSC/ADCS.zip
 create mode 100644 1-AD/DSC/AddUsers1.zip
 create mode 100644 1-AD/DSC/Create-AD.zip
 create mode 100644 1-AD/DSC/Install-Sysmon.zip
 create mode 100644 1-AD/DSC/Join-Domain.zip
 create mode 100644 1-AD/DSC/badblood.zip
 create mode 100644 1-AD/DSC/fileshares.zip
 create mode 100644 1-AD/DSC/lab_dc.zip
 create mode 100644 1-AD/DSC/lab_svr.zip
 create mode 100644 1-AD/DSC/lab_ws.zip
 create mode 100644 1-AD/DSC/pivotlab.zip
 create mode 100644 1-AD/DSC/spns.zip
 create mode 100644 1-AD/DSC/src/ADCS.ps1
 create mode 100644 1-AD/DSC/src/AddUsers1.ps1
 create mode 100644 1-AD/DSC/src/Create-AD.ps1
 create mode 100644 1-AD/DSC/src/Install-Sysmon.ps1
 create mode 100644 1-AD/DSC/src/Join-Domain.ps1
 create mode 100644 1-AD/DSC/src/badblood.ps1
 create mode 100644 1-AD/DSC/src/fileshares.ps1
 create mode 100644 1-AD/DSC/src/lab_dc.ps1
 create mode 100644 1-AD/DSC/src/lab_svr.ps1
 create mode 100644 1-AD/DSC/src/lab_ws.ps1
 create mode 100644 1-AD/DSC/src/pivotlab.ps1
 create mode 100644 1-AD/DSC/src/spns.ps1
 create mode 100644 1-AD/resources/AS.jpg
 create mode 100644 1-AD/resources/asazlab.bgi
 create mode 100644 1-AD/scripts/1-vmbootstrap/1-Set-Initial-Settings.ps1
 create mode 100644 1-AD/scripts/1-vmbootstrap/2-Install-DSC-Modules.ps1
 create mode 100644 1-AD/scripts/1-vmbootstrap/3-Prepare-Box.ps1
 create mode 100644 1-AD/scripts/1-vmbootstrap/4-Enable-WinAuditCategories.ps1
 create mode 100644 1-AD/scripts/1-vmbootstrap/5-Enable-PowerShell-Logging.ps1
 create mode 100644 1-AD/scripts/1-vmbootstrap/6-Set-SACLs.ps1
 create mode 100644 1-AD/scripts/1-vmbootstrap/7-Set-WallPaper.ps1
 create mode 100644 1-AD/scripts/1-vmbootstrap/8-disable-defender.ps1
 create mode 100644 1-AD/scripts/1-vmbootstrap/Set-AuditRule.ps1
 create mode 100644 1-AD/templates/AddADUsers.json
 create mode 100644 1-AD/templates/acds.json
 create mode 100644 1-AD/templates/addspns.json
 create mode 100644 1-AD/templates/badblood.json
 create mode 100644 1-AD/templates/createADForest.json
 create mode 100644 1-AD/templates/fileshares.json
 create mode 100644 1-AD/templates/joinDomain.json
 create mode 100644 1-AD/templates/lab_dc.json
 create mode 100644 1-AD/templates/lab_svr.json
 create mode 100644 1-AD/templates/lab_ws.json
 create mode 100644 1-AD/templates/pivotlab.json
 create mode 100644 1-AD/templates/sysmonInstall.json
 create mode 100644 1-AD/templates/vnet-dns-server.json
 create mode 100644 2-C2/2-C2-azuredeploy.json
 create mode 100644 2-C2/artifacts/.gitkeep
 create mode 100644 2-C2/scripts/Install-C2s.sh
 create mode 100644 CNAME
 create mode 100644 LICENSE
 create mode 100644 README.md
 create mode 100644 _config.yml
 create mode 100644 azure-deploy.json
 create mode 100644 images/AS.png
 create mode 100644 uidefinition.json

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..e915029
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,5 @@
+################################################################################
+# This .gitignore file was automatically created by Microsoft(R) Visual Studio.
+################################################################################
+
+/.vs
diff --git a/1-AD/1-AD-azuredeploy.json b/1-AD/1-AD-azuredeploy.json
new file mode 100644
index 0000000..50262fc
--- /dev/null
+++ b/1-AD/1-AD-azuredeploy.json
@@ -0,0 +1,1097 @@
+{
+  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
+  "contentVersion": "1.0.0.0",
+  "parameters": {
+    "utcValue": {
+      "type": "string",
+      "metadata": {
+        "description": "Returns the current (UTC) datetime value in the specified format. If no format is provided, the ISO 8601 (yyyyMMddTHHmmssZ) format is used"
+      },
+      "defaultValue": "[utcNow()]"
+    },
+    "adminUsername": {
+      "type": "string",
+      "metadata": {
+        "description": "Username for the Virtual Machine."
+      }
+    },
+    "adminPassword": {
+      "type": "securestring",
+      "minLength": 12,
+      "metadata": {
+        "description": "Password for the all Virtual machines. The password must be at least 8 characters in length and must contain at least one digit, one non-alphanumeric character, and one upper or lower case letter"
+      }
+    },
+    "domainUsers": {
+      "type": "secureObject",
+      "metadata": {
+        "description": "Domain users to create after domain is set up."
+      },
+      "defaultValue": {
+        "array": [
+          {
+            "FirstName": "Bridget",
+            "LastName": "Horrarah",
+            "SamAccountName": "bhorrarah",
+            "Department": "Human Resources",
+            "JobTitle": "HR Director",
+            "Password": "Jingle4Days!!",
+            "Identity": "Users",
+            "UserContainer": "DomainUsers"
+          },
+          {
+            "FirstName": "Sandy",
+            "LastName": "Silver",
+            "SamAccountName": "ssilver",
+            "Department": "IT Support",
+            "JobTitle": "CIO",
+            "Password": "RedFindings1Again!",
+            "Identity": "Domain Admins",
+            "UserContainer": "DomainUsers"
+          },
+          {
+            "FirstName": "Christopher",
+            "LastName": "Liken",
+            "SamAccountName": "cliken",
+            "Department": "Accounting",
+            "JobTitle": "VP",
+            "Password": "Broncos40!",
+            "Identity": "Users",
+            "UserContainer": "DomainUsers"
+          },
+          {
+            "FirstName": "Betty",
+            "LastName": "Cleaver",
+            "SamAccountName": "bcleaver",
+            "Department": "Sales",
+            "JobTitle": "Sales Engineer",
+            "Password": "LeastFavoriteMonday1!",
+            "Identity": "Users",
+            "UserContainer": "DomainUsers"
+          },
+          {
+            "FirstName": "Sysmon",
+            "LastName": "MS",
+            "SamAccountName": "sysmonsvc",
+            "Department": "IT Support",
+            "JobTitle": "Service Account",
+            "Password": "WinterTime2022!",
+            "Identity": "Users",
+            "UserContainer": "DomainUsers"
+          },
+          {
+            "FirstName": "Nxlog",
+            "LastName": "Shipper",
+            "SamAccountName": "nxlogsvc",
+            "Department": "IT Support",
+            "JobTitle": "Service Account",
+            "Password": "S3nData!1122",
+            "Identity": "Users",
+            "UserContainer": "DomainUsers"
+          }
+        ]
+      }
+    },
+    "remoteAccessMode": {
+      "type": "string",
+      "metadata": {
+        "description": "Allowing access from all Public IPs"
+      },
+      "defaultValue": "AllowPublicIP",
+      "allowedValues": [
+        "AllowPublicIP"
+      ]
+    },
+    "allowedIPAddresses": {
+      "type": "string",
+      "metadata": {
+        "description": "The sourceAddressPrefixes allowed to connect to this deployment"
+      },
+      "defaultValue": "*"
+    },
+    "domainFQDN": {
+      "type": "string",
+      "metadata": {
+        "description": "The FQDN of the Active Directory Domain to be created"
+      },
+      "defaultValue": "blacksmith.local"
+    },
+    "numberOfWorkstations": {
+      "type": "int",
+      "minValue": 1,
+      "maxValue": 100,
+      "metadata": {
+        "description": "Number of VMs to deploy"
+      },
+      "defaultValue": 1
+    },
+    "vmNamePrefix": {
+      "type": "string",
+      "metadata": {
+        "description": "Prefix for the name of your virtual machine. Template will add a number starting from 5."
+      },
+      "defaultValue": "WORKSTATION"
+    },
+    "windowsDesktopSKU": {
+      "type": "string",
+      "defaultValue": "19h2-pro",
+      "metadata": {
+        "description": "The Windows version for the Desktop VM. This will pick a fully patched image of this given Windows version."
+      }
+    },
+    "windowsDesktopVersion": {
+      "type": "string",
+      "defaultValue": "latest"
+    },
+    "windowsServerSKU": {
+      "type": "string",
+      "defaultValue": "2019-Datacenter",
+      "metadata": {
+        "description": "The Windows version for the Server VM. This will pick a fully patched image of this given Windows version."
+      }
+    },
+    "windowsServerVersion": {
+      "type": "string",
+      "defaultValue": "17763.3125.2112070401"
+    },
+    "vmSize": {
+      "type": "string",
+      "defaultValue": "Standard_B2s",
+      "allowedValues": [
+        "Standard_A2",
+        "Standard_A3",
+        "Standard_B2s",
+        "Standard_B2ms",
+        "Standard_A2_v2",
+        "Standard_A4_v2",
+        "Standard_DS2",
+        "Standard_DS11"
+      ],
+      "metadata": {
+        "description": "Size of the virtual machine. Reference: https://docs.microsoft.com/en-us/azure/virtual-machines/sizes-general"
+      }
+    },
+    "identityType": {
+      "type": "string",
+      "metadata": {
+        "description": "The type of identity used for the virtual machine. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user assigned identities. The type 'None' will remove any identities from the virtual machine. - SystemAssigned, UserAssigned, None. Reference: https://docs.microsoft.com/en-us/azure/templates/microsoft.compute/virtualmachines?tabs=json#virtualmachineidentity-object"
+      },
+      "defaultValue": "None",
+      "allowedValues": [
+        "SystemAssigned",
+        "SystemAssigned",
+        "UserAssigned",
+        "None"
+      ]
+    },
+    "userAssignedIdentities": {
+      "type": "object",
+      "metadata": {
+        "description": "The list of user identities associated with the Virtual Machine. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}"
+      },
+      "defaultValue": {}
+    },
+    "virtualNetworkName": {
+      "type": "string",
+      "metadata": {
+        "description": "Name of the Virtual Network"
+      },
+      "defaultValue": "vnet-win"
+    },
+    "virtualNetworkAddressRange": {
+      "type": "string",
+      "metadata": {
+        "description": "Address Range of the virtual network"
+      },
+      "defaultValue": "192.168.0.0/16"
+    },
+    "subnetRange": {
+      "type": "string",
+      "metadata": {
+        "description": "Address Range of the subnet"
+      },
+      "defaultValue": "192.168.2.0/24"
+    },
+    "subnetName": {
+      "type": "string",
+      "metadata": {
+        "description": "Name of the subnet"
+      },
+      "defaultValue": "snet-win"
+    },
+    "enableSysmon": {
+      "type": "bool",
+      "defaultValue": false,
+      "metadata": {
+        "description": "Do you want to install Sysmon on the endpoint?"
+      }
+    },
+    "location": {
+      "type": "string",
+      "defaultValue": "[resourceGroup().location]",
+      "metadata": {
+        "description": "Location for all resources."
+      }
+    }
+  },
+  "variables": {
+    "storageAccountName": "[concat('stowin',uniquestring(resourceGroup().id, parameters('utcValue')))]",
+
+    // Virtual Network Setup
+    "virtualNetworkName": "[parameters('virtualNetworkName')]",
+    "virtualNetworkAddressRange": "[parameters('virtualNetworkAddressRange')]",
+    "subnetName": "[parameters('subnetName')]",
+    "subnetRange": "[parameters('subnetRange')]",
+    "vmPrivateIPPrefixArray": "[take(split(variables('subnetRange'),'.'),3)]",
+    "vmPrivateIPAddresPrefix": "[format('{0}.{1}.{2}.',variables('vmPrivateIPPrefixArray')[0], variables('vmPrivateIPPrefixArray')[1], variables('vmPrivateIPPrefixArray')[2])]",
+    "subnetRef": "[resourceId('Microsoft.Network/virtualNetworks/subnets', variables('virtualNetworkName'), variables('subnetName'))]",
+    "nsg-default-name": "nsg-rdp-allow",
+    "nsg-id": {
+      "id": "[resourceId('Microsoft.Network/networkSecurityGroups', variables('nsg-default-name'))]"
+    },
+    "networkSecurityGroup": "[if(equals(parameters('remoteAccessMode'), 'AllowPublicIP'), variables('nsg-id'), json('null'))]",
+    "subnets": [
+      {
+        "name": "[variables('subnetName')]",
+        "properties": {
+          "addressPrefix": "[variables('subnetRange')]",
+          "networkSecurityGroup": "[variables('networkSecurityGroup')]"
+        }
+      }
+    ],
+
+    "allSubnets": "[variables('subnets')]",
+
+    // Nested Templates
+    "updateDNSServerScript": "https://github.com/AntiSyphon/asazlab/raw/main/1-AD/templates/vnet-dns-server.json",
+    "sysmonInstallTemplateUri": "https://github.com/AntiSyphon/asazlab/raw/main/1-AD/templates/sysmonInstall.json",
+    "createADTemplateUri": "https://github.com/AntiSyphon/asazlab/raw/main/1-AD/templates/createADForest.json",
+    "AddADUsersuri": "https://github.com/AntiSyphon/asazlab/raw/main/1-AD/templates/AddADUsers.json",
+    "joinDomainTemplateUri": "https://github.com/AntiSyphon/asazlab/raw/main/1-AD/templates/joinDomain.json",
+    "badbloodTemplateUri": "https://github.com/AntiSyphon/asazlab/raw/main/1-AD/templates/badblood.json",
+    "SPNTemplateUri": "https://github.com/AntiSyphon/asazlab/raw/main/1-AD/templates/addspns.json",
+    "FileSharesTemplateUri": "https://github.com/AntiSyphon/asazlab/raw/main/1-AD/templates/fileshares.json",
+    "ACDSTemplateUri": "https://github.com/AntiSyphon/asazlab/raw/main/1-AD/templates/acds.json",
+    "PivotLab1TemplateUri": "https://github.com/AntiSyphon/asazlab/raw/main/1-AD/templates/pivotlab.json",
+    "Lab_DC_CradleURI": "https://github.com/AntiSyphon/asazlab/raw/main/1-AD/templates/lab_dc.json",
+    "Lab_SVR_CradleURI": "https://github.com/AntiSyphon/asazlab/raw/main/1-AD/templates/lab_svr.json",
+    "Lab_WS_CradleURI": "https://github.com/AntiSyphon/asazlab/raw/main/1-AD/templates/lab_ws.json",
+
+    // Custom Scripts
+    "initialSettingsScript": "https://github.com/AntiSyphon/asazlab/raw/main/1-AD/scripts/1-vmbootstrap/1-Set-Initial-Settings.ps1",
+    "dscModules": "https://github.com/AntiSyphon/asazlab/raw/main/1-AD/scripts/1-vmbootstrap/2-Install-DSC-Modules.ps1",
+    "prepareBoxScript": "https://github.com/AntiSyphon/asazlab/raw/main/1-AD/scripts/1-vmbootstrap/3-Prepare-Box.ps1",
+    "setSecurityAuditingScript": "https://github.com/AntiSyphon/asazlab/raw/main/1-AD/scripts/1-vmbootstrap/4-Enable-WinAuditCategories.ps1",
+    "setPowerShellLogging": "https://github.com/AntiSyphon/asazlab/raw/main/1-AD/scripts/1-vmbootstrap/5-Enable-PowerShell-Logging.ps1",
+    "saclModule": "https://github.com/AntiSyphon/asazlab/raw/main/1-AD/scripts/1-vmbootstrap/Set-AuditRule.ps1",
+    "setSACLScript": "https://github.com/AntiSyphon/asazlab/raw/main/1-AD/scripts/1-vmbootstrap/6-Set-SACLs.ps1",
+    "setWallPaperScript": "https://github.com/AntiSyphon/asazlab/raw/main/1-AD/scripts/1-vmbootstrap/7-Set-WallPaper.ps1",
+    "DisableDefender": "https://github.com/AntiSyphon/asazlab/raw/main/1-AD/scripts/1-vmbootstrap/8-disable-defender.ps1",
+
+    // Powershell DSC Scripts
+    "createADForestScript": "https://github.com/AntiSyphon/asazlab/raw/main/1-AD/DSC/Create-AD.zip",
+    "AddUsersScript": "https://github.com/AntiSyphon/asazlab/raw/main/1-AD/DSC/AddUsers1.zip",
+    "joinDomainScript": "https://github.com/AntiSyphon/asazlab/raw/main/1-AD/DSC/Join-Domain.zip",
+    "installSysmonScript": "https://github.com/AntiSyphon/asazlab/raw/main/1-AD/DSC/Install-Sysmon.zip",
+    "badbloodScript": "https://github.com/AntiSyphon/asazlab/raw/main/1-AD/DSC/badblood.zip",
+    "spnsScript": "https://github.com/AntiSyphon/asazlab/raw/main/1-AD/DSC/spns.zip",
+    "filesharesScript": "https://github.com/AntiSyphon/asazlab/raw/main/1-AD/DSC/fileshares.zip",
+    "acdsScript": "https://github.com/AntiSyphon/asazlab/raw/main/1-AD/DSC/ADCS.zip",
+    "pivotlabScript": "https://github.com/AntiSyphon/asazlab/raw/main/1-AD/DSC/pivotlab.zip",
+    "LAB_DC_CradleScript": "https://github.com/AntiSyphon/asazlab/raw/main/1-AD/DSC/lab_dc.zip",
+    "LAB_SVR_CradleScript": "https://github.com/AntiSyphon/asazlab/raw/main/1-AD/DSC/lab_svr.zip",
+    "LAB_WS_CradleScript": "https://github.com/AntiSyphon/asazlab/raw/main/1-AD/DSC/lab_ws.zip",
+
+
+
+
+    // Initial Setup Scripts
+    "initialSetUpScripts": [
+      "[variables('initialSettingsScript')]",
+      "[variables('dscModules')]",
+      "[variables('prepareBoxScript')]",
+      "[variables('setSecurityAuditingScript')]",
+      "[variables('setPowerShellLogging')]",
+      "[variables('saclModule')]",
+      "[variables('setSACLScript')]",
+      "[variables('setWallPaperScript')]",
+      "[variables('DisableDefender')]"
+    ],
+
+    // Virtual Machine Properties
+    "copy": [
+      {
+        "name": "allWinWKS",
+        "count": "[parameters('numberOfWorkstations')]",
+        "input": {
+          "tag": "workstation",
+          "vmName": "[concat(parameters('vmNamePrefix'),copyIndex('allWinWKS',5))]",
+          "os": "windows",
+          "subnetref": "[variables('subnetRef')]",
+          "ipAddress": "[concat(variables('vmPrivateIPAddresPrefix'),copyIndex('allWinWKS',100))]",
+          "vmSize": "[parameters('vmSize')]",
+          "publisher": "MicrosoftWindowsDesktop",
+          "offer": "Windows-10",
+          "sku": "win10-21h2-pro",
+          "version": "latest",
+          "extensionName": "SetupWinVM"
+        }
+      }
+    ],
+    "domainController": [
+      {
+        "tag": "domainController",
+        "vmName": "DC01",
+        "os": "windows",
+        "subnetref": "[variables('subnetRef')]",
+        "ipAddress": "[concat(variables('vmPrivateIPAddresPrefix'),'4')]",
+        "vmSize": "[parameters('vmSize')]",
+        "publisher": "MicrosoftWindowsServer",
+        "offer": "WindowsServer",
+        "sku": "2019-Datacenter",
+        "version": "17763.3125.2112070401",
+        "extensionName": "SetUpDC"
+      }
+    ],
+    "MemberServer": [
+      {
+        "tag": "memberserver",
+        "vmName": "SRV01",
+        "os": "windows",
+        "subnetref": "[variables('subnetRef')]",
+        "ipAddress": "[concat(variables('vmPrivateIPAddresPrefix'),'10')]",
+        "vmSize": "[parameters('vmSize')]",
+        "publisher": "MicrosoftWindowsServer",
+        "offer": "WindowsServer",
+        "sku": "2019-Datacenter",
+        "version": "17763.3125.2112070401",
+        "extensionName": "SetupSrvVM"
+      }
+    ],
+
+    // Additional Variables
+    "allEndpoints": "[concat(variables('allWinWKS'), variables('domainController'), variables('MemberServer'))]",
+    "domainNameArray": "[split(parameters('domainFQDN'),'.')]",
+    "ouPath": "[concat('OU=Workstations; DC=', variables('domainNameArray')[0], '; DC=', variables('domainNameArray')[1])]",
+
+    // Managed Identity
+    "identityType": { "type": "[parameters('identityType')]" },
+    "userAssignedIdentities": { "userAssignedIdentities": "[parameters('userAssignedIdentities')]" },
+    "identity": "[if(empty(parameters('userAssignedIdentities')), variables('identityType'), union(variables('identityType'), variables('userAssignedIdentities')))]"
+  },
+  "resources": [
+    {
+      "type": "Microsoft.Storage/storageAccounts",
+      "apiVersion": "2018-11-01",
+      "name": "[variables('storageAccountName')]",
+      "location": "[parameters('location')]",
+      "sku": {
+        "name": "Standard_LRS"
+      },
+      "kind": "Storage",
+      "properties": {}
+    },
+    {
+      "comments": "Default Network Security Group for Windows endpoints",
+      "type": "Microsoft.Network/networkSecurityGroups",
+      "apiVersion": "2019-08-01",
+      "name": "[variables('nsg-default-name')]",
+      "location": "[parameters('location')]",
+      "properties": {
+        "securityRules": [
+          {
+            "name": "default-allow-3389",
+            "properties": {
+              "priority": 100,
+              "access": "Allow",
+              "direction": "Inbound",
+              "destinationPortRange": "3389",
+              "protocol": "Tcp",
+              "sourcePortRange": "*",
+              "sourceAddressPrefix": "[parameters('allowedIPAddresses')]",
+              "destinationAddressPrefix": "*"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "type": "Microsoft.Network/virtualNetworks",
+      "apiVersion": "2019-02-01",
+      "name": "[variables('virtualNetworkName')]",
+      "location": "[parameters('location')]",
+      "dependsOn": [
+        "[resourceId('Microsoft.Network/networkSecurityGroups', variables('nsg-default-name'))]"
+      ],
+      "properties": {
+        "addressSpace": {
+          "addressPrefixes": [
+            "[variables('virtualNetworkAddressRange')]"
+          ]
+        },
+        "subnets": "[variables('allSubnets')]"
+      }
+    },
+    {
+      "type": "Microsoft.Network/publicIPAddresses",
+      "apiVersion": "2018-11-01",
+      "name": "[concat('pip-', variables('allEndpoints')[copyIndex('vmPublicIpCopy')].vmName)]",
+      "location": "[parameters('location')]",
+      "copy": {
+        "name": "vmPublicIpCopy",
+        "count": "[length(variables('allEndpoints'))]"
+      },
+      "properties": {
+        "publicIPAllocationMethod": "Static",
+        "dnsSettings": {
+          "domainNameLabel": "[toLower(concat(variables('allEndpoints')[copyIndex('vmPublicIpCopy')].vmName, '-', uniquestring(resourceGroup().id, parameters('utcValue'))))]"
+        }
+      }
+    },
+    {
+      "type": "Microsoft.Network/networkInterfaces",
+      "apiVersion": "2019-11-01",
+      "name": "[concat('nic-', variables('allEndpoints')[copyIndex('vmNetworkInterfaceCopy')].vmName)]",
+      "location": "[parameters('location')]",
+      "dependsOn": [
+        "[resourceId('Microsoft.Network/publicIPAddresses/', concat('pip-', variables('allEndpoints')[copyIndex('vmNetworkInterfaceCopy')].vmName))]",
+        "[resourceId('Microsoft.Network/virtualNetworks/', variables('virtualNetworkName'))]"
+      ],
+      "copy": {
+        "name": "vmNetworkInterfaceCopy",
+        "count": "[length(variables('allEndpoints'))]"
+      },
+      "properties": {
+        "ipConfigurations": [
+          {
+            "name": "ipconfig1",
+            "properties": {
+              "privateIPAllocationMethod": "Static",
+              "privateIPAddress": "[variables('allEndpoints')[copyIndex('vmNetworkInterfaceCopy')].ipAddress]",
+              "publicIPAddress": "[if(equals(parameters('remoteAccessMode'),'AllowPublicIP'), json(concat('{\"id\":', '\"', resourceId('Microsoft.Network/publicIPAddresses/', concat('pip-', variables('allEndpoints')[copyIndex('vmNetworkInterfaceCopy')].vmName)),'\"}')),json('null'))]",
+              "subnet": {
+                "id": "[variables('allEndpoints')[copyIndex('vmNetworkInterfaceCopy')].subnetref]"
+              }
+            }
+          }
+        ]
+      }
+    },
+    {
+      "type": "Microsoft.Compute/virtualMachines",
+      "apiVersion": "2018-10-01",
+      "name": "[variables('allEndpoints')[copyIndex('vmVMCopy')].vmName]",
+      "location": "[parameters('location')]",
+      "identity": "[variables('identity')]",
+      "dependsOn": [
+        "[resourceId('Microsoft.Storage/storageAccounts/', variables('storageAccountName'))]",
+        "[resourceId('Microsoft.Network/networkInterfaces/', concat('nic-', variables('allEndpoints')[copyIndex('vmVMCopy')].vmName))]"
+      ],
+      "copy": {
+        "name": "vmVMCopy",
+        "count": "[length(variables('allEndpoints'))]"
+      },
+      "properties": {
+        "hardwareProfile": {
+          "vmSize": "[variables('allEndpoints')[copyIndex('vmVMCopy')].vmSize]"
+        },
+        "osProfile": {
+          "computerName": "[variables('allEndpoints')[copyIndex('vmVMCopy')].vmName]",
+          "adminUsername": "[parameters('adminUsername')]",
+          "adminPassword": "[parameters('adminPassword')]"
+        },
+        "storageProfile": {
+          "imageReference": {
+            "publisher": "[variables('allEndpoints')[copyIndex('vmVMCopy')].publisher]",
+            "offer": "[variables('allEndpoints')[copyIndex('vmVMCopy')].offer]",
+            "sku": "[variables('allEndpoints')[copyIndex('vmVMCopy')].sku]",
+            "version": "[variables('allEndpoints')[copyIndex('vmVMCopy')].version]"
+          },
+          "osDisk": {
+            "createOption": "FromImage"
+          },
+          "dataDisks": []
+        },
+        "networkProfile": {
+          "networkInterfaces": [
+            {
+              "id": "[resourceId('Microsoft.Network/networkInterfaces', concat('nic-', variables('allEndpoints')[copyIndex('vmVMCopy')].vmName))]"
+            }
+          ]
+        },
+        "diagnosticsProfile": {
+          "bootDiagnostics": {
+            "enabled": true,
+            "storageUri": "[reference(resourceId('Microsoft.Storage/storageAccounts/', variables('storageAccountName'))).primaryEndpoints.blob]"
+          }
+        }
+      }
+    },
+    {
+      "name": "[concat(variables('allWinWKS')[copyIndex('InitialSetUpWKSCopy')].vmName, '/', variables('allWinWKS')[copyIndex('InitialSetUpWKSCopy')].extensionName)]",
+      "type": "Microsoft.Compute/virtualMachines/extensions",
+      "apiVersion": "2019-12-01",
+      "location": "[parameters('location')]",
+      "dependsOn": [
+        "[concat('Microsoft.Compute/virtualMachines/', variables('allWinWKS')[copyIndex('InitialSetUpWKSCopy')].vmName)]"
+      ],
+      "copy": {
+        "name": "InitialSetUpWKSCopy",
+        "count": "[length(variables('allWinWKS'))]"
+      },
+      "properties": {
+        "publisher": "Microsoft.Compute",
+        "type": "CustomScriptExtension",
+        "typeHandlerVersion": "1.8",
+        "autoUpgradeMinorVersion": true,
+        "settings": {
+          "fileUris": "[variables('initialSetUpScripts')]",
+          "commandToExecute": "[concat('powershell -ExecutionPolicy Unrestricted -File ./1-Set-Initial-Settings.ps1',' ','-SetupType Endpoint')]"
+        },
+        "protectedSettings": {}
+      }
+    },
+    {
+      "name": "[concat(variables('domainController')[0].vmName, '/', variables('domainController')[0].extensionName)]",
+      "type": "Microsoft.Compute/virtualMachines/extensions",
+      "apiVersion": "2019-12-01",
+      "location": "[parameters('location')]",
+      "dependsOn": [
+        "[resourceId('Microsoft.Compute/virtualMachines/', variables('domainController')[0].vmName)]"
+      ],
+      "properties": {
+        "publisher": "Microsoft.Compute",
+        "type": "CustomScriptExtension",
+        "typeHandlerVersion": "1.8",
+        "autoUpgradeMinorVersion": true,
+        "settings": {
+          "fileUris": "[variables('initialSetUpScripts')]",
+          "commandToExecute": "[concat('powershell -ExecutionPolicy Unrestricted -File ./1-Set-Initial-Settings.ps1',' ','-SetupType DC')]"
+        },
+        "protectedSettings": {}
+      }
+    },
+    {
+      "name": "[concat(variables('MemberServer')[0].vmName, '/', variables('MemberServer')[0].extensionName)]",
+      "type": "Microsoft.Compute/virtualMachines/extensions",
+      "apiVersion": "2019-12-01",
+      "location": "[parameters('location')]",
+      "dependsOn": [
+        "[resourceId('Microsoft.Compute/virtualMachines/', variables('MemberServer')[0].vmName)]"
+      ],
+      "properties": {
+        "publisher": "Microsoft.Compute",
+        "type": "CustomScriptExtension",
+        "typeHandlerVersion": "1.8",
+        "autoUpgradeMinorVersion": true,
+        "settings": {
+          "fileUris": "[variables('initialSetUpScripts')]",
+          "commandToExecute": "[concat('powershell -ExecutionPolicy Unrestricted -File ./1-Set-Initial-Settings.ps1',' ','-SetupType Endpoint')]"
+        },
+        "protectedSettings": {}
+      }
+    },
+    {
+      "name": "DC1-CreateADForest",
+      "type": "Microsoft.Resources/deployments",
+      "apiVersion": "2019-10-01",
+      "dependsOn": [
+        "[resourceId('Microsoft.Compute/virtualMachines/extensions', variables('domainController')[0].vmName, variables('domainController')[0].extensionName)]"
+      ],
+      "properties": {
+        "mode": "Incremental",
+        "templateLink": {
+          "uri": "[variables('createADTemplateUri')]",
+          "contentVersion": "1.0.0.0"
+        },
+        "parameters": {
+          "vmName": {
+            "value": "[variables('domainController')[0].vmName]"
+          },
+          "createADForestScript": {
+            "value": "[variables('createADForestScript')]"
+          },
+          "domainFQDN": {
+            "value": "[parameters('domainFQDN')]"
+          },
+          "adminUsername": {
+            "value": "[parameters('adminUsername')]"
+          },
+          "adminPassword": {
+            "value": "[parameters('adminPassword')]"
+          },
+          "domainUsers": {
+            "value": "[parameters('domainUsers')]"
+          },
+          "location": {
+            "value": "[parameters('location')]"
+          }
+        }
+      }
+    },
+    {
+      "name": "DC1-AddADUsers",
+      "type": "Microsoft.Resources/deployments",
+      "apiVersion": "2019-10-01",
+      "dependsOn": [
+        "AZ-UpdateVNetDNS"
+      ],
+      "properties": {
+        "mode": "Incremental",
+        "templateLink": {
+          "uri": "[variables('AddADUsersuri')]",
+          "contentVersion": "1.0.0.0"
+        },
+        "parameters": {
+          "vmName": {
+            "value": "[variables('domainController')[0].vmName]"
+          },
+          "AddUsersScript": {
+            "value": "[variables('AddUsersScript')]"
+          },
+          "domainFQDN": {
+            "value": "[parameters('domainFQDN')]"
+          },
+          "adminUsername": {
+            "value": "[parameters('adminUsername')]"
+          },
+          "adminPassword": {
+            "value": "[parameters('adminPassword')]"
+          },
+          "location": {
+            "value": "[parameters('location')]"
+          }
+        }
+      }
+    },
+    {
+      "name": "DC1-Badblood",
+      "type": "Microsoft.Resources/deployments",
+      "apiVersion": "2019-10-01",
+      "dependsOn": [
+        "DC1-PivotLab1"
+      ],
+      "properties": {
+        "mode": "Incremental",
+        "templateLink": {
+          "uri": "[variables('badbloodTemplateUri')]",
+          "contentVersion": "1.0.0.0"
+        },
+        "parameters": {
+          "vmName": {
+            "value": "[variables('domainController')[0].vmName]"
+          },
+          "badbloodScript": {
+            "value": "[variables('badbloodScript')]"
+          },
+          "domainFQDN": {
+            "value": "[parameters('domainFQDN')]"
+          },
+          "adminUsername": {
+            "value": "[parameters('adminUsername')]"
+          },
+          "adminPassword": {
+            "value": "[parameters('adminPassword')]"
+          },
+          "location": {
+            "value": "[parameters('location')]"
+          }
+        }
+      }
+    },
+    {
+      "name": "DC1-AddSPNs",
+      "type": "Microsoft.Resources/deployments",
+      "apiVersion": "2019-10-01",
+      "dependsOn": [
+        "DC1-AddADUsers"
+      ],
+      "properties": {
+        "mode": "Incremental",
+        "templateLink": {
+          "uri": "[variables('SPNTemplateUri')]",
+          "contentVersion": "1.0.0.0"
+        },
+        "parameters": {
+          "vmName": {
+            "value": "[variables('domainController')[0].vmName]"
+          },
+          "spnsScript": {
+            "value": "[variables('spnsScript')]"
+          },
+          "domainFQDN": {
+            "value": "[parameters('domainFQDN')]"
+          },
+          "adminUsername": {
+            "value": "[parameters('adminUsername')]"
+          },
+          "adminPassword": {
+            "value": "[parameters('adminPassword')]"
+          },
+          "location": {
+            "value": "[parameters('location')]"
+          }
+        }
+      }
+    },
+    {
+      "name": "DC1-PivotLab1",
+      "type": "Microsoft.Resources/deployments",
+      "apiVersion": "2019-10-01",
+      "dependsOn": [
+        "DC1-AddSPNs"
+      ],
+      "properties": {
+        "mode": "Incremental",
+        "templateLink": {
+          "uri": "[variables('PivotLab1TemplateUri')]",
+          "contentVersion": "1.0.0.0"
+        },
+        "parameters": {
+          "vmName": {
+            "value": "[variables('domainController')[0].vmName]"
+          },
+          "pivotlabScript": {
+            "value": "[variables('pivotlabScript')]"
+          },
+          "domainFQDN": {
+            "value": "[parameters('domainFQDN')]"
+          },
+          "adminUsername": {
+            "value": "[parameters('adminUsername')]"
+          },
+          "adminPassword": {
+            "value": "[parameters('adminPassword')]"
+          },
+          "location": {
+            "value": "[parameters('location')]"
+          }
+        }
+      }
+    },
+    {
+      "name": "SRV01-Fileshares",
+      "type": "Microsoft.Resources/deployments",
+      "apiVersion": "2019-10-01",
+      "dependsOn": [
+        "SRV01-joinDomain",
+        "DC1-AddADUsers"
+      ],
+      "properties": {
+        "mode": "Incremental",
+        "templateLink": {
+          "uri": "[variables('FileSharesTemplateUri')]",
+          "contentVersion": "1.0.0.0"
+        },
+        "parameters": {
+          "vmName": {
+            "value": "[variables('MemberServer')[0].vmName]"
+          },
+          "filesharesScript": {
+            "value": "[variables('filesharesScript')]"
+          },
+          "domainFQDN": {
+            "value": "[parameters('domainFQDN')]"
+          },
+          "adminUsername": {
+            "value": "[parameters('adminUsername')]"
+          },
+          "adminPassword": {
+            "value": "[parameters('adminPassword')]"
+          },
+          "location": {
+            "value": "[parameters('location')]"
+          }
+        }
+      }
+    },
+    {
+      "name": "SRV01-ADCS",
+      "type": "Microsoft.Resources/deployments",
+      "apiVersion": "2019-10-01",
+      "dependsOn": [
+        "SRV01-Fileshares"
+      ],
+      "properties": {
+        "mode": "Incremental",
+        "templateLink": {
+          "uri": "[variables('ACDSTemplateUri')]",
+          "contentVersion": "1.0.0.0"
+        },
+        "parameters": {
+          "vmName": {
+            "value": "[variables('MemberServer')[0].vmName]"
+          },
+          "acdsScript": {
+            "value": "[variables('acdsScript')]"
+          },
+          "domainFQDN": {
+            "value": "[parameters('domainFQDN')]"
+          },
+          "adminUsername": {
+            "value": "[parameters('adminUsername')]"
+          },
+          "adminPassword": {
+            "value": "[parameters('adminPassword')]"
+          },
+          "location": {
+            "value": "[parameters('location')]"
+          }
+        }
+      }
+    },
+    {
+      "name": "lab_svr",
+      "type": "Microsoft.Resources/deployments",
+      "apiVersion": "2019-10-01",
+      "dependsOn": [
+        "SRV01-ADCS"
+      ],
+      "properties": {
+        "mode": "Incremental",
+        "templateLink": {
+          "uri": "[variables('Lab_SVR_CradleURI')]",
+          "contentVersion": "1.0.0.0"
+        },
+        "parameters": {
+          "vmName": {
+            "value": "[variables('MemberServer')[0].vmName]"
+          },
+          "LAB_SVR_CradleScript": {
+            "value": "[variables('LAB_SVR_CradleScript')]"
+          },
+          "domainFQDN": {
+            "value": "[parameters('domainFQDN')]"
+          },
+          "adminUsername": {
+            "value": "[parameters('adminUsername')]"
+          },
+          "adminPassword": {
+            "value": "[parameters('adminPassword')]"
+          },
+          "location": {
+            "value": "[parameters('location')]"
+          }
+        }
+      }
+    },
+    {
+      "name": "lab_dc",
+      "type": "Microsoft.Resources/deployments",
+      "apiVersion": "2019-10-01",
+      "dependsOn": [
+        "DC1-Badblood"
+      ],
+      "properties": {
+        "mode": "Incremental",
+        "templateLink": {
+          "uri": "[variables('Lab_DC_CradleURI')]",
+          "contentVersion": "1.0.0.0"
+        },
+        "parameters": {
+          "vmName": {
+            "value": "[variables('domainController')[0].vmName]"
+          },
+          "LAB_DC_CradleScript": {
+            "value": "[variables('LAB_DC_CradleScript')]"
+          },
+          "domainFQDN": {
+            "value": "[parameters('domainFQDN')]"
+          },
+          "adminUsername": {
+            "value": "[parameters('adminUsername')]"
+          },
+          "adminPassword": {
+            "value": "[parameters('adminPassword')]"
+          },
+          "location": {
+            "value": "[parameters('location')]"
+          }
+        }
+      }
+    },
+    {
+      "name": "[concat('lab-ws-',variables('allWinWKS')[copyIndex('vmlabwscopy')].vmName)]",
+      "type": "Microsoft.Resources/deployments",
+      "apiVersion": "2019-10-01",
+      "dependsOn": [
+        "vmDomainJoinCopy"
+      ],
+      "copy": {
+        "name": "vmlabwscopy",
+        "count": "[length(variables('allWinWKS'))]"
+      },
+      "properties": {
+        "mode": "Incremental",
+        "templateLink": {
+          "uri": "[variables('Lab_WS_CradleURI')]",
+          "contentVersion": "1.0.0.0"
+        },
+        "parameters": {
+          "vmName": {
+            "value": "[variables('allWinWKS')[copyIndex('vmlabwscopy')].vmName]"
+          },
+          "LAB_WS_CradleScript": {
+            "value": "[variables('LAB_WS_CradleScript')]"
+          },
+          "domainFQDN": {
+            "value": "[parameters('domainFQDN')]"
+          },
+          "adminUsername": {
+            "value": "[parameters('adminUsername')]"
+          },
+          "adminPassword": {
+            "value": "[parameters('adminPassword')]"
+          },
+          "location": {
+            "value": "[parameters('location')]"
+          }
+        }
+      }
+    },
+    {
+      "name": "AZ-UpdateVNetDNS",
+      "type": "Microsoft.Resources/deployments",
+      "apiVersion": "2019-10-01",
+      "dependsOn": [
+        "DC1-CreateADForest"
+      ],
+      "properties": {
+        "mode": "Incremental",
+        "templateLink": {
+          "uri": "[variables('updateDNSServerScript')]",
+          "contentVersion": "1.0.0.0"
+        },
+        "parameters": {
+          "virtualNetworkName": {
+            "value": "[variables('virtualNetworkName')]"
+          },
+          "virtualNetworkAddressRange": {
+            "value": "[variables('virtualNetworkAddressRange')]"
+          },
+          "subnets": {
+            "value": "[variables('allSubnets')]"
+          },
+          "DNSServerAddress": {
+            "value": [
+              "[variables('domainController')[0].ipAddress]"
+            ]
+          },
+          "location": {
+            "value": "[parameters('location')]"
+          }
+        }
+      }
+    },
+    {
+      "name": "[concat(variables('allWinWKS')[copyIndex('vmDomainJoinCopy')].vmName, '-joinDomain')]",
+      "type": "Microsoft.Resources/deployments",
+      "apiVersion": "2019-10-01",
+      "dependsOn": [
+        "InitialSetUpWKSCopy",
+        "AZ-UpdateVNetDNS"
+      ],
+      "copy": {
+        "name": "vmDomainJoinCopy",
+        "count": "[length(variables('allWinWKS'))]"
+      },
+      "properties": {
+        "mode": "Incremental",
+        "templateLink": {
+          "uri": "[variables('joinDomainTemplateUri')]",
+          "contentVersion": "1.0.0.0"
+        },
+        "parameters": {
+          "vmName": {
+            "value": "[variables('allWinWKS')[copyIndex('vmDomainJoinCopy')].vmName]"
+          },
+          "joinDomainScript": {
+            "value": "[variables('joinDomainScript')]"
+          },
+          "domainFQDN": {
+            "value": "[parameters('domainFQDN')]"
+          },
+          "adminUsername": {
+            "value": "[parameters('adminUsername')]"
+          },
+          "adminPassword": {
+            "value": "[parameters('adminPassword')]"
+          },
+          "dcIpAddress": {
+            "value": "[variables('domainController')[0].ipAddress]"
+          },
+          "joinOU": {
+            "value": "[variables('ouPath')]"
+          },
+          "location": {
+            "value": "[parameters('location')]"
+          }
+        }
+      }
+    },
+    {
+      "name": "[concat(variables('memberserver')[0].vmName, '-joinDomain')]",
+      "type": "Microsoft.Resources/deployments",
+      "apiVersion": "2019-10-01",
+      "dependsOn": [
+        "[resourceId('Microsoft.Compute/virtualMachines/extensions', variables('memberserver')[0].vmName, variables('memberserver')[0].extensionName)]",
+        "AZ-UpdateVNetDNS"
+      ],
+      "properties": {
+        "mode": "Incremental",
+        "templateLink": {
+          "uri": "[variables('joinDomainTemplateUri')]",
+          "contentVersion": "1.0.0.0"
+        },
+        "parameters": {
+          "vmName": {
+            "value": "[variables('memberserver')[0].vmName]"
+          },
+          "joinDomainScript": {
+            "value": "[variables('joinDomainScript')]"
+          },
+          "domainFQDN": {
+            "value": "[parameters('domainFQDN')]"
+          },
+          "adminUsername": {
+            "value": "[parameters('adminUsername')]"
+          },
+          "adminPassword": {
+            "value": "[parameters('adminPassword')]"
+          },
+          "dcIpAddress": {
+            "value": "[variables('domainController')[0].ipAddress]"
+          },
+          "joinOU": {
+            "value": "[variables('ouPath')]"
+          },
+          "location": {
+            "value": "[parameters('location')]"
+          }
+        }
+      }
+    }
+  ],
+  "outputs": {
+    "virtualNetworkName": {
+      "type": "string",
+      "value": "[variables('virtualNetworkName')]"
+    },
+    "virtualNetworkId": {
+      "type": "string",
+      "value": "[resourceId('Microsoft.Network/virtualNetworks/', variables('virtualNetworkName'))]"
+    },
+    "allWinVMsDeployed": {
+      "type": "array",
+      "value": "[variables('allEndpoints')]"
+    },
+    "DCPublicIP": {
+      "type": "string",
+      "value": "[reference(resourceId('Microsoft.Network/publicIPAddresses','pip-DC01')).IpAddress]"
+    },
+    "WSPublicIP": {
+      "type": "string",
+      "value": "[reference(resourceId('Microsoft.Network/publicIPAddresses','pip-WS05')).IpAddress]"
+    }
+  }
+}
diff --git a/1-AD/DSC/ADCS.zip b/1-AD/DSC/ADCS.zip
new file mode 100644
index 0000000000000000000000000000000000000000..9b36117150af200c24adb6d87d0244c4e63e1165
GIT binary patch
literal 1220
zcmV;#1UvgsO9KQH000080OcxURSoU6)KUZh0A~yU00;m806|1UQ!a3GF}+sZPvbZc
ze@Ehf7==ott0p>5Vjqx@Hrv8d9h4sFi3b*)++@=FNaM(MfQsdRzj2(9kaic4PUnZF
zneX|{N4&cei7erZLNd)o2Ek|;jxbNf8lHA{fKJXNTY>%WR!?(oriOtUrF+4$m}w!`
z{o58l)RJe5+ulg57|%}s98CthJ0H<sD~&6km~4S7%(NdAnrxXk{b@Lq7!#4R^tKno
zE1nsGsy+0pNbT=<l?$o8k&3QRi9$vQ-i3&Z6ekn{1d-<VIN}l`69tJ4V1oKV$UDlQ
ze0`h}EQ%!JP&19gHfRGFid9}vCQYoQ)DEBq11dDg`kV_@dOrsD8)}b8U&ohWN%9)Z
zpoL$*HuipGta1qrIhx>ucRBxu(u8;00N3d~ZAAV2z2{okBV*hDOQAIMzB7O}eae&~
z9OHgnnBF)epb{3D#H+l6nB_!-A8@@yiFJq;igSL4;GAgUWT-zmBo$&x{94RA<x*)l
z=-Llb&P>u2=nKs+W2_|SN=xF`a9$OZ?+X1=SmYtfdmf=8h@@H)mPbb+MukLM%9;2Y
z&aT{6>$P(&?U$^Y_#sDAEoZ{|F;#KPP;0YwvsKMwFr;?WR4u^l{wS*08L?~7Cn82j
zMa0sjP}<U-no&D9oL4Pv+d?)XPtcr(YR+pt;|M6K{UFcN^<|c>_g{-&;amu90vab1
zq$Z1vcu&g$8^P!HqS%8^<^X|AlLxjH!8Dw*oJRC9j3m!>xy9mgi?uR%9Y=_|5<c!E
z)Dbl2T5^rv8DR$wi{sKhIPD;}pI=*|%Dq_X%4xaYqP-<Fb4&|d^DGt*>Xa~|9tF=X
zwvjhPsd>U91Kkf8XG*g)?MQE0ecmLIg=qQiklJ~oltRJ+wWfY9Gv1Q$^Hwz5W~$i#
z8^~%Pf;dtQMAX4FZ%aX5*We9<**Zr!F=LubuJDRFcgTn#*SQu`Deie(&7pHL9EHK(
z)87w2?_Kan3MCR+vh?%7s2qRb8bbQE&`?3G=YU7#bIcZc38V+!8B@z3T^RSvRcSUn
z3yAZ-)Q4L{-YU^1c{_Fc%#6Yzm<5&6cYkw$HhSP&Ye?Uo(mj|hxq>+@x;t1E<X9rL
zcLofWgsf)s6n&Dx=GBS`T2mBOrp;mz8NwZvi*5=<s)4R1K;Is?XK7K1&k;ld+VqCq
z(f(#EmFF){;8;TrrQjqiRp@l9*Lj_x`oL=1gK+}9PE|p#^f4%7Zg!l-<bl)p$RhK*
zI%fO+LM0QrRQqX~*6B~Ps{YcWYN6eoq{yQ3!r8t0R4LwE7Mea|W&qtAWiL<l?XbL&
zx{djo-?}MT=F6pnC*ZcY{?OK1x%>Wpzu$(nm)dzeZr{7;OC96mWm1Yavc~F*f=82m
z@VVbDQDg7ma03u?Y6M%}!eVYSa(^4t2Kp}$ng<fvZBO0&&g+=yT6DM((_1b{WoxKi
zuiI^HE&IPvO928D02BZK00;o(Dq~d*?X}cW1ONbM3;+NK000000000103ZMW00000
i06|1UQ!a3GF;Ghd1^@s60096205$*s0C)rd0002m?Kv|5

literal 0
HcmV?d00001

diff --git a/1-AD/DSC/AddUsers1.zip b/1-AD/DSC/AddUsers1.zip
new file mode 100644
index 0000000000000000000000000000000000000000..c7fa396411edf0ff2b61add3ebc708ec2c28e556
GIT binary patch
literal 13623
zcmZ`=Q+Op^)6LApwr$&-I48DkTNB$nv7JnCVrP=f#I|kQ&X@P{zxcZ^c0c=~x2jgH
zRo$g1^8*|m3=9k!OccvRtq5_1u7e#6EL-*)7{XVtu&Jq<i<z?v3!|e8%b1>(%j!Vt
zdv3*BxF5d8vY%Ojn6hqig=#FhbUi+UPa*#JoUC;PM6(osAeh0A1X1ss&BKSF*ducT
zWoOoxgsIj;U9iK4uI)jhH*PO@bDT0OWXU~C-uG<g+yn=qkDpr(03JQ$``4V0?x)w9
zI_BEsYYz?f%o+BB%ExZCv!rCG>9ZEDB2VGqqcftSQzW5}S_J=;V%zP&#EGRK@p6yk
zk}Vnj60Y2AN6ygbZwUV0F6?^XiLD8H9-cLMs_&1+buqu%xuoB8Qu}Zoah5xx%Cv^6
zw^4=?^B^Z}(H#$>%fObPoX2OFSp0*y5<cI2`ElyNk!JzYD(=cD@Kr_B8O$GJPf*UN
zOsP13)SlP2@?V(Sn8oORcz8kYhzSl)?yd94JZ{Zg_m7L|uh89-VK8hSPF&H_)F;E(
zyN-9At@FR3>1X8oCU}6jHgOf+2mQN$m5FS@ZRSb|?!3G%Kq+?$mIA(K%5NSDd%2(l
zD#p)YF;#EAT1uxmCcZJX<*`lNNUAF9LMp^G%B$3h(Z74cDWYKp351{LK=1<q-s_)A
z*oxOPSNZ)M3W7xvg5)$%-i(KKke3~Xx!{8`D64-hV5Itzcr2f170?bWvda}W`UjIb
zRy|ToHGMUX4Ki<{b=EDjZ#p#BCB^o0eCF2da+h3pP;f<NWJ$C`#3zNGSMURQu-<ud
zSy2ZB5e}Vz6*ikAwjMO}O?x091QW@o)U$>@hQC{GD@tIQmv^IXSY;NqZYQYMVObQv
zY$uSBum*>`zC55C@M}PNi)dbCcXMd7pXgg62^MM!dL(U4aY@LB;PtOsSq@bairO2}
z`@xJ_RTn>f?;3}Biv<5ieyQaRNyUUlVDb%mkLZ!BH0v{c(J-L$AIZ+MzZt)$F3jEZ
zk)H@Eh9fF@h=mgPVpcI1ui6oDH%4CzB=){8nVa&^XA@P18ds^sD=U(S#D?0MXJOSS
zYCRUq&4aqY#_FToLCXQfH5W=dI+9ZNJEYIh67Y-yzJh}Kx0ku?J&nUMnZ@v1&i3#J
zbEhSTdzTaeDK5&Z$PPV=1j9aEke`iGHDRp%Q;ftvjSLjaCmvX3g3wf{V972b(E%)v
z)qe5ZQ-dRkQ~=W*N%TKry_{Qa9ZH6JuF~V|MhPmR*$_X3<6fvInEt8ii^<PJc;$Ul
zd6J&c$E-=A#mm?2`HM1OvZ{GU%X87M;j(g}L8@%)deiK|Y;4p+-r<bD1+pUoLxomZ
z;9U<6w<htFl0}Jkau4-pVnNBU_aAz62Z6c?<Ar(m_ef3;E)3hg=`W$}S1P|{9tg>1
zV3nUxBz7>s5WCBSMTkUxlNV}!nBdG{Sm~`1?7OEv6}u5gdQYhaOM|cc(6Gg=wXkf(
zck)Lpe4<fZF|9WhY%~uNTO;xFLGMo*L2v}9=^IJ~vnOXTNdLkQi|OT1Dwu)3;5D91
zyA!5Nd_}QZ9}hNVjc;)D8e`mrt{Cm$iRFDwHHEgbl?r1$*RSgjPPh=^tW)0BR<jnz
zRgECW!o&(4rI-5SBA=%<6Cu`5S*XO2Q1uTPp8&DHaX^$95Shp_eIYJVHLPW6u+%d5
zo-Us@^&9sNX;n0O;dCVCxF_pp*+Dsttd+>=cXWnmQf;$u#55$Q6?>0?WjZj<;&|@^
zeZ`4^2Z|LPLii7f(!R!kRL>Tc;x6{cEFQ1%xCPmpMr(*w+HA2T+=+?}hFh(xKhXgk
zr82!2wX34mp5r~th8s>&KQ@qSt;H(Kq_hPAP10rg#bAK-i$fOG-|VI^i9%>kfW2;n
z%#<zV2FlR_jk4KI2eNzK0{*)JcrT$aa1D;adsK2zYN_@;s-p6@cQr4!S12f{&Iv8>
z`z((!4R&d~p!q7xesnqoBcM%+tPvpcC7S(|fbgz%e}y`L5cHTRu3|20ZsXo)4=gjI
zTT<UA&zy5q?%<Oz5`)($-)<fCgp39LRfxC<$3v&5X-bWbJV|g`!ofE-<Bw#^m9X8{
zgP58KEiBD2SVXa;aVb@2J6v_C9!R2fZpfAdeD7ARXoAbsMhDgF#U=^Ag6ZgGLy_)J
z_p@>ok5-_7ii!8Fl$FkZ@gT$0g9F~<j?scQ{-qD9SSrH7+&U?v3ZYu5ah$Y=AsEvX
z^#_Ye4sHLiCA*{yrMyssoHv-WJy46aB!Hk%h>fzISNaKnFrB_8D^j_CSuNMt<zeSL
zLPCU;8lNx`#Mte;1<UnWPPQA5Q<uMPbmv*kg{H_<b@DIp>+H41)4|vb`NtM~;Akx6
z6bb{%EN;A!aIPn5f*~Fz!34P{z?3VNc`sd%VzkHlmnrq-Uk+<FaOgG^y3JInZ*ZB7
zZ4fSKD(8Q=HobJdzl#=YKL(x=_?Tw1$>TZCk6U)4gHl?Q$(L!<zbC<-DQMVwF0D$I
zF|ovBdnFmxu{WKbm^T_nm14}AdZQ*8DhIwFN4fF6e^akBkuM`*pOQbo&t#*Q)>PsA
z0SU@Eu)d}xtom*Zsnz>&O#1-!PRLm%5=&Z2-nk2ZF-5=h^)C0!(k2ztN?Tl6>2&cr
zr-64KxxL!q7#y8$ygs&Cy?arI)_A+7oUkkV4T^W;kxn%-ZBf7sENz9FFboC7P+?yB
zj_C~*M6eS%PQflDQ?<IIN5n<JJ88Wl7=-@QT9r_RL}PB$+{kFp)v~?^H8su8Plfxl
zM<@bYL7^P4!DPuWlKY+@^&8hr3)|raDw%2ZaTMuZ`b3u>dlJVcL|8+KCGrSSbdSy6
zzGqYGO6(>i_Y?iIoN)g#F+f0Ls}l6ZisT+3D#bi+ksmUo)n8QQXRF03@RSOiNW^`}
zV3Kw{pSB>0U=MtMtts=iFCTDAD&`LaRH$)&O<$_Q-Kh)<g2EKY&@UAsToK)&Tu8Z+
zQXd8-YCCy{^?OxhfYhO{2PbD>yxtZeV1b6px}1HzLJg4$!?1c$z&n5|6uc*|uaGlb
zU#_uojR>A^NvU}DXOxrKNtC*+WeU2ajcZdmTSdZN#R49~NF@_WbNY-_IA!O9VE_n@
z>EaLB?jKkCpOqxN)XCHbISjWm#eysdSQ2HsMXMc^v!{Hd&P#{a$LEK`#|%8YJZ;ZD
zz811<7|JvWq36<~J4oe=W!y&b#(%Fl{XCgt3qe1oUiSOcS$;g#TCp>PC&4Plp4E#@
zd_-Eg)+rwyBo3*$PRdrPke10{USZ>wJA-A*{UCZV+kK`*`3&RiBa;Cxac9Oo>Oh*#
zBH$|>6S{jZ@jfud<qtQTCOZ5!u9R?P2QN>VG?b~}K>aRFn-3~t4m?#%tO(`GZx9L}
z4Xkq4r+~(L>##oE`1r;NIXLF8{p(S<CsS{~CuG4u*%b_Yx}pmlh+p6IKxASmTABbl
zG{&C@*Osh`c@vpC0WL-b+%i_9cD8Kxrz&<sik!vIaa$^J6q=9#KtA=RyUd{>K-5Mz
z{(-?yVf)mWXt&Fnl8;P<@P%_DEWXBf8Z@>-3*i@xl`i&dPP$+YFl}eR95Btb@(fk}
z<S(d12u_nbv~=-?4_z2@b3zfmgTR%(RG2rdXfKR{2V)nL1-V$AC&*sm0ahAzYGEa>
z5AJtg0Tk?sV(X1|JKkG6uIRZu79TT55UXqq9+R=C=x=K=8%8ORv6Pk~C=-slJfL~O
zXJ>Mk8-3i?GjZ$rUfMg!MC04$IiVrklM2h(Hw6j}DFF_fRSrJw*PumOOeKNk)AjFi
zuxkq_t;WVn?BDZZVv=_kql3oVD#woD5$#S@<kal`{?Tb?Rc{>m+Crtqr=N||H34Fx
z&Fb&kOjnrE9LCfUW|dbg2UCclrIDJ}5`A&FSC?=Xrw6fm4i^#H-LvP09e?t$59wHp
zC&ZIFwKV3&j*bA@mDtK@rZ(Ud>8eKJ=)*8*q_7;92Qm18>QipOliW}iBv)jnLK>YY
zab+dg?xYwMM{t2tfAh#+$q<(v@Ts?y)yg1`h#DDcq>S_fL_$LN6u^8`T%`H&Z>eey
za$FhMxn>j|47>~OI|yHAg=exRhTr~xpSq8ZeY^Sb2Es6aWCpP^2Jp>NS!M0%YsD{M
ztVCOr(*mz87PG^PKN$$MC{5iLrb8K_-)w}(y=;RI-^GlxgnxxPGNNMXX}_u7q0Z@t
z8_2pJ=LI7`1K94Hr1PxfV!}|lZ8az2xEMwtggO_}nZ6yT>=?P8MfGe8Bk66jWjy}2
zE9%Q6APCN09D&N_w9gotK7FOUib}ktNA8fW2_i?y!eg?+e0EXVtaye!`VC>+Qbm7}
zlOwz)FiL&y<047UH|6wC9s-{&cY;LzgCB0TChS{f1rC9v_-N7Zp#^4I=JLPIu{-1?
z@$q}qTc&-4{Xpcx0~UkIm(9J+`RKJv`&k!*$Vh&dZoRB27UX1gmfn`O$u3d|Q=Rk4
zAV(632H#Zj>Th(}qsksx4&evEf__#Lk(%-QY;}41ciWjfh6Di%254^3&g~qqxbhW$
z?M%MW%pKmbP^7WsF#fj8ih|Lo^W#+mEo#8RpGZ`{l&)SFxeU<U`D$i*J+k|<j&p#P
zr&(tB3CPBq!=#D;5L9HzSg=<>k-DsKG5q&@PMD)1-S3}dMMk{g2TLwzvvYHI&V00@
zh7U(4vyZE<n&bTibaa>QgbE0!T3^t<0xWJ)SFM~wm6lGRp^8Z-5|PgUstAsD+#S;E
zkKk|~X*w(+?YgR-*ghOhwXJSk8rf{Q;D&54(FZ|UHk(&UG)@E+n=PnTPJ96hv8`9`
zSn$4%iN>V<ZTos^g~=PA@zf^KnTd%bt_T{TbbN-Dneu!@Tp&5d{)p{tJNXxeLuW12
zFjDsGXJJv^aA-`tG{xq?%~!VD@}+)7x7H>#gK9k)ujR#;E(#B8audj!f>BM&P<rFr
z0N|<$O=Euv8_i`=IGuc-xxQt!sgkYbm}-n=69%A?p<Eq=k&I4ktDHO3tGhQN%VEYG
zmKs7tzhD27Mt&9>r<Y>Z5wD-|MpLRJ*2y9#H~hz3{IptA+oQh;w&u%_jb@)%Vn0&q
zTt&@}-IYhy?+&IkZAbf4DasOBNe^<;AN>}qEMqZbY<%i}J+|}!lU^PiJgh_JK=RzY
z(LB8f(tI<ny*ZUU^_#*-(6R^g@V`Bh`1|;+<zeT>EpssBPOFC13oz1E4VUJ8P%DGu
zrTpF|4-zd}29@2yZ6v`FUpfWdwGXJ#CAIqMTbUhxIuK7eO^rzx)c-<jA4tMQ&AN~o
zzUl97bFB!DJc_j+gU0@>&Yr%wt2KLb!WZ9RM;sx72lZuQ5Fqu>Y%A*8(4(g&Q`=Uz
zMi81*%iHvY{5`LO5A1CceK+!m(EDD~><z(wGr|3ii~W7-XMV6Evl~A9CT_%c1zIWF
z(%&=>zBdpznAKZ%h)8uQ1H;+ZYDdDcbGk2Tb#^Ey|Au?NjUm(_O94%6$;`>>A_ODu
zQJNi{;AzF2uqV~6s|AD9;i_krCcHUl@f>z5e&$0CPE6?5i=Dj*pf${e(Tuj^5TJ?E
zHAE2W^cMat{=Q1V`VzBFa0A6li)X(bF|_3vv7yWSf;x6k?vd>@`%)W)LVzGXGo7IN
zwX9_Hd_7VUc}oNzt3;bci)=>B^i+CY<OjZ1XNhi)2!h!+^bjLIVy%WWb(X?i;xE82
z3d+~sCC)GYzCwX0o^%M5Xn=pwbToUZaH`$>hZ4SF7?A7MRs=Uv?$L)8iM^4<VO)p!
zb5In;O$@f3gA!KW`Y%@he#ag{gNMd!^X!Gm>7`674_v2#6=xQnJGMILNQyc&E@Vf$
zH~-6y&QXIEw9q5&U9L@D#ADEd>FHzAYH%avzQD9-(*|ie*fW_)b1!GCoPVWZxwK++
znnj79ASv4}HcBLk);_H@!VErshx+p}iHH6|udQhP(zqpUV_FT{<&vKn-$=c#peUak
z<ioNNW-^Kn+)LM+o8$xA6!$K2NxKPuJ;JD<a`a#AI*dX9{n=`a;y}rA7l7M)DLp(_
zt!U0LB{C^hDw~FHx39s4>I3O^b_#n(oEyC1Iy&P0yyxeb7^qpEo*w?iD-vZFs~AT~
zaS^H{-6fM^)EQVQFn@_yC#sUSQ@%9T%t|1jR98So@--7LyQbqOm_Tw035l&#iWq1A
z+<0O=Ga5CxJsN*a8>WJN4?a7NRT(}T|JL|izA#`A=#Rgtuql0!GoH5h@br$%K`Cn#
zNGkAG#si)-MT<h(oldf7=R0FFetT(R_svIAX_%@(T|r73KIo6Bc1oI*vSIB=yrnde
zWqq5~$%9ITo$Ha}Q~s)riH=|yNf8RWgT2UYvQB@Lx>iHu1kh$)%LEYEL#xL=WiwpM
zz4sYf-_glu%*=g6WH{=6Z5RFbH616;fl<!#o<iJ)DMJ02B4IBf?O4zlz|59+zWs0v
z?A%$K|8Yv_T6>G|a@Tju{X&bFZZFksE_rIer_W-c6P!P(QMIFw8L2_LpEIF%f11BO
z7>BVA`H{q}m%x~cR4Q7$c=lx@`gD0O8n!m%=wISwNechj3i4NZ{rqI(!|eI*<ju3`
zf@dS|h>c)QNC;!8wd=XL+X}5|FB$d3D~iR6<~|^-wKu57lGnl*b*$c~_k67Qv0X!h
zXLIAyIITr@TJ|jS(LQ*oaif{N5Mz-X)RwOev8V_PmQ@)o9CV>Woc12;$aHjS9I?o_
z?H^LEOcA~Yt)=X6y|s^|ZiB7<c}A!IV}ct})ppg)Ua$`-O_w)>G*?jC92o#XL&7Je
zw;c4cVx6VS2kzi;Eow#fa7BzrQJM`kpg=cwZh4MTlj5O;v5E^8N~yMnsDyp{(|+9V
z9-Ezjk910a8{aTGqr<RHQ<!H*^wr)P_TLu^_yM4Y&C0e%2ntE!bu6PEniaeyOnBlw
zevB9@&1&V<efM?!NLT!Q)fd;Xno_U>(wcS}*7{|sjz_zJFXKFih@ynoq?!iZF$9eV
zUF4t<TD#fb{Nm8BO4WGx2Y`!*DYP(t1h&Uc00wB5Acji%{!ovMex7}a1J^63n=(M+
z#d?O8LKWdt95&$JABGsd(|FTvELvnh0*G5CL3X~~QKirGc6*kq)+5-OAn`((HpLKx
zn(Mf+7^{VCH5NOqmeTeBG+~LNesRz05vt7sXlq{g--5Otyh{+YgE779>E|)G?Kq%6
zrB=rThuJpFT71VobWK0A4Zp3Im@sy&*y7qPjp)(%_109L2^|#)y*-W6nr@6^^<JEQ
z=__64#<d^|44o~hxFz93w9KxqA-A$>)_udJ0r`}*s|1PJB|c0%#MuMSgG>TY^MTbr
zj@61bi6mHisC`NHExH>P8N$CfZ|(7I&njp-Z4AMN_m{MG?K$5#38?~?`d{hx*{n59
zlvxVN{^RQ7@%h@l#0ACRU)bgO@KWA=F<0=Azbg1Q_5AR}Bw7Q<U;=^9w^F@v<8WSq
zg|=GFF_ePB8meF6Gi5mGLSN@D%pmO|9O_6REY1p3`EuiJIq)k1&`xeOeaYqT`cq`s
z_dV-}PNbON0RJ;0u%^R}M)0ga=S*B^{-LDA4NUvFsjKSLMux}d-9<(R@Sp)@SdYFb
zbav*k;xBsQKhU$~af#i|Fjq@bWG+s}qy_TvQE>*<%g~qSyCc7|dYVV_!(Pvaa<#cP
zIkyYg?hs9C>=bies^c#$y;aGt$D|s}YCm6P60gD$Ku}WHhJ(fI(#y6j5hm4&BWuOo
zFOOK@d~a~km@S<>HN?AhwoNNJaL`qaJ%Y9b#{C_r(Y3UEXT#E=p@?e?LLNZzGvQSC
z3bqKp$Z<z{w@MrxLlQY+SU3AfDrg5~O|RHwF6bwMPHdQIjFdl}(uH%e$kYXo8pjAl
zo=}9MM4$S~3RowIdrceUqA`#erE?a2+A0<wNI0!F$p!Z}Oea2S+8b8w@CR?6-oL*h
z>Ry7WK)70+J$VOyqjXXRl<ZX4W>>eT6To9<)o~>Dvr|x{5Z>90-7+Epe6@-_cZ#vH
z)}xPMKM$oo5(_=4ZxojVCl;iq15#4{+1Tdzq@=2<TK+Nb#pBU3D~+rW3#Dc0<tQ2*
zA1&Wy+_t$YVtElekU^oG+Q_!3x`dr_Q^wBpy3TIYAM!xbk-Q?)aK&(jp*BV``aUPy
zB@C#i=!frd+5h!ZuSbRL{TkVq`rk2Gl9AsXI+SFBSu2jy{OI((^3wjjF)ATnVYRLt
z>^hq@MM#mzB1;v&BUPVdYlV97d|9}+gDZ27pIC;#FiA@$fxd8%&1l>f!MDsmEN6Qv
zLn~{M8$$rK2=h;tq<7A$T9lvxn^M8&&V{0_>vO#5IB%$>%g8)a0VYvG-6hUtHMnUv
z!x&it-A21=Hf3j}b<J=v@#=z>uALiBHD%#tgFo4Ay=CF|j=UE|o8atnx!<{uXqw?)
z=|U|RMyMUmN9KmL0RS42hL4_Ir0^R-ROF_;OR*<fqmJwsO9jfK5afew8mVW?<xw3v
z@mt2p>KQgZt5JLXB8pI0xwoP}FzM4dw?l*rq}i%3Ks|@9+&^3*4mt*ZVZ+&5ljGy|
z@eE6l6*O^h{*KHcXaWEvBDXnC%T4-l?QVHX0gfuD%}=-YQ%Tp*tD;1s)b!lDJ*iw(
z%3+l7oMAQ1uHPXkXgEB(tW~(>IJfC)L9aKCIkJ*RpbxC&ntv!QpdD)IDcO=x;fk|t
zv647+SoTR3!u5*eXWrDqoqf%7#!e7sC-)Y2F-!2UjtpmXA#|)phHDg#o=09~2zgrm
zH==qs=yj27$EOu*eaR~+rc0^MlB&)PUjpZraCza9nKwW?jd!xINw9Ax_P9aTK1P0Q
zj$3|zF{$X{kC!Bx9<5>jO{9{}W7jAGTc7aqGYYt_hGIacc7(Zo47@9|8!DGFFna0_
zl4t?z(J>mNCk0M26BT!l_x`t^1_O)V?gx$tY7Ej>{9Q1s7n>P|?u}hRmTW3C14~*=
z+Oo8)KI47<+HW_b;UE7x94=phI%AwSU31e&jv@kDwT)+hjq#+t_h>q+Jh~VC!CpV4
z*8%PlE>cs<?zr=$t!gkmi-9RsZTpKV4l*h=lJ*UA*}re?cRXpkl#2_fA!YT(XN;W+
zBaR{OZy+|rVd~FecWxsP`uLhA&cVn6%$g;jK)G?-rayE<#;vuOj(f{;^T)LNF&BSY
z)njJ}ldZr}Y;6)yQno!NHz?ZHO3OusPJA(}Zp7w?ZBCO>W3eKSwaLE*D9rEx3Fc)k
zpJ1&qiyilutIiB66Z#1gM(*rK*Woj*K#!4Wsn{H0>#7{Z*i2Pd#46`>Xgru)nR@Gk
zKrTWAucfCCc4Md7rKv%4hwQZc$Ut$b&j2x^oT{Ia&Y{6G_&3%+H}dCindi@ZVr|!i
z{<;^G)pG?57c<u%@ReijM$)kLj$wDy(Xf;c;h%MdPRSGV9E+#-yy|w@OPxAB*yrjS
zbj3M^7({#iGo8dwud`<}uSqS0p{vAqWZ81>yU3@&ND01VQE`aEXo$_y(Ofw5`B8ZR
zorB@qY?J`b&u!j}4@ePV=P)sC4J=2?Oa$ug89v+}5IL_E1)EY5>QafdZ7&meQWM^_
zADw?_@E0I6>$;H8cf6nWTLK5h66OZvQzc}jGhFiTz(ldRgCd3fXq}&sof`&rab#E5
zp2G5=RPOLzR3Gq+`}bQn>XFN|BTB7fc%K8h%}C-Bft4pB*_6|CkaUp1<WhL~#-J3o
zfa{Fd#{TH=Lsx#WOXLi@F__u}icL<dKXgA`#u51XSrdNSy>O=`MNR#CWc_2YXOdnz
zDXz_Rr-&aj_~Y!>Zz3<1p4+0O<-yXm41Zj487CmL39UdmDN`P0Or;g@ew?)B=;@)X
z$3qe<&27;SIcu(c)A)MjM1Xir#MaE8s&FeEaysUmz9G+pTUk#>=xK7^S20&yI*ZbU
zUsBmn9M?-8YM9kKma7SaQvlSW{A_jxzmw|)md^)YLijUd8$ul$kVS}W8-81z)&D}B
zIrSVL4u?|<QV>Onblse9R_^>%8xe_d7bbraArRrv+8)r{WgV5yI{J{|vq4m@{rT%s
zTlu<PCK<!DBbA9efegwvOQ_5#9Xxu>??#~nS&wgINHvbr?U9(6qU4C<1oEI@;iN;i
z4^6RMp3-mGZ3Na?e`=9Mj`GN*$cRXSn8{SmA_=R&23nT)S;TNUbBHopisV=93eRCi
z#P(ExosH^aePy!SZfiEv6`uSQTQ5}|wEr-1%EH3U!0(j8(?QJ)TIJ>mT2^i4-}*(V
zUDIZ%b_FD}njebq^%QB(HXn}_43lO8O`I385=)m%tcqcOoh5dcX3poOr<+PavL#kJ
z79cAI8nqfFn>5#^pvbLT+otCIBd?6t`b_tlUAPvnS(FDW-Wa3eo?sPPKf7v?%CBMj
zHTM<JmUzDm4N%|}>y?;T{xPaiH#1n!@uM+KucE4`+2+NoJNTRX!vR~g3J-t89`@*s
zc|}TL<!QsmQiUYa%7T_&K84!6jp||yEcZdZ?xsKzS9a}@hp$qT{v6jDp2zg{W00u%
zsS3)-t2|dMZ6#LGscgnRQaX#fdM0X8#TkdSoxFdDQlCTliV%q&`Egi{XZA|Gu-EeZ
zh}W&|f`&_{An)ybn-9%OSwR%4t8Y%jPGju?4E5B!MV|fuLYL~sFcG;4&eFhr$3sA>
z%(J!05|K$>(PS+iDYsX>ts+D8)cy7H8A$Q^Ol5RIm4du&kHdNo+PP7=jx_D&d$&y}
zd(9r+)cxy`!0P6$nk;*hT*Q3zSD5xwV4<s6E$!_(gv)`=$ZgKx&?FF!>WSt3#-Tfk
zyaRP+lK5?}B!&osUt{RxPEGlN?_TjT9_lDG`DBd7!g^JkCiB<66s?1{jvJ*KSve@H
zHDkm6Ga)#@_I`KUiy6Q0QA)qg4SRMAt|&F+pBYYOc{7XZzZrlk9iaO9ioR5EjNs=q
z+=_h`pFw2~{B+TR18ci1Dy~n=lS;#DbxI)&9$m2JGA|Au1C45zddD8iW|)lgNd9N1
z#~IuGZ4=*3LJq#`bmf8qklgg256(Y;rjq4wTQ}LyTeYw-d#ekvs=Z>yJ4HbgR|?6J
znEqh`lZRde<QO}9AG;PlF(TZ82i5FbIa@tORT{A*&{->UseFa?sJQqZiC1|VBH_ly
zj3POMFw^(S*|hNUd@kX5l7m{Q-W2!Zui(bVgyr}Ij0<Q?bSW-5EODX?j$;qrqZL2#
zdb(`3QUkZlHgU)c%v;e{T%Mlgz=vYIpx4>9?zg;Y%P6Rc$vJajp)n<V86?$7>cx8|
z)24z#ZY9X&_mMPtgAL2zJ=fygka;$@+XAH&9v`SftT%a^DOXdpjr2Ba#v1^pP9{i$
zey&|iE&9Vx+n7xL_B3R@LUWy80~s)gnJh^Bg8E)6KcX!So5*yRFg_;85(K7=>%H|4
zrFV$}q3ruk!|7P&LDd(Amc_vH+np4b6&It^c!k?Q4w4J6(G8XuLO2TAU6M8JuZOhJ
z#AqmxHp_<E2n!4-0TvIYdw=ogxYzxNn7naz2AA;XUlD2kGK9u@*5X(YTGI?L3U=~^
zI+?7^O@i!(Cq_fIs$5EI4d?~2+XQ~;b_sX&QUv3!*2fYbEQ1IaoEh9&2tEGUs;O6q
zkaJa%kc`Uz3))pBkzrm)5Qb2wLeJWH41XDF1iOafSB>|lV^R2d2~(?~ljC=uVtN`~
zn-a^9k&(H8Iyd#e|3)@|+w37%u~Gn+J(r5F3D~%p?d@2^gRec6IZz#vr+>mO?H<8m
zY}!+?qMll7D*0xx!nbTAP)>LKX7sG}9ZIX|@c!=;E#2Skxy2o-b;jlzmgNZo86WEs
z%bO<Cqg-)8O1zf|S|WG~EftaR`jQ|?hHJ6`4Zzy=-0A_9z?tSj6qT(E#Mvs~9F83i
zmi>8crgri?=gvi-oK_8C>?tZ`^PAxZ;eg-OH)SFT3IiV<*4bm<YO_n9!;Qu;CpGne
z^)d%y!J~&dl6|9Wdr$cA3URtqW($pgQU`dx=eI^qj~*^(WsIF=|FmA@k94N+Un~z{
ze4D?WXC(8SJ;=Gcg9Y}uBJE^Vm?UNw%psdu-0K&Nl@qrC22xe55BdP^f{!=Ba6hsU
z1qd6s8x|~Tx@{hfn^-QS(xZF%H2T!>chy>smSW%+a@t60x!uHnj4WvJNXyXD`mEC{
z^B9wsZQDtA!Fg?Z!IBIZX<^yr`ks|NF(3{4z^M_88GZgXQ=66N$?UFU<1nns;V_&l
zF6>?W*OZS0Us%Ks2zvLVjj2KH?k&F*_(BJ+w47o*ObAJ%`t3)Avw0DA7c<ic8x<-?
zim!l#(|C;JHsXd}5vrqcre7--Z$hZQapJq-yPN+H+t+Zwf>P4Y=}N8G$i>RG33=QA
zF9TMwRQ}`3=23D#aTE#;j<kKF`IBg0r7>a}fE}Zimkeuzhrbeg;oZ@E!h(hART7$%
z*`3VH0`PRGoJ%M$Fmic(Ji;EEU17Aq(s(VjvgyS=k$OE|O(_Q4w0^YOJe`<?d}?}7
zTt-M-?UU9~*8IjOvJuO2i$cN!*u20}P-5V8$ul;%VRu44MUfd?&YTvy6f<eI2NrQ&
zGW?j3#>u2x!me1Efx$>Fp4*D_+jJy2Ps%G&of11A3F;NS%ZPzXhidfz)eq_xn0{2r
zJg>ZMfprq?q_0Ec>N>PWfOx*y^dGe=nU^{{n^@davy_jhBKSrX%2J%BdBxh%9Nk3H
zU$iM^H5hemLGj3v?4mVMraHG$m$y9KFz3RTJ_Y+{XiL;-+Ba{H03|`{G3Hg{@TMkb
zrd3~D-p0(QPxQIjMrP_neARUuj|Q>yi2bPcLMUXn5!<$;p6J46I)6E}In3eWA53c_
zu^K3xwOeJ^>hMq*d|wZXaAZ~qsT0dpzF&_yt*VbxcVn3{h_2tV*)UaQJT^yDSk}5;
zy|9&}w}EDN?PbNoKV*Un3a(9U^qr7$TpaA{ARgC7YN1wBFGOqr)z&3`a+f$fTA|(#
z=x#1Z{oB9e1*1;MjT5F*BQ?8x?K<91_AP-U6NdCvIrJ%+bFLtE3w+8A61W6k%;`~=
z#lRX#Z276>^|;m;DO3O1Y!-G1%dnZh$lz>L{4`{3Kb1OyTnLU(gA4>D_+pP(lOMSz
zQ8gW#3m+f;ATjm=SF52mZ~0G(ELyvV(+nMDcN4_NTMM-#4xl6;^I6<j!D-4PR(N(0
zjc;bxPRB~Fi{n3(d3KfhH1YAp*=;4zzgDAWV)mC-hf4iRAXem@Uf<8_<2U6nA!ZT6
z*WG4?i|pIfm1)&r7M5ET$#)eOFpRgSUKDG2u<BfSzEk)35*=l>wd}`IE~U0e;o#T0
z0E$2isi4$C9P7&Lf_gWRIc?>N6&k|O(Xx^~C-F4zptbug6Q10MT6!ifBlPU+CI%G|
zrI1o+%CG`fS5j~i8uIfubMc8eCffdIeqDjEmY6?Tz8T${(PfiG;g^=Yo)X24<|s(j
zJ^Nu%YPb6hDshycbNJJ>mG>n&j`EY04F6=NN(`RJ1`yl#dy{7F>)6l%-@8DCL-xc=
zj>GNadt-JD6Z5}bhzeXg>%Fr%szUvh^nlQnm-cO|(F=4T-4-UKUB5>hHYzQ2XC6*3
zXogkGQC5Dv+T*?6((tKu;}jrzrh7FNI&f{mG_QWev8z6t-{V~O?uhCg|8j%n^dB}K
z8+V!$!=6YRdI5#F`IkW3)XczDY@Wbn{$i6Wr(l@o>kh3xxWqIWp3uv?xqtL>eH;W_
zUGok}{y^`l_1K2HERIaOo|ePLHYGXaf@%wGsC-(1WL~!e?dbUd11(g0m=;}vUhLV1
zyVW+7;P~0-W1M#z?tc5#VB@@8?6t9NXzq+u7zN?()YHX|+T&fln|erHO8urYgA+fp
zotk<+nZ5FZsy%<4exYAQGn=f74V5a0QZ2`V97@CDBq4$t)(C_2byf><SxQLl;|@)$
zmOF(1T(&CXeKaWV<74rr-|PJX4Da+Ge{RfcuuJ<M*Mls&8B2R=Oh!4S-B}em8D+^B
z+O1uWw=>Lpj~}SZ{?dpCAMrXI4_5P&xorHSomv=86*DZa(WOU)*BHI)7oKL&rO?2X
z!qoooqQ5JYiEX!!xC2de5KcTj*`YN_=5J0`sg!cGid3M;+(eV+H}14<l++;I(L~J7
z7JtB1ubtZ=UZ-0b*;x|P=0*9CI{g#Az1@$PLS#8^u9LmlW*w?+UFjGplrBUS+;E(#
zH0cZCi~-aK43G&VR2s2HT+1^x&Si_S4{L6rhIF}SDrBCC6uE7D`K>a$fnCb1TC@CL
zZ5ip5yer)S%Y>p!CA-v>EW6&=cxw;tfw*XrPU=1Vy-G<L#-J~9QBlvT7z;|O_zLkO
z3Tkn6#dh$gH(w&vz$5I3&F!Aa>YxLielcsQ(G5e>pWsW8@wBCCFu5gc_Zx-wl{J{<
zuUyj6A%EF-N?yc%XS7mVt5a{MbcQ$|C%x{)!R9SA&8kUpM^6`%)oOJn2{caguv$*{
z8xCXTkvG?Q`#rHR*dT%CctXd7^$#BtX!;|Wl*ZF&Ug`Y6HtmQoAFbiz61kj+l;mVm
zp{<O!Wf2OK0D>XwiBdB=1VrZ!1*D_k5A+V$J?#4Vj7XhPOOSrdfUmB3BVA0+-*^&`
zp4@??y?mfHe?=7|)8P5Tq0KCm-dU{(Vp@<1Wp9c3Z*|N9l+%A{nJ21Y@_&@2q+!0>
zxi`$OA2}UyV<3b#ZV#?vC`?;aWly6&4CK`<)d!b;VO4o7?{j;6tJ!DF*ZJ;QcmW{H
ztVJFn>|6&UnX=O#!k4ytEiz%H_->S@3`9pICv%+HRZJ}Macw+A=dG2epNBE|S}=9x
zvU(#y&TGx}cH@7I>~D{ZHt=LSmWY2fE0t@SvW?r@+w#P@Ls*`)8EvFCwV`?c=OQ~F
z4O5Mn-KMS-hU1A_tP5T<RQTH7VR}hG>)C}~=ao~Wy3TK=|AMZz(}lFu1?Hru(PL8r
zf7|9j$EKpw@^!<}=I(G*A+=00wH}{qzj)1%cvX8a8vObCr!u<~Z#24GKPJp#jQ1HI
z8=LPKhlR$>-G_34D$m%>aXRx|mGbt32T|n)0})B)*!f5FNnZcsa<y;lBTfTCLL+yW
z)(U99w$_>?w~O^;53O}IHMplS8J(2x*RZK~Z{LDnL?NEd`UIC{j;rL7(kZFT-j8>=
zh2;IM*)NC5U}YU@EKkY+0+mfI-20yy&MFj8os&ZoebonIC#)~<q9353mKG;zQuNfA
z!)?!-Rj4aVEW<`<{STTzXodgTu5jY|$O8-v+SWUX(H_rLE>uH*bo_BG-@wGk#2%B(
zFMJ=9(}RJX|GblBWVM9d?K{U;^6ZSCX<Ly-%4{E(tc`?IR$z~EHkdGV4dToXp&Hu;
zF?fWOox{vHJ+L5YIds`|R2x#D!I)zaL*_yh15+^Lm+#U+QwZ7jv+@CLUWq>{o0VNc
zxrUqUhxN|{N+juKHx<fZ2R{0ZvL?sizKAfr(y^rPq0%r_?f?k*=3`!26&xn>Na;Vr
zvRk#Ib5?3Spv>2mBVnXY|M#HKQ#nV|QA1_Sf@PYdY<-;t)GzJXCwdVi1niY^4wz&M
zCxO?t-wsCq<sp20BEU0_zlw;gIo;(u<}K>VJA;P8hLbgfGBxH$`S^vi-OTK6%r-(P
z9SKQV@0#`=dP6J}^i!?Sv$6VuP`6;rB~adGD$j66v%lXak%Tr|#tlfU%_r%e2Ta}t
zc_SaQqrN`lCnJMAZFN}d>3%LIah~l3hOl@nB&8;0PN^smiE;y>NZ)rATPKjj=7Q$q
z!<`(M#VzhLlu`<}fjUXlUwH=Crj&w8yBy1=)MQ$u#Wr4jABI!owm>M03F7jcOsnN!
z`)Dqt-H-hE30%G;k|VUU`SHTWwxTNa7x;mh5n|3}hM1DCbUWdIH4cz{h<Nj?3!&w>
zPt<kkvJgq3b&Y?R#1GY{EV8Pl$qvg)CCJ=H7GZrR5UrMl*sZ*V3W?0^%(0lNA;~+F
zH}#d&vLokN!mIb<TQfo4H3Ql|(lvX#a>g$yvM@sHFu1Z1sbvKa-zWJK;1Gejr$O>V
z@2~&^y4_upuzvQ(8{x2t6x4vJ3C2P{$ya>VF-dJPnQrIrivZBv-lLwZ@uiC{Y44(g
zFMg4?!lL1CUPLe3sZ{@lPo}#9OOzu@VI&|+SlsIW<2pX%3SAe&3OHWB5ls7HLfrfF
zf--7zgw&Jsod9s6GRr(#00J6xLB*_ubzl;aZASUN^FA-gcZ(<IIZWdnhL>f{$dxSE
z85cjw4me`i*#_5M@Dq(QHO$%Q(mq97!CD&KDM`%$F<C#bbv)yeg5wyWmZ_YM(ZGjQ
z6=|aWet`9{Qzfo6XVvZI(!g+irlKh`nU~0_YyAZO*G<}$PG>xMY9Zaj-<>he$}r)J
z#}k|Lq6@Is{<EZj*uNI|aTyMALtmSAF+v+&ZI?6m-{%m)1B1tN&u&uQ4Wk;azOL%H
z+`S(#uOD-9@sRCaESWj1Y-i3URQwc_Y8mmlgxeZfOS$ZzI3M30!yx@7c(^C>ZWY2$
zX)+n*_%GNruv;9~h_be!GW;*zhhNe7Cn!|PADD&Z_rF>T%@M|TeOnT4i9QcEs?=-*
zZZB3WXVaNkF07O$4Vuz<h%QJ2ZG1papFY^DL=RKPmT|xERk-0--A$#xRE-kOzFcZE
zVMgJ9`W$#e(>b|S*$(ZW&^7>tbj2FNKX_%d@V(ByQMB6V+$QwB`u=WYGt*yN1Y0)K
z|FbOT!$a!rYCDFie2*@juw+l{TqESu!G&#f-A5PM?-pq}#x{=l80Ll1V|B<5o27k4
zJGC2&Vv2X{)(`sAoePPX1thA)i#I4qQ`LT!P`@%yB*HVqZuKnpJ}mUOGujOw{<&@W
z4kLs194x2^j0m^CROo+)N-=ma=oIc&p!I*s6ES~$2^H|;<`=}^@1V*FVfaLR5ySai
zDn5&F?DPIS89m!wNz_!piueKZVTj5?JG)o5s}(5wQ6^CuWzMb!s2LrLeYuRL=nmiK
z)4?6U!pHO<j;0vCmoVKk*i3KThVh<Y_*`cfU(Obc7;JGnwa{?5NR7rSic{HGd-rem
zb7{$b^>^XY_ho%vZFloz-CSbe${pi!|GYBos?%Z2`+D3>p>nxzzR(p+cQ}jl$Q$Ky
zf4!;mG4aslPx&;s)RCZl_C39tVEz8NsGdU3`!uCAXyZBiDC7FKA$)K>&8wHKZ`GTJ
zvu174#nPLkE7#+;-Af?6DGg=?MAsz=H8J1%MutFAtXJ6MB9^V7K}P^oVbde-y~7F2
zh>0j+CEsZJw0lIl_s^+!EnpQ-61v3H@>}x<p30>sWJNGt4sj+ul4)i}rYqJL3`-EC
zVf_`Ey2;ZX*gXPlm}Y<X7}9qeBqnkH{wvk+mj<mIp=C18GeWQf^l{P|JZ5dBH39o&
zzwR^BXNX$;)^9R@k;7Dp1oW2{$dD7E8ZG4y>%RC8SDBu-GRi%q6I`KkZ+-M9_M}1P
zsEDB*!$nFAtt`NpirK+i#!KOZf!T-3N4%BD=Z8a!)*n^ApQaf8Pdzh53I<pPN2&Wl
z*EI$WcY-oC6nh^2a_IZrou65Z9c4lGn<*E!H$q2Lhr9kn{?nnCw+k2>K#!Ce!_rgU
zUyp-Z@t2z#bsr?g*V<h_KV&Oj6t1J*pS&vfN-+OmLJ}>++(}$|RQ|qO#N!P3`?(KJ
zr=erY^@7!T`jO1%X+RwEX#{k?m+t7kB<(I!)o*rE=#r5}I|W_n&tHscpMSzB%6$8d
q4)*`oIenEnfqerb{;&DE{!i7Dq6`G&f1TgHZoaSf;Hx|e4D5f@HPjRU

literal 0
HcmV?d00001

diff --git a/1-AD/DSC/Create-AD.zip b/1-AD/DSC/Create-AD.zip
new file mode 100644
index 0000000000000000000000000000000000000000..abc2306d96a0320f02d488c0c1d180a237c937a3
GIT binary patch
literal 2775
zcmV;|3MlnZO9KQH000080Eez@QU{mNb|(q|0MRD^01W^f07G(RVRU6JK}0Tab1_v^
z2>=7#C`@4AC`@2=cnbgl1oZ&`00a~O008Y8Yj5MY@$=<Zuv!DQcP%^F?X^IF0IRb$
zX^JFvBWD*y*0|CVZL5(*ok%6?&E>y$_|VgmVz*bIK#u`zi<}wGdxlirAS>Z(8lR$D
zx*##9@a@I^Dk0y|$MJUYA^w76?|60e23`3s2^l#>7t^c94=`~{mLw*jOV}wqtvQd_
z>1ed_`8rt)UAh@r-;<b(u=q58NqqN#aU64#lT8$0PS|J>(8Xwj87J|Gt#M2u>WAFK
z-ja<x=8ncRTmmmKvB#gUhY>qDa`g=6J`K@0CP2ruZ1jADU_>~^8zg`B)R!3dQ!!0o
zlioEBJ<Msm?a%XNhsS=nns;ov!G3uDH~VIAv_J9|xZez64X?<CgnS4J1ww+q;nV>R
zJ(%=yFz;C2#t+2=JAnRV@lWFNl({=bVkQ^+N<R5<xrr#~)n@K3VKj+dg3N2`B>}ks
z(#UeT|43{<20}m`zy|1s@FyBSfZX!&+tjfM0|?LIpwV$r%dl#P%pvh3i3ey*H&FuI
z<^ltOoRw6WNHYxkEPTo&A7`j{LAVK1KV427Ic4TLM+N=&j}FzX!j;N}eQwB;sT7Cy
zrh$4!=Xr<em#>|kGMp=D4}}55eBT(L;`|gd1`751%Ceoy5OlP}u8>*_ZFx9?N%SlF
zvWB=x8B}_>@*fB?K5<wH34dz<ltThoPr=M{KV}@ARLEO_kA=j*Wi~gI3@X3{<1s9!
zs=Q4=)(sg-SQ-hVLR2$QPYm%F%ui1p;zGPBE6(Uo&g`~VaNL5NlDu3==MLIu%HtVT
z+X#d7B&V8c>SNk#g#N%IIoJu2@bT2u%ONZ)b>C2rpn$qKSX0L3)N>X>S7N^8(aIU(
z4B{E(<EZc(m9fMo2>9t*Q50+^VX*C%pl`{7QZ9J8T;34yD^Eaoc$|<7?j?`>H|VVx
z$nrd7-#7@OA3-KNhm-~uU}`mk{^ExoePVi5A{6*9@$o5S0tEIpra%bPW|RS>UZp4o
z&@q1ap^iPrjs1uNF}w%}fZ0A?v3$!CL5FY+epY2hFPm8k5p+VZlJ7EPT0u}zP$qBe
zLuUU>;ss?8AL$Q6@&isIHQ)xma0)LcS&{Um^mLK2i6o;RpI<5vGr}?u0nu6F0Cp_{
z*(4&N$0ngt;eFXObD`2Yg;p&XvKgg8lS)$~B2+SDtsOPYtz*qh*xgi$Hhv4HGqZu0
z0t-yovd#BWu$-;#$@@PKkKym6TL!J<FcB){sXD^vc;g3KMfh_1_{VOekmxW$E7q}W
z+qn#(UjYYwEza~#?XjkTEL)d6GtG$yn<=ONf?E0iZ@8DBYf8cg@m)~oe%e<hhX{Z8
z%_T4k#D5DZGW2R{f2$i*k=B*f^?Wh015vf4U@iNcf+!p{h^;%6f?(xwR_vq7#Vl`i
z+A(FNFXwl>Bpaw}QgJ>MYSE@<Wxo~G#vCs&BU8-R^}8D5)2}x(+bNskimsYaTJfL(
zd89!zs={;r?tGqHH5<PH^S+u6=PDgSGkCDePhm5tW2$M;y~8AQ{8fm9^O$bR?$F>3
zWe4xRMx{Ah3gJ>uoR^X60~Y%nmNVzo&-VD1U~hY%?>76aAUlIbk|w-@@!|Nm(tOFo
z<(NX}S%KUu3R+xP%k~)uzL%r3o!+jh(=vJEzGU(FYqqLYd)hPVyfV3~wu#?#_o4t`
zeV>kPr}=t=px^SBThV7(_7?{+RjiQDP@IGz%<tfIbV1WidspCfccE|`Ye3!Er%$Ft
zEK)hz!G2o%0YSY2k)b%RCeTTS1l(V-*6r^g?usatAg?1*21;AEfCq#`$YjK&U}*GX
zEohO$Te1Xuu6w&&z3fWZ$z$YXP<VJRPS2f$fq180eoh{;DDZi&JM8vrXiaepzAAH}
zX!XZuCF<qp_r@;%<jw)akG-Dpg~sCYMjV5fF(^GEh<-S>BE^-_AM^~BA_buSRRaV0
zeN2NuUP%-oT{S5@k35RzKA<ZmF$y;z0589*bZeBbgkZw%x(C7tXd%<S?(t^4Chi0B
zmxz3WqQ?f}rw_*s3a2yn;77Gs_bj~uNfkf2JL`!3?~mvGLBS}y8W+P~_Wp2>J?6t9
z`IFoilx17f)6qy$6jIjV)yp7;xDB!FNxZ_L|6Ljl2X`R|qC-w{hD^zB(P#eANKp*a
zCQN1!aS<nIoXlUtn8uWYZHXtco#nc|NToQiNk9}8b=opTXE9sHNiDUPnlNg9x+vti
za${bX^=4~GaEpL~)i(+BU@?JG9wLm^n60@u2oC{<<c|uBhHxZ-bihR=q>zao$W|1j
zB;fK?FI@By2Z;t>5JZ=VZzF=#1;}uR6}|DtXJ}d_9YZ*hRFBarZ{YxY_PV^6(x264
zOsjt&+0E;NQpb}I2O&uP!zzxbfGsE?^fm&mNkX+}i$Hlnl?{2h?U<L_j(tj|?pIX$
zXseyo3)fv8{$4}T|9TA-JzBMB9#nG+kHuQML&CCE0n0ZmUShs8hQ_-BsT!UkNf$gW
zCsXH!>1Zl;VBH)|R=qOyeQnzj&{N1zt{>qb)n`s<=wOk?MawN0-y!3p0iQ)lYw6lP
z=n`*hC|+Tf(Lx1Ua#3D^H&dP56)J9~Z;2^B#wtOR_?<C0xEGQeRK#u5MFW9Sc-M>8
zYzfs3=#aN;X<SpZ2IqbtUMv_rW?dI}IIA$+H|mK)SJNwQV3J?JW0D{^w9$BycedgR
z9uC<eiHh8p2sUdxX*jIcvKXpkQ39%zR`i(WF2gK>?Td5aL!YTJY7Ekb>Ll_dM7;;M
zu}LCGgW_#e3AHfYf;{tiP~P&dbfG3&uyzelW0N*f%f8=|1zL!x7E{M*3!EmG-7xha
zb|Ja)88wUVr%GI8z^28f0nE<GH)wGoCAy^FwwZdv;i*=poqM&z4IE4$Rw7@#rFj)g
z*M+P?)W@J0(D@eyx|A0Ue4D-;)SZjGgM$-MBbny-6hrSIsmK63IE!VJE@GNQOr8+C
zs=OjBnd=U^%w3ZW&Y$IFYZUv?-s`z$0gA+bMbO@Tf|{n^gSHDNF*jthP$g95NlEEi
zP9if?YUgKU-U?r05dOPwTfw~0xx;}a0=L_uSCt`#%%kb<ralj_9gVjOF2?IZilN?+
z{Y7Tm9jmGntE~M$qvk}Lj@?65br5kf+mA8J^IFw@tyNTI`ak5dd9`_^5^`B0)ghO*
zwK^pJ?Vw|XvnWI+F0}xoVxwAYN4|FU48wZCem^1qAD@u*A$Fc!09W5sy&S=jX_<ts
zymG1jLypqH{UqUVc$t9#dg*<Z{--4QFIK&bX1ZFvz}Gi%G9~6qL*0Wjd5Y>6G~NkF
zxRT9#5&Sar$hXO|eC84~Gk9}F(8-_r72D<1PJXP2U({@2Cns4bNqWbF6up0xqgB#h
zRj#X)8xA{Gxp{3nz^GxeCgJW9+O_S!08mQ-0v-bt000080Eez@QU{mNb|(q|0MRD^
z01W^b00000009610HlEc0000(a%Ew3Wi3HOE^u=(Ra6B41KlW0V0Cy4009K`0RR95
d6aWAKP)h{{000000RRC2Qvd(}ZVCVZ007TT8A1R6

literal 0
HcmV?d00001

diff --git a/1-AD/DSC/Install-Sysmon.zip b/1-AD/DSC/Install-Sysmon.zip
new file mode 100644
index 0000000000000000000000000000000000000000..ef637f2fad64e50fad7bb7f86ff54d74653c9b58
GIT binary patch
literal 1477
zcmV;$1v>grO9KQH0000801C7wRJq-nE*k{^0FVy=01^NI07-6hbYX04EmL`OZEtQa
zaC0%$SM6`oKp6kNzv5C&>Wl^Ed}T2a0d>&<p-f`zVvhC!F1B~g-E|D-{&$~i3#EfH
zXZ&J6Q10$|{XK72@_@7wJr}Y`hGGIz3w#HX%@X)Y-nN&MV>zZWXv_|XFZdMqCDlxD
za>|vaVd%I^72)#wfZ!8TNh6Z}eT1+4`KGjFe0K3Lqiv^h&Sgm65Nob=teW+@q>I{&
z>3K3q6i8I1f$N$tqIw6Wz!kfMK3c`Ns(1R%=hnM=L>aH23C^@I((5V}Ub~7yE7g2>
zkiJf%SV--3ls^O|66phR&P0%e(4!HMtAX1A#Uuo-rW)FtKBoNNdZ24A$V=wKKrpV)
zD5o=!7tN*%ej=G(4y4e+7wAt$eS3eji~-3<p*nh+%1nQHA^;K!pN4axbh>rDhU~N1
zFBy}oT~l1=?_6H-l(~!&f`-|xI1ZP69xm+?^$;dPXk*Liv<DDCV5lEznZTOv=3xEz
zY6vri;an2epPwsmwG@2TmdjX+!nBfxPp~xlKYsdr*7V%|`_Z^H?0RR+mqLlD_G-QE
z=)J^PEQI{wT|TQdYR8S^qt|6SztAvABW7f6>)t_(sHemolpE|g?@&$goY+U@!!B2e
zOgRS<6lS4)Um#vQyB8E=v3T+9_^FA(e-Fz8^4L72BNjXqG$5wri*5ljJKuyc5*psK
z5Y{{y%bKGCORQSWc$(w`s^_Mcw3{B5+zdf8PI#G|+D{f+CC+onHaky{tF2)J!SV*l
zX{gf9GexUZ{kE9GfEak7`W%J5ePn%GXT-&J9IPk%&tE*V4)?)%&QblHShl1;$3B@+
z{~3z+gl+@$N-k@6+E{toRD)=J+sKBCifpj%lXaz5_{W)-as74L6?14;+TEUkg*#i`
z<UZ%lWSiUlCqM2cA-${XbiaN-ce_K^bDbmSxpVZ&bFtGbs07d5$bGZW5RrVg?rAti
zY0LK^))3eydwR{dKkQWYn)|dG^Sl>0#8*RVZ%M8y;$l}tSWl`Ft_aX(RTj{@zGSgp
z#V4b$z}^L&Q@=^~x2e`qU&+I}OdiuM8a&6VOe}>DN)gAHZIZB}5LcN9S6~sRC1**5
zSboN=L2zt`*-z}s)WtK0W|74h+lRy%P^Ct5nGmNZdaxKXj*XKzT`7fZ`DuZ<TEyfR
z8B?a6L1yH^wx0%*RZeS>`9x@<MTAx5BLK^7zkTCGegVySGsZV5XN49l)HQW`PC18=
zwEPsi7-YnhLaWsl?*cA$qFG23XeSgivL4D#=C#T%z4bndNm~I8N!_PSyWf1*`p|U0
zcAAe`Cnt@oX`|72esXf+em%@K%;H@uUmW2gE5+ld&hwYY8{0ki(B5_mad%F!G!b0X
zte3>e!e4o}%I)>qiIf=oFCdM}-uSfF{W9`$OqBO04q^(WWpCwN8IZWUGA1o{9BKx1
z$CNkH{!2ViRa*Jm!5%_Z82K$dH#Bo0XDadBlvW>#5+&r$A|1_{A``r}{~%F<l_WtY
zk`qeiRLwP=giu2oD3%$Sz>BxZUyUCvxB&74md5TR#N6ir(a3U%nC0XXAYw{%foScv
zDJ#WquZfk(vCJ%*V*kc!zuDvO2-Mo)yZt?#61MVEk%y`LC&t{OwdHUu7|tr0@LHKC
zZPWW$xX^~J%EMe|*`dm=Z*N?)ios~_>f)<x+1tPKNoVc4+L#Z<^l+GPjxn<KS(W*H
zQJNX08+7)%`3+D@0Rle&6aWAK2mlJSCRDlInl2j!0058=000sIBme*a00000AOHXW
z00000Np5p=VQg$IQ+ac3Z*DGdb1@14AOHXW000317yyz08t{h$*a4CN8t{h$*a3`G
fZy+xA*8xyV1qJ{B000310RUtG002t`00000o{7WP

literal 0
HcmV?d00001

diff --git a/1-AD/DSC/Join-Domain.zip b/1-AD/DSC/Join-Domain.zip
new file mode 100644
index 0000000000000000000000000000000000000000..bef99d396a0771258c2dec1cf42f4def14abb105
GIT binary patch
literal 1075
zcmWIWW@Zs#U|`^2SSg$l)X?Acx}KSVfsKoSfuBK!!7D#APuC?sH!(9$ub|j4G=!6Z
z+3%8TLI4n#R&X;gvV3J^U;rC1H!M2;wwXxX_w^P9JP}$s%8u7;SvU;NMse}4d+VzE
zX~NIOX??Qmgfb^giPnEze}ADy<aCQzYdeom4|mo)|6TEsm1Sq;q*rY3p0Z7y_{C4;
z{?i}ke~fJN)?H-|KKXQAIb*Th;tLhb@54SHF4dow<XzV#smJ<9Z>L1NQF6?IV*ZRb
zGm|7m=Fh9X`EkdlG?Nv3zWb=0@hJUr{cA~zi1_ZW2bS*otsK)+bzi>b3fpGRvm0g8
zG|sflTI?eBFh$f?R4wI+PAq?u%Hu;)U;3Y{Kj53bTESD~)qmmKl~Hv%Z}urKt2nc1
zZ%CTVs~>V(&xH0E)ag&QIm(*a$~x<OQ0*d~Cx%T5W`7zK!zFH8wZ1*A#T7VNvy;cz
zBA3ggY2}%3mW``#E?lsyhLzvz)yjKq-mzEqvA&m`WjM2LuI}PPChJ(6+9K-SySEl>
zY!wPgZ=8Sp^x60;A~ofFAAU7I7hkadpXG-+r#7Co{kbAAa`%0C$IJVYqJ%egzHgB^
z!&0~<b>rJzIaVGw=JkBwx3O7xh-<;)#B=tFU+RrblrQXgIXS#V^K5wDW9xNW8dv-M
zQh0i%%tyn2n<wK1%dn!UOc5F?D;7>;Jo->gZ#k>4^%L%y3QLUAUQWKU%)oZO*!?@V
zqPY)!T;(TsKA=DDvGlFLZ5#sg5;xpmetfA%|KVxhZS$6xh@H;a?J!AW<2~lZMK(Wc
z*M9fWC~0}su<DNAk-41Wf+h)DFNNn_U2vuM?2V$g2D!1fmlb!uk2rRD@#}(ZR)0)v
z*nctIyAe32GGJb1>(eJ65A4`ES&QTJ%}?bPd)=qWynYrXa7s1jYhLf|XKdN7H@3)E
zv>BPt?Rb6qbf3;GgVbe4;>#Z26x)3-^tqvk^j2Q!?;1jTMK18Zv@d%aYhC&KdBj?=
z8pqYz-?##EyYj57pGwc!cP?f3`}~sEeDB@f9?Pt26ZCdUH(YbO`=O4wcGvR5H*%L1
z`Ljm9x)8QG+@W2r;v|1)S)pIUKWz@(16}({&(;V}trpsqtM};9ruT7de)Eo}=4qU7
ze=N7x{cYalPye+4aaVi|T@ioh(>tpYo)5Yey(>FyzrTpCK78`Rcj@lL35#ybT)u7H
z<e45HP8UU2%#X=EH~D`>d%@Su_annfx2@hj_uJcmj3U*jsf%hJTYc1X58ZKp^<jgn
zH#9E2&5m2R@b<%8@w4?)7k3ydSc{%luUh$be}Fe5lN>XyoGby%;S3DGtje&Y5yZmC
c*Q}6yjh3eayjj^m${B$$6iA-{77Yvx0H=@YR{#J2

literal 0
HcmV?d00001

diff --git a/1-AD/DSC/badblood.zip b/1-AD/DSC/badblood.zip
new file mode 100644
index 0000000000000000000000000000000000000000..f6c84b74e0590a1441e754331af94d4ba551fbde
GIT binary patch
literal 1253
zcmV<B1RDELO9KQH000080I;=URaG4yJ!=F20G|s001N;C0AgWeVr*}3WG--XF_l(r
zZ{j!*{=QQG!-yg^tVr0d)ca6rrK7OzA$2K7SXH{VA51cUk6`C)hnDO0zu!1cNPup)
zYa~Ku9?#1&<H1KCj_4CfG2`=0F~g;RDT}9xlrcOXeE?c1Q)~t9w^uyvx*J&q8dTml
zCSqo!+O!^O`p_sY<`2!jTrn;#|LhOj*4z8{Z?wTxKuR{p6$%q{Gefp)l))(MDU3<T
zS@O{A#w#wYK$jj`MWpU~uu7#eeqTpp)G|{Mg8xm%S%O0f0lJalYwUA{k&S|2Z5X0?
zlxj&C<gZVou#cJ$acG#qUY#=1_Js~ntx>h1Cs%1kSyge9fqF0{F;Fl=o~B&tJd!Wq
zU7_(wbTPOIbCF;12Q@BRrLp(3<TmFtk)t6#`Zv?RDP?%K4e%Px=YyzU?wg(~L1b+Q
z-!&>LZ#CLbmyej%#A)0ri_{zlB5KAWn|P6TH)bgb;Xk-tpu#dlN5wT?A~e1l(g-vk
z8-xlmA$<w+FS*hNPWSD16V7bX6zEnK<S`b=sWyuAC7t7p@?Bw&gJo)K%Oli8k<ts|
z^87r+C{yT4IguCPWbD=2u%2sfKUbB)Uve}uY9gH<TNN)4wKQ8cThTn0LuyS!)dCdj
z^Qce@QkSF;WsH!>h$RcDjgviB$L`u{cG}yug{mOWP_0U8*X};+2q>zPZki^W8<A{I
zcHv{3N@;9BgV_+N$zls{8kJ!Me5ntOWB6zn5Xp23!L=gThSN?{L7&1%@zek@e8J)i
zJJM<?>;@8|DbQc`GTH;~zS(uFxIzC9q7oY0(b*4spbb+7<3>IFa@|p*2Su$%k_%IC
zT=o?=n~{=6Ml!Lz;?TSD$tFdDPZE9l`OrZWLv()M4ZD9G>IPyhm+0T(bd3LGNP+v`
z#{*axlj`$MXU@$cn+DW6oiQfMh<8f*I!r|i8k8M{Gu>Gri*;wksEt+dFHgb0$;>5B
z5K6q29=iYfl+w8OyUrE__iw|;xRPu12Xt6|imkHV0=GYW7wP@suH)dopk!-3)u-TJ
zDVe1`Ne2`@pM4^dsLP`2wLE$?#88U-9JBoY1pIKx(`%OMfuLqcl0(<O&`$O!C-_=J
zz3dCFYTf*HJKJ>(lLgm6o}wkJGIFfYWJ&;o1=9<|rU?dw!Rpn)Bpql9OBj0ur9fEX
zhRUV0!~j(oXiCGHC0PNVBFGsSYFlvAEI5p%@cjETG@PLZrO=qML}SC|S;y|ZPN<RJ
zcZTgchQSPYnW~0n?xUT@Tnz)q$s<n^P?-q!_t-i0#ugz>zU_x;I;TI(s`yEdyu$V~
z%S4o4()KS2MT&QH1gR<QZ1C>1yJnPks{9`3Rpv{5?M~s8+rMW%1FxnHdal;mI|)u&
ztvapE1jXDe?C`GP2O`F&n^_L8u-58!gFi<&{jIfMqRQUs*#RMTl?>Lrh1t|)<b7(F
z23lJR?E{JJx~Kj8uFII{0&#W_)6ZPemRCdF_xif6SIhoCP)h*<6aW+e000O8u(e`U
zRUIEaYXkrQp9=s03;+NC000000RSKX00000003fPWMXV@Z)7fTb1_g$1qJ{B00031
P0RTDx005N)00000yCp_P

literal 0
HcmV?d00001

diff --git a/1-AD/DSC/fileshares.zip b/1-AD/DSC/fileshares.zip
new file mode 100644
index 0000000000000000000000000000000000000000..314f20a2b31b29d36e493d39e07c34dd4c3a5351
GIT binary patch
literal 1312
zcmV+*1>gEmO9KQH0000800kRkRfB#rouUK)0Iv`L01f~E0A^`yWpij@a%FQaaC0%W
zS8Y$~NEH5V;(s`)B$gZ6tRL=vFfmz#>y<=-rEG4pYHo)16lN_QGBZ^P>wn)feX*q!
zS90T+2%PulnbXsm<D+Bx^F<u;c_NwSB8HGhs1{73g3a*}&{{FcmXLk7^G~zx#zuh}
zrG3ldfN3Gu?T3oq(~`&YhgM%K8IQ02><>F8-^cyeO5@TcC7a_CW9@bmO|eX!?%3-|
z3`odX^w8=COCB46Dl)Y5O0)li<w{8H^p!tBB@*c)IJY85A{<f)(DgNc!akSin<~hx
z14Go$LOv3L^ykai>!Tuzz|%})uS!}6dSbas2uWEhIaLcN$bg&;iaz5)rP(jQ{*Kxq
z(dA&|r6Q-~3@ZG!i(nsTCUZ`yp+rM`c1E**2qt_u2G~|>vs3l!eap^h_f2f~FNM;`
z+g1mv@-b72cnsRb#<T`85fw7u0MBuE1GXX|{0l!8D6uFpqvD1?B3R!vX=2o0EVA-2
zB7I@zTyd#1oYmuZBhCzHD)dd}rZwi4Go>Zz3pytW;a#Ge8jF>O@`?MXh$2Z(MD%ce
z?xCMZ%(ikWF1_i*uC!hiYZ^aQ6~coOjkTPLERWe0J1w;cTQpnVJcdJRM@_p07(bo+
zxjH6wLHbYx2$Aqvv=B;XvQ7D@-5AYQOJ{8%OOp+htCX6x?Pn4JRdw23t)lfPj@GB!
z<`bL=p-n-9aER1ofiZ7snP6%7S{)Q8@Wm`3lIh8VtQEmDoXRw%>5Jz}zS6nr70og)
zon;jq+tqlebC-)6EMvGWG3$rq8l7t*5iAx2v_BB!V}sMkw5oL%OUw1HaI-5iYxzjw
zz(2q5dfmV8O91x=ns<F)m@bRw2RdF)4s`hTLJx%*pQA9OE<VtEFg?&AeFV8~VDxoY
z<TLFr8g_9H`PI!uDTM^4>3Lll8bJ$KGMYp&K5uP#NM_|r(`u}%sVf>fX)DaH^^qC$
z-tA>d8aU~su*#mWz!@{Wc)xLIt|n1Lzfmbr=>JU1V`io)aC!?C&#|ukS-Ly&8Jr2S
z;9VO*#fkSUf{)|7o_rpz>&bpRM%RpkGzZjQdy+m6OfAuVWIKk<FzaRqU>;0A59VOH
zADPiLgCWfU^%vvl^H3BS_G2k6ni0L}8*qL8(Dbvn_OFgebE=8xvJg~nD1EQDGbvx|
zg71}Ae8W4wwoYKW;0k7RSbBtILa8O{M8?2i!PG*tS%faxVEHpM6Li!8x=U$uI1w?z
zBd+PNqmoDiU2lNSukgg8BsZTSh!FI8g^-=|+}&F8%ztda$^uyg!3tTVXgIv?z^?wB
zqI&OOQ(Gr62!R(+6|~YEowVligp_ge%%cco61#ODbAo%vB^Ek$+Y2*Gx))Xcl|J%r
zIX()L*iSF5_3Kj(@oto8ItovTWcyBK7qH@nnciycGJK)0+_p01+r@>4U{|zmFWYNn
zpSq{*c9qsvgz=n)!A14%MyLG%Uq)eSUfP<dZw}5J;q3QzeT&L?XJ2;+F{@y(lFdtI
z86x|)P7$E}MxpsYV!N8Dj_;<ZiLO>(cWU~-l;qM_YCUUntj2Bs4^T@10u%rg00008
z00kRkRfB#rouUK)0Iv`L01f~E000000096X000000001HX>4V4Xkl_?b1ramF;Ghd
W1^@s60096206YKy0L}ye0001Y#9=T1

literal 0
HcmV?d00001

diff --git a/1-AD/DSC/lab_dc.zip b/1-AD/DSC/lab_dc.zip
new file mode 100644
index 0000000000000000000000000000000000000000..b3a5dae7203e7fbb59e44d9176f32280c9d2ba12
GIT binary patch
literal 1080
zcmV-81jqYOO9KQH000080ICvbReg6f2EqdX0A&gQ015yA0Bm7mUu0u0aC0%0R!wi?
zHW0lB$bT3p1|lzPp*d_10T!s&?rsfaZ8vhUhcqZCX=JmJNP(o17;gT1hoTh8vNuf`
zAhPE3&6^>q^RsjMi={~Urc}&uDIjCfUr7x6^E04TFvW6kzy11Y*WJo0(4g|aF_ADM
z)oys-(T7HHvAG}2WX`zw^80Ktvbo;xztaZufRt>5ISLa@N<*<M#$Xjr6(%I)EV~~}
zlAH@G&`pM6jnw_0=Y>>eJk#+lYFVlnVf;-dWrhoa0F&78N1Snmu|+{<BUqq$lInpf
zs9v8};S4odB%xsjr(MEEFqL^xQY9@`a_RzT$bgy+iXL&PtL&e^|B7ZzqR;bXSc%3h
zXVBqq*aUk&GtRl9h7v9CX}pa7rZVB(F~Ii*`y<pZe-3;{du(F|e`r)zKJ-S=m9LoA
z#A7mS8Z(#+A}VFEExfLKlCXk=@DF_7qQVBEqvD1?Ab7tT(g-vkJhBQgBYk5w{=$_u
zaMh1L$vCq`6VO*#P+_bsBW)Dv8#-@GsyD}=GL}V%>XFB&i6W)9#O3vMh;gaVwQ?;#
zhwEFvGkV=xtN4|w5&o}4E2GxZ<*{AyE2vG_X4vZCu^iGk8tN9Hc)X5lwIFpv`a&iM
znT%PsmD)JjzTIj!R&y}YZY)%5vWIrHQo9cQY$703my@E%c1w}%E)UIbF_O|)K=X8g
zG-Qc29~f0)YxvSVC@$cGT|gw$&I31!U<Xb+O>6ob#)=oFKEXQZ4>5#jYQs;xVyxkz
z#IEm(8yx>e)PYCaUm3Vz(Ren6SvUo+i?vxs?T&@}W076m=oGgKno0$;sdw7pVv;1V
z3c>D`V~dw#QOr!dJyF*?0HIO@r7iaaq^enOlV)c!qoY1KjCAPq(ieQ~wCO~jdg}t#
zTdpCZF@J!(q_hf6sRS_CGQBk{$}k`sY+s$3q#*^m0gW9iDG(lTM`NnX%m7_XKqn78
zvaGDlBLta(*%b(GhX%)3>de3F!E=E;D#1%xrqSy+sQ0=?{nl{y)&<N{;7zF-233wx
zg}I$_$H^1VGEk)m`aX8=z2PFHsoZ{8rc3(6s_LKgs3+z8EG<P`eQNYCzPiM_WohUT
zTNBCtopx7e^KDRlkN9o)M&G$7o$~d{;VJkXZ7_Ac*8XL1IUIIr9b_mrW@`_mj{RID
z_`FOj^VZfzeRUXb5Uze6_FL4(yZU%Uh+PeXoorzlxr+RsMooa>D~0xf#CA7RzrLFW
z6J3fQk1+jLN^&^~wV(BLtdnj37f?$90u%rg000080ICvbReg6f2EqdX0A&gQ015yA
y000000096X000000001NVPaooV=i!WF;Ghd1^@s60096205|{u0O|t(0002@)$1bw

literal 0
HcmV?d00001

diff --git a/1-AD/DSC/lab_svr.zip b/1-AD/DSC/lab_svr.zip
new file mode 100644
index 0000000000000000000000000000000000000000..4ca8dffd93e5ed1ebedd73342e63c1526e1f4c9d
GIT binary patch
literal 1090
zcmV-I1ikxEO9KQH000080C5s%Rc#oT%*q1*0DlSq01E&B0Bm7mUvqYHE^u=(l~!$U
z;y4igUa9|Klp-~(AliP|`%r16V_{#Ay1+G@_Cv2aImraFO>AU4w213}zi}KlA+Wuk
zD>Y<ZpLu3%=ltxP{$jz?Y*k98Gr=Ke(cfw-VSj!Gv^Gq#0_<<UewuZ+FbdQt{qKw?
zObfZ|-?#LkmKk5&_a>rX8UOOfWHvC#-tNCs8jFCGY=s4K9gIp%u?)yy5soD$B+OWT
z-y0=G#*IL^4E-9Z{XZ=>Lh9i}#kZ(LDPx4;cafAi&IkgGVx4Vql1YpW3NjnO4E3Xs
z4^%<*`m_iqsK_D-HPbk5Gd6&+C^jWk(qJX0HULKk)ND}nC=;s6{t^7IsD~u_G@XZ)
zXxMNDE&lp0*xQ-0&J{J3Xoio&dGwRYgg3_k-|Ov<P(T0G^DXVMi5>i@P#SsP8$esW
zU`i2>N#8Z5H|0cB%3@P^UH2$q8xq1l@MDb<9YjmTP4<A`eb%JmsNZ>H6=F_$XEywj
zNu}Yc8-J8%%oI&PUt~drv9^qqmZW!d-j-Bvfk9;~HX+Jw7Na7Hq*@b~*ViG&r9|7x
zrT7#sZ~fNjwQH^7S1Kp`Ux^l4E``lwy5d(*U0644_3#)DX&g0m3y^QG<66y0?MR=A
z1R)nO%hy6_E890)?Z#*hM%s>rY)tmhtVU|qp`S?vgz9p%+2p%9&v%!H=C>FLp$(vE
zIzt+=#F+QAEU__sZXXmE@XjnCl4<9G9Yrt$r>v$ieF|flZL~YWTJR4+gs5xFkDY3a
z;i1H=A2QQ8{6^e?2Xp{P4L2+rn$FSKPQo#GZNzSAxjPo_k40v+Q&8+GXeuNWSVWXV
zRjItwz89k;fkg;r^Bh||AB$q9<MoL;-+&FJBvgmhpMX_$@O2{1pyqV`C&$qa9iO{`
zudVi-=wD}Dz;c}_h-m&FpeQM|L|sY_4AxAoHH&f#$OfBNYbI!Vf$m0a=1p*f2i(#8
zsxsF=Hx|&51Y4GuwRwafQqa2%g5A2oF_t>>?|blUAdgD$QkE<9x{d0*E>XQUw4HSU
z(-bmSs)AmXV^Cpkrr&b%nB_Uhk_TNMvngM3;X+q#zbw-x{bg14PkPkTa(<SUJgz=M
zx;J87;@!N|bh<5xWdBatJJo$OR39pS6W-}t7pPUf+(lUmeoGsSZLgJo8C>@JZCZOd
z@|9kjld5Gu<q1B`)5^TDHBnz2hAV`t-}>DaHSw-K91&ucW3ZJiEF)Wy|9;>C^j|16
z4<xqRnY#7eI81a~emKJPUn$AuB-C!!)3Hvr{a;W^0Rj{N6aWAK2mo;sXjN?(m(0oo
z004gq000XB0000000031AOHXW00000Y++(wb9QnraC0$GO9ci1000010096w0002<
I0{{R307YBxX8-^I

literal 0
HcmV?d00001

diff --git a/1-AD/DSC/lab_ws.zip b/1-AD/DSC/lab_ws.zip
new file mode 100644
index 0000000000000000000000000000000000000000..21a3428d2de0a1d86c23fe548574a9c8f45601fa
GIT binary patch
literal 1087
zcmV-F1i<@HO9KQH000080HP9TRaYW2!^r~x0CNfe015yA0Bm7mUw3mZaC0%0R&7t?
zI1v7h#D5rtN~EhcT0ZQ3Kw9a#?Y>lE+aBqO4;(r<$)xp?*p=-7RgeFE<2WH{S~$)~
zq?y-eo*COYJvpVnSc;Ud3dIbU0x}l;{itDgdIGdIOtBo?Z@+rlb-S<%G^qTaOeD-m
zwe8=v^r2B)tnPXfnKLfF{V|yhY_9kFZ?(ZZASGL2j=}_^!cZ)WF<69Sg$W5c%kFxk
zB<I2kbe*AJA$9+!`9>-;oap!(wJcPOF#IW#BEuO$fKhDt15UWY*rFh_0nE@mN_9^a
zl&?>VaDtjFlF%@N<2GRf7|VQ9P$dmka%uyp$$*LtiXL&P%j}=Q|BhxzqA$~VSc--X
zXVBuWUk7_XGtRlBh7!&2aX62DQJL`W7~p%o-2v+7zk0r-J+`rfKQ$^V?|TDi%NI;*
z;xXyhjp<DV5tXvo7GBjoO4x>k@DJRqQDF_yQE|oZ5xlR4Gy=^BkE}w>NMD-`zj37v
zTy*1)GR|z#1oTA~lo%_^NE=1^n$GKj>di4IjpZgp^}u7)M3K^K;_~t`#JEuCTDg>8
z!sWH!8ohR{W&BcA3;$Q5g;7iC^4PBUCDb}>J#5wRSPp3%4Rs4pJY2?=T9CRXeI^rx
zOvWr*OKqHN*KD;btJxcAHx{Zf*+H`!sa^YiHW3i2^U-FLZRaA}p6{DqV<e@qfTrmT
zX~+_5-ZQGe#_+j)P@KUByMRchod<3d!48~un#S}gj1}LQ>I7?{-^UQ5sSH1Nim`_K
z61#2`H#q!3)PV=I|CNC&77cGgn1o~S+F<Kt)b>!gI~3W~4o`8*ps7@lV;<42xCy=E
zerKa3fkg;*&m3AjABtjT;`NdG-hm61B1E=oJFc&xD*N^}e|9`GI`xx-VEca0UBUNO
z(~fklv(8|-<{Baz`g_O=%B;{7N&tg3(`&<`3<I*k=GB==8d;$G(AXi90^uIFG_<<N
z4A3<NbPmA-%Zkc8LXat#?FPZ^*WeIKmHGD_crK7fC3q>zG<w}ObzYaK-x}4<I)iBn
zye?HkugozhF*h^sIC<n*2C5K2*T?R}H(Z1?rQ54zx}>jGRsEz#H7utmX(8hB!=rl*
zRwdrf3qwcRl1TP%wYx~`FNN~!#Baja`qr)KlrI+$Pr+|#gR$$i_RoX!e!op?FGI01
zYkNGk?585Zr+HeMH?}tFi^Fh*aPeEe+oC4k#is*8?5Y`TWebbQRpfsh)B*Z06xs(8
z+wDx<`mSnBbVYtT!1P}!$>k{2Zr0<mj<)?@P)h*<6aW+e000O8q7rCTS0XdR$pZiY
za|!?e3IG5A000000RSKX00000003-ZVqbT2E^u=(P)h{{000000RRC2H~;_u@dE$=
F007x%{GtE=

literal 0
HcmV?d00001

diff --git a/1-AD/DSC/pivotlab.zip b/1-AD/DSC/pivotlab.zip
new file mode 100644
index 0000000000000000000000000000000000000000..bf855771d38ac895a2e53e516b3a0745005778b4
GIT binary patch
literal 2089
zcmV+^2-f#dO9KQH000080B#LqRgLNx)2{~r0G1j601N;C0B~t`Z***7VlHrVF~wQy
zZreB({$HT)a7Hyydtj+f(xj6B0pf`|sev@{TIm*xHYjL`wz-idfuxdpvVDzt-aVvl
zv@AK!po?XJS|ZQ&I~S46%NKqe&DcEUM6x)7gx$w7B-1^3eE9-!B!rVCWY69FSB)=Y
zwLm51-H#*+h>ZEFcWbPBlCx-j+i~M1VbLG|aIg9=Up$9@B_v%sxJc%7Nh9eDQ;D*a
zna<cd=QO}cM#9_9Fj%rkO^8B6FSj)Nf3!?uE^Sx%6Ds1A`xNYtagc`e3Qd5aFWEhH
z8K=Io0?GPtMdd@x@6ZGN`hD!VR3Js*Nh0aFi5afCk?<(Lr@Rm6@iIx#tIBQ^U>Z{Z
z135CNY06@uEjfkm1(h~V{XV+(^psuU2L_hCLfGyoWy~5TRCGlj?Ca^j(Ph|K26U~?
z<A&8gzIM7<2z({m`6MV;^F6B%=KPolftUupB1oN4gh0)RuN=?)9tI@AN%#+ZUQkX8
z6Ei3-*&PMzy~LG>%3m#{@@R<b1)2Q^<3hq-UH&j+L^+LymUE7_F{hjg$#K1abCROJ
zOX_IiI8m`>J{1TN7YoGl<iw+X%4rtLoA`I{X3{m%(DYTy*Gt9ZvlNXbzlk$FDk@!V
zY9Y2rwmf+hhM1ZXqXjg&Kk@VB2$u`cui}7082cn##6o6sk5$=Ss+G0$&eDQcB#%&y
zYF3SPKBWlIs@KCL30K!qxO%-#KB3b%mdc>f?22NN1&X{Qc}gq7A7;~d1;45R2r^b7
zWT^-$;Y7Alk$(4l&JtNQG{b>)GdwDD+S8gpH9|c;b0(?%0kH#1NWvusrc?rg$~3V|
zlglCbs$sTCg&KLw%DPm&Lp91*LlyPVz2<Wgu|IVbNcbsYSQt7(tPeCy0xIq-u*XC$
zz;e$|i6DQX>3w{}e6jwfWL*zTt}b|-CZd#o{pqyO*>BR-qRsV&t_vx~73?&Lz+Vs^
zGD=hxo#jFtlmM0=otlgNI6c+1HuU`%YfJP4ztoD4N-Nm22(0sr3*SO~)6DoBFhQmv
zCSnxpmn0-Butqn-Vx0=V<b`53p3Sgo!P4&x>r(@S3zA8Uo~3G%$6-i0&Z(j#5lVIG
z{Uw=dtUkM_1S2j4L+wSM_*a~MMoz5in*|dGgM)*!vtQZ*Gz<a^kcR&wT}~BpBi**8
zQk4~owofU{D8w4BJBDJBhf~dLgu+}@p(tbD9tF-s9s@;;AK5!q&aI&+Bo;(E9>pZ&
zvp*#s9}du*197LK(TaK<9hXRg{W8Svz5$N0wi7lUS&~RDNDhy|{x{JXmfSxDptDSz
z7?Z=pU)pOq>l`{U!Ab@HRwPNiNx02T0&LBDjtzf~y$^~`lh1p8oD^RI{qa&#g}7Pp
z6#n`r<<nTu=UVnH$9bcV{Vz@2#YjQ@Z-_nip9nw6Yv!#t;Qsc;`%?_w&D=O8Mc4U1
z+S=AMUANXWHzEFOnK#Sz<b9sR3Wa8IRmMHX*7a(tB%5vc8HTo$Kqc2~L9KS;7D!+x
zv<W<j!QmUz7RP9bCwp)A55SoCYEted+puR%^#1<Ax@d#2MY1`zq&6M{Iqt;rT~Dq8
zGtL|H_?`ubVr{Di_5}C1V7+;xeqHbV8%$`S&x#QEgFVyk7QG$fhxz7ycz%g{m5k%$
z>*j}}O@d%S<B_kZC1;H13!fz<ET^)~!;GPw`b=6Bwe2+<54FPSIo`<K;*o<J7Tly!
zAtt!P?RGbfD={ojMKx?IcI{!`djB1dK6s3nu=zq-eQOwo@q^Xxe!2KGa&NoVV6cCD
zeE4o)@4r0??7h8UV3T)8zuAKUA%npY9USf-TfLq$Pn9%m_P!E_yGTREbas67j!cO?
z2<TBRWB<3qT*krR?J?aiWb}G10C+pZQlqp(wr-9sN>zu{_dG-Q<ZD}W8g}`ox^J)V
ztam;;badwAXVh9d+{#j9eUW<QhPINpl^-+EIBV~e?6*1Vw(M1r%PsT6{Ik{oS{r-m
z#a7b_stKJ@P9vY*R!+4V=IYEh1V33rnnB!xbwMM_nU5vY8pfMdLYs`v>M-9kuD>Z3
z6rL4gD<IJVRZD_S)>J%cei^_@M5eA)nQj+Nz3@q0Mz<<s*e^lvXZZ9t{b_3gDvxSi
zP+PaPX>3b4P|LYfN_c~u9}RQZ5&T8NeB0H8c>}V3@c}c!@J!N#eUsvbsYcnZcMjNy
zH?|x<>Jt~nP0rI-Ij=w+t6>_({v9k+RLRi^9sz*`5euo#R}Rw9>NO*aqi_X2Cb&9N
z#}S1)x`GK6X()k20Z3%ICt;eCPbtJRkSepYdpu{;mR$4MBUqUrOSQ@w2?e$4*wtQd
zsCdTx)higyfEBI^=x7~%ZF6-ImSOV1!Vq{GIdvX&L$`$`!VQmNYjrbI+UiyQh(9{Q
z>fbDleEr?3UytW5ez{I%l1f!>-7g}$U@!ifp#Or=t;84W#%+4GSYAxC8FY<R=RAwG
z=)QJd_j)F*osdRztj1IGZr&N;uHpOjOp{l%N@~eq&nfI3_39z2<n0}90HQ{LprOr6
zr<q6HLB9~tD<M=r6wx*{)&09HY?7#U!=|THB1@yGb*;^^8pHlyP)h*<6aW+e000O8
zZVh8qjp`WFuLl4CmKp#63;+NC000000RSKX00000003}lc5ifSVPY<Db1_g$1qJ{B
T000310RTDx007ws00000|E}Vv

literal 0
HcmV?d00001

diff --git a/1-AD/DSC/spns.zip b/1-AD/DSC/spns.zip
new file mode 100644
index 0000000000000000000000000000000000000000..62cffbcac62aeb7565597800b2333d6244ada2c1
GIT binary patch
literal 1851
zcmV-B2gLYLO9KQH000080A*TVRhRY$n#l$L0O=e600;m80CR9|b1ramF|C<xZ{j!*
z$KS8C-(ij-0V~MSr#-1srBZ0S?6#C^SXFns`@$p!at(IQcG_lp``vGx5O5&0K}sqW
zuqXc+|2%$5-oJA=n|RYu5an?O9oLlslkoEX9pDuZLFSNruP;9J^=+stsG_2NLzqhx
z7g6JfQEw~ZvFVR$kI#w6F8}Nen(yE3a(^Thom*H*rgTo3vO1wcEghsaw7Y`3Sm+V|
zN44Y5J*Ep}>Y=fSH2L432VAIDPday0@=!PwS~uJceLBDppyMd-k@h@69UTRlHDN&2
z6BiHIg81k2(C$%*7Ot&`qFs|1*7lgRsd%KK30*!9LTuG4ZWJ(sNx{H^40;-ST*i@{
zLj8)W78afNZ|%6Kwc-Z`%SI|zoKkXgj0qhL=u_)<{0}x63Tr^UQhnKo`q%erJ?R2R
zYg=C>6}r4pX@XfkBvK+%w~=;Iwa*aLggCn4i*|Qh5?~?x2lq27Xc}UI;@W$lP`OZ8
z!>IaDK`Wd3Sf84;E<GU??62#0e2?fxW1!12D~@qtIhIObeTwrg#P-gq6&v$F_pRqp
ziHL-pA<L5!n>wMONmq{exjnk88);~^HP(--(!!k_4V4)2#E<TkdK_vhn<m>Lc{D>z
zO@+M$ls%p}i)x0|Df9t%DfrwW{)|hNl)bEm-L<aCq<4}QVrB9It7}!Nuk3x=5nxoc
zP7wIfE%T#V*8Gl+IafNM{$xNg$y{w-RU)J-!(Zm4u?HXY1qc~OAtb2?I^kqevod|Q
z9pMEEnJ|h0QF}PBjW%Q>v8h^^pRP4&%}`(W!c(;M3F$$FxGtcwgr406sfbY6h>96<
z{`IzMh>Zf`I2<!X!h{QmXXRXNC8E4Q_2szWoP6)toxk(z^)%4wX@bzw|A&}pju#L=
zPN~|tAdyd*b@7DxcSa=n>65XAc~yhfkf<5dZoi%;-4ORe({)Z4R?S}bG%>uw*_CDV
zu+R?Uw1iqLjRhBsjD4iH53L;EXwXSuEJslt(+#IwHR3IEG(zp)CoGLZj|aVry&B-1
za_D1(Bl@hT2#)iABc}%n;JBDmoJp+ij4&FNfFsc}X(ZBlI5NI>!C?pb^Pt^6{;gCP
z_DuH=wXTFWnRsee0*{5H2_#j|L$V&hE>v)ajXopF{ljvp+;JEC$GQo9%-s@@Bzh*1
zL^_X0#`i8TuJn95JX_e6J7zu;=|{}!5?RWSN#rs^Ml0vxFg@==<C>})+Giafskl+O
z>Cq9?kF5K!1QM~73F1D?qmX*sg}{KHb2s|J_>=6bzo;sg!N7aq)_Ek{5+G<TlYy4a
zqp<Y33x;c4jZ>?Gvr-w{c*>bk-?uLH_KdmoX9+M;Q4`2gKaa|06uaQ*a-ok*pSY0p
zoG9FAMn|PW(j(WpCsW+Pl|V<UWrj;EoQK8my9<v2of3VL90}s+9q`xSljr+~r6T!4
z=0tebr651OQm7<?nT$!a^T1@i@51KZ(<hvR_Q659bIF%T;vuyg3Q@-5602p_7A>4h
zV&!)i40br5#~9k>Vz~BjZ^#(2F7f<@CrMHQj8rp|8w>e7BpWg80tVMydDU)j#j;7|
z*JhDJa5~#8-f}cDPh3<8JYhL{8>GWQ+K|vrj$ZokSji3H?Sou=Jk%#~pW=~q+xe|<
z)Dl4j3|a)9Wc&DcKlG$E737gh%joix{iDM}FbcjKhJ}PPr?1zgGp2>aGiRCC#WSXb
z#Me&+8T}*7v5fw@bs-m-jdn)=;~z&E`HW>DZFAR}kv?1_V;UAxPIrQ@14*q4NiMfl
zuWK&N3W;v+N;2wt5y_};+81(Ttn#LQM%u6`q?uhHx5{SCiYc!aoGgvQ<17usu#oV^
zwEg;c+%PYBW`1K<j%U-NQ}Omkb=&9T4WTRJ+2Gp`2lrq!^CXOY?mWOeM8|?ETs?un
zjL4bNYo>)ZboDba<IImRET;4mP0lDh&<O6R41EQd)1dH{N8*PI^DzZJ0Tl%lk|osI
zjAh~Z>;)=`Pz9S%nGj#n%6ccQ{Txxb!xPax=uf~)n<}9i`)I~7uO6)?OrCH{3?gLK
z`aSxw?<==3uHxIaHZyU$wN;C+_!0N8{+om>-lxO*JC{Whzukr^2-OH7*T2c+txfuh
zDt;|iU&*KS#w(hna{0Eyn?T*DwYo`P%X-bKH5w+?DlQdM+^?OQFMO;%PHfM&lh}M^
zt5ugbw5AmHKQ`98Xr;G*ya7aCDM7=V9gdS0)!WTfps_@#KPb{RJ*~IzI*m!8+l`ps
za*4O(hPv)GUn{rU{|8V@0Rj{N6aWAK2mobTUsad(2b#$S008M6000O80000000031
pAOHXW00000b8v2RE^u=(P)h{{000000RRC2HUIzs?*;$>00710fM5Us

literal 0
HcmV?d00001

diff --git a/1-AD/DSC/src/ADCS.ps1 b/1-AD/DSC/src/ADCS.ps1
new file mode 100644
index 0000000..f61a3e2
--- /dev/null
+++ b/1-AD/DSC/src/ADCS.ps1
@@ -0,0 +1,105 @@
+
+configuration ADCSDeploy {
+    param 
+    ( 
+        [Parameter(Mandatory)]
+        [String]$DomainFQDN,
+
+        [Parameter(Mandatory)]
+        [System.Management.Automation.PSCredential]$AdminCreds
+
+    ) 
+    
+    Import-DscResource -ModuleName ActiveDirectoryDsc, NetworkingDsc, xPSDesiredStateConfiguration, ComputerManagementDsc
+    
+    [String] $DomainNetbiosName = (Get-NetBIOSName -DomainFQDN $DomainFQDN)
+    [System.Management.Automation.PSCredential]$DomainCreds = New-Object System.Management.Automation.PSCredential ("${DomainNetbiosName}\$($Admincreds.UserName)", $Admincreds.Password)
+
+    $Interface = Get-NetAdapter | Where-Object Name -Like "Ethernet*" | Select-Object -First 1
+    $InterfaceAlias = $($Interface.Name)
+    $bstr = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($AdminCreds.Password)
+    $AdminPassword = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto($bstr)
+    $ComputerName = Get-Content env:computername
+
+    Node localhost
+    {
+        LocalConfigurationManager
+        {           
+            ConfigurationMode   = 'ApplyOnly'
+            RebootNodeIfNeeded  = $true
+        }
+
+        # ***** Create Domain Users *****
+        xScript ADCSdeploy
+        {
+            SetScript = 
+            {
+                Write-Host "add ADCS "
+
+                              
+                Write-Host "Get ADCS "
+                try 
+                {
+                    Get-WindowsFeature -Name AD-Certificate | Install-WindowsFeature
+                }
+                catch
+                {
+                    Write-Host "error getting ADCS"
+                }
+
+                 Write-Host "Install ADCS "
+                try 
+                {
+                    Install-AdcsCertificationAuthority -CAType EnterpriseRootCa -CryptoProviderName "ECDSA_P256#Microsoft Software Key Storage Provider" -KeyLength 256 -HashAlgorithmName SHA256
+                }
+                catch
+                {
+                    Write-Host "error installing ADCS"
+                }
+
+
+                
+
+
+                 Write-Host "add ADCS DSC complete "
+
+            }
+
+            GetScript =  
+            {
+                # This block must return a hashtable. The hashtable must only contain one key Result and the value must be of type String.
+                return @{ "Result" = "false" }
+            }
+            TestScript = 
+            {
+                # If it returns $false, the SetScript block will run. If it returns $true, the SetScript block will not run.
+                return $false
+            }
+        }
+    }
+}
+
+
+
+function Get-NetBIOSName {
+    [OutputType([string])]
+    param(
+        [string]$DomainFQDN
+    )
+
+    if ($DomainFQDN.Contains('.')) {
+        $length = $DomainFQDN.IndexOf('.')
+        if ( $length -ge 16) {
+            $length = 15
+        }
+        return $DomainFQDN.Substring(0, $length)
+    }
+    else {
+        if ($DomainFQDN.Length -gt 15) {
+            return $DomainFQDN.Substring(0, 15)
+        }
+        else {
+            return $DomainFQDN
+        }
+    }
+}
\ No newline at end of file
diff --git a/1-AD/DSC/src/AddUsers1.ps1 b/1-AD/DSC/src/AddUsers1.ps1
new file mode 100644
index 0000000..338912c
--- /dev/null
+++ b/1-AD/DSC/src/AddUsers1.ps1
@@ -0,0 +1,369 @@
+
+configuration AddUsers {
+    param 
+    ( 
+        [Parameter(Mandatory)]
+        [String]$DomainFQDN,
+
+        [Parameter(Mandatory)]
+        [System.Management.Automation.PSCredential]$AdminCreds
+
+    ) 
+    
+    Import-DscResource -ModuleName ActiveDirectoryDsc, NetworkingDsc, xPSDesiredStateConfiguration, xDnsServer, ComputerManagementDsc
+    
+    [String] $DomainNetbiosName = (Get-NetBIOSName -DomainFQDN $DomainFQDN)
+    [System.Management.Automation.PSCredential]$DomainCreds = New-Object System.Management.Automation.PSCredential ("${DomainNetbiosName}\$($Admincreds.UserName)", $Admincreds.Password)
+
+    $Interface = Get-NetAdapter | Where-Object Name -Like "Ethernet*" | Select-Object -First 1
+    $InterfaceAlias = $($Interface.Name)
+    $bstr = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($AdminCreds.Password)
+    $AdminPassword = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto($bstr)
+    $ComputerName = Get-Content env:computername
+
+    Node localhost
+    {
+        LocalConfigurationManager
+        {           
+            ConfigurationMode   = 'ApplyOnly'
+            RebootNodeIfNeeded  = $true
+        }
+
+        # ***** Create Domain Users *****
+        xScript CreateDomainUsers
+        {
+            SetScript = 
+            {
+
+             Write-Host "starting add users DSC"
+
+                # Verifying ADWS service is running
+                $ServiceName = 'ADWS'
+                $arrService = Get-Service -Name $ServiceName
+
+                while ($arrService.Status -ne 'Running')
+                {
+                    Start-Service $ServiceName
+                    Start-Sleep -seconds 5
+                    $arrService.Refresh()
+                }
+
+                Write-Host "creating new ous"
+
+                try 
+                {
+                    New-ADOrganizationalUnit -Name "UserAccounts"
+                    New-ADOrganizationalUnit -Name "ComputerAccounts"
+                    New-ADOrganizationalUnit -Name "AdminAccounts"
+                    New-ADOrganizationalUnit -Name "SecurityGroups" -Path "DC=asazlab,DC=com"
+                    New-ADOrganizationalUnit -Name "SG_FileShares" -Path "OU=SecurityGroups,DC=asazlab,DC=com"
+                    New-ADOrganizationalUnit -Name "ServiceAdmins" -Path "DC=asazlab,DC=com"
+                }
+                catch 
+                {
+                    Write-Host "error creating new ous"
+                }
+
+                Write-Host "adding new users"
+
+                try 
+                {               
+                    DSADD user -upn itadmin@asazlab.com "cn=itadmin,ou=AdminAccounts,dc=asazlab,dc=com" -fn "it" -ln "admin" -disabled no -display "ITAdmin" -desc "Non-Destruct Medieval Architecture Specialist" -office "Administration" -title "Controller" -company "DevLabs" -PWD "ThisShouldBeLongerThan20"
+                    Add-ADGroupMember -Identity "Domain Admins" -Members itadmin
+                    DSADD user -upn Luis.Graves@asazlab.com "cn=Luis.Graves,ou=UserAccounts,dc=asazlab,dc=com" -fn "Luis" -ln "Graves" -disabled no -display "Luis Graves" -desc "Accounting Controller" -office "Accounting" -title "Controller" -company "DevLabs" -PWD "Badpass76918"
+                    DSADD user -upn Pam.Sparks@asazlab.com "cn=Pam.Sparks,ou=UserAccounts,dc=asazlab,dc=com" -fn "Pam" -ln "Sparks" -disabled no -display "Pam Sparks" -desc "Accounting Accounts Payable" -office "DevLabs Accounting" -title "Accounts Payable" -company "DevLabs" -PWD "Badpass30886"
+                    DSADD user -upn Jesus.Robertson@asazlab.com "cn=Jesus.Robertson,ou=UserAccounts,dc=asazlab,dc=com" -fn "Jesus" -ln "Robertson" -disabled no -display "Jesus Robertson" -desc "Accounting Accounts Receivable" -office "DevLabs Accounting" -title "Accounts Receivable" -company "DevLabs" -PWD "Badpass33835"
+                    DSADD user -upn Nellie.Blair@asazlab.com "cn=Nellie.Blair,ou=UserAccounts,dc=asazlab,dc=com" -fn "Nellie" -ln "Blair" -disabled no -display "Nellie Blair" -desc "WholeSales Wholesale Sales" -office "DevLabs WholeSales" -title "Wholesale Sales" -company "DevLabs" -PWD "Badpass22601"
+                    DSADD user -upn Carl.Pearson@asazlab.com "cn=Carl.Pearson,ou=UserAccounts,dc=asazlab,dc=com" -fn "Carl" -ln "Pearson" -disabled no -display "Carl Pearson" -desc "WholeSales Wholesale Sales" -office "DevLabs WholeSales" -title "Wholesale Sales" -company "DevLabs" -PWD "Badpass23644"
+                    DSADD user -upn Geneva.Bryant@asazlab.com "cn=Geneva.Bryant,ou=UserAccounts,dc=asazlab,dc=com" -fn "Geneva" -ln "Bryant" -disabled no -display "Geneva Bryant" -desc "WholeSales Wholesale Sales" -office "DevLabs WholeSales" -title "Wholesale Sales" -company "DevLabs" -PWD "Badpass59456"
+                    DSADD user -upn Diana.Henderson@asazlab.com "cn=Diana.Henderson,ou=UserAccounts,dc=asazlab,dc=com" -fn "Diana" -ln "Henderson" -disabled no -display "Diana Henderson" -desc "Transportation Logistics Manager" -office "DevLabs Transportaion" -title "Logistics Manager" -company "DevLabs" -PWD "Badpass82796"
+                    DSADD user -upn Courtney.Mitchell@asazlab.com "cn=Courtney.Mitchell,ou=UserAccounts,dc=asazlab,dc=com" -fn "Courtney" -ln "Mitchell" -disabled no -display "Courtney Mitchell" -desc "Transportation Logistics Assistant" -office "DevLabs Transportation" -title "Logistics Assistant" -company "DevLabs" -PWD "Badpass77145"
+                    DSADD user -upn Gina.Hampton@asazlab.com "cn=Gina.Hampton,ou=UserAccounts,dc=asazlab,dc=com" -fn "Gina" -ln "Hampton" -disabled no -display "Gina Hampton" -desc "Bakery Production Director of Bakering" -office "DevLabs Bakery Production" -title "Director of Bakering" -company "DevLabs" -PWD "Badpass94578"
+                    DSADD user -upn Otis.Mullins@asazlab.com "cn=Otis.Mullins,ou=UserAccounts,dc=asazlab,dc=com" -fn "Otis" -ln "Mullins" -disabled no -display "Otis Mullins" -desc "Bakery Production Head Baker" -office "DevLabs Bakery Production" -title "Head Baker" -company "DevLabs" -PWD "Badpass46747"
+                    DSADD user -upn Gordon.Phillips@asazlab.com "cn=Gordon.Phillips,ou=UserAccounts,dc=asazlab,dc=com" -fn "Gordon" -ln "Phillips" -disabled no -display "Gordon Phillips" -desc "Bakery Production Head Baker" -office "DevLabs Bakery Production" -title "Head Baker" -company "DevLabs" -PWD "Badpass59314"
+                    DSADD user -upn Olive.Ross@asazlab.com "cn=Olive.Ross,ou=UserAccounts,dc=asazlab,dc=com" -fn "Olive" -ln "Ross" -disabled no -display "Olive Ross" -desc "Bakery Production Baker" -office "DevLabs Bakery Production" -title "Baker" -company "DevLabs" -PWD "Badpass23913"
+                    DSADD user -upn Roxanne.Greer@asazlab.com "cn=Roxanne.Greer,ou=UserAccounts,dc=asazlab,dc=com" -fn "Roxanne" -ln "Greer" -disabled no -display "Roxanne Greer" -desc "Bakery Production Baker" -office "DevLabs Bakery Production" -title "Baker" -company "DevLabs" -PWD "Badpass65009"
+                    DSADD user -upn Willie.Herrera@asazlab.com "cn=Willie.Herrera,ou=UserAccounts,dc=asazlab,dc=com" -fn "Willie" -ln "Herrera" -disabled no -display "Willie Herrera" -desc "Bakery Production Baker" -office "DevLabs Bakery Production" -title "Baker" -company "DevLabs" -PWD "Badpass89503"
+                    DSADD user -upn Randal.Simpson@asazlab.com "cn=Randal.Simpson,ou=UserAccounts,dc=asazlab,dc=com" -fn "Randal" -ln "Simpson" -disabled no -display "Randal Simpson" -desc "Bakery Production Baker" -office "DevLabs Bakery Production" -title "Baker" -company "DevLabs" -PWD "Badpass32673"
+                    DSADD user -upn Bradley.Christensen@asazlab.com "cn=Bradley.Christensen,ou=UserAccounts,dc=asazlab,dc=com" -fn "Bradley" -ln "Christensen" -disabled no -display "Bradley Christensen" -desc "Bakery Production Baker" -office "DevLabs Bakery Production" -title "Baker" -company "DevLabs" -PWD "Badpass67659"
+                    DSADD user -upn Heather.Butler@asazlab.com "cn=Heather.Butler,ou=UserAccounts,dc=asazlab,dc=com" -fn "Heather" -ln "Butler" -disabled no -display "Heather Butler" -desc "Bakery Production Purchasing Agent" -office "DevLabs Bakery Production" -title "Purchasing Agent" -company "DevLabs" -PWD "Badpass25808"
+                    DSADD user -upn Elisa.Lawson@asazlab.com "cn=Elisa.Lawson,ou=UserAccounts,dc=asazlab,dc=com" -fn "Elisa" -ln "Lawson" -disabled no -display "Elisa Lawson" -desc "Bakery Production Confectionary Specialist" -office "DevLabs Bakery Production" -title "Confectionary Specialist" -company "DevLabs" -PWD "Badpass93896"
+                    DSADD user -upn Kristi.Silva@asazlab.com "cn=Kristi.Silva,ou=UserAccounts,dc=asazlab,dc=com" -fn "Kristi" -ln "Silva" -disabled no -display "Kristi Silva" -desc "Bakery Production Confectionary Specialist" -office "DevLabs Bakery Production" -title "Confectionary Specialist" -company "DevLabs" -PWD "Badpass66729"
+                    DSADD user -upn Ed.Barnes@asazlab.com "cn=Ed.Barnes,ou=UserAccounts,dc=asazlab,dc=com" -fn "Ed" -ln "Barnes" -disabled no -display "Ed Barnes" -desc "BusAdmin Office Manager" -office "DevLabs BusAdmin" -title "Office Manager" -company "DevLabs" -PWD "Badpass21561"
+                    DSADD user -upn Angela.Garner@asazlab.com "cn=Angela.Garner,ou=UserAccounts,dc=asazlab,dc=com" -fn "Angela" -ln "Garner" -disabled no -display "Angela Garner" -desc "Facilities Facilities Manager" -office "DevLabs Facilities" -title "Facilities Manager" -company "DevLabs" -PWD "Badpass77813"
+                    DSADD user -upn Lynda.Bowman@asazlab.com "cn=Lynda.Bowman,ou=UserAccounts,dc=asazlab,dc=com" -fn "Lynda" -ln "Bowman" -disabled no -display "Lynda Bowman" -desc "IT Systems Support" -office "DevLabs IT" -title "Systems Support" -company "DevLabs" -PWD "Badpass28487"
+                    DSADD user -upn Kathleen.Delgado@asazlab.com "cn=Kathleen.Delgado,ou=UserAccounts,dc=asazlab,dc=com" -fn "Kathleen" -ln "Delgado" -disabled no -display "Kathleen Delgado" -desc "IT WebDev Marketer" -office "DevLabs IT" -title "WebDev Marketer" -company "DevLabs" -PWD "Badpass97825"
+                    DSADD user -upn Eileen.Moss@asazlab.com "cn=Eileen.Moss,ou=UserAccounts,dc=asazlab,dc=com" -fn "Eileen" -ln "Moss" -disabled no -display "Eileen Moss" -desc "BusAdmin Owner" -office "DevLabs BusAdmin" -title "Owner" -company "DevLabs" -PWD "Badpass51776"
+                    DSADD user -upn IT.Admin@asazlab.com "cn=IT.Admin,ou=UserAccounts,dc=asazlab,dc=com" -fn "IT" -ln "Admin" -disabled no -display "IT Admin" -desc "IT DEPARTMENT IT SUPERUSER ACCOUNT" -office "DevLabs IT DEPARTMENT" -title "IT SUPERUSER ACCOUNT" -company "DevLabs" -PWD "Badpass99999"
+                    DSADD user -upn Josefina.Robbins@asazlab.com "cn=Josefina.Robbins,ou=UserAccounts,dc=asazlab,dc=com" -fn "Josefina" -ln "Robbins" -disabled no -display "Josefina Robbins" -desc "Testing Grounds Of Intervening Epeirogenics Medical Physics Professor" -office "DevLabs Testing Grounds Of Intervening Epeirogenics" -title "Medical Physics Professor" -company "DevLabs" -PWD "Badpass39351"
+                    DSADD user -upn Toni.Spencer@asazlab.com "cn=Toni.Spencer,ou=UserAccounts,dc=asazlab,dc=com" -fn "Toni" -ln "Spencer" -disabled no -display "Toni Spencer" -desc "Testing Grounds Of Intervening Epeirogenics Sterilization Technician" -office "DevLabs Testing Grounds Of Intervening Epeirogenics" -title "Sterilization Technician" -company "DevLabs" -PWD "Badpass75041"
+                    DSADD user -upn Becky.Wise@asazlab.com "cn=Becky.Wise,ou=UserAccounts,dc=asazlab,dc=com" -fn "Becky" -ln "Wise" -disabled no -display "Becky Wise" -desc "Testing Grounds Of Intervening Epeirogenics Honest John Rocket Crew Member" -office "DevLabs Testing Grounds Of Intervening Epeirogenics" -title "Honest John Rocket Crew Member" -company "DevLabs" -PWD "Badpass55039"
+                    DSADD user -upn Vicky.Hansen@asazlab.com "cn=Vicky.Hansen,ou=UserAccounts,dc=asazlab,dc=com" -fn "Vicky" -ln "Hansen" -disabled no -display "Vicky Hansen" -desc "Testing Grounds Of Intervening Epeirogenics PBX Operator" -office "DevLabs Testing Grounds Of Intervening Epeirogenics" -title "PBX Operator" -company "DevLabs" -PWD "Badpass1834"
+                    DSADD user -upn Juana.Fitzgerald@asazlab.com "cn=Juana.Fitzgerald,ou=UserAccounts,dc=asazlab,dc=com" -fn "Juana" -ln "Fitzgerald" -disabled no -display "Juana Fitzgerald" -desc "Testing Grounds Of Intervening Epeirogenics Field Map Technician" -office "DevLabs Testing Grounds Of Intervening Epeirogenics" -title "Field Map Technician" -company "DevLabs" -PWD "Badpass18832"
+                    DSADD user -upn Judith.Green@asazlab.com "cn=Judith.Green,ou=UserAccounts,dc=asazlab,dc=com" -fn "Judith" -ln "Green" -disabled no -display "Judith Green" -desc "Testing Grounds Of Intervening Epeirogenics Combine Mechanic" -office "DevLabs Testing Grounds Of Intervening Epeirogenics" -title "Combine Mechanic" -company "DevLabs" -PWD "Badpass91238"
+                    DSADD user -upn Drew.Simmons@asazlab.com "cn=Drew.Simmons,ou=UserAccounts,dc=asazlab,dc=com" -fn "Drew" -ln "Simmons" -disabled no -display "Drew Simmons" -desc "Testing Grounds Of Intervening Epeirogenics School Bus Driver" -office "DevLabs Testing Grounds Of Intervening Epeirogenics" -title "School Bus Driver" -company "DevLabs" -PWD "Badpass53349"
+                    DSADD user -upn Ernestine.Blake@asazlab.com "cn=Ernestine.Blake,ou=UserAccounts,dc=asazlab,dc=com" -fn "Ernestine" -ln "Blake" -disabled no -display "Ernestine Blake" -desc "Testing Grounds Of Intervening Epeirogenics Merchandise Displayer" -office "DevLabs Testing Grounds Of Intervening Epeirogenics" -title "Merchandise Displayer" -company "DevLabs" -PWD "Badpass12790"
+                    DSADD user -upn Vickie.Ray@asazlab.com "cn=Vickie.Ray,ou=UserAccounts,dc=asazlab,dc=com" -fn "Vickie" -ln "Ray" -disabled no -display "Vickie Ray" -desc "Testing Grounds Of Intervening Epeirogenics National Association for Stock Car Auto Racing Driver" -office "DevLabs Testing Grounds Of Intervening Epeirogenics" -title "National Association for Stock Car Auto Racing Driver" -company "DevLabs" -PWD "Badpass62326"
+                    DSADD user -upn Jerry.Lawrence@asazlab.com "cn=Jerry.Lawrence,ou=UserAccounts,dc=asazlab,dc=com" -fn "Jerry" -ln "Lawrence" -disabled no -display "Jerry Lawrence" -desc "Test Center Of The Analysis Of Florigenics Independent Insurance Adjuster" -office "DevLabs Test Center Of The Analysis Of Florigenics" -title "Independent Insurance Adjuster" -company "DevLabs" -PWD "Badpass55938"
+                    DSADD user -upn Darlene.Gibbs@asazlab.com "cn=Darlene.Gibbs,ou=UserAccounts,dc=asazlab,dc=com" -fn "Darlene" -ln "Gibbs" -disabled no -display "Darlene Gibbs" -desc "Test Center Of The Analysis Of Florigenics Electronic Warfare Specialist" -office "DevLabs Test Center Of The Analysis Of Florigenics" -title "Electronic Warfare Specialist" -company "DevLabs" -PWD "Badpass46644"
+                    DSADD user -upn Jeremy.Willis@asazlab.com "cn=Jeremy.Willis,ou=UserAccounts,dc=asazlab,dc=com" -fn "Jeremy" -ln "Willis" -disabled no -display "Jeremy Willis" -desc "Test Center Of The Analysis Of Florigenics Administrative Court Justice" -office "DevLabs Test Center Of The Analysis Of Florigenics" -title "Administrative Court Justice" -company "DevLabs" -PWD "Badpass86499"
+                    DSADD user -upn Kathy.Montgomery@asazlab.com "cn=Kathy.Montgomery,ou=UserAccounts,dc=asazlab,dc=com" -fn "Kathy" -ln "Montgomery" -disabled no -display "Kathy Montgomery" -desc "Test Center Of The Analysis Of Florigenics Prescription Clerk" -office "DevLabs Test Center Of The Analysis Of Florigenics" -title "Prescription Clerk" -company "DevLabs" -PWD "Badpass89450"
+                    DSADD user -upn Veronica.Sparks@asazlab.com "cn=Veronica.Sparks,ou=UserAccounts,dc=asazlab,dc=com" -fn "Veronica" -ln "Sparks" -disabled no -display "Veronica Sparks" -desc "Test Center Of The Analysis Of Florigenics Guided Missile Launching System Maintenance Technician" -office "DevLabs Test Center Of The Analysis Of Florigenics" -title "Guided Missile Launching System Maintenance Technician" -company "DevLabs" -PWD "Badpass22385"
+                    DSADD user -upn Bertha.Schultz@asazlab.com "cn=Bertha.Schultz,ou=UserAccounts,dc=asazlab,dc=com" -fn "Bertha" -ln "Schultz" -disabled no -display "Bertha Schultz" -desc "Test Center Of The Analysis Of Florigenics Staff Air Defense Officer" -office "DevLabs Test Center Of The Analysis Of Florigenics" -title "Staff Air Defense Officer" -company "DevLabs" -PWD "Badpass90332"
+                    DSADD user -upn Judy.Bowen@asazlab.com "cn=Judy.Bowen,ou=UserAccounts,dc=asazlab,dc=com" -fn "Judy" -ln "Bowen" -disabled no -display "Judy Bowen" -desc "Test Center Of The Analysis Of Florigenics Film Process Operator" -office "DevLabs Test Center Of The Analysis Of Florigenics" -title "Film Process Operator" -company "DevLabs" -PWD "Badpass76659"
+                    DSADD user -upn Candace.Martinez@asazlab.com "cn=Candace.Martinez,ou=UserAccounts,dc=asazlab,dc=com" -fn "Candace" -ln "Martinez" -disabled no -display "Candace Martinez" -desc "Test Center Of The Analysis Of Florigenics Aircraft Loadmaster Superintendent" -office "DevLabs Test Center Of The Analysis Of Florigenics" -title "Aircraft Loadmaster Superintendent" -company "DevLabs" -PWD "Badpass83152"
+                    DSADD user -upn Everett.Watkins@asazlab.com "cn=Everett.Watkins,ou=UserAccounts,dc=asazlab,dc=com" -fn "Everett" -ln "Watkins" -disabled no -display "Everett Watkins" -desc "Defense Lab Of Obscure Transgenics Lay Health Advocate" -office "DevLabs Defense Lab Of Obscure Transgenics" -title "Lay Health Advocate" -company "DevLabs" -PWD "Badpass16102"
+                    DSADD user -upn Mandy.Rhodes@asazlab.com "cn=Mandy.Rhodes,ou=UserAccounts,dc=asazlab,dc=com" -fn "Mandy" -ln "Rhodes" -disabled no -display "Mandy Rhodes" -desc "Test Center Of Declined Ergogenics Geophysical Manager" -office "DevLabs Test Center Of Declined Ergogenics" -title "Geophysical Manager" -company "DevLabs" -PWD "Badpass31055"
+                    DSADD user -upn Gail.Kennedy@asazlab.com "cn=Gail.Kennedy,ou=UserAccounts,dc=asazlab,dc=com" -fn "Gail" -ln "Kennedy" -disabled no -display "Gail Kennedy" -desc "Defense Lab Of Obscure Transgenics Ship's Electronic Warfare Officer" -office "DevLabs Defense Lab Of Obscure Transgenics" -title "Ship's Electronic Warfare Officer" -company "DevLabs" -PWD "Badpass60705"
+                    DSADD user -upn Elmer.Wagner@asazlab.com "cn=Elmer.Wagner,ou=UserAccounts,dc=asazlab,dc=com" -fn "Elmer" -ln "Wagner" -disabled no -display "Elmer Wagner" -desc "Test Center Of Declined Ergogenics MIS Director" -office "DevLabs Test Center Of Declined Ergogenics" -title "MIS Director" -company "DevLabs" -PWD "Badpass7611"
+                    DSADD user -upn Angela.Hampton@asazlab.com "cn=Angela.Hampton,ou=UserAccounts,dc=asazlab,dc=com" -fn "Angela" -ln "Hampton" -disabled no -display "Angela Hampton" -desc "Defense Lab Of Obscure Transgenics Peer Health Promoter" -office "DevLabs Defense Lab Of Obscure Transgenics" -title "Peer Health Promoter" -company "DevLabs" -PWD "Badpass60044"
+                    DSADD user -upn Claire.Munoz@asazlab.com "cn=Claire.Munoz,ou=UserAccounts,dc=asazlab,dc=com" -fn "Claire" -ln "Munoz" -disabled no -display "Claire Munoz" -desc "Test Center Of Declined Ergogenics Secondary School Principal" -office "DevLabs Test Center Of Declined Ergogenics" -title "Secondary School Principal" -company "DevLabs" -PWD "Badpass11608"
+                    DSADD user -upn Joanna.Patton@asazlab.com "cn=Joanna.Patton,ou=UserAccounts,dc=asazlab,dc=com" -fn "Joanna" -ln "Patton" -disabled no -display "Joanna Patton" -desc "Defense Lab Of Obscure Transgenics Banquet Manager" -office "DevLabs Defense Lab Of Obscure Transgenics" -title "Banquet Manager" -company "DevLabs" -PWD "Badpass59451"
+                    DSADD user -upn Elaine.Carson@asazlab.com "cn=Elaine.Carson,ou=UserAccounts,dc=asazlab,dc=com" -fn "Elaine" -ln "Carson" -disabled no -display "Elaine Carson" -desc "Test Center Of Declined Ergogenics Service Forester" -office "DevLabs Test Center Of Declined Ergogenics" -title "Service Forester" -company "DevLabs" -PWD "Badpass30285"
+                    DSADD user -upn Shelia.Osborne@asazlab.com "cn=Shelia.Osborne,ou=UserAccounts,dc=asazlab,dc=com" -fn "Shelia" -ln "Osborne" -disabled no -display "Shelia Osborne" -desc "Defense Lab Of Obscure Transgenics Computer Security Specialist" -office "DevLabs Defense Lab Of Obscure Transgenics" -title "Computer Security Specialist" -company "DevLabs" -PWD "Badpass46566"
+                    DSADD user -upn Alberto.Patterson@asazlab.com "cn=Alberto.Patterson,ou=UserAccounts,dc=asazlab,dc=com" -fn "Alberto" -ln "Patterson" -disabled no -display "Alberto Patterson" -desc "Test Center Of Declined Ergogenics Computer Systems Security Analyst" -office "DevLabs Test Center Of Declined Ergogenics" -title "Computer Systems Security Analyst" -company "DevLabs" -PWD "Badpass31258"
+                    DSADD user -upn Bonnie.Barber@asazlab.com "cn=Bonnie.Barber,ou=UserAccounts,dc=asazlab,dc=com" -fn "Bonnie" -ln "Barber" -disabled no -display "Bonnie Barber" -desc "Defense Lab Of Obscure Transgenics Information Security Analyst" -office "DevLabs Defense Lab Of Obscure Transgenics" -title "Information Security Analyst" -company "DevLabs" -PWD "Badpass8383"
+                    DSADD user -upn Christian.Frazier@asazlab.com "cn=Christian.Frazier,ou=UserAccounts,dc=asazlab,dc=com" -fn "Christian" -ln "Frazier" -disabled no -display "Christian Frazier" -desc "Test Center Of Declined Ergogenics Information Systems Security Analyst" -office "DevLabs Test Center Of Declined Ergogenics" -title "Information Systems Security Analyst" -company "DevLabs" -PWD "Badpass85995"
+                    DSADD user -upn Cheryl.Ford@asazlab.com "cn=Cheryl.Ford,ou=UserAccounts,dc=asazlab,dc=com" -fn "Cheryl" -ln "Ford" -disabled no -display "Cheryl Ford" -desc "Test Center Of The Deterioration Of Palynology Internet Security Specialist" -office "DevLabs Test Center Of The Deterioration Of Palynology" -title "Internet Security Specialist" -company "DevLabs" -PWD "Badpass42850"
+                    DSADD user -upn Leslie.Francis@asazlab.com "cn=Leslie.Francis,ou=UserAccounts,dc=asazlab,dc=com" -fn "Leslie" -ln "Francis" -disabled no -display "Leslie Francis" -desc "Test Center Of The Deterioration Of Palynology Network Security Analyst" -office "DevLabs Test Center Of The Deterioration Of Palynology" -title "Network Security Analyst" -company "DevLabs" -PWD "Badpass79876"
+                    DSADD user -upn Dwight.Burns@asazlab.com "cn=Dwight.Burns,ou=UserAccounts,dc=asazlab,dc=com" -fn "Dwight" -ln "Burns" -disabled no -display "Dwight Burns" -desc "Test Center Of The Deterioration Of Palynology Applications Programmer" -office "DevLabs Test Center Of The Deterioration Of Palynology" -title "Applications Programmer" -company "DevLabs" -PWD "Badpass46592"
+                    DSADD user -upn Jill.Roberts@asazlab.com "cn=Jill.Roberts,ou=UserAccounts,dc=asazlab,dc=com" -fn "Jill" -ln "Roberts" -disabled no -display "Jill Roberts" -desc "Test Center Of The Deterioration Of Palynology Computer Language Coder" -office "DevLabs Test Center Of The Deterioration Of Palynology" -title "Computer Language Coder" -company "DevLabs" -PWD "Badpass57759"
+                    DSADD user -upn Tamara.Armstrong@asazlab.com "cn=Tamara.Armstrong,ou=UserAccounts,dc=asazlab,dc=com" -fn "Tamara" -ln "Armstrong" -disabled no -display "Tamara Armstrong" -desc "Test Center Of The Deterioration Of Palynology Computer Programmer" -office "DevLabs Test Center Of The Deterioration Of Palynology" -title "Computer Programmer" -company "DevLabs" -PWD "Badpass32165"
+                    DSADD user -upn Lionel.Vaughn@asazlab.com "cn=Lionel.Vaughn,ou=UserAccounts,dc=asazlab,dc=com" -fn "Lionel" -ln "Vaughn" -disabled no -display "Lionel Vaughn" -desc "Test Center Of The Deterioration Of Palynology Junior Software Developer" -office "DevLabs Test Center Of The Deterioration Of Palynology" -title "Junior Software Developer" -company "DevLabs" -PWD "Badpass65184"
+                    DSADD user -upn Carmen.Chambers@asazlab.com "cn=Carmen.Chambers,ou=UserAccounts,dc=asazlab,dc=com" -fn "Carmen" -ln "Chambers" -disabled no -display "Carmen Chambers" -desc "Test Center Of The Deterioration Of Palynology Mainframe Programmer" -office "DevLabs Test Center Of The Deterioration Of Palynology" -title "Mainframe Programmer" -company "DevLabs" -PWD "Badpass31637"
+                    DSADD user -upn Taylor.Gill@asazlab.com "cn=Taylor.Gill,ou=UserAccounts,dc=asazlab,dc=com" -fn "Taylor" -ln "Gill" -disabled no -display "Taylor Gill" -desc "Test Center Of The Deterioration Of Palynology Systems Programmer" -office "DevLabs Test Center Of The Deterioration Of Palynology" -title "Systems Programmer" -company "DevLabs" -PWD "Badpass39026"
+                    DSADD user -upn Cora.Bowman@asazlab.com "cn=Cora.Bowman,ou=UserAccounts,dc=asazlab,dc=com" -fn "Cora" -ln "Bowman" -disabled no -display "Cora Bowman" -desc "Test Center Of The Deterioration Of Palynology Application Integration Engineer" -office "DevLabs Test Center Of The Deterioration Of Palynology" -title "Application Integration Engineer" -company "DevLabs" -PWD "Badpass87180"
+                    DSADD user -upn Virginia.Adkins@asazlab.com "cn=Virginia.Adkins,ou=UserAccounts,dc=asazlab,dc=com" -fn "Virginia" -ln "Adkins" -disabled no -display "Virginia Adkins" -desc "Test Center Of The Deterioration Of Palynology Applications Developer" -office "DevLabs Test Center Of The Deterioration Of Palynology" -title "Applications Developer" -company "DevLabs" -PWD "Badpass56388"
+                    DSADD user -upn Jody.Haynes@asazlab.com "cn=Jody.Haynes,ou=UserAccounts,dc=asazlab,dc=com" -fn "Jody" -ln "Haynes" -disabled no -display "Jody Haynes" -desc "Research Lab Of Mutating Garbology Computer Applications Developer" -office "DevLabs Research Lab Of Mutating Garbology" -title "Computer Applications Developer" -company "DevLabs" -PWD "Badpass59005"
+                    DSADD user -upn Corey.Quinn@asazlab.com "cn=Corey.Quinn,ou=UserAccounts,dc=asazlab,dc=com" -fn "Corey" -ln "Quinn" -disabled no -display "Corey Quinn" -desc "Research Lab Of Mutating Garbology Computer Applications Engineer" -office "DevLabs Research Lab Of Mutating Garbology" -title "Computer Applications Engineer" -company "DevLabs" -PWD "Badpass85030"
+                    DSADD user -upn Nancy.Yates@asazlab.com "cn=Nancy.Yates,ou=UserAccounts,dc=asazlab,dc=com" -fn "Nancy" -ln "Yates" -disabled no -display "Nancy Yates" -desc "Research Lab Of Mutating Garbology Database Developer" -office "DevLabs Research Lab Of Mutating Garbology" -title "Database Developer" -company "DevLabs" -PWD "Badpass43517"
+                    DSADD user -upn Eleanor.Olson@asazlab.com "cn=Eleanor.Olson,ou=UserAccounts,dc=asazlab,dc=com" -fn "Eleanor" -ln "Olson" -disabled no -display "Eleanor Olson" -desc "Research Lab Of Mutating Garbology Software Applications Architect" -office "DevLabs Research Lab Of Mutating Garbology" -title "Software Applications Architect" -company "DevLabs" -PWD "Badpass74648"
+                    DSADD user -upn Shari.Hunt@asazlab.com "cn=Shari.Hunt,ou=UserAccounts,dc=asazlab,dc=com" -fn "Shari" -ln "Hunt" -disabled no -display "Shari Hunt" -desc "Research Lab Of Mutating Garbology Software Applications Designer" -office "DevLabs Research Lab Of Mutating Garbology" -title "Software Applications Designer" -company "DevLabs" -PWD "Badpass63423"
+                    DSADD user -upn Willie.Gonzales@asazlab.com "cn=Willie.Gonzales,ou=UserAccounts,dc=asazlab,dc=com" -fn "Willie" -ln "Gonzales" -disabled no -display "Willie Gonzales" -desc "Research Lab Of Mutating Garbology Software Applications Engineer" -office "DevLabs Research Lab Of Mutating Garbology" -title "Software Applications Engineer" -company "DevLabs" -PWD "Badpass57169"
+                    DSADD user -upn Rickey.Campbell@asazlab.com "cn=Rickey.Campbell,ou=UserAccounts,dc=asazlab,dc=com" -fn "Rickey" -ln "Campbell" -disabled no -display "Rickey Campbell" -desc "Research Lab Of Mutating Garbology Actuarial Associate" -office "DevLabs Research Lab Of Mutating Garbology" -title "Actuarial Associate" -company "DevLabs" -PWD "Badpass91838"
+                    DSADD user -upn Pablo.Goodman@asazlab.com "cn=Pablo.Goodman,ou=UserAccounts,dc=asazlab,dc=com" -fn "Pablo" -ln "Goodman" -disabled no -display "Pablo Goodman" -desc "Research Lab Of Mutating Garbology Actuarial Mathematician" -office "DevLabs Research Lab Of Mutating Garbology" -title "Actuarial Mathematician" -company "DevLabs" -PWD "Badpass71031"
+                    DSADD user -upn Maureen.Rios@asazlab.com "cn=Maureen.Rios,ou=UserAccounts,dc=asazlab,dc=com" -fn "Maureen" -ln "Rios" -disabled no -display "Maureen Rios" -desc "Defense Lab Of The Rectification Of Dysgenics Health Actuary" -office "DevLabs Defense Lab Of The Rectification Of Dysgenics" -title "Health Actuary" -company "DevLabs" -PWD "Badpass5877"
+                    DSADD user -upn Jim.Bailey@asazlab.com "cn=Jim.Bailey,ou=UserAccounts,dc=asazlab,dc=com" -fn "Jim" -ln "Bailey" -disabled no -display "Jim Bailey" -desc "Defense Lab Of The Rectification Of Dysgenics Insurance Actuary" -office "DevLabs Defense Lab Of The Rectification Of Dysgenics" -title "Insurance Actuary" -company "DevLabs" -PWD "Badpass13637"
+                    DSADD user -upn Debbie.Harrison@asazlab.com "cn=Debbie.Harrison,ou=UserAccounts,dc=asazlab,dc=com" -fn "Debbie" -ln "Harrison" -disabled no -display "Debbie Harrison" -desc "Defense Lab Of The Rectification Of Dysgenics Pricing Actuary" -office "DevLabs Defense Lab Of The Rectification Of Dysgenics" -title "Pricing Actuary" -company "DevLabs" -PWD "Badpass34971"
+                    DSADD user -upn Timmy.Richardson@asazlab.com "cn=Timmy.Richardson,ou=UserAccounts,dc=asazlab,dc=com" -fn "Timmy" -ln "Richardson" -disabled no -display "Timmy Richardson" -desc "Defense Lab Of The Rectification Of Dysgenics Product Development Actuary" -office "DevLabs Defense Lab Of The Rectification Of Dysgenics" -title "Product Development Actuary" -company "DevLabs" -PWD "Badpass46037"
+                    DSADD user -upn Samantha.Ryan@asazlab.com "cn=Samantha.Ryan,ou=UserAccounts,dc=asazlab,dc=com" -fn "Samantha" -ln "Ryan" -disabled no -display "Samantha Ryan" -desc "Defense Lab Of The Rectification Of Dysgenics Operations Analyst" -office "DevLabs Defense Lab Of The Rectification Of Dysgenics" -title "Operations Analyst" -company "DevLabs" -PWD "Badpass5033"
+                    DSADD user -upn Roderick.Stone@asazlab.com "cn=Roderick.Stone,ou=UserAccounts,dc=asazlab,dc=com" -fn "Roderick" -ln "Stone" -disabled no -display "Roderick Stone" -desc "Defense Lab Of The Rectification Of Dysgenics Operations Research Analyst" -office "DevLabs Defense Lab Of The Rectification Of Dysgenics" -title "Operations Research Analyst" -company "DevLabs" -PWD "Badpass1984"
+                    DSADD user -upn Jackie.Hall@asazlab.com "cn=Jackie.Hall,ou=UserAccounts,dc=asazlab,dc=com" -fn "Jackie" -ln "Hall" -disabled no -display "Jackie Hall" -desc "Defense Lab Of The Rectification Of Dysgenics Procedure Analyst" -office "DevLabs Defense Lab Of The Rectification Of Dysgenics" -title "Procedure Analyst" -company "DevLabs" -PWD "Badpass62950"
+                    DSADD user -upn Sylvia.Mcgee@asazlab.com "cn=Sylvia.Mcgee,ou=UserAccounts,dc=asazlab,dc=com" -fn "Sylvia" -ln "Mcgee" -disabled no -display "Sylvia Mcgee" -desc "Defense Lab Of The Rectification Of Dysgenics Process Analyst" -office "DevLabs Defense Lab Of The Rectification Of Dysgenics" -title "Process Analyst" -company "DevLabs" -PWD "Badpass81222"
+                    DSADD user -upn Bernice.Lawson@asazlab.com "cn=Bernice.Lawson,ou=UserAccounts,dc=asazlab,dc=com" -fn "Bernice" -ln "Lawson" -disabled no -display "Bernice Lawson" -desc "Defense Lab Of The Rectification Of Dysgenics Animal Breeder" -office "DevLabs Defense Lab Of The Rectification Of Dysgenics" -title "Animal Breeder" -company "DevLabs" -PWD "Badpass54618"
+                    DSADD user -upn Kyle.Owen@asazlab.com "cn=Kyle.Owen,ou=UserAccounts,dc=asazlab,dc=com" -fn "Kyle" -ln "Owen" -disabled no -display "Kyle Owen" -desc "Defense Lab Of The Rectification Of Dysgenics Cat Breeder" -office "DevLabs Defense Lab Of The Rectification Of Dysgenics" -title "Cat Breeder" -company "DevLabs" -PWD "Badpass64815"
+                    DSADD user -upn Orlando.Bennett@asazlab.com "cn=Orlando.Bennett,ou=UserAccounts,dc=asazlab,dc=com" -fn "Orlando" -ln "Bennett" -disabled no -display "Orlando Bennett" -desc "Defense Lab Of The Rectification Of Dysgenics Dairy Husbandry Worker" -office "DevLabs Defense Lab Of The Rectification Of Dysgenics" -title "Dairy Husbandry Worker" -company "DevLabs" -PWD "Badpass83275"
+                    DSADD user -upn Cindy.Vargas@asazlab.com "cn=Cindy.Vargas,ou=UserAccounts,dc=asazlab,dc=com" -fn "Cindy" -ln "Vargas" -disabled no -display "Cindy Vargas" -desc "Defense Lab Of The Rectification Of Dysgenics Dog Breeder" -office "DevLabs Defense Lab Of The Rectification Of Dysgenics" -title "Dog Breeder" -company "DevLabs" -PWD "Badpass73142"
+                    DSADD user -upn Geneva.Murphy@asazlab.com "cn=Geneva.Murphy,ou=UserAccounts,dc=asazlab,dc=com" -fn "Geneva" -ln "Murphy" -disabled no -display "Geneva Murphy" -desc "Defense Lab Of The Rectification Of Dysgenics Equine Breeder" -office "DevLabs Defense Lab Of The Rectification Of Dysgenics" -title "Equine Breeder" -company "DevLabs" -PWD "Badpass79401"
+                    DSADD user -upn Paula.Warner@asazlab.com "cn=Paula.Warner,ou=UserAccounts,dc=asazlab,dc=com" -fn "Paula" -ln "Warner" -disabled no -display "Paula Warner" -desc "Defense Lab Of The Rectification Of Dysgenics Horse Breeder" -office "DevLabs Defense Lab Of The Rectification Of Dysgenics" -title "Horse Breeder" -company "DevLabs" -PWD "Badpass78584"
+                    DSADD user -upn Samantha.Simpson@asazlab.com "cn=Samantha.Simpson,ou=UserAccounts,dc=asazlab,dc=com" -fn "Samantha" -ln "Simpson" -disabled no -display "SamanthaSimpson" -desc "Defense Lab Of The Rectification Of Dysgenics Horse Breeder" -office "DevLabs Defense Lab Of The Rectification Of Dysgenics" -title "Horse Breeder" -company "DevLabs" -PWD "Spring2021!"
+                    DSADD user -upn Felix.Ballard@asazlab.com "cn=Felix.Ballard,ou=UserAccounts,dc=asazlab,dc=com" -fn "Felix" -ln "Ballard" -disabled no -display "Felix Ballard" -desc "Defense Lab Of The Rectification Of Dysgenics Livestock Breeder" -office "DevLabs Defense Lab Of The Rectification Of Dysgenics" -title "Livestock Breeder" -company "DevLabs" -PWD "Badpass6354"
+                    DSADD user -upn Phyllis.Rivera@asazlab.com "cn=Phyllis.Rivera,ou=UserAccounts,dc=asazlab,dc=com" -fn "Phyllis" -ln "Rivera" -disabled no -display "Phyllis Rivera" -desc "Defense Lab Of The Rectification Of Dysgenics Poultry Inseminator" -office "DevLabs Defense Lab Of The Rectification Of Dysgenics" -title "Poultry Inseminator" -company "DevLabs" -PWD "Badpass82528"
+                    DSADD user -upn Harriet.Moss@asazlab.com "cn=Harriet.Moss,ou=UserAccounts,dc=asazlab,dc=com" -fn "Harriet" -ln "Moss" -disabled no -display "Harriet Moss" -desc "Defense Lab Of The Rectification Of Dysgenics Stallion Manager" -office "DevLabs Defense Lab Of The Rectification Of Dysgenics" -title "Stallion Manager" -company "DevLabs" -PWD "Badpass21525"
+                    DSADD user -upn Lucille.Tucker@asazlab.com "cn=Lucille.Tucker,ou=UserAccounts,dc=asazlab,dc=com" -fn "Lucille" -ln "Tucker" -disabled no -display "Lucille Tucker" -desc "Plutocratic Republic of Prefectures Rug Designer" -office "DevLabs Plutocratic Republic of Prefectures" -title "Rug Designer" -company "DevLabs" -PWD "Badpass7198"
+                    DSADD user -upn Oscar.Sherman@asazlab.com "cn=Oscar.Sherman,ou=UserAccounts,dc=asazlab,dc=com" -fn "Oscar" -ln "Sherman" -disabled no -display "Oscar Sherman" -desc "Plutocratic Republic of Prefectures Special Education Preschool Teacher" -office "DevLabs Plutocratic Republic of Prefectures" -title "Special Education Preschool Teacher" -company "DevLabs" -PWD "Badpass26745"
+                    DSADD user -upn Priscilla.Bryant@asazlab.com "cn=Priscilla.Bryant,ou=UserAccounts,dc=asazlab,dc=com" -fn "Priscilla" -ln "Bryant" -disabled no -display "Priscilla Bryant" -desc "Plutocratic Republic of Prefectures Radio Television Technical Director" -office "DevLabs Plutocratic Republic of Prefectures" -title "Radio Television Technical Director" -company "DevLabs" -PWD "Badpass37534"
+                    DSADD user -upn Gwendolyn.Berry@asazlab.com "cn=Gwendolyn.Berry,ou=UserAccounts,dc=asazlab,dc=com" -fn "Gwendolyn" -ln "Berry" -disabled no -display "Gwendolyn Berry" -desc "Plutocratic Republic of Prefectures Rail Signal Mechanic" -office "DevLabs Plutocratic Republic of Prefectures" -title "Rail Signal Mechanic" -company "DevLabs" -PWD "Badpass16263"
+                    DSADD user -upn Cynthia.Mcdonald@asazlab.com "cn=Cynthia.Mcdonald,ou=UserAccounts,dc=asazlab,dc=com" -fn "Cynthia" -ln "Mcdonald" -disabled no -display "Cynthia Mcdonald" -desc "Plutocratic Republic of Prefectures Funeral Arrangement Director" -office "DevLabs Plutocratic Republic of Prefectures" -title "Funeral Arrangement Director" -company "DevLabs" -PWD "Badpass67127"
+                    DSADD user -upn Ignacio.Long@asazlab.com "cn=Ignacio.Long,ou=UserAccounts,dc=asazlab,dc=com" -fn "Ignacio" -ln "Long" -disabled no -display "Ignacio Long" -desc "Plutocratic Republic of Prefectures Tool Room Supervisor" -office "DevLabs Plutocratic Republic of Prefectures" -title "Tool Room Supervisor" -company "DevLabs" -PWD "Badpass59735"
+                    DSADD user -upn Patsy.Medina@asazlab.com "cn=Patsy.Medina,ou=UserAccounts,dc=asazlab,dc=com" -fn "Patsy" -ln "Medina" -disabled no -display "Patsy Medina" -desc "Plutocratic Republic of Prefectures Non-Acoustic Operator" -office "DevLabs Plutocratic Republic of Prefectures" -title "Non-Acoustic Operator" -company "DevLabs" -PWD "Badpass58883"
+                    DSADD user -upn Spencer.Watts@asazlab.com "cn=Spencer.Watts,ou=UserAccounts,dc=asazlab,dc=com" -fn "Spencer" -ln "Watts" -disabled no -display "Spencer Watts" -desc "Plutocratic Republic of Prefectures Foundry Molder" -office "DevLabs Plutocratic Republic of Prefectures" -title "Foundry Molder" -company "DevLabs" -PWD "Badpass11676"
+                    DSADD user -upn Stuart.Poole@asazlab.com "cn=Stuart.Poole,ou=UserAccounts,dc=asazlab,dc=com" -fn "Stuart" -ln "Poole" -disabled no -display "Stuart Poole" -desc "Plutocratic Republic of Prefectures Coal Tram Driver" -office "DevLabs Plutocratic Republic of Prefectures" -title "Coal Tram Driver" -company "DevLabs" -PWD "Badpass68767"
+                    DSADD user -upn Dana.Horton@asazlab.com "cn=Dana.Horton,ou=UserAccounts,dc=asazlab,dc=com" -fn "Dana" -ln "Horton" -disabled no -display "Dana Horton" -desc "Plutocratic Republic of Prefectures Cage Cashier" -office "DevLabs Plutocratic Republic of Prefectures" -title "Cage Cashier" -company "DevLabs" -PWD "Badpass89692"
+                    DSADD user -upn Luz.Boone@asazlab.com "cn=Luz.Boone,ou=UserAccounts,dc=asazlab,dc=com" -fn "Luz" -ln "Boone" -disabled no -display "Luz Boone" -desc "Plutocratic Republic of Prefectures Golf Course Laborer" -office "DevLabs Plutocratic Republic of Prefectures" -title "Golf Course Laborer" -company "DevLabs" -PWD "Badpass6850"
+                    DSADD user -upn Diane.Sims@asazlab.com "cn=Diane.Sims,ou=UserAccounts,dc=asazlab,dc=com" -fn "Diane" -ln "Sims" -disabled no -display "Diane Sims" -desc "Plutocratic Republic of Prefectures Aegis Console Operator Track 3" -office "DevLabs Plutocratic Republic of Prefectures" -title "Aegis Console Operator Track 3" -company "DevLabs" -PWD "Badpass10158"
+                    DSADD user -upn Joanne.Stewart@asazlab.com "cn=Joanne.Stewart,ou=UserAccounts,dc=asazlab,dc=com" -fn "Joanne" -ln "Stewart" -disabled no -display "Joanne Stewart" -desc "Plutocratic Republic of Prefectures Dairy Husbandry Worker" -office "DevLabs Plutocratic Republic of Prefectures" -title "Dairy Husbandry Worker" -company "DevLabs" -PWD "Badpass19993"
+                    DSADD user -upn Wallace.West@asazlab.com "cn=Wallace.West,ou=UserAccounts,dc=asazlab,dc=com" -fn "Wallace" -ln "West" -disabled no -display "Wallace West" -desc "Plutocratic Republic of Prefectures Airborne Mission Systems Superintendent" -office "DevLabs Plutocratic Republic of Prefectures" -title "Airborne Mission Systems Superintendent" -company "DevLabs" -PWD "Badpass61788"
+                    DSADD user -upn Nellie.Higgins@asazlab.com "cn=Nellie.Higgins,ou=UserAccounts,dc=asazlab,dc=com" -fn "Nellie" -ln "Higgins" -disabled no -display "Nellie Higgins" -desc "Plutocratic Republic of Prefectures An/Sqq-32(V)3 Minehunting Sonar Set Operator (Mss)" -office "DevLabs Plutocratic Republic of Prefectures" -title "An/Sqq-32(V)3 Minehunting Sonar Set Operator (Mss)" -company "DevLabs" -PWD "Badpass85310"
+                    DSADD user -upn Gabriel.Roberson@asazlab.com "cn=Gabriel.Roberson,ou=UserAccounts,dc=asazlab,dc=com" -fn "Gabriel" -ln "Roberson" -disabled no -display "Gabriel Roberson" -desc "Plutocratic Republic of Prefectures Certified Mortician" -office "DevLabs Plutocratic Republic of Prefectures" -title "Certified Mortician" -company "DevLabs" -PWD "Badpass61561"
+                    DSADD user -upn Roberto.Lyons@asazlab.com "cn=Roberto.Lyons,ou=UserAccounts,dc=asazlab,dc=com" -fn "Roberto" -ln "Lyons" -disabled no -display "Roberto Lyons" -desc "The Light Academy National Association for Stock Car Auto Racing Driver" -office "DevLabs The Light Academy" -title "National Association for Stock Car Auto Racing Driver" -company "DevLabs" -PWD "Badpass52164"
+                    DSADD user -upn Beverly.Lucas@asazlab.com "cn=Beverly.Lucas,ou=UserAccounts,dc=asazlab,dc=com" -fn "Beverly" -ln "Lucas" -disabled no -display "Beverly Lucas" -desc "The Light Academy Souvenir Street Vendor" -office "DevLabs The Light Academy" -title "Souvenir Street Vendor" -company "DevLabs" -PWD "Badpass1874"
+                    DSADD user -upn Dorothy.Pearson@asazlab.com "cn=Dorothy.Pearson,ou=UserAccounts,dc=asazlab,dc=com" -fn "Dorothy" -ln "Pearson" -disabled no -display "Dorothy Pearson" -desc "The Light Academy Conductor" -office "DevLabs The Light Academy" -title "Conductor" -company "DevLabs" -PWD "Badpass76416"
+                    DSADD user -upn Glen.Shaw@asazlab.com "cn=Glen.Shaw,ou=UserAccounts,dc=asazlab,dc=com" -fn "Glen" -ln "Shaw" -disabled no -display "Glen Shaw" -desc "The Light Academy Meter Maid" -office "DevLabs The Light Academy" -title "Meter Maid" -company "DevLabs" -PWD "Badpass17321"
+                    DSADD user -upn Ginger.Wilkins@asazlab.com "cn=Ginger.Wilkins,ou=UserAccounts,dc=asazlab,dc=com" -fn "Ginger" -ln "Wilkins" -disabled no -display "Ginger Wilkins" -desc "The Light Academy Victorian Literature Professor" -office "DevLabs The Light Academy" -title "Victorian Literature Professor" -company "DevLabs" -PWD "Badpass56275"
+                    DSADD user -upn Leona.Wallace@asazlab.com "cn=Leona.Wallace,ou=UserAccounts,dc=asazlab,dc=com" -fn "Leona" -ln "Wallace" -disabled no -display "Leona Wallace" -desc "The Light Academy Deck Cadet" -office "DevLabs The Light Academy" -title "Deck Cadet" -company "DevLabs" -PWD "Badpass80651"
+                    DSADD user -upn Chester.Dean@asazlab.com "cn=Chester.Dean,ou=UserAccounts,dc=asazlab,dc=com" -fn "Chester" -ln "Dean" -disabled no -display "Chester Dean" -desc "The Light Academy Objects Conservator" -office "DevLabs The Light Academy" -title "Objects Conservator" -company "DevLabs" -PWD "Badpass21023"
+                    DSADD user -upn Rosalie.Torres@asazlab.com "cn=Rosalie.Torres,ou=UserAccounts,dc=asazlab,dc=com" -fn "Rosalie" -ln "Torres" -disabled no -display "Rosalie Torres" -desc "The Light Academy Naval Aircrewman Avionics" -office "DevLabs The Light Academy" -title "Naval Aircrewman Avionics" -company "DevLabs" -PWD "Badpass62974"
+                    DSADD user -upn Gerardo.Ross@asazlab.com "cn=Gerardo.Ross,ou=UserAccounts,dc=asazlab,dc=com" -fn "Gerardo" -ln "Ross" -disabled no -display "Gerardo Ross" -desc "The Light Academy Real Estate Loan Officer" -office "DevLabs The Light Academy" -title "Real Estate Loan Officer" -company "DevLabs" -PWD "Badpass97522"
+                    DSADD user -upn Charlene.Shelton@asazlab.com "cn=Charlene.Shelton,ou=UserAccounts,dc=asazlab,dc=com" -fn "Charlene" -ln "Shelton" -disabled no -display "Charlene Shelton" -desc "The Light Academy Pipe Fitter" -office "DevLabs The Light Academy" -title "Pipe Fitter" -company "DevLabs" -PWD "Badpass47743"
+                    DSADD user -upn Joyce.Jefferson@asazlab.com "cn=Joyce.Jefferson,ou=UserAccounts,dc=asazlab,dc=com" -fn "Joyce" -ln "Jefferson" -disabled no -display "Joyce Jefferson" -desc "Integrated Gyrohands Television Repairer" -office "DevLabs Integrated Gyrohands" -title "Television Repairer" -company "DevLabs" -PWD "Badpass4557"
+                    DSADD user -upn Damon.Rodriguez@asazlab.com "cn=Damon.Rodriguez,ou=UserAccounts,dc=asazlab,dc=com" -fn "Damon" -ln "Rodriguez" -disabled no -display "Damon Rodriguez" -desc "Protonic Distortion Wardrobe Custodian" -office "DevLabs Protonic Distortion" -title "Wardrobe Custodian" -company "DevLabs" -PWD "Badpass82446"
+                    DSADD user -upn Oliver.Barton@asazlab.com "cn=Oliver.Barton,ou=UserAccounts,dc=asazlab,dc=com" -fn "Oliver" -ln "Barton" -disabled no -display "Oliver Barton" -desc "Office of Programming Troubleshooting and Application Security Highway Inspector" -office "DevLabs Office of Programming Troubleshooting and Application Security" -title "Highway Inspector" -company "DevLabs" -PWD "Badpass10237"
+                    DSADD user -upn Janis.Sutton@asazlab.com "cn=Janis.Sutton,ou=UserAccounts,dc=asazlab,dc=com" -fn "Janis" -ln "Sutton" -disabled no -display "Janis Sutton" -desc "Office of Programming Troubleshooting and Application Security Mortgage Closing Clerk" -office "DevLabs Office of Programming Troubleshooting and Application Security" -title "Mortgage Closing Clerk" -company "DevLabs" -PWD "Badpass48899"
+                    DSADD user -upn Paul.Moran@asazlab.com "cn=Paul.Moran,ou=UserAccounts,dc=asazlab,dc=com" -fn "Paul" -ln "Moran" -disabled no -display "Paul Moran" -desc "Office of Programming Troubleshooting and Application Security Journalism Professor" -office "DevLabs Office of Programming Troubleshooting and Application Security" -title "Journalism Professor" -company "DevLabs" -PWD "Badpass55810"
+                    DSADD user -upn Enrique.Gomez@asazlab.com "cn=Enrique.Gomez,ou=UserAccounts,dc=asazlab,dc=com" -fn "Enrique" -ln "Gomez" -disabled no -display "Enrique Gomez" -desc "Office of Programming Troubleshooting and Application Security Vacuum Cleaner Repair Person" -office "DevLabs Office of Programming Troubleshooting and Application Security" -title "Vacuum Cleaner Repair Person" -company "DevLabs" -PWD "Badpass71668"
+                    DSADD user -upn Walter.Cannon@asazlab.com "cn=Walter.Cannon,ou=UserAccounts,dc=asazlab,dc=com" -fn "Walter" -ln "Cannon" -disabled no -display "Walter Cannon" -desc "Office of Programming Troubleshooting and Application Security Paddock Judge" -office "DevLabs Office of Programming Troubleshooting and Application Security" -title "Paddock Judge" -company "DevLabs" -PWD "Badpass61960"
+                    DSADD user -upn Antonio.Garza@asazlab.com "cn=Antonio.Garza,ou=UserAccounts,dc=asazlab,dc=com" -fn "Antonio" -ln "Garza" -disabled no -display "Antonio Garza" -desc "Office of Programming Troubleshooting and Application Security Aviation Ordnance Officer" -office "DevLabs Office of Programming Troubleshooting and Application Security" -title "Aviation Ordnance Officer" -company "DevLabs" -PWD "Badpass5241"
+                    DSADD user -upn Kent.Sullivan@asazlab.com "cn=Kent.Sullivan,ou=UserAccounts,dc=asazlab,dc=com" -fn "Kent" -ln "Sullivan" -disabled no -display "Kent Sullivan" -desc "Office of Programming Troubleshooting and Application Security Career Technical Counselor" -office "DevLabs Office of Programming Troubleshooting and Application Security" -title "Career Technical Counselor" -company "DevLabs" -PWD "Badpass17022"
+                    DSADD user -upn Sonia.Griffith@asazlab.com "cn=Sonia.Griffith,ou=UserAccounts,dc=asazlab,dc=com" -fn "Sonia" -ln "Griffith" -disabled no -display "Sonia Griffith" -desc "Office of Programming Troubleshooting and Application Security Maxillofacial Prosthodontist" -office "DevLabs Office of Programming Troubleshooting and Application Security" -title "Maxillofacial Prosthodontist" -company "DevLabs" -PWD "Badpass11371"
+                    DSADD user -upn Jean.Ross@asazlab.com "cn=Jean.Ross,ou=UserAccounts,dc=asazlab,dc=com" -fn "Jean" -ln "Ross" -disabled no -display "Jean Ross" -desc "Office of Programming Troubleshooting and Application Security Stoker Installer" -office "DevLabs Office of Programming Troubleshooting and Application Security" -title "Stoker Installer" -company "DevLabs" -PWD "Badpass15372"
+                    DSADD user -upn Kerry.Byrd@asazlab.com "cn=Kerry.Byrd,ou=UserAccounts,dc=asazlab,dc=com" -fn "Kerry" -ln "Byrd" -disabled no -display "Kerry Byrd" -desc "Office of Programming Troubleshooting and Application Security Billiard Player" -office "DevLabs Office of Programming Troubleshooting and Application Security" -title "Billiard Player" -company "DevLabs" -PWD "Badpass73384"
+                    DSADD user -upn Wallace.Watson@asazlab.com "cn=Wallace.Watson,ou=UserAccounts,dc=asazlab,dc=com" -fn "Wallace" -ln "Watson" -disabled no -display "Wallace Watson" -desc "PC Troubleshooting Branch Foreign Exchange Position Clerk" -office "DevLabs PC Troubleshooting Branch" -title "Foreign Exchange Position Clerk" -company "DevLabs" -PWD "Badpass37450"
+                    DSADD user -upn Jill.Campbell@asazlab.com "cn=Jill.Campbell,ou=UserAccounts,dc=asazlab,dc=com" -fn "Jill" -ln "Campbell" -disabled no -display "Jill Campbell" -desc "PC Troubleshooting Branch Estate Conservator" -office "DevLabs PC Troubleshooting Branch" -title "Estate Conservator" -company "DevLabs" -PWD "Badpass25598"
+                    DSADD user -upn Regina.Neal@asazlab.com "cn=Regina.Neal,ou=UserAccounts,dc=asazlab,dc=com" -fn "Regina" -ln "Neal" -disabled no -display "Regina Neal" -desc "PC Troubleshooting Branch Mortgage Accounting Clerk" -office "DevLabs PC Troubleshooting Branch" -title "Mortgage Accounting Clerk" -company "DevLabs" -PWD "Badpass38541"
+                    DSADD user -upn Vanessa.Floyd@asazlab.com "cn=Vanessa.Floyd,ou=UserAccounts,dc=asazlab,dc=com" -fn "Vanessa" -ln "Floyd" -disabled no -display "Vanessa Floyd" -desc "PC Troubleshooting Branch Economic Geographer" -office "DevLabs PC Troubleshooting Branch" -title "Economic Geographer" -company "DevLabs" -PWD "Badpass82092"
+                    DSADD user -upn Essie.Mclaughlin@asazlab.com "cn=Essie.Mclaughlin,ou=UserAccounts,dc=asazlab,dc=com" -fn "Essie" -ln "Mclaughlin" -disabled no -display "Essie Mclaughlin" -desc "PC Troubleshooting Branch Head Greenskeeper" -office "DevLabs PC Troubleshooting Branch" -title "Head Greenskeeper" -company "DevLabs" -PWD "Badpass30530"
+                    DSADD user -upn Dana.Johnson@asazlab.com "cn=Dana.Johnson,ou=UserAccounts,dc=asazlab,dc=com" -fn "Dana" -ln "Johnson" -disabled no -display "Dana Johnson" -desc "PC Troubleshooting Branch Public Affairs Officer" -office "DevLabs PC Troubleshooting Branch" -title "Public Affairs Officer" -company "DevLabs" -PWD "Badpass41884"
+                    DSADD user -upn Mona.Ballard@asazlab.com "cn=Mona.Ballard,ou=UserAccounts,dc=asazlab,dc=com" -fn "Mona" -ln "Ballard" -disabled no -display "Mona Ballard" -desc "PC Troubleshooting Branch Manufacturing Engineering Professor" -office "DevLabs PC Troubleshooting Branch" -title "Manufacturing Engineering Professor" -company "DevLabs" -PWD "Badpass82899"
+                    DSADD user -upn Santiago.Parks@asazlab.com "cn=Santiago.Parks,ou=UserAccounts,dc=asazlab,dc=com" -fn "Santiago" -ln "Parks" -disabled no -display "Santiago Parks" -desc "PC Troubleshooting Branch Drug Abuse Counselor" -office "DevLabs PC Troubleshooting Branch" -title "Drug Abuse Counselor" -company "DevLabs" -PWD "Badpass67974"
+                    DSADD user -upn Cristina.Page@asazlab.com "cn=Cristina.Page,ou=UserAccounts,dc=asazlab,dc=com" -fn "Cristina" -ln "Page" -disabled no -display "Cristina Page" -desc "PC Troubleshooting Branch Airborne Operations Manager" -office "DevLabs PC Troubleshooting Branch" -title "Airborne Operations Manager" -company "DevLabs" -PWD "Badpass4564"
+                    DSADD user -upn Harvey.Brady@asazlab.com "cn=Harvey.Brady,ou=UserAccounts,dc=asazlab,dc=com" -fn "Harvey" -ln "Brady" -disabled no -display "Harvey Brady" -desc "PC Troubleshooting Branch Florist" -office "DevLabs PC Troubleshooting Branch" -title "Florist" -company "DevLabs" -PWD "Badpass98763"
+                    DSADD user -upn Grace.Turner@asazlab.com "cn=Grace.Turner,ou=UserAccounts,dc=asazlab,dc=com" -fn "Grace" -ln "Turner" -disabled no -display "Grace Turner" -desc "Agency of Portable PC Implementation Stage Electrician" -office "DevLabs Agency of Portable PC Implementation" -title "Stage Electrician" -company "DevLabs" -PWD "Badpass79900"
+                    DSADD user -upn Katie.Maxwell@asazlab.com "cn=Katie.Maxwell,ou=UserAccounts,dc=asazlab,dc=com" -fn "Katie" -ln "Maxwell" -disabled no -display "Katie Maxwell" -desc "Agency of Portable PC Implementation Bilingual Kindergarten Teacher" -office "DevLabs Agency of Portable PC Implementation" -title "Bilingual Kindergarten Teacher" -company "DevLabs" -PWD "Badpass23686"
+                    DSADD user -upn Don.Potter@asazlab.com "cn=Don.Potter,ou=UserAccounts,dc=asazlab,dc=com" -fn "Don" -ln "Potter" -disabled no -display "Don Potter" -desc "Agency of Portable PC Implementation Construction Ironworker Helper" -office "DevLabs Agency of Portable PC Implementation" -title "Construction Ironworker Helper" -company "DevLabs" -PWD "Badpass82814"
+                    DSADD user -upn Loren.Elliott@asazlab.com "cn=Loren.Elliott,ou=UserAccounts,dc=asazlab,dc=com" -fn "Loren" -ln "Elliott" -disabled no -display "Loren Elliott" -desc "Agency of Portable PC Implementation Visual Merchandiser" -office "DevLabs Agency of Portable PC Implementation" -title "Visual Merchandiser" -company "DevLabs" -PWD "Badpass11447"
+                    DSADD user -upn Marcia.Fitzgerald@asazlab.com "cn=Marcia.Fitzgerald,ou=UserAccounts,dc=asazlab,dc=com" -fn "Marcia" -ln "Fitzgerald" -disabled no -display "Marcia Fitzgerald" -desc "Agency of Portable PC Implementation Telesales Supervisor" -office "DevLabs Agency of Portable PC Implementation" -title "Telesales Supervisor" -company "DevLabs" -PWD "Badpass88006"
+                    DSADD user -upn Sylvia.Sutton@asazlab.com "cn=Sylvia.Sutton,ou=UserAccounts,dc=asazlab,dc=com" -fn "Sylvia" -ln "Sutton" -disabled no -display "Sylvia Sutton" -desc "Agency of Portable PC Implementation Fire Control Officer" -office "DevLabs Agency of Portable PC Implementation" -title "Fire Control Officer" -company "DevLabs" -PWD "Badpass11813"
+                    DSADD user -upn Rosemary.Peterson@asazlab.com "cn=Rosemary.Peterson,ou=UserAccounts,dc=asazlab,dc=com" -fn "Rosemary" -ln "Peterson" -disabled no -display "Rosemary Peterson" -desc "Code Security and PC Technology Team Cement Truck Driver" -office "DevLabs Code Security and PC Technology Team" -title "Cement Truck Driver" -company "DevLabs" -PWD "Badpass44039"
+                    DSADD user -upn Anthony.Caldwell@asazlab.com "cn=Anthony.Caldwell,ou=UserAccounts,dc=asazlab,dc=com" -fn "Anthony" -ln "Caldwell" -disabled no -display "Anthony Caldwell" -desc "Code Security and PC Technology Team Window Cleaner" -office "DevLabs Code Security and PC Technology Team" -title "Window Cleaner" -company "DevLabs" -PWD "Badpass78369"
+                    DSADD user -upn Brooke.Webster@asazlab.com "cn=Brooke.Webster,ou=UserAccounts,dc=asazlab,dc=com" -fn "Brooke" -ln "Webster" -disabled no -display "Brooke Webster" -desc "Code Security and PC Technology Team Licensed Clinical Mental Health Counselor" -office "DevLabs Code Security and PC Technology Team" -title "Licensed Clinical Mental Health Counselor" -company "DevLabs" -PWD "Badpass22968"
+                    DSADD user -upn Penny.Gregory@asazlab.com "cn=Penny.Gregory,ou=UserAccounts,dc=asazlab,dc=com" -fn "Penny" -ln "Gregory" -disabled no -display "Penny Gregory" -desc "Code Security and PC Technology Team Store Gift Wrap Associate" -office "DevLabs Code Security and PC Technology Team" -title "Store Gift Wrap Associate" -company "DevLabs" -PWD "Badpass29522"
+                    DSADD user -upn Dominic.Mendoza@asazlab.com "cn=Dominic.Mendoza,ou=UserAccounts,dc=asazlab,dc=com" -fn "Dominic" -ln "Mendoza" -disabled no -display "Dominic Mendoza" -desc "Code Security and PC Technology Team Traveling Missionary" -office "DevLabs Code Security and PC Technology Team" -title "Traveling Missionary" -company "DevLabs" -PWD "Badpass45551"
+                    DSADD user -upn Ethel.Bishop@asazlab.com "cn=Ethel.Bishop,ou=UserAccounts,dc=asazlab,dc=com" -fn "Ethel" -ln "Bishop" -disabled no -display "Ethel Bishop" -desc "Code Security and PC Technology Team Tax Compliance Representative" -office "DevLabs Code Security and PC Technology Team" -title "Tax Compliance Representative" -company "DevLabs" -PWD "Badpass14715"
+                    DSADD user -upn Kelvin.Ortiz@asazlab.com "cn=Kelvin.Ortiz,ou=UserAccounts,dc=asazlab,dc=com" -fn "Kelvin" -ln "Ortiz" -disabled no -display "Kelvin Ortiz" -desc "Code Security and PC Technology Team Hotel Baggage Handler" -office "DevLabs Code Security and PC Technology Team" -title "Hotel Baggage Handler" -company "DevLabs" -PWD "Badpass73993"
+                    DSADD user -upn Caleb.Kennedy@asazlab.com "cn=Caleb.Kennedy,ou=UserAccounts,dc=asazlab,dc=com" -fn "Caleb" -ln "Kennedy" -disabled no -display "Caleb Kennedy" -desc "Code Security and PC Technology Team Registered Medical Transcriptionist" -office "DevLabs Code Security and PC Technology Team" -title "Registered Medical Transcriptionist" -company "DevLabs" -PWD "Badpass76530"
+                    DSADD user -upn Randal.Parsons@asazlab.com "cn=Randal.Parsons,ou=UserAccounts,dc=asazlab,dc=com" -fn "Randal" -ln "Parsons" -disabled no -display "Randal Parsons" -desc "Code Security and PC Technology Team Pugilist" -office "DevLabs Code Security and PC Technology Team" -title "Pugilist" -company "DevLabs" -PWD "Badpass11028"
+                    DSADD user -upn Seth.Harper@asazlab.com "cn=Seth.Harper,ou=UserAccounts,dc=asazlab,dc=com" -fn "Seth" -ln "Harper" -disabled no -display "Seth Harper" -desc "Code Security and PC Technology Team Wholesale Ultrasonic Equipment Salesperson" -office "DevLabs Code Security and PC Technology Team" -title "Wholesale Ultrasonic Equipment Salesperson" -company "DevLabs" -PWD "Badpass74210"
+                    DSADD user -upn Debra.Thornton@asazlab.com "cn=Debra.Thornton,ou=UserAccounts,dc=asazlab,dc=com" -fn "Debra" -ln "Thornton" -disabled no -display "Debra Thornton" -desc "Illuminated Technocracy Sports Complex Attendant" -office "DevLabs Illuminated Technocracy" -title "Sports Complex Attendant" -company "DevLabs" -PWD "Badpass84977"
+                    DSADD user -upn Jessie.Schmidt@asazlab.com "cn=Jessie.Schmidt,ou=UserAccounts,dc=asazlab,dc=com" -fn "Jessie" -ln "Schmidt" -disabled no -display "Jessie Schmidt" -desc "Illuminated Technocracy Boiler Operator" -office "DevLabs Illuminated Technocracy" -title "Boiler Operator" -company "DevLabs" -PWD "Badpass44945"
+                    DSADD user -upn Antoinette.Morrison@asazlab.com "cn=Antoinette.Morrison,ou=UserAccounts,dc=asazlab,dc=com" -fn "Antoinette" -ln "Morrison" -disabled no -display "Antoinette Morrison" -desc "Illuminated Technocracy Booking Manager" -office "DevLabs Illuminated Technocracy" -title "Booking Manager" -company "DevLabs" -PWD "Badpass96146"
+                    DSADD user -upn Mark.Mccormick@asazlab.com "cn=Mark.Mccormick,ou=UserAccounts,dc=asazlab,dc=com" -fn "Mark" -ln "Mccormick" -disabled no -display "Mark Mccormick" -desc "Illuminated Technocracy Registered Medical Transcriptionist" -office "DevLabs Illuminated Technocracy" -title "Registered Medical Transcriptionist" -company "DevLabs" -PWD "Badpass43688"
+                    DSADD user -upn Jeanette.Wise@asazlab.com "cn=Jeanette.Wise,ou=UserAccounts,dc=asazlab,dc=com" -fn "Jeanette" -ln "Wise" -disabled no -display "Jeanette Wise" -desc "Illuminated Technocracy Tape Editor" -office "DevLabs Illuminated Technocracy" -title "Tape Editor" -company "DevLabs" -PWD "Badpass56301"
+                    DSADD user -upn Elena.Hernandez@asazlab.com "cn=Elena.Hernandez,ou=UserAccounts,dc=asazlab,dc=com" -fn "Elena" -ln "Hernandez" -disabled no -display "Elena Hernandez" -desc "Illuminated Technocracy Cotton Ginner" -office "DevLabs Illuminated Technocracy" -title "Cotton Ginner" -company "DevLabs" -PWD "Badpass95861"
+                    DSADD user -upn Bob.King@asazlab.com "cn=Bob.King,ou=UserAccounts,dc=asazlab,dc=com" -fn "Bob" -ln "King" -disabled no -display "Bob King" -desc "Radioactive Team Glacier Music Adapter" -office "DevLabs Radioactive Team Glacier" -title "Music Adapter" -company "DevLabs" -PWD "Badpass46339"
+                    DSADD user -upn Vera.Daniels@asazlab.com "cn=Vera.Daniels,ou=UserAccounts,dc=asazlab,dc=com" -fn "Vera" -ln "Daniels" -disabled no -display "Vera Daniels" -desc "Radioactive Team Glacier Poultry Inseminator" -office "DevLabs Radioactive Team Glacier" -title "Poultry Inseminator" -company "DevLabs" -PWD "Badpass78347"
+                    DSADD user -upn Colleen.Blair@asazlab.com "cn=Colleen.Blair,ou=UserAccounts,dc=asazlab,dc=com" -fn "Colleen" -ln "Blair" -disabled no -display "Colleen Blair" -desc "Radioactive Team Glacier DTR" -office "DevLabs Radioactive Team Glacier" -title "DTR" -company "DevLabs" -PWD "Badpass19252"
+                    DSADD user -upn Arlene.Poole@asazlab.com "cn=Arlene.Poole,ou=UserAccounts,dc=asazlab,dc=com" -fn "Arlene" -ln "Poole" -disabled no -display "Arlene Poole" -desc "Radioactive Team Glacier Songwriter" -office "DevLabs Radioactive Team Glacier" -title "Songwriter" -company "DevLabs" -PWD "Badpass78687"
+                    DSADD user -upn Stella.Palmer@asazlab.com "cn=Stella.Palmer,ou=UserAccounts,dc=asazlab,dc=com" -fn "Stella" -ln "Palmer" -disabled no -display "Stella Palmer" -desc "Radioactive Team Glacier Bicycle Racer" -office "DevLabs Radioactive Team Glacier" -title "Bicycle Racer" -company "DevLabs" -PWD "Badpass77917"
+                    DSADD user -upn Phil.Hogan@asazlab.com "cn=Phil.Hogan,ou=UserAccounts,dc=asazlab,dc=com" -fn "Phil" -ln "Hogan" -disabled no -display "Phil Hogan" -desc "Radioactive Team Glacier Certified Nurse Midwife (CNM)" -office "DevLabs Radioactive Team Glacier" -title "Certified Nurse Midwife (CNM)" -company "DevLabs" -PWD "Badpass69445"
+                    DSADD user -upn Angelo.Richards@asazlab.com "cn=Angelo.Richards,ou=UserAccounts,dc=asazlab,dc=com" -fn "Angelo" -ln "Richards" -disabled no -display "Angelo Richards" -desc "Radioactive Team Glacier Field Enumerator" -office "DevLabs Radioactive Team Glacier" -title "Field Enumerator" -company "DevLabs" -PWD "Badpass97334"
+                    DSADD user -upn Jasmine.Lawson@asazlab.com "cn=Jasmine.Lawson,ou=UserAccounts,dc=asazlab,dc=com" -fn "Jasmine" -ln "Lawson" -disabled no -display "Jasmine Lawson" -desc "Radioactive Team Glacier Industrial Photographer" -office "DevLabs Radioactive Team Glacier" -title "Industrial Photographer" -company "DevLabs" -PWD "Badpass30977"
+                    DSADD user -upn Julio.Davis@asazlab.com "cn=Julio.Davis,ou=UserAccounts,dc=asazlab,dc=com" -fn "Julio" -ln "Davis" -disabled no -display "Julio Davis" -desc "Radioactive Team Glacier Early Childhood Special Education Teacher" -office "DevLabs Radioactive Team Glacier" -title "Early Childhood Special Education Teacher" -company "DevLabs" -PWD "Badpass46270"
+                    DSADD user -upn Monique.Price@asazlab.com "cn=Monique.Price,ou=UserAccounts,dc=asazlab,dc=com" -fn "Monique" -ln "Price" -disabled no -display "Monique Price" -desc "Radioactive Team Glacier Telephone Interviewer" -office "DevLabs Radioactive Team Glacier" -title "Telephone Interviewer" -company "DevLabs" -PWD "Badpass788"
+                    DSADD user -upn Gerardo.Lindsey@asazlab.com "cn=Gerardo.Lindsey,ou=UserAccounts,dc=asazlab,dc=com" -fn "Gerardo" -ln "Lindsey" -disabled no -display "Gerardo Lindsey" -desc "Radioactive Team Glacier Adult Nurse Practitioner" -office "DevLabs Radioactive Team Glacier" -title "Adult Nurse Practitioner" -company "DevLabs" -PWD "Badpass96589"
+                    DSADD user -upn Terrence.Chapman@asazlab.com "cn=Terrence.Chapman,ou=UserAccounts,dc=asazlab,dc=com" -fn "Terrence" -ln "Chapman" -disabled no -display "Terrence Chapman" -desc "Radioactive Team Glacier Airset Caster" -office "DevLabs Radioactive Team Glacier" -title "Airset Caster" -company "DevLabs" -PWD "Badpass68831"
+                    DSADD user -upn Horace.Alvarado@asazlab.com "cn=Horace.Alvarado,ou=UserAccounts,dc=asazlab,dc=com" -fn "Horace" -ln "Alvarado" -disabled no -display "Horace Alvarado" -desc "Radioactive Team Glacier Counterintelligence/Human Intelligence, Senior Sergeant" -office "DevLabs Radioactive Team Glacier" -title "Counterintelligence/Human Intelligence, Senior Sergeant" -company "DevLabs" -PWD "Badpass13042"
+                    DSADD user -upn Jeannie.Jacobs@asazlab.com "cn=Jeannie.Jacobs,ou=UserAccounts,dc=asazlab,dc=com" -fn "Jeannie" -ln "Jacobs" -disabled no -display "Jeannie Jacobs" -desc "Radioactive Team Glacier Ship Purser" -office "DevLabs Radioactive Team Glacier" -title "Ship Purser" -company "DevLabs" -PWD "Badpass55527"
+                    DSADD user -upn Irvin.May@asazlab.com "cn=Irvin.May,ou=UserAccounts,dc=asazlab,dc=com" -fn "Irvin" -ln "May" -disabled no -display "Irvin May" -desc "Radioactive Team Glacier Poker Room Supervisor" -office "DevLabs Radioactive Team Glacier" -title "Poker Room Supervisor" -company "DevLabs" -PWD "Badpass60479"
+                    DSADD user -upn Rafael.Colon@asazlab.com "cn=Rafael.Colon,ou=UserAccounts,dc=asazlab,dc=com" -fn "Rafael" -ln "Colon" -disabled no -display "Rafael Colon" -desc "Radioactive Team Glacier Licensed Massage Therapist" -office "DevLabs Radioactive Team Glacier" -title "Licensed Massage Therapist" -company "DevLabs" -PWD "Badpass40962"
+                    DSADD user -upn Gertrude.Kim@asazlab.com "cn=Gertrude.Kim,ou=UserAccounts,dc=asazlab,dc=com" -fn "Gertrude" -ln "Kim" -disabled no -display "Gertrude Kim" -desc "Titanium Task Force Magnetic Fire Control Officer" -office "DevLabs Titanium Task Force Magnetic" -title "Fire Control Officer" -company "DevLabs" -PWD "Badpass87915"
+                    DSADD user -upn Angela.Knight@asazlab.com "cn=Angela.Knight,ou=UserAccounts,dc=asazlab,dc=com" -fn "Angela" -ln "Knight" -disabled no -display "Angela Knight" -desc "Titanium Task Force Magnetic Motor Rewinder" -office "DevLabs Titanium Task Force Magnetic" -title "Motor Rewinder" -company "DevLabs" -PWD "Badpass80578"
+                    DSADD user -upn Janie.Goodwin@asazlab.com "cn=Janie.Goodwin,ou=UserAccounts,dc=asazlab,dc=com" -fn "Janie" -ln "Goodwin" -disabled no -display "Janie Goodwin" -desc "Titanium Task Force Magnetic Airplane Refueler" -office "DevLabs Titanium Task Force Magnetic" -title "Airplane Refueler" -company "DevLabs" -PWD "Badpass83974"
+                    DSADD user -upn Stephen.Mckinney@asazlab.com "cn=Stephen.Mckinney,ou=UserAccounts,dc=asazlab,dc=com" -fn "Stephen" -ln "Mckinney" -disabled no -display "Stephen Mckinney" -desc "Titanium Task Force Magnetic Marine Architect" -office "DevLabs Titanium Task Force Magnetic" -title "Marine Architect" -company "DevLabs" -PWD "Badpass73138"
+                    DSADD user -upn Eleanor.Abbott@asazlab.com "cn=Eleanor.Abbott,ou=UserAccounts,dc=asazlab,dc=com" -fn "Eleanor" -ln "Abbott" -disabled no -display "Eleanor Abbott" -desc "Titanium Task Force Magnetic Harvest Crew Supervisor" -office "DevLabs Titanium Task Force Magnetic" -title "Harvest Crew Supervisor" -company "DevLabs" -PWD "Badpass68"
+                    DSADD user -upn Perry.Newman@asazlab.com "cn=Perry.Newman,ou=UserAccounts,dc=asazlab,dc=com" -fn "Perry" -ln "Newman" -disabled no -display "Perry Newman" -desc "Titanium Task Force Magnetic Compressor Station Operator" -office "DevLabs Titanium Task Force Magnetic" -title "Compressor Station Operator" -company "DevLabs" -PWD "Badpass2396"
+                    DSADD user -upn Dan.Richardson@asazlab.com "cn=Dan.Richardson,ou=UserAccounts,dc=asazlab,dc=com" -fn "Dan" -ln "Richardson" -disabled no -display "Dan Richardson" -desc "Titanium Task Force Magnetic Street Sweeper Operator" -office "DevLabs Titanium Task Force Magnetic" -title "Street Sweeper Operator" -company "DevLabs" -PWD "Badpass6205"
+                    DSADD user -upn Kim.Dennis@asazlab.com "cn=Kim.Dennis,ou=UserAccounts,dc=asazlab,dc=com" -fn "Kim" -ln "Dennis" -disabled no -display "Kim Dennis" -desc "Titanium Task Force Magnetic Submarine Diver" -office "DevLabs Titanium Task Force Magnetic" -title "Submarine Diver" -company "DevLabs" -PWD "Badpass73923"
+                    DSADD user -upn Hattie.Henry@asazlab.com "cn=Hattie.Henry,ou=UserAccounts,dc=asazlab,dc=com" -fn "Hattie" -ln "Henry" -disabled no -display "Hattie Henry" -desc "Titanium Task Force Magnetic Paraeducator" -office "DevLabs Titanium Task Force Magnetic" -title "Paraeducator" -company "DevLabs" -PWD "Badpass49354"
+                    DSADD user -upn Katrina.Frazier@asazlab.com "cn=Katrina.Frazier,ou=UserAccounts,dc=asazlab,dc=com" -fn "Katrina" -ln "Frazier" -disabled no -display "Katrina Frazier" -desc "Titanium Task Force Magnetic Clinical Social Work Aide" -office "DevLabs Titanium Task Force Magnetic" -title "Clinical Social Work Aide" -company "DevLabs" -PWD "Badpass14909"
+                    DSADD user -upn Christie.Hubbard@asazlab.com "cn=Christie.Hubbard,ou=UserAccounts,dc=asazlab,dc=com" -fn "Christie" -ln "Hubbard" -disabled no -display "Christie Hubbard" -desc "Uranium Squadron Grocery Stocker" -office "DevLabs Uranium Squadron" -title "Grocery Stocker" -company "DevLabs" -PWD "Badpass91353"
+                    DSADD user -upn Johnnie.Doyle@asazlab.com "cn=Johnnie.Doyle,ou=UserAccounts,dc=asazlab,dc=com" -fn "Johnnie" -ln "Doyle" -disabled no -display "Johnnie Doyle" -desc "Uranium Squadron Laryngologist" -office "DevLabs Uranium Squadron" -title "Laryngologist" -company "DevLabs" -PWD "Badpass7531"
+                    DSADD user -upn Micheal.Mathis@asazlab.com "cn=Micheal.Mathis,ou=UserAccounts,dc=asazlab,dc=com" -fn "Micheal" -ln "Mathis" -disabled no -display "Micheal Mathis" -desc "Uranium Squadron Officer In Charge, Aviation Unit Or Detachment" -office "DevLabs Uranium Squadron" -title "Officer In Charge, Aviation Unit Or Detachment" -company "DevLabs" -PWD "Badpass97915"
+                    DSADD user -upn Maxine.James@asazlab.com "cn=Maxine.James,ou=UserAccounts,dc=asazlab,dc=com" -fn "Maxine" -ln "James" -disabled no -display "Maxine James" -desc "Uranium Squadron Chambermaid" -office "DevLabs Uranium Squadron" -title "Chambermaid" -company "DevLabs" -PWD "Badpass28066"
+                    DSADD user -upn Susie.Vargas@asazlab.com "cn=Susie.Vargas,ou=UserAccounts,dc=asazlab,dc=com" -fn "Susie" -ln "Vargas" -disabled no -display "Susie Vargas" -desc "Uranium Squadron Roof Truss Builder" -office "DevLabs Uranium Squadron" -title "Roof Truss Builder" -company "DevLabs" -PWD "Badpass63429"
+                    DSADD user -upn Gayle.Mullins@asazlab.com "cn=Gayle.Mullins,ou=UserAccounts,dc=asazlab,dc=com" -fn "Gayle" -ln "Mullins" -disabled no -display "Gayle Mullins" -desc "Uranium Squadron Refinery Process Engineer" -office "DevLabs Uranium Squadron" -title "Refinery Process Engineer" -company "DevLabs" -PWD "Badpass65072"
+                    DSADD user -upn Clayton.Vega@asazlab.com "cn=Clayton.Vega,ou=UserAccounts,dc=asazlab,dc=com" -fn "Clayton" -ln "Vega" -disabled no -display "Clayton Vega" -desc "Uranium Squadron Podiatric Aide" -office "DevLabs Uranium Squadron" -title "Podiatric Aide" -company "DevLabs" -PWD "Badpass89212"
+                    DSADD user -upn Lance.Reed@asazlab.com "cn=Lance.Reed,ou=UserAccounts,dc=asazlab,dc=com" -fn "Lance" -ln "Reed" -disabled no -display "Lance Reed" -desc "Uranium Squadron Certified Respiratory Therapy Technician" -office "DevLabs Uranium Squadron" -title "Certified Respiratory Therapy Technician" -company "DevLabs" -PWD "Badpass73785"
+                    DSADD user -upn Jon.Barrett@asazlab.com "cn=Jon.Barrett,ou=UserAccounts,dc=asazlab,dc=com" -fn "Jon" -ln "Barrett" -disabled no -display "Jon Barrett" -desc "Nano Spectral Sagittarius Ballerina" -office "DevLabs Nano Spectral Sagittarius" -title "Ballerina" -company "DevLabs" -PWD "Badpass82151"
+                    DSADD user -upn Leigh.Bell@asazlab.com "cn=Leigh.Bell,ou=UserAccounts,dc=asazlab,dc=com" -fn "Leigh" -ln "Bell" -disabled no -display "Leigh Bell" -desc "Nano Spectral Sagittarius Low Altitude Air Defense (Laad) Gunner" -office "DevLabs Nano Spectral Sagittarius" -title "Low Altitude Air Defense (Laad) Gunner" -company "DevLabs" -PWD "Badpass81599"
+                    DSADD user -upn Ernestine.Carson@asazlab.com "cn=Ernestine.Carson,ou=UserAccounts,dc=asazlab,dc=com" -fn "Ernestine" -ln "Carson" -disabled no -display "Ernestine Carson" -desc "Nano Spectral Sagittarius Offset Lithographic Press Setter and Set-Up Operator" -office "DevLabs Nano Spectral Sagittarius" -title "Offset Lithographic Press Setter and Set-Up Operator" -company "DevLabs" -PWD "Badpass23341"
+                    DSADD user -upn Martha.Maldonado@asazlab.com "cn=Martha.Maldonado,ou=UserAccounts,dc=asazlab,dc=com" -fn "Martha" -ln "Maldonado" -disabled no -display "Martha Maldonado" -desc "Nano Spectral Sagittarius Financial Director" -office "DevLabs Nano Spectral Sagittarius" -title "Financial Director" -company "DevLabs" -PWD "Badpass14969"
+                    DSADD user -upn Calvin.Powell@asazlab.com "cn=Calvin.Powell,ou=UserAccounts,dc=asazlab,dc=com" -fn "Calvin" -ln "Powell" -disabled no -display "Calvin Powell" -desc "Nano Spectral Sagittarius Milking Machine Mechanic" -office "DevLabs Nano Spectral Sagittarius" -title "Milking Machine Mechanic" -company "DevLabs" -PWD "Badpass34364"
+                    DSADD user -upn Cathy.Schultz@asazlab.com "cn=Cathy.Schultz,ou=UserAccounts,dc=asazlab,dc=com" -fn "Cathy" -ln "Schultz" -disabled no -display "Cathy Schultz" -desc "Nano Spectral Sagittarius County Surveyor" -office "DevLabs Nano Spectral Sagittarius" -title "County Surveyor" -company "DevLabs" -PWD "Badpass53098"
+                    DSADD user -upn Phyllis.Washington@asazlab.com "cn=Phyllis.Washington,ou=UserAccounts,dc=asazlab,dc=com" -fn "Phyllis" -ln "Washington" -disabled no -display "Phyllis Washington" -desc "Nano Spectral Sagittarius Oil Pipeline Dispatcher" -office "DevLabs Nano Spectral Sagittarius" -title "Oil Pipeline Dispatcher" -company "DevLabs" -PWD "Badpass75024"
+                    DSADD user -upn Homer.Simmons@asazlab.com "cn=Homer.Simmons,ou=UserAccounts,dc=asazlab,dc=com" -fn "Homer" -ln "Simmons" -disabled no -display "Homer Simmons" -desc "Nano Spectral Sagittarius Service Order Clerk" -office "DevLabs Nano Spectral Sagittarius" -title "Service Order Clerk" -company "DevLabs" -PWD "Badpass92861"
+                    DSADD user -upn Delores.Wright@asazlab.com "cn=Delores.Wright,ou=UserAccounts,dc=asazlab,dc=com" -fn "Delores" -ln "Wright" -disabled no -display "Delores Wright" -desc "Nano Spectral Sagittarius City Alderman" -office "DevLabs Nano Spectral Sagittarius" -title "City Alderman" -company "DevLabs" -PWD "Badpass68246"
+                    DSADD user -upn Amos.Edwards@asazlab.com "cn=Amos.Edwards,ou=UserAccounts,dc=asazlab,dc=com" -fn "Amos" -ln "Edwards" -disabled no -display "Amos Edwards" -desc "Nano Spectral Sagittarius CEO" -office "DevLabs Nano Spectral Sagittarius" -title "CEO" -company "DevLabs" -PWD "Badpass4921"
+                    DSADD user -upn Roy.Cross@asazlab.com "cn=Roy.Cross,ou=UserAccounts,dc=asazlab,dc=com" -fn "Roy" -ln "Cross" -disabled no -display "Roy Cross" -desc "Nano Spectral Sagittarius Chief Executive Officer" -office "DevLabs Nano Spectral Sagittarius" -title "Chief Executive Officer" -company "DevLabs" -PWD "Badpass13822"
+                    DSADD user -upn Alberta.Armstrong@asazlab.com "cn=Alberta.Armstrong,ou=UserAccounts,dc=asazlab,dc=com" -fn "Alberta" -ln "Armstrong" -disabled no -display "Alberta Armstrong" -desc "Nano Spectral Sagittarius Chief Operating Officer" -office "DevLabs Nano Spectral Sagittarius" -title "Chief Operating Officer" -company "DevLabs" -PWD "Badpass78144"
+                    DSADD user -upn Rochelle.Hughes@asazlab.com "cn=Rochelle.Hughes,ou=UserAccounts,dc=asazlab,dc=com" -fn "Rochelle" -ln "Hughes" -disabled no -display "Rochelle Hughes" -desc "Nano Spectral Sagittarius Commissioner of Internal Revenue" -office "DevLabs Nano Spectral Sagittarius" -title "Commissioner of Internal Revenue" -company "DevLabs" -PWD "Badpass16043"
+                    DSADD user -upn Irene.Houston@asazlab.com "cn=Irene.Houston,ou=UserAccounts,dc=asazlab,dc=com" -fn "Irene" -ln "Houston" -disabled no -display "Irene Houston" -desc "Nano Spectral Sagittarius COO" -office "DevLabs Nano Spectral Sagittarius" -title "COO" -company "DevLabs" -PWD "Badpass51156"
+                    DSADD user -upn Byron.Lawrence@asazlab.com "cn=Byron.Lawrence,ou=UserAccounts,dc=asazlab,dc=com" -fn "Byron" -ln "Lawrence" -disabled no -display "Byron Lawrence" -desc "Nano Spectral Sagittarius County Commissioner" -office "DevLabs Nano Spectral Sagittarius" -title "County Commissioner" -company "DevLabs" -PWD "Badpass74862"
+                    DSADD user -upn Marion.Gonzalez@asazlab.com "cn=Marion.Gonzalez,ou=UserAccounts,dc=asazlab,dc=com" -fn "Marion" -ln "Gonzalez" -disabled no -display "Marion Gonzalez" -desc "Nano Spectral Sagittarius Government Service Executive" -office "DevLabs Nano Spectral Sagittarius" -title "Government Service Executive" -company "DevLabs" -PWD "Badpass62004"
+                    DSADD user -upn Gerald.Wade@asazlab.com "cn=Gerald.Wade,ou=UserAccounts,dc=asazlab,dc=com" -fn "Gerald" -ln "Wade" -disabled no -display "Gerald Wade" -desc "Nano Spectral Sagittarius City Alderman" -office "DevLabs Nano Spectral Sagittarius" -title "City Alderman" -company "DevLabs" -PWD "Badpass35101"
+                    DSADD user -upn Donna.Garner@asazlab.com "cn=Donna.Garner,ou=UserAccounts,dc=asazlab,dc=com" -fn "Donna" -ln "Garner" -disabled no -display "Donna Garner" -desc "Compu Matrix M City Council Member" -office "DevLabs Compu Matrix M" -title "City Council Member" -company "DevLabs" -PWD "Badpass63050"
+                }
+                catch 
+                {
+                    Write-Host "creating Accounts"
+                }
+
+
+                Write-Host "Creating FS objects"
+                try 
+                {
+                    DSADD user -upn fileadmin@asazlab.com "cn=fileadmin,ou=ServiceAdmins,dc=asazlab,dc=com" -fn "file" -ln "admin" -disabled no -display "FileServiceAdmin"  -office "Administration"  -PWD "Adm1nP@55!"
+                    setspn -a srv01/fileadmin.asazlab.com:1433 asazlab.com\fileadmin
+                    New-ADGroup "sec_filesadmins" -Path "OU=SG_FileShares,OU=SecurityGroups,DC=asazlab,DC=com" -GroupCategory Security -GroupScope DomainLocal -PassThru –Verbose
+                    New-ADGroup "sec_files_Accounting-rw" -Path "OU=SG_FileShares,OU=SecurityGroups,DC=asazlab,DC=com" -GroupCategory Security -GroupScope DomainLocal -PassThru –Verbose
+                    New-ADGroup "sec_files_HR-rw" -Path "OU=SG_FileShares,OU=SecurityGroups,DC=asazlab,DC=com" -GroupCategory Security -GroupScope DomainLocal -PassThru –Verbose
+                    New-ADGroup "sec_files_ExecutiveOffice-rw" -Path "OU=SG_FileShares,OU=SecurityGroups,DC=asazlab,DC=com" -GroupCategory Security -GroupScope DomainLocal -PassThru –Verbose
+                    New-ADGroup "sec_files_IT-rw" -Path "OU=SG_FileShares,OU=SecurityGroups,DC=asazlab,DC=com" -GroupCategory Security -GroupScope DomainLocal -PassThru –Verbose
+                    New-ADGroup "sec_files_Security-rw" -Path "OU=SG_FileShares,OU=SecurityGroups,DC=asazlab,DC=com" -GroupCategory Security -GroupScope DomainLocal -PassThru –Verbose
+                    New-ADGroup "sec_files_Accounting-ro" -Path "OU=SG_FileShares,OU=SecurityGroups,DC=asazlab,DC=com" -GroupCategory Security -GroupScope DomainLocal -PassThru –Verbose
+                    New-ADGroup "sec_files_HR-ro" -Path "OU=SG_FileShares,OU=SecurityGroups,DC=asazlab,DC=com" -GroupCategory Security -GroupScope DomainLocal -PassThru –Verbose
+                    New-ADGroup "sec_files_ExecutiveOffice-ro" -Path "OU=SG_FileShares,OU=SecurityGroups,DC=asazlab,DC=com" -GroupCategory Security -GroupScope DomainLocal -PassThru –Verbose
+                    New-ADGroup "sec_files_IT-ro" -Path "OU=SG_FileShares,OU=SecurityGroups,DC=asazlab,DC=com" -GroupCategory Security -GroupScope DomainLocal -PassThru –Verbose
+                    New-ADGroup "sec_files_Security-ro" -Path "OU=SG_FileShares,OU=SecurityGroups,DC=asazlab,DC=com" -GroupCategory Security -GroupScope DomainLocal -PassThru –Verbose
+                    New-ADGroup "sec_files_Accounting-d" -Path "OU=SG_FileShares,OU=SecurityGroups,DC=asazlab,DC=com" -GroupCategory Security -GroupScope DomainLocal -PassThru –Verbose
+                    New-ADGroup "sec_files_HR-d" -Path "OU=SG_FileShares,OU=SecurityGroups,DC=asazlab,DC=com" -GroupCategory Security -GroupScope DomainLocal -PassThru –Verbose
+                    New-ADGroup "sec_files_ExecutiveOffice-d" -Path "OU=SG_FileShares,OU=SecurityGroups,DC=asazlab,DC=com" -GroupCategory Security -GroupScope DomainLocal -PassThru –Verbose
+                    New-ADGroup "sec_files_IT-d" -Path "OU=SG_FileShares,OU=SecurityGroups,DC=asazlab,DC=com" -GroupCategory Security -GroupScope DomainLocal -PassThru –Verbose
+                    New-ADGroup "sec_files_Security-d" -Path "OU=SG_FileShares,OU=SecurityGroups,DC=asazlab,DC=com" -GroupCategory Security -GroupScope DomainLocal -PassThru –Verbose
+                    ADD-ADGroupMember "sec_filesadmins" –members "fileadmin"
+                    ADD-ADGroupMember "sec_filesadmins" –members "Domain Admins"
+                    ADD-ADGroupMember "sec_files_Accounting-ro" –members "Domain Users"
+                    ADD-ADGroupMember "sec_files_HR-ro" –members "Domain Users"
+                    ADD-ADGroupMember "sec_files_ExecutiveOffice-ro" –members "Domain Users"
+                    ADD-ADGroupMember "sec_files_IT-ro" –members "Domain Users"
+                    ADD-ADGroupMember "sec_files_Security-ro" –members "Domain Users"
+                }
+                catch
+                {
+                    Write-Host "Failed creating FS objects"
+                }
+
+
+                Write-Host "add user accounts DSC complete "
+
+            }
+
+            
+            GetScript =  
+            {
+                # This block must return a hashtable. The hashtable must only contain one key Result and the value must be of type String.
+                return @{ "Result" = "false" }
+            }
+            TestScript = 
+            {
+                # If it returns $false, the SetScript block will run. If it returns $true, the SetScript block will not run.
+                return $false
+            }
+        }
+    }
+}
+
+
+
+function Get-NetBIOSName {
+    [OutputType([string])]
+    param(
+        [string]$DomainFQDN
+    )
+
+    if ($DomainFQDN.Contains('.')) {
+        $length = $DomainFQDN.IndexOf('.')
+        if ( $length -ge 16) {
+            $length = 15
+        }
+        return $DomainFQDN.Substring(0, $length)
+    }
+    else {
+        if ($DomainFQDN.Length -gt 15) {
+            return $DomainFQDN.Substring(0, 15)
+        }
+        else {
+            return $DomainFQDN
+        }
+    }
+}
\ No newline at end of file
diff --git a/1-AD/DSC/src/Create-AD.ps1 b/1-AD/DSC/src/Create-AD.ps1
new file mode 100644
index 0000000..0a99423
--- /dev/null
+++ b/1-AD/DSC/src/Create-AD.ps1
@@ -0,0 +1,270 @@
+# Author: Roberto Rodriguez @Cyb3rWard0g
+# License: GPLv3
+# References:
+# https://github.com/Azure/azure-quickstart-templates/blob/master/sharepoint-adfs/dsc/ConfigureDCVM.ps1
+configuration Create-AD {
+    param 
+    ( 
+        [Parameter(Mandatory)]
+        [String]$DomainFQDN,
+
+        [Parameter(Mandatory)]
+        [System.Management.Automation.PSCredential]$AdminCreds,
+
+        [Parameter(Mandatory)]
+        [Object]$DomainUsers
+    ) 
+    
+    Import-DscResource -ModuleName ActiveDirectoryDsc, NetworkingDsc, xPSDesiredStateConfiguration, xDnsServer, ComputerManagementDsc
+    
+    [String] $DomainNetbiosName = (Get-NetBIOSName -DomainFQDN $DomainFQDN)
+    [System.Management.Automation.PSCredential]$DomainCreds = New-Object System.Management.Automation.PSCredential ("${DomainNetbiosName}\$($Admincreds.UserName)", $Admincreds.Password)
+
+    $Interface = Get-NetAdapter | Where-Object Name -Like "Ethernet*" | Select-Object -First 1
+    $InterfaceAlias = $($Interface.Name)
+    $bstr = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($AdminCreds.Password)
+    $AdminPassword = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto($bstr)
+    $ComputerName = Get-Content env:computername
+
+    Node localhost
+    {
+        LocalConfigurationManager
+        {           
+            ConfigurationMode   = 'ApplyOnly'
+            RebootNodeIfNeeded  = $true
+        }
+
+        # ***** Add DNS and AD Features *****
+        WindowsFeature DNS 
+        { 
+            Ensure  = "Present" 
+            Name    = "DNS"		
+        }
+
+        Script EnableDNSDiags
+        {
+            SetScript = { 
+                Set-DnsServerDiagnostics -All $true
+                Write-Verbose -Verbose "Enabling DNS client diagnostics" 
+            }
+            GetScript   = { @{} }
+            TestScript  = { $false }
+            DependsOn   = "[WindowsFeature]DNS"
+        }
+
+        WindowsFeature DnsTools
+        {
+            Ensure      = "Present"
+            Name        = "RSAT-DNS-Server"
+            DependsOn   = "[WindowsFeature]DNS"
+        }
+
+        DnsServerAddress SetDNS 
+        { 
+            Address         = '127.0.0.1' 
+            InterfaceAlias  = $InterfaceAlias
+            AddressFamily   = 'IPv4'
+            DependsOn       = "[WindowsFeature]DNS"
+        }
+
+        WindowsFeature ADDSInstall 
+        { 
+            Ensure      = "Present" 
+            Name        = "AD-Domain-Services"
+            DependsOn   = "[WindowsFeature]DNS" 
+        } 
+
+        WindowsFeature ADDSTools
+        {
+            Ensure      = "Present"
+            Name        = "RSAT-ADDS-Tools"
+            DependsOn   = "[WindowsFeature]ADDSInstall"
+        }
+
+        WindowsFeature ADAdminCenter
+        {
+            Ensure      = "Present"
+            Name        = "RSAT-AD-AdminCenter"
+            DependsOn   = "[WindowsFeature]ADDSInstall"
+        }
+         
+        # ****** Create AD Domain *********
+        ADDomain CreateADForest 
+        {
+            DomainName                      = $DomainFQDN
+            Credential                      = $DomainCreds
+            SafemodeAdministratorPassword   = $DomainCreds
+            DatabasePath                    = "C:\NTDS"
+            LogPath                         = "C:\NTDS"
+            SysvolPath                      = "C:\SYSVOL"
+            DependsOn                       = "[DnsServerAddress]SetDNS", "[WindowsFeature]ADDSInstall"
+        }
+
+        PendingReboot RebootOnSignalFromCreateADForest
+        {
+            Name        = 'RebootOnSignalFromCreateADForest'
+            DependsOn   = "[ADDomain]CreateADForest"
+        }
+
+        WaitForADDomain WaitForDCReady
+        {
+            DomainName              = $DomainFQDN
+            WaitTimeout             = 300
+            RestartCount            = 3
+            Credential              = $DomainCreds
+            WaitForValidCredentials = $true
+            DependsOn               = "[PendingReboot]RebootOnSignalFromCreateADForest"
+        }
+
+        # ***** Create OUs *****
+        xScript CreateOUs
+        {
+            SetScript = {
+                # Verifying ADWS service is running
+                $ServiceName = 'ADWS'
+                $arrService = Get-Service -Name $ServiceName
+
+                while ($arrService.Status -ne 'Running')
+                {
+                    Start-Service $ServiceName
+                    Start-Sleep -seconds 5
+                    $arrService.Refresh()
+                }
+
+                $DomainName1,$DomainName2 = ($using:domainFQDN).split('.')
+
+                $ParentPath = "DC=$DomainName1,DC=$DomainName2"
+                $OUS = @(("Workstations","Workstations in the domain"),("Servers","Servers in the domain"),("LogCollectors","Servers collecting event logs"),("DomainUsers","Users in the domain"))
+
+                foreach($OU in $OUS)
+                {
+                    #Check if exists, if it does skip
+                    [string] $Path = "OU=$($OU[0]),$ParentPath"
+                    if(![adsi]::Exists("LDAP://$Path"))
+                    {
+                        New-ADOrganizationalUnit -Name $OU[0] -Path $ParentPath `
+                            -Description $OU[1] `
+                            -ProtectedFromAccidentalDeletion $false -PassThru
+                    }
+                }
+            }
+            GetScript =  
+            {
+                # This block must return a hashtable. The hashtable must only contain one key Result and the value must be of type String.
+                return @{ "Result" = "false" }
+            }
+            TestScript = 
+            {
+                # If it returns $false, the SetScript block will run. If it returns $true, the SetScript block will not run.
+                return $false
+            }
+            DependsOn = "[WaitForADDomain]WaitForDCReady"
+        }
+
+        # ***** Create Domain Users *****
+        xScript CreateDomainUsers
+        {
+            SetScript = {
+                # Verifying ADWS service is running
+                $ServiceName = 'ADWS'
+                $arrService = Get-Service -Name $ServiceName
+
+                while ($arrService.Status -ne 'Running')
+                {
+                    Start-Service $ServiceName
+                    Start-Sleep -seconds 5
+                    $arrService.Refresh()
+                }
+
+                $DomainName = $using:domainFQDN
+                $DomainName1,$DomainName2 = $DomainName.split('.')
+                $ADServer = $using:ComputerName+"."+$DomainName
+
+                $NewDomainUsers = $using:DomainUsers
+                
+                foreach ($DomainUser in $NewDomainUsers)
+                {
+                    $UserPrincipalName = $DomainUser.SamAccountName + "@" + $DomainName
+                    $DisplayName = $DomainUser.LastName + " " + $DomainUser.FirstName
+                    $OUPath = "OU="+$DomainUser.UserContainer+",DC=$DomainName1,DC=$DomainName2"
+                    $SamAccountName = $DomainUser.SamAccountName
+                    $ServiceName = $DomainUser.FirstName
+
+                    $UserExists = Get-ADUser -LDAPFilter "(sAMAccountName=$SamAccountName)"
+
+                    if ($UserExists -eq $Null)
+                    {
+                        write-host "Creating user $UserPrincipalName .."
+                        New-ADUser -Name $DisplayName `
+                        -DisplayName $DisplayName `
+                        -GivenName $DomainUser.FirstName `
+                        -Surname $DomainUser.LastName `
+                        -Department $DomainUser.Department `
+                        -Title $DomainUser.JobTitle `
+                        -UserPrincipalName $UserPrincipalName `
+                        -SamAccountName $DomainUser.SamAccountName `
+                        -Path $OUPath `
+                        -AccountPassword (ConvertTo-SecureString $DomainUser.Password -AsPlainText -force) `
+                        -Enabled $true `
+                        -PasswordNeverExpires $true `
+                        -Server $ADServer
+
+                        if($DomainUser.Identity -Like "Domain Admins")
+                        {
+                            $DomainAdminUser = $DomainUser.SamAccountName
+                            $Groups = @('domain admins','schema admins','enterprise admins')
+                            $Groups | ForEach-Object{
+                                $members = Get-ADGroupMember -Identity $_ -Recursive | Select-Object -ExpandProperty Name
+                                if ($members -contains $DomainAdminUser)
+                                {
+                                    Write-Host "$DomainAdminUser exists in $_ "
+                                }
+                                else {
+                                    Add-ADGroupMember -Identity $_ -Members $DomainAdminUser
+                                }
+                            }
+                        }
+                        if($DomainUser.JobTitle -Like "Service Account")
+                        {
+                            setspn -a $ServiceName/$DomainName $DomainName1\$SamAccountName
+                        }
+                    }
+                }
+            }
+            GetScript =  
+            {
+                # This block must return a hashtable. The hashtable must only contain one key Result and the value must be of type String.
+                return @{ "Result" = "false" }
+            }
+            TestScript = 
+            {
+                # If it returns $false, the SetScript block will run. If it returns $true, the SetScript block will not run.
+                return $false
+            }
+            DependsOn = "[xScript]CreateOUs"
+        }
+    }
+}
+
+function Get-NetBIOSName {
+    [OutputType([string])]
+    param(
+        [string]$DomainFQDN
+    )
+
+    if ($DomainFQDN.Contains('.')) {
+        $length = $DomainFQDN.IndexOf('.')
+        if ( $length -ge 16) {
+            $length = 15
+        }
+        return $DomainFQDN.Substring(0, $length)
+    }
+    else {
+        if ($DomainFQDN.Length -gt 15) {
+            return $DomainFQDN.Substring(0, 15)
+        }
+        else {
+            return $DomainFQDN
+        }
+    }
+}
\ No newline at end of file
diff --git a/1-AD/DSC/src/Install-Sysmon.ps1 b/1-AD/DSC/src/Install-Sysmon.ps1
new file mode 100644
index 0000000..82befc8
--- /dev/null
+++ b/1-AD/DSC/src/Install-Sysmon.ps1
@@ -0,0 +1,107 @@
+ # Author: Roberto Rodriguez @Cyb3rWard0g
+ configuration Install-Sysmon {
+    param 
+    ( 
+        [string]$SysmonConfigUrl = "https://raw.githubusercontent.com/DefensiveOrigins/DO-LAB/main/Monitoring/sysmon.xml"
+    )
+
+    Import-DscResource -ModuleName xPSDesiredStateConfiguration
+    [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
+    
+    Node localhost
+    {
+        LocalConfigurationManager
+        {           
+            ConfigurationMode   = 'ApplyOnly'
+            RebootNodeIfNeeded  = $true
+        }
+
+        xRegistry SchUseStrongCrypto
+        {
+            Key = 'HKLM:\SOFTWARE\Microsoft\.NETFramework\v4.0.30319'
+            ValueName = 'SchUseStrongCrypto'
+            ValueType = 'Dword'
+            ValueData =  '1'
+            Ensure = 'Present'
+        }
+
+        xRegistry SchUseStrongCrypto64
+        {
+            Key = 'HKLM:\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\v4.0.30319'
+            ValueName = 'SchUseStrongCrypto'
+            ValueType = 'Dword'
+            ValueData =  '1'
+            Ensure = 'Present'
+        }
+
+        # ***** Download Sysmon Installer *****
+        xRemoteFile DownloadSysmonInstaller
+        {
+            DestinationPath = "C:\ProgramData\Sysmon.zip"
+            Uri = "https://download.sysinternals.com/files/Sysmon.zip"
+            DependsOn = @("[xRegistry]SchUseStrongCrypto","[xRegistry]SchUseStrongCrypto64")
+        }
+
+        # ***** Unzip Sysmon Installer *****
+        xArchive UnzipSysmonInstaller
+        {
+            Path = "C:\ProgramData\Sysmon.zip"
+            Destination = "C:\ProgramData\Sysmon"
+            Ensure = "Present"
+            DependsOn = "[xRemoteFile]DownloadSysmonInstaller"
+        }
+
+        # ***** Download Sysmon Configuration *****
+        xRemoteFile DownloadSysmonConfig
+        {
+            DestinationPath = "C:\ProgramData\sysmon.xml"
+            Uri = $SysmonConfigUrl
+        }
+        # ***** Install Sysmon *****
+        xRegistry SysmonEula
+        {
+            Key = 'HKEY_USERS\S-1-5-18\Software\Sysinternals\System Monitor'
+            ValueName = 'EulaAccepted';
+            ValueType = 'DWORD'
+            ValueData = '1'
+            Ensure = 'Present'
+            Force = $true
+            DependsOn = @("[xArchive]UnzipSysmonInstaller","[xRemoteFile]DownloadSysmonConfig")
+        }
+        xScript InstallSysmon
+        {
+            SetScript =
+            {
+                # Installing Sysmon
+                start-process -FilePath "C:\ProgramData\Sysmon\sysmon.exe" -ArgumentList @('-i','C:\ProgramData\sysmon.xml','-accepteula') -PassThru -NoNewWindow -ErrorAction Stop | Wait-Process
+
+                # Set Sysmon to start automatically
+                sc.exe config Sysmon start= auto
+
+                # Setting Sysmon Channel Access permissions
+                wevtutil set-log Microsoft-Windows-Sysmon/Operational /ca:'O:BAG:SYD:(A;;0xf0005;;;SY)(A;;0x5;;;BA)(A;;0x1;;;S-1-5-32-573)(A;;0x1;;;NS)'
+                #New-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\WINEVT\Channels\Microsoft-Windows-Sysmon/Operational" -Name "ChannelAccess" -PropertyType String -Value "O:BAG:SYD:(A;;0xf0005;;;SY)(A;;0x5;;;BA)(A;;0x1;;;S-1-5-32-573)(A;;0x1;;;NS)" -Force
+
+                Restart-Service -Name Sysmon -Force
+            }
+            GetScript =  
+            {
+                # This block must return a hashtable. The hashtable must only contain one key Result and the value must be of type String.
+                return @{ "Result" = "false" }
+            }
+            TestScript = 
+            {
+                # If it returns $false, the SetScript block will run. If it returns $true, the SetScript block will not run.
+                return $false
+            }
+            DependsOn = '[xRegistry]SysmonEula'
+        }
+        xService Sysmon
+        {
+            Name = "Sysmon"
+            State = "Running"
+            DependsOn = '[xScript]InstallSysmon'
+        }
+
+    }
+}
\ No newline at end of file
diff --git a/1-AD/DSC/src/Join-Domain.ps1 b/1-AD/DSC/src/Join-Domain.ps1
new file mode 100644
index 0000000..070dd62
--- /dev/null
+++ b/1-AD/DSC/src/Join-Domain.ps1
@@ -0,0 +1,91 @@
+# Author: Roberto Rodriguez @Cyb3rWard0g
+# License: GPLv3
+configuration Join-Domain {
+    param 
+    ( 
+        [Parameter(Mandatory)]
+        [String]$DomainFQDN,
+
+        [Parameter(Mandatory)]
+        [System.Management.Automation.PSCredential]$AdminCreds,
+
+        [Parameter(Mandatory)]
+        [String]$DCIPAddress,
+
+        [Parameter(Mandatory)]
+        [String]$JoinOU
+    ) 
+    
+    Import-DscResource -ModuleName NetworkingDsc, ActiveDirectoryDsc, xPSDesiredStateConfiguration, ComputerManagementDsc
+    
+    [String] $DomainNetbiosName = (Get-NetBIOSName -DomainFQDN $DomainFQDN)
+    [System.Management.Automation.PSCredential]$DomainCreds = New-Object System.Management.Automation.PSCredential ("${DomainNetbiosName}\$($Admincreds.UserName)", $Admincreds.Password)
+
+    $Interface = Get-NetAdapter | Where-Object Name -Like "Ethernet*" | Select-Object -First 1
+    $InterfaceAlias = $($Interface.Name)
+    $ComputerName = Get-Content env:computername
+
+    Node localhost
+    {
+        LocalConfigurationManager
+        {           
+            ConfigurationMode   = 'ApplyOnly'
+            RebootNodeIfNeeded  = $true
+        }
+
+        DnsServerAddress SetDNS 
+        { 
+            Address         = $DCIPAddress
+            InterfaceAlias  = $InterfaceAlias
+            AddressFamily   = 'IPv4'
+        }
+
+        # ***** Join Domain *****
+        WaitForADDomain WaitForDCReady
+        {
+            DomainName              = $DomainFQDN
+            WaitTimeout             = 300
+            RestartCount            = 3
+            Credential              = $DomainCreds
+            DependsOn               = "[DnsServerAddress]SetDNS"
+        }
+
+        Computer JoinDomain
+        {
+            Name          = $ComputerName 
+            DomainName    = $DomainFQDN
+            Credential    = $DomainCreds
+            JoinOU        = $JoinOU
+            DependsOn  = "[WaitForADDomain]WaitForDCReady"
+        }
+
+        PendingReboot RebootAfterJoiningDomain
+        { 
+            Name = "RebootServer"
+            DependsOn = "[Computer]JoinDomain"
+        }
+    }
+}
+
+function Get-NetBIOSName {
+    [OutputType([string])]
+    param(
+        [string]$DomainFQDN
+    )
+
+    if ($DomainFQDN.Contains('.')) {
+        $length = $DomainFQDN.IndexOf('.')
+        if ( $length -ge 16) {
+            $length = 15
+        }
+        return $DomainFQDN.Substring(0, $length)
+    }
+    else {
+        if ($DomainFQDN.Length -gt 15) {
+            return $DomainFQDN.Substring(0, 15)
+        }
+        else {
+            return $DomainFQDN
+        }
+    }
+}
\ No newline at end of file
diff --git a/1-AD/DSC/src/badblood.ps1 b/1-AD/DSC/src/badblood.ps1
new file mode 100644
index 0000000..52a96f2
--- /dev/null
+++ b/1-AD/DSC/src/badblood.ps1
@@ -0,0 +1,91 @@
+
+
+
+configuration badblood {
+    param 
+    ( 
+        [Parameter(Mandatory)]
+        [String]$DomainFQDN,
+
+        [Parameter(Mandatory)]
+        [System.Management.Automation.PSCredential]$AdminCreds
+
+    ) 
+    
+    Import-DscResource -ModuleName ActiveDirectoryDsc, NetworkingDsc, xPSDesiredStateConfiguration, xDnsServer, ComputerManagementDsc
+    
+    [String] $DomainNetbiosName = (Get-NetBIOSName -DomainFQDN $DomainFQDN)
+    [System.Management.Automation.PSCredential]$DomainCreds = New-Object System.Management.Automation.PSCredential ("${DomainNetbiosName}\$($Admincreds.UserName)", $Admincreds.Password)
+
+    $Interface = Get-NetAdapter | Where-Object Name -Like "Ethernet*" | Select-Object -First 1
+    $InterfaceAlias = $($Interface.Name)
+    $bstr = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($AdminCreds.Password)
+    $AdminPassword = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto($bstr)
+    $ComputerName = Get-Content env:computername
+
+    Node localhost
+    {
+        LocalConfigurationManager
+        {           
+            ConfigurationMode   = 'ApplyOnly'
+            RebootNodeIfNeeded  = $true
+        }
+
+        # ***** Create Domain Users *****
+        xScript RunBadBlood
+        {
+            SetScript = 
+            {
+            
+                Write-Host "badblood DSC started"
+
+                [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
+                cd c:\ASAZ
+                Invoke-WebRequest -URI https://github.com/Relkci/BadBlood/archive/refs/heads/master.zip -OutFile BadBlood.zip
+                Expand-Archive .\BadBlood.zip
+                Remove-Item .\BadBlood.zip
+                cd c:\ASAZ\BadBlood\BadBlood-master\
+                #.\Invoke-BadBlood.ps1 -GroupCount 250 -Usercount 250 -ComputerCount 250 -NonInteractive -SkipLapsInstall
+                
+                Write-Host "badblood DSC completed"
+
+            }
+
+            GetScript =  
+            {
+                # This block must return a hashtable. The hashtable must only contain one key Result and the value must be of type String.
+                return @{ "Result" = "false" }
+            }
+            TestScript = 
+            {
+                # If it returns $false, the SetScript block will run. If it returns $true, the SetScript block will not run.
+                return $false
+            }
+        }
+    }
+}
+
+
+
+function Get-NetBIOSName {
+    [OutputType([string])]
+    param(
+        [string]$DomainFQDN
+    )
+
+    if ($DomainFQDN.Contains('.')) {
+        $length = $DomainFQDN.IndexOf('.')
+        if ( $length -ge 16) {
+            $length = 15
+        }
+        return $DomainFQDN.Substring(0, $length)
+    }
+    else {
+        if ($DomainFQDN.Length -gt 15) {
+            return $DomainFQDN.Substring(0, 15)
+        }
+        else {
+            return $DomainFQDN
+        }
+    }
+}
\ No newline at end of file
diff --git a/1-AD/DSC/src/fileshares.ps1 b/1-AD/DSC/src/fileshares.ps1
new file mode 100644
index 0000000..0164ce5
--- /dev/null
+++ b/1-AD/DSC/src/fileshares.ps1
@@ -0,0 +1,114 @@
+
+
+
+configuration fileshares {
+    param 
+    ( 
+        [Parameter(Mandatory)]
+        [String]$DomainFQDN,
+
+        [Parameter(Mandatory)]
+        [System.Management.Automation.PSCredential]$AdminCreds
+
+    ) 
+    
+    Import-DscResource -ModuleName ActiveDirectoryDsc, NetworkingDsc, xPSDesiredStateConfiguration, ComputerManagementDsc
+    
+    [String] $DomainNetbiosName = (Get-NetBIOSName -DomainFQDN $DomainFQDN)
+    [System.Management.Automation.PSCredential]$DomainCreds = New-Object System.Management.Automation.PSCredential ("${DomainNetbiosName}\$($Admincreds.UserName)", $Admincreds.Password)
+
+    $Interface = Get-NetAdapter | Where-Object Name -Like "Ethernet*" | Select-Object -First 1
+    $InterfaceAlias = $($Interface.Name)
+    $bstr = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($AdminCreds.Password)
+    $AdminPassword = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto($bstr)
+    $ComputerName = Get-Content env:computername
+
+    Node localhost
+    {
+        LocalConfigurationManager
+        {           
+            ConfigurationMode   = 'ApplyOnly'
+            RebootNodeIfNeeded  = $true
+        }
+
+        # ***** Create Domain Users *****
+        xScript CreateFileShares
+        {
+            SetScript = 
+            {
+ 
+                Write-Host "adding directories "
+
+                try
+                {
+                    mkdir c:\ASAZ\FileShares\
+                    mkdir c:\ASAZ\FileShares\Accounting
+                    mkdir c:\ASAZ\FileShares\HR
+                    mkdir c:\ASAZ\FileShares\ExecutiveOffice
+                    mkdir c:\ASAZ\FileShares\IT
+                    mkdir c:\ASAZ\FileShares\Security
+                }
+                catch 
+                {
+                    Write-Host "error attempting to make new directories for fileshares"
+                }
+
+
+                Write-Host "adding fileshares"
+
+                try
+                {
+                    New-SMBShare -Name "Accounting" -Path c:\ASAZ\FileShares\Accounting -FullAccess sec_filesadmins -ChangeAccess sec_files_Accounting-rw -ReadAccess sec_files_Accounting-ro -NoAccess sec_files_Accounting-d
+                    New-SMBShare -Name "HR" -Path c:\ASAZ\FileShares\Accounting -FullAccess sec_filesadmins -ChangeAccess sec_files_HR-rw -ReadAccess sec_files_HR-ro -NoAccess sec_files_HR-d
+                    New-SMBShare -Name "ExecutiveOffice" -Path c:\ASAZ\FileShares\Accounting -FullAccess sec_filesadmins -ChangeAccess sec_files_ExecutiveOffice-rw -ReadAccess sec_files_ExecutiveOffice-ro -NoAccess sec_files_ExecutiveOffice-d
+                    New-SMBShare -Name "IT" -Path c:\ASAZ\FileShares\Accounting -FullAccess sec_filesadmins -ChangeAccess sec_files_IT-rw -ReadAccess sec_files_IT-ro -NoAccess sec_files_IT-d
+                    New-SMBShare -Name "Security" -Path c:\ASAZ\FileShares\Accounting -FullAccess sec_filesadmins -ChangeAccess sec_files_Security-rw -ReadAccess sec_files_Security-ro -NoAccess sec_files_Security-d
+                }
+                catch 
+                {
+                    Write-Host "error attempting to create fileshares"
+                }
+
+
+                Write-Host "completed fileshares DSC"
+
+            }
+
+            GetScript =  
+            {
+                # This block must return a hashtable. The hashtable must only contain one key Result and the value must be of type String.
+                return @{ "Result" = "false" }
+            }
+            TestScript = 
+            {
+                # If it returns $false, the SetScript block will run. If it returns $true, the SetScript block will not run.
+                return $false
+            }
+        }
+    }
+}
+
+
+
+function Get-NetBIOSName {
+    [OutputType([string])]
+    param(
+        [string]$DomainFQDN
+    )
+
+    if ($DomainFQDN.Contains('.')) {
+        $length = $DomainFQDN.IndexOf('.')
+        if ( $length -ge 16) {
+            $length = 15
+        }
+        return $DomainFQDN.Substring(0, $length)
+    }
+    else {
+        if ($DomainFQDN.Length -gt 15) {
+            return $DomainFQDN.Substring(0, 15)
+        }
+        else {
+            return $DomainFQDN
+        }
+    }
+}
\ No newline at end of file
diff --git a/1-AD/DSC/src/lab_dc.ps1 b/1-AD/DSC/src/lab_dc.ps1
new file mode 100644
index 0000000..bb42855
--- /dev/null
+++ b/1-AD/DSC/src/lab_dc.ps1
@@ -0,0 +1,94 @@
+
+
+
+configuration lab_dc {
+    param 
+    ( 
+        [Parameter(Mandatory)]
+        [String]$DomainFQDN,
+
+        [Parameter(Mandatory)]
+        [System.Management.Automation.PSCredential]$AdminCreds
+
+    ) 
+    
+    Import-DscResource -ModuleName ActiveDirectoryDsc, NetworkingDsc, xPSDesiredStateConfiguration, ComputerManagementDsc
+    
+    [String] $DomainNetbiosName = (Get-NetBIOSName -DomainFQDN $DomainFQDN)
+    [System.Management.Automation.PSCredential]$DomainCreds = New-Object System.Management.Automation.PSCredential ("${DomainNetbiosName}\$($Admincreds.UserName)", $Admincreds.Password)
+
+    $Interface = Get-NetAdapter | Where-Object Name -Like "Ethernet*" | Select-Object -First 1
+    $InterfaceAlias = $($Interface.Name)
+    $bstr = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($AdminCreds.Password)
+    $AdminPassword = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto($bstr)
+    $ComputerName = Get-Content env:computername
+
+    Node localhost
+    {
+        LocalConfigurationManager
+        {           
+            ConfigurationMode   = 'ApplyOnly'
+            RebootNodeIfNeeded  = $true
+        }
+
+        # ***** Create Domain Users *****
+        xScript lab_dc
+        {
+            SetScript = 
+            {
+ 
+                Write-Host "Start Lab-DC DSC "
+
+                try
+                {
+                    Write-Host "Lab DSC for DC"
+                    #Add PS here
+                }
+                catch 
+                {
+                    Write-Host "error Lab-DC DSC"
+                }
+
+
+                Write-Host "completed Lab-DC DSC"
+
+            }
+
+            GetScript =  
+            {
+                # This block must return a hashtable. The hashtable must only contain one key Result and the value must be of type String.
+                return @{ "Result" = "false" }
+            }
+            TestScript = 
+            {
+                # If it returns $false, the SetScript block will run. If it returns $true, the SetScript block will not run.
+                return $false
+            }
+        }
+    }
+}
+
+
+
+function Get-NetBIOSName {
+    [OutputType([string])]
+    param(
+        [string]$DomainFQDN
+    )
+
+    if ($DomainFQDN.Contains('.')) {
+        $length = $DomainFQDN.IndexOf('.')
+        if ( $length -ge 16) {
+            $length = 15
+        }
+        return $DomainFQDN.Substring(0, $length)
+    }
+    else {
+        if ($DomainFQDN.Length -gt 15) {
+            return $DomainFQDN.Substring(0, 15)
+        }
+        else {
+            return $DomainFQDN
+        }
+    }
+}
\ No newline at end of file
diff --git a/1-AD/DSC/src/lab_svr.ps1 b/1-AD/DSC/src/lab_svr.ps1
new file mode 100644
index 0000000..cb9dba3
--- /dev/null
+++ b/1-AD/DSC/src/lab_svr.ps1
@@ -0,0 +1,94 @@
+
+
+
+configuration lab_svr {
+    param 
+    ( 
+        [Parameter(Mandatory)]
+        [String]$DomainFQDN,
+
+        [Parameter(Mandatory)]
+        [System.Management.Automation.PSCredential]$AdminCreds
+
+    ) 
+    
+    Import-DscResource -ModuleName ActiveDirectoryDsc, NetworkingDsc, xPSDesiredStateConfiguration, ComputerManagementDsc
+    
+    [String] $DomainNetbiosName = (Get-NetBIOSName -DomainFQDN $DomainFQDN)
+    [System.Management.Automation.PSCredential]$DomainCreds = New-Object System.Management.Automation.PSCredential ("${DomainNetbiosName}\$($Admincreds.UserName)", $Admincreds.Password)
+
+    $Interface = Get-NetAdapter | Where-Object Name -Like "Ethernet*" | Select-Object -First 1
+    $InterfaceAlias = $($Interface.Name)
+    $bstr = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($AdminCreds.Password)
+    $AdminPassword = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto($bstr)
+    $ComputerName = Get-Content env:computername
+
+    Node localhost
+    {
+        LocalConfigurationManager
+        {           
+            ConfigurationMode   = 'ApplyOnly'
+            RebootNodeIfNeeded  = $true
+        }
+
+        # ***** Create Domain Users *****
+        xScript lab_svr
+        {
+            SetScript = 
+            {
+ 
+                Write-Host " Start Lab-Server DSC "
+
+                try
+                {
+                    Write-Host "Lab DSC for member server"
+                    #Add PS here
+                }
+                catch 
+                {
+                    Write-Host "error Lab-Server DSC"
+                }
+
+
+                Write-Host "completed Lab-Server DSC"
+
+            }
+
+            GetScript =  
+            {
+                # This block must return a hashtable. The hashtable must only contain one key Result and the value must be of type String.
+                return @{ "Result" = "false" }
+            }
+            TestScript = 
+            {
+                # If it returns $false, the SetScript block will run. If it returns $true, the SetScript block will not run.
+                return $false
+            }
+        }
+    }
+}
+
+
+
+function Get-NetBIOSName {
+    [OutputType([string])]
+    param(
+        [string]$DomainFQDN
+    )
+
+    if ($DomainFQDN.Contains('.')) {
+        $length = $DomainFQDN.IndexOf('.')
+        if ( $length -ge 16) {
+            $length = 15
+        }
+        return $DomainFQDN.Substring(0, $length)
+    }
+    else {
+        if ($DomainFQDN.Length -gt 15) {
+            return $DomainFQDN.Substring(0, 15)
+        }
+        else {
+            return $DomainFQDN
+        }
+    }
+}
\ No newline at end of file
diff --git a/1-AD/DSC/src/lab_ws.ps1 b/1-AD/DSC/src/lab_ws.ps1
new file mode 100644
index 0000000..465a666
--- /dev/null
+++ b/1-AD/DSC/src/lab_ws.ps1
@@ -0,0 +1,94 @@
+
+
+
+configuration lab_ws {
+    param 
+    ( 
+        [Parameter(Mandatory)]
+        [String]$DomainFQDN,
+
+        [Parameter(Mandatory)]
+        [System.Management.Automation.PSCredential]$AdminCreds
+
+    ) 
+    
+    Import-DscResource -ModuleName ActiveDirectoryDsc, NetworkingDsc, xPSDesiredStateConfiguration, ComputerManagementDsc
+    
+    [String] $DomainNetbiosName = (Get-NetBIOSName -DomainFQDN $DomainFQDN)
+    [System.Management.Automation.PSCredential]$DomainCreds = New-Object System.Management.Automation.PSCredential ("${DomainNetbiosName}\$($Admincreds.UserName)", $Admincreds.Password)
+
+    $Interface = Get-NetAdapter | Where-Object Name -Like "Ethernet*" | Select-Object -First 1
+    $InterfaceAlias = $($Interface.Name)
+    $bstr = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($AdminCreds.Password)
+    $AdminPassword = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto($bstr)
+    $ComputerName = Get-Content env:computername
+
+    Node localhost
+    {
+        LocalConfigurationManager
+        {           
+            ConfigurationMode   = 'ApplyOnly'
+            RebootNodeIfNeeded  = $true
+        }
+
+        # ***** Create Domain Users *****
+        xScript lab_ws
+        {
+            SetScript = 
+            {
+ 
+                Write-Host " Start Lab-WS DSC "
+
+                try
+                {
+                    Write-Host "Lab DSC for member WS"
+                    #Add PS here
+                }
+                catch 
+                {
+                    Write-Host "error Lab-Server WS"
+                }
+
+
+                Write-Host "completed Lab-Server WS"
+
+            }
+
+            GetScript =  
+            {
+                # This block must return a hashtable. The hashtable must only contain one key Result and the value must be of type String.
+                return @{ "Result" = "false" }
+            }
+            TestScript = 
+            {
+                # If it returns $false, the SetScript block will run. If it returns $true, the SetScript block will not run.
+                return $false
+            }
+        }
+    }
+}
+
+
+
+function Get-NetBIOSName {
+    [OutputType([string])]
+    param(
+        [string]$DomainFQDN
+    )
+
+    if ($DomainFQDN.Contains('.')) {
+        $length = $DomainFQDN.IndexOf('.')
+        if ( $length -ge 16) {
+            $length = 15
+        }
+        return $DomainFQDN.Substring(0, $length)
+    }
+    else {
+        if ($DomainFQDN.Length -gt 15) {
+            return $DomainFQDN.Substring(0, 15)
+        }
+        else {
+            return $DomainFQDN
+        }
+    }
+}
\ No newline at end of file
diff --git a/1-AD/DSC/src/pivotlab.ps1 b/1-AD/DSC/src/pivotlab.ps1
new file mode 100644
index 0000000..a8c9757
--- /dev/null
+++ b/1-AD/DSC/src/pivotlab.ps1
@@ -0,0 +1,136 @@
+
+configuration pivotlab1 {
+    param 
+    ( 
+        [Parameter(Mandatory)]
+        [String]$DomainFQDN,
+
+        [Parameter(Mandatory)]
+        [System.Management.Automation.PSCredential]$AdminCreds
+
+    ) 
+    
+    Import-DscResource -ModuleName ActiveDirectoryDsc, NetworkingDsc, xPSDesiredStateConfiguration, xDnsServer, ComputerManagementDsc
+    
+    [String] $DomainNetbiosName = (Get-NetBIOSName -DomainFQDN $DomainFQDN)
+    [System.Management.Automation.PSCredential]$DomainCreds = New-Object System.Management.Automation.PSCredential ("${DomainNetbiosName}\$($Admincreds.UserName)", $Admincreds.Password)
+
+    $Interface = Get-NetAdapter | Where-Object Name -Like "Ethernet*" | Select-Object -First 1
+    $InterfaceAlias = $($Interface.Name)
+    $bstr = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($AdminCreds.Password)
+    $AdminPassword = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto($bstr)
+    $ComputerName = Get-Content env:computername
+
+    Node localhost
+    {
+        LocalConfigurationManager
+        {           
+            ConfigurationMode   = 'ApplyOnly'
+            RebootNodeIfNeeded  = $true
+        }
+
+        # ***** Create Domain Users *****
+        xScript pivotlab1
+        {
+            SetScript = 
+            {
+                 Write-Host "starting pivotlab setup"
+
+                 try
+                 {
+                     Import-Module ActiveDirectory
+
+                     New-ADOrganizationalUnit -Name "Helpdesk" -Path "DC=asazlab,DC=com"
+                     New-ADOrganizationalUnit -Name "SecurityGroups" -Path "OU=Helpdesk,DC=asazlab,DC=com"
+
+                     DSADD user -upn charlieadmin@asazlab.com "cn=charlieadmin,ou=AdminAccounts,dc=asazlab,dc=com" -fn "Charlie" -ln "admin" -disabled no -display "ITAdmin" -desc "Charlie Admin" -office "Administration" -title "Controller" -company "DevLabs" -PWD "ImpossiblePasswordYouWontGetThis3033@@!"
+                     Add-ADGroupMember -Identity "Domain Admins" -Members charlieadmin
+                     DSADD user -upn helpdeskuser@asazlab.com "cn=helpdeskuser,ou=Helpdesk,dc=asazlab,dc=com" -fn "Chris" -ln "HelpDeskUser" -disabled no -display "HelpdeskUser" -desc "Helpdesk User" -office "Administration" -title "Controller" -company "DevLabs" -PWD "H3lpD3skPass!"
+                     DSADD user -upn Dataanalyst@asazlab.com "cn=Dataanalyst,ou=Helpdesk,dc=asazlab,dc=com" -fn "Samantha" -ln "Dataanalyst" -disabled no -display "DataAnalyst" -desc "Helpdesk Analyst" -office "Administration" -title "Data Analyst" -company "DevLabs" -PWD "@nalystsPa55!Tough"
+                     DSADD user -upn Dataanalystjr@asazlab.com "cn=Dataanalystjr,ou=Helpdesk,dc=asazlab,dc=com" -fn "Benny" -ln "DataanalystJr" -disabled no -display "DataAnalystJr" -desc "Helpdesk Analyst Jr" -office "Administration" -title "Data Analyst Jr" -company "DevLabs" -PWD "jrbuthasareallyG00dP@55ThisTime@!"
+
+                     New-ADGroup "usr_helpdesk" -Path "OU=HelpDesk,DC=asazlab,DC=com" -GroupCategory Security -GroupScope DomainLocal -PassThru –Verbose
+                     New-ADGroup "usr_helpdesk_analysts" -Path "OU=HelpDesk,DC=asazlab,DC=com" -GroupCategory Security -GroupScope DomainLocal -PassThru –Verbose
+                     New-ADGroup "usr_helpdesk_analysts_jr" -Path "OU=HelpDesk,DC=asazlab,DC=com" -GroupCategory Security -GroupScope DomainLocal -PassThru –Verbose
+
+                     New-ADGroup "sec_PWDChangers" -Path "OU=SecurityGroups,OU=Helpdesk,DC=asazlab,DC=com" -GroupCategory Security -GroupScope DomainLocal -PassThru –Verbose
+                     New-ADGroup "sec_ouadmins" -Path "OU=SecurityGroups,OU=Helpdesk,DC=asazlab,DC=com" -GroupCategory Security -GroupScope DomainLocal -PassThru –Verbose
+
+                     ADD-ADGroupMember "sec_PWDChangers" –members "usr_helpdesk"
+                     ADD-ADGroupMember "sec_ouadmins" –members "usr_helpdesk_analysts"
+                     ADD-ADGroupMember "usr_helpdesk_analysts" –members "usr_helpdesk_analysts_jr"
+
+                     ADD-ADGroupMember "usr_helpdesk" –members "helpdeskuser"
+                     ADD-ADGroupMember "usr_helpdesk_analysts" –members "Dataanalyst"
+                     ADD-ADGroupMember "usr_helpdesk_analysts_jr" –members "Dataanalystjr"
+
+                     setspn -a ws05/helpdeskuser.asazlab.com:1423 asazlab.com\helpdeskuser
+                     setspn -a ws05/Dataanalyst.asazlab.com:2233 asazlab.com\Dataanalyst
+                                 
+                     New-PSDrive -Name asazlab -PSProvider ActiveDirectory -Root "//RootDSE/" -server dc01.asazlab.com
+                     $acl = Get-ACL "asazlab:\dc=asazlab,dc=com"
+                     $sid = New-Object System.Security.Principal.SecurityIdentifier (Get-ADGroup -Server dc01.asazlab.com sec_PWDChangers).SID
+                     $acl.AddAccessRule((New-Object System.DirectoryServices.ActiveDirectoryAccessRule $sid,"ExtendedRight","Allow",([GUID]("00299570-246d-11d0-a768-00aa006e0529")).guid,"Descendents",([GUID]("bf967aba-0de6-11d0-a285-00aa003049e2")).guid))
+                     Set-ACL "asazlab:\dc=asazlab,dc=com" $acl
+                                                   
+                     Set-Location AD:\
+                     $OrganizationalUnit = "OU=AdminAccounts,DC=asazlab,DC=com"
+                     $GroupName = "sec_ouadmins" 
+                     $Group = Get-ADGroup -Identity $GroupName
+                     $GroupSID = [System.Security.Principal.SecurityIdentifier] $Group.SID
+                     $ACL = Get-Acl -Path $OrganizationalUnit
+                     $Identity = [System.Security.Principal.IdentityReference] $GroupSID
+                     $ADRight = [System.DirectoryServices.ActiveDirectoryRights] "GenericAll"
+                     $Type = [System.Security.AccessControl.AccessControlType] "Allow"
+                     $InheritanceType = [System.DirectoryServices.ActiveDirectorySecurityInheritance] "All"
+                     $Rule = New-Object System.DirectoryServices.ActiveDirectoryAccessRule($Identity, $ADRight, $Type,  $InheritanceType)
+                     $ACL.AddAccessRule($Rule)
+                     Set-Acl -Path $OrganizationalUnit -AclObject $ACL
+                 }
+                 catch
+                 {
+                     Write-Host "pivotlab setup failed"
+                 }
+                 
+                 Write-Host "pivotlab DSC end"
+
+            }
+
+            GetScript =  
+            {
+                # This block must return a hashtable. The hashtable must only contain one key Result and the value must be of type String.
+                return @{ "Result" = "false" }
+            }
+            TestScript = 
+            {
+                # If it returns $false, the SetScript block will run. If it returns $true, the SetScript block will not run.
+                return $false
+            }
+        }
+    }
+}
+
+
+
+function Get-NetBIOSName {
+    [OutputType([string])]
+    param(
+        [string]$DomainFQDN
+    )
+
+    if ($DomainFQDN.Contains('.')) {
+        $length = $DomainFQDN.IndexOf('.')
+        if ( $length -ge 16) {
+            $length = 15
+        }
+        return $DomainFQDN.Substring(0, $length)
+    }
+    else {
+        if ($DomainFQDN.Length -gt 15) {
+            return $DomainFQDN.Substring(0, 15)
+        }
+        else {
+            return $DomainFQDN
+        }
+    }
+}
\ No newline at end of file
diff --git a/1-AD/DSC/src/spns.ps1 b/1-AD/DSC/src/spns.ps1
new file mode 100644
index 0000000..07477ea
--- /dev/null
+++ b/1-AD/DSC/src/spns.ps1
@@ -0,0 +1,126 @@
+
+configuration Addspns {
+    param 
+    ( 
+        [Parameter(Mandatory)]
+        [String]$DomainFQDN,
+
+        [Parameter(Mandatory)]
+        [System.Management.Automation.PSCredential]$AdminCreds
+
+    ) 
+    
+    Import-DscResource -ModuleName ActiveDirectoryDsc, NetworkingDsc, xPSDesiredStateConfiguration, xDnsServer, ComputerManagementDsc
+    
+    [String] $DomainNetbiosName = (Get-NetBIOSName -DomainFQDN $DomainFQDN)
+    [System.Management.Automation.PSCredential]$DomainCreds = New-Object System.Management.Automation.PSCredential ("${DomainNetbiosName}\$($Admincreds.UserName)", $Admincreds.Password)
+
+    $Interface = Get-NetAdapter | Where-Object Name -Like "Ethernet*" | Select-Object -First 1
+    $InterfaceAlias = $($Interface.Name)
+    $bstr = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($AdminCreds.Password)
+    $AdminPassword = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto($bstr)
+    $ComputerName = Get-Content env:computername
+
+    Node localhost
+    {
+        LocalConfigurationManager
+        {           
+            ConfigurationMode   = 'ApplyOnly'
+            RebootNodeIfNeeded  = $true
+        }
+
+        # ***** Create Domain Users *****
+        xScript GenerateSPNS
+        {
+            SetScript = 
+            {
+                Write-Host "add SPNs DSC started "
+
+                              
+                Write-Host "add user accounts for spns "
+
+                try {
+                    cd c:\ASAZ
+                    New-ADUser -UserPrincipalName 'Braylen.Ewing@asazlab.com' -Path 'OU=DomainUsers,dc=asazlab,DC=com' -GivenName 'Braylen' -Surname 'Ewing' -Enabled 1 -Name 'Braylen.Ewing' -AccountPassword (ConvertTo-SecureString 'qwertyuiopDE#'  -AsPlainText -Force) 
+                    New-ADUser -UserPrincipalName 'Emelia.Chaney@asazlab.com' -Path 'OU=DomainUsers,dc=asazlab,DC=com' -GivenName 'Emelia' -Surname 'Chaney' -Enabled 1 -Name 'Emelia.Chaney' -AccountPassword (ConvertTo-SecureString 'Spring2005!'  -AsPlainText -Force) 
+                    New-ADUser -UserPrincipalName 'Shaylee.Griffith@asazlab.com' -Path 'OU=DomainUsers,dc=asazlab,DC=com' -GivenName 'Shaylee' -Surname 'Griffith' -Enabled 1 -Name 'Shaylee.Griffith' -AccountPassword (ConvertTo-SecureString 'MaryJane13!'  -AsPlainText -Force) 
+                    New-ADUser -UserPrincipalName 'Rodney.Mullen@asazlab.com' -Path 'OU=DomainUsers,dc=asazlab,DC=com' -GivenName 'Rodney' -Surname 'Mullen' -Enabled 1 -Name 'Rodney.Mullen' -AccountPassword (ConvertTo-SecureString 'GreatP@assword#'  -AsPlainText -Force) 
+                    New-ADUser -UserPrincipalName 'Jaslyn.Casey@asazlab.com' -Path 'OU=DomainUsers,dc=asazlab,DC=com' -GivenName 'Jaslyn' -Surname 'Casey' -Enabled 1 -Name 'Jaslyn.Casey' -AccountPassword (ConvertTo-SecureString 'LetMeInAlready!'  -AsPlainText -Force) 
+                    New-ADUser -UserPrincipalName 'Arely.Wu@asazlab.com' -Path 'OU=DomainUsers,dc=asazlab,DC=com' -GivenName 'Arely' -Surname 'Wu' -Enabled 1 -Name 'Arely.Wu' -AccountPassword (ConvertTo-SecureString 'NoBodyKnowsItYet!'  -AsPlainText -Force) 
+                    New-ADUser -UserPrincipalName 'Niko.Byrd@asazlab.com' -Path 'OU=DomainUsers,dc=asazlab,DC=com' -GivenName 'Niko' -Surname 'Byrd' -Enabled 1 -Name 'Niko.Byrd' -AccountPassword (ConvertTo-SecureString 'LostPassword2@'  -AsPlainText -Force) 
+                    New-ADUser -UserPrincipalName 'Mitchell.Fernandez@asazlab.com' -Path 'OU=DomainUsers,dc=asazlab,DC=com' -GivenName 'Mitchell' -Surname 'Fernandez' -Enabled 1 -Name 'Mitchell.Fernandez' -AccountPassword (ConvertTo-SecureString 'CorrectHorseBattery4'  -AsPlainText -Force) 
+                    New-ADUser -UserPrincipalName 'Case.Wagner@asazlab.com' -Path 'OU=DomainUsers,dc=asazlab,DC=com' -GivenName 'Case' -Surname 'Wagner' -Enabled 1 -Name 'Case.Wagner' -AccountPassword (ConvertTo-SecureString 'NegativeTractionUpHill3'  -AsPlainText -Force) 
+                    New-ADUser -UserPrincipalName 'Kamari.Frazier@asazlab.com' -Path 'OU=DomainUsers,dc=asazlab,DC=com' -GivenName 'Kamari' -Surname 'Frazier' -Enabled 1 -Name 'Kamari.Frazier' -AccountPassword (ConvertTo-SecureString 'Winter2022!'  -AsPlainText -Force) 
+                    New-ADUser -UserPrincipalName 'Kyson.Curry@asazlab.com' -Path 'OU=DomainUsers,dc=asazlab,DC=com' -GivenName 'Kyson' -Surname 'Curry' -Enabled 1 -Name 'Kyson.Curry' -AccountPassword (ConvertTo-SecureString 'Summer2020!'  -AsPlainText -Force) 
+                    New-ADUser -UserPrincipalName 'Lilianna.Figueroa@asazlab.com' -Path 'OU=DomainUsers,dc=asazlab,DC=com' -GivenName 'Lilianna' -Surname 'Figueroa' -Enabled 1 -Name 'Lilianna.Figueroa' -AccountPassword (ConvertTo-SecureString 'LetsG000!'  -AsPlainText -Force)
+                }
+                catch
+                {
+                    Write-Host "error creating New ADUsers for SPNS"
+                }
+
+                Write-Host "add SPNs complete "
+
+                try
+                {
+                    setspn -a ws05/luis.graves.asazlab.com:1433 asazlab.com\luis.graves
+                    setspn -a ws05/Braylen.Ewing.asazlab.com:1433 asazlab.com\Braylen.Ewing
+                    setspn -a ws05/Emelia.Chaney.asazlab.com:1433 asazlab.com\Emelia.Chaney
+                    setspn -a ws05/Shaylee.Griffith.asazlab.com:4000 asazlab.com\Shaylee.Griffith
+                    setspn -a ws05/Rodney.Mullen.asazlab.com:674 asazlab.com\Rodney.Mullen
+                    setspn -a ws05/Jaslyn.Casey.asazlab.com:333 asazlab.com\Jaslyn.Casey
+                    setspn -a ws05/Arely.Wu.asazlab.com:4000 asazlab.com\Arely.Wu
+                    setspn -a ws05/Niko.Byrd.asazlab.com:4000 asazlab.com\Niko.Byrd
+                    setspn -a ws05/Mitchell.Fernandez.asazlab.com:2022 asazlab.com\Mitchell.Fernandez
+                    setspn -a ws05/Case.Wagner.asazlab.com asazlab.com\Case.Wagner
+                    setspn -a ws05/Kamari.Frazier.asazlab.com asazlab.com\Kamari.Frazier
+                    setspn -a ws05/Kyson.Curry.asazlab.com:2352 asazlab.com\Kyson.Curry
+                    setspn -a ws05/Lilianna.Figueroa.asazlab.com:1433 asazlab.com\Lilianna.Figueroa
+                }
+                catch
+                {
+                Write-Host "error creating New SPNs "
+                }
+
+                 Write-Host "add SPNs DSC complete "
+
+            }
+
+            GetScript =  
+            {
+                # This block must return a hashtable. The hashtable must only contain one key Result and the value must be of type String.
+                return @{ "Result" = "false" }
+            }
+            TestScript = 
+            {
+                # If it returns $false, the SetScript block will run. If it returns $true, the SetScript block will not run.
+                return $false
+            }
+        }
+    }
+}
+
+
+
+function Get-NetBIOSName {
+    [OutputType([string])]
+    param(
+        [string]$DomainFQDN
+    )
+
+    if ($DomainFQDN.Contains('.')) {
+        $length = $DomainFQDN.IndexOf('.')
+        if ( $length -ge 16) {
+            $length = 15
+        }
+        return $DomainFQDN.Substring(0, $length)
+    }
+    else {
+        if ($DomainFQDN.Length -gt 15) {
+            return $DomainFQDN.Substring(0, 15)
+        }
+        else {
+            return $DomainFQDN
+        }
+    }
+}
\ No newline at end of file
diff --git a/1-AD/resources/AS.jpg b/1-AD/resources/AS.jpg
new file mode 100644
index 0000000000000000000000000000000000000000..f99529bad3622237e2609c632d2c6444579f5f99
GIT binary patch
literal 28142
zcmV)>K!d-DP)<h;3K|Lk000e1NJLTq00Axl008<31^@s6ADF7n003>ZNkl<Zc-rl~
zf23{Kxjr6s#1Rn@5m6OU6*WgyL{wE(RaDd!RaJFFEfrO<b-d#mGa{-~92HfyEp=U0
zRaI40RaFsJMO9T*Ra8V(L{vpoRYb&b9Oq-~HP_yAj`{u`W9^fBzu!NWv(MUV&o$Rv
zbB_7G&-?ti>86`*dRP6pe*OAQ+;jV%%fHz3n#X(_me*6io9|1#U(`0J*GSvJj)&%$
zaj&W0*K^FM@5p*QvHcx}@nQ($=Y}C4dA7yvSJ`F=`H>LD3!3BPIi{BLTRIk=bJVh(
z*6Trg9B$OU)z_<QTl0-zkNS<y>me;lJ@?o98L9p2am=V~v}{|u&H4Y!ViLmm(P0>$
zABKD_gmLTLFX}aAo5L_(9ftgi5b_5?7~gfs;~<@9*6+Jz-#q8|d7R&ey4HHV|4mZ0
zVW|QvcRKA|nyTu!-*bOsJ>fK!k!BmzvD9pft30S<Dpe>_^*Jpl?+ao4VF+bW8Lx+M
z^4MDUSNh(|Hm7Zu$D1MK%OQ-nOXnT;*`@DK`aZN3vE~M*xxsn1t3A)Oi?wEdEc?!_
zE!^|Ub6;OBd&*U9tH!ke+5>5QAIm}2{7$-Hxc!q(YV887d0*+ZA&hrVi^rR@1?Bo~
z@ygp?C-v<8W(!x|zu&7N<VQmoFLH~K=4N2MNUi5|k88vFcb3+<<@(gN?b^1}3tb=&
z-AbqV;w^Xi9u<SN?AKsW)~Zw54^1ngSy(K`Upl#{_YYybC4}+u5b`VY1?z0#%BKrg
z&;2ditQN=pdzRMpe?k}^3?ZAoe{J<-!GKzEA5X{8<Gow(G4K0p@Z`q#<I7s<fNSt5
zO`9i`@0RvVvk<jl43^Je*$-`1X<6{73$t3V3Xb(i2>DNCaoR0VyM^j(A<5JK>59t=
z5A6S6wmDm@>dLG9e08eI-Ywn8Gz*5*R#{(X{a&n4h~-@HT#MSzr2TA`o0|4}L0d%&
zZsfh-dz>iNYD053wYIOGg~d`rw=TAp6KA(z<p+jgd~T0p?H*?f)masE`tP;{<HMex
z!1>vGkE_LV`v2c|72$Xb_1>B)$Fgr$sKSa(8gU)hjmnF=X}ccJ=d&CKVqfIDk`^Pd
zw0Bxy-+Ccie?G4%i}gJ%pTqjvGPNt!%P{2s9)|I)^#YNp%IBn2?C~8e7tmd+xL>UH
z72f{mdNB)O{A~#1$A)2KaT)K8)LLn4zIO{Gp{>%q)r<ALJ@AD0{8pdamg(9%WxU_I
z2%YBw^iCQfm&Y)Sw+};pDun#zS(US_s_LJYufZ3tmPgs<e$hPpHzV)Ar~nK8^`j8R
zd*2E4ffgD>D~+b--+8ao77B=S-*xSh2VnPL3fA|rkln0+uIA3vTE1I|c`X%Jna+hU
zer6c*OGx{-sBY#9#o6ofs#WxIpz8hJPZiG=tc)z2tEy}Ncs+#i$q@4G)`5kkV)9fV
zTIfN0Zd&$5OPcn)zh~g!sa%E6r(@c-v?o#@ui<oP$HEp~kr(Lqa;Yrfrezo+y)K0D
zfe^-LvG#8b#%FACSX5kA>`wZuyM=50p3An8TDVUC|Kc#@&+OUvmdTX{S31-r&pLfO
z@9ARizqhJa*r}q0)1d|AETErt)wNVo9#W!ZIAI+uc<*o?DNG3CJ;RW{6T*0fp4ipc
z(kMN)7RrTY5w8fS*J&z-xNoI>{Pna@yJ<N+c~FPA;H`4AR*sd2>uHq*T6md@h09tR
zTL4JSMehZowe6{e%xP^0JY(bD)1s>Nx;P9Oc2l@awuFj>09!n^UJ48KH)ji1zRp)(
z>*wa5WA<~w?~aEd-#uTztg<pI)X;-|V{N@HAbF4Lp%;hKQXrs(hlS8-A@Ny$XQc&r
zdiGvJfZpIb_eE-3#94(^s+UiNF#fq-tZJ-k&(E5J@%Uo3`gz;?7}OP4y+7Fg5%^pE
zcx@uo-lD;-Jm<Pq^XQ=$wD1f)lSc2kZf(mg*Yau&u-r|obOZ}V<Q+%9Q$*p17Myec
z-z`{q2x0vBBv!s&KWYrCp4?R=(^Y#`gY!K<*BqRm?+1>-;h$qYT*z~3$DcyT4~LL1
zv<R;)7nY~eu~H|j#OBsYvE@CiotwDOTNaO&()pcm!T)bql#CaAsjzMzhVhwU$p2nm
z$eCEEbPsBw>$z}M?hxulYQ0bRYpcb$Ea*R(gya9`Zf^fyyLN7}OjoSpRIS#}N^G;b
zJ8&(5l|(6($F2LN6%_Aug?UqOta<f><5^?HMyFfBv;SwR&D?4o6tqqZWt+==$ZX4s
z?HdK)&s*Z@xk9-8MhN3w7Ak>d@Svf$c)aU+0_swmY`KOlLT#;vR`LF}(Yl6<q$z{7
zjC~F5;gD_%UO?8$4Ay?O((Vkyi9gowc2l&>VpQ})S{$fFEN?CQtKskMw2I63(hU!C
zwK!470$tSq7Q(nG28kM+%QBg^+Rs>UuT~KJf7||&i)t^KPU}v4$HP{_pw-jKqJ8ra
z549Y&GkU}L{X%cR78xAG=Blf8H6~FIN_AxM6w@pKYdQp~kwm3P+-H^+^r@YEK7{-c
z&5hGKakl6rt)>Iog|k;tVgd0jR!0_3G*qi-6`|fJAlf=s_A36ZcdK5yH|%vGjCbtV
z;k7^3nqf{|!1cwvu1>PB0G_!+v`oLS=gT$`Ne}WFGFlDt?Jc&zud1^mF#q9RKGa+C
z=5Y!+56r3uXn&*DhGuZSw_KuiVq=+bdW4=<j*FGxT8W`=9)|I=!;oK`i;m}<r#T3{
z<Tl~ItEYDJ)~uSuRjl<haNa7Dk&eX~b3U(_^2^C0Mx3o#_1OMnZ7BLVUmu2CZV<N>
z0AEAE_I~dcQ^eNy(84L!!lmW9u(sW+<Kv+m+^9*!A?|wCzwb@OU@qn|{rXisAzLp<
z)WwTeOiRi`MsT3@WU`u2cAqNlDlUE^N-f%J3I)Aj*LFSg<5m6p(p*0De|fTZ9@qIn
zD##mQ)ne^^J!P!dCDpROhy3Dpz%foysH>!9yU1OjBg*5#7dUFMvlCFIN$!pgfzdFQ
zW`@}F>wR2L8u{nf$9DREkq>=d13P#!3A|D>?@iSUZCE~AuPMEXQ)-<Iw#I!~!EVc>
zvBkf>MU<@}-&rI{`-Mva*QKc-4@~R9><SC(<~cu`lx{tr(ffJ1X=AmxZM@n)56!}3
zD$uG=Je0`VqlYy9jgODxIf&ZPXNv=bR>sjocxrJRwcHr$g$oCzMY)T3A+M{DwJZpE
zzpcmhf~#E4j0Ck4(X0|=Qwtx)c_W4!8|~t2706r8T?_BZvo99DmxU@~<%}5@wswQC
zR_90y1;ZPiX5kg}u&l9+$gzE!I7X|9+Oky~72KsvUflHsT-hWennqe=-6EGcll<WN
zNvu_@+h5v-XMIdGB-iQZjaO*ga{$%q{@cS)pmq4w0`8;Nti=$`)r)rOowcM-uRCfl
zSJhT*VpfH0Xni4t&(Ie%rTwd?mD2lA7+1@2pZjsq{$TW?wZ^zI;evrrUe|){)8B0@
zDiRB)t;cz3g=M^)EG=co1FLwHEn<?jmrigfYvn^FME6dz?j$_kNPs!k{zw2cMSVa(
zc=T`P7*`K~evWY|-W&Cy$NciK3F;cq$2{#9$7<6Gq+4)J>y5dkYV%TqTHmJ^W$ECa
z(dR+3vmB@!@qm;rKuQ-a+Q<3ArSYX&dsN{U`WZD~{rsBLiMvBs0v9wD=F*R=-p7$x
zaF?zY*c5e1m7tteS;y6lHCnG1q0`!KTU>{|8K0iT$YcJg;(mI3g*?Pct4_}Yez)#V
zD}IOVX9Tz>0(=)z+F16xUbvPQsYWDCgZdbjRZ}YP;0zq&YOOq}uneyC#mofjg%=C`
zSmInGQF)y{zp>mjA*Dwmz()>w(`>y-dyEn-=lr2R??S6+H9ND)a5Rn+o{5xqOsg^N
z(@bo*Z9z(RKuS+QO8<hCu0u+XY1{^8RmetHZP|p>YoIzamd?D$+7j@=-A$KT#jK!a
zWTmZhHqb#((ykhuKl#o9z6t<WAf+EbO7}(pR~CcUbnuYie2d<)73e2EuPwpGI!SAt
zm{_%xExNEC+X8?KF{RG{zzY%J`pKdNa6JM%W@FCh4JC}$2&g&TAw?U&qRNm(Y}?C+
zzvgk#3kc@k%2$?>2z~AQg;GQ|7D@}GR2HuNcm8@zDML!PLP}=Qvo+w?nzrSkI(UW@
z7N-~E{@R@nys6YJiPb$?JCBguQf0=J9sqz}O%>MlIQ_e?xGdY>Ra`jOjLTU@=J$2{
zSSDL6Y~ogJYwNvHNm@l}->r_WwA6>j0oN^KUV-ycRdlj&mG6Cbqq;sVVt<VQpN5of
zwm6`+Ttn9Brq(G%TEIOC>l!{AY2EAz4A6d=J#dg#48<FWpgj(d(z^j*3n{&Mx?q))
zceZ%VD=y7@V$69gk*5Z#G3<tu^l;!e(Q<8jEb@3*230*_6Hw}RqhvizBzB|6XJfIs
z*;iciN_)C#U5x<GLQ40~t1qi%u_x%I2OYu+qI>?{>|k-8f>BQ><vUr_TBd~&;3%f_
zcUUe`*XMWM>Hm+}gvYyz3m@x`s|t$}4zK;?X;Cs}myCGPAJn>;5?Irg&6%`$t}83<
z_xQ1q!TIWZ_-Z^`tj->1H?g-MrEfz@cm4nN&>fPjwb_Q=C?hRarL~Rj6;!Knio~`%
z(HkCyl>R(FIp>Sk>ZApD%;KCnC!k_XcMUL4RTXt*!9{){mDtvkgv5QXOXfVKp`;_#
z@ckVTLh8EW;wP5lMq6RbTSYi)6Xz}C{P8-Z^mt6^R*weKYE@(T4A#g&i`34FRSWBi
z4H)#q3TgF=J(6>^@9RmCE@gfMct51{Gf3%5y+GC2)?yKxEnFImU{`VJHF#W%mnC2o
zThOZQZml?|gppFMqO_n&(?d?{$Svx%$XctltH62m+^8OZj43@7Q@Y@F>+PWpv<A6q
z175Yh{MLZjMXP8@NVcZWYQ@+d>V)QCXck&&Um>O2A*IWZ(i_A{xO&9p!uFW<?ny0N
zQdoq|DI#CzF|-kt%243E2Q;o1E>2s?Svd=soNzoc=bpN;2$)YRF75fTThOjSN<W5_
z?(?`kcor9{Q$(w?gmuwVE@<t^H?96mE%wTmfKH1?(*EZNa1l~^G^X_GqM9NWsYtzM
zTDY`BgVHLlCuAcb^T{ZcfvV8Bma}f1kbT(pXwf<5JSA!3NwqZnL1P7td7agC2x(E4
z7Ou!YUv7xsfRyg+=>cz@SX%6#tdq``g;oUT4<Y^0PAYmxhpg{KeL1Bqgp@uE0MAc%
z#Z$ZrX#>}|#(XSZO%*j0xHCG$h}tM?9=KDgZ(Fl%ZhH?wb}2v9zG?PX|9A8;!4@wa
zIKTfqr>$ajK5#$B8XE;D^od6!z|A*u@YI@w)pJ{{JA{?~uQA8d<Sh2!p7ai;1%P`2
z;JdLbSO``zUy$Y}V?;pt*@^m?&FUp@*3|<hOQEO&dF38TQwjL0tCG-cz4R0fk4u*K
zU~~^$G+s|)v5d*}=glU`Pd!zH<s^BzP*vy3>C_po)PD;AAHnDoy^9J>Ht2bUKdblq
zysTS#SkJa>OY^rAj`c(Y_}7BUfSiP}s=(&Y$N54=R9srEBDdh+9$NSUfInBaRGHvD
zEocYZUc}$oAflo}tXsl*!N$^xmMt@N3@}Ft(oJJy`K<G);^{e1RaMl_fdB68n9>g-
zz`b!=z%1u}Yfh+_OL-oK4QlIS&9uQnaqw71TavadmEcKR2=Ez5=>=?37^%rnMKZ;(
zi`iZDF$<ZIBA{}K)0p;-u3$3h4oXiOmlc<n+=!?IwtT*$HXv4(4H+l38|@^x#<-#Z
zq*pu&eWJ*RZqc|3Yf|IAfV|c1*s`{m_T><IJ*^e3WwdJXoVQFaBfx_btJyNfHlLi4
zphHlf=WME&O}_EgX&M!6&s^kNOV)tq=CTfiT|2$v`H42FN6p4pOk6h>y3Ycfm(CsG
z_r$sOGNg1OAJWnvtaJyfJ&q;3wntJp=?-D3sw@E*R#KX!^0Np&Pb;jH?t+xQ0|0ME
z?1UmJEX|1+@#i129G|nPqL#14i>f(4cUzc7-g>?N89Z;R_mkII`f!QZnuP1=v9V0c
z7T~;a-Yi;0LUDoOV<}yQlztfjPUS<I>rsnyc|GN|GCvKOT#2vyMx9oS!{gUu)jw(W
zr5O4_N=E?j5A@{1na+5-sHo238SZ70{M5{O`9d3oi5tybqH`NZOo+U_$!R1<olmu`
z4K2+XDG;4-ir}&qRW0O3+wz{;+E5i0G2}rB%-qfM?D6(oKBVD&Su-Fk3KNei#nRfM
z*3DXPXlquSb&=}f5zhdpMW*w~6PZpefYvTX#Q!71oS(gq!`3FV!fGAqG83U1nP{Cd
zf-7aTRcy5guER2Prh#;uiv`E7CyP>Bxfo__v^ehqoY!!-G_53c16@8|EAk<z<U<yN
z0c$R#Mz&|^oLp;-XHl?3n6+%H$EbB`3-5~nKRYpbtEW8}#bH*a*Hgt<pIAsqk8M|5
zah+jYdBeqMQH0ZafuhK%n7<V@y{rCi+k@9bf%Dwt5c`bvM3nd4$8j$Fz4Hp3S2&=e
zJT7c99WmNOEzBo4Ux1x^0KbQn9x8rt+UwD46>U+zXtu9W=$Htot^6D<*;G49w{p#5
zN_PUlH)6rDsL}MA0C*jHZT<Y}WUQx+>-Tv~W8$`dt}I+@8A?X0jWwG*qlq>=IFH-H
z%(u4>%jj+QJrB#kX&LL56|0o!(2TX`7+t~Q%z4duJon>TRo(>YG*<k-nj=U!jV!1)
zae1Tt38eIXtE;g!Y1?Cg<ykOAKQ7C}%R0sDWjU+GP$nGfQ2=;#1)O7dFzuAECYdUy
zLA9-o2JEE6GIR;exDQoEs|}9ph5X%Ct2fi0S3BlB7p-QW8frx2xKr#p<wwggB*A&Z
zkY}aF(41%M*Zn(A@*zuW=56JyLA2II4_yPSdOvS#sRrE~O7Z=3#p4?QJ`5>655$xY
z1wn<$p!ZRg_K#TvvUQU6x@yV@C_fVV!pu5<u9JQ;YPd()+F08Vyj7$I2IH#gt6B5>
zU|~em1tXFSg#NqH+L`YcE)sBWIe)NoSmGE?@}ZL(c;!B!<w{!kUfQH?Yo245R?(Z}
z(Ia_8noI(~dn3U2B#@KR7;>dNMRSOh=Mth>go=QwFxT7If-xkIb&3mRjX&e9n^j?+
z43BHMs8~O9W`)+c=sI%(?2UBZ)pQ67bgwb1NGwc|=n5jeIN>+u<+=MiNa-Wx#;#@8
zTQeRsmhP75I&ms_2y5ilxFyT>0HDZpo`jVCNtw5;#>+HE1{cK=rF$*az_t^Gung)1
z(5C#*+PkbU8PqY<tLL^7cgX6;g!^%2g?AXAQiR)9(+d~Err%hMHPMQTI@g5rFH(Fk
z={e#&jsS%|@qI|?o;m-^>%*lXx>~9(^S1ssSR`W~Htwc{pM{kE0)(hFR+GVqOm;9m
z8P)F9U~4^DM1a!ydpu^jNt{_XkElQx6B%PXr?nuPYO(N^3VF|MN4?p*)?pbVQf+0F
z-mz?#$JJ-XgK#qn)DyH2o5*_NajhnWjIMQYUMXJ((z(j~F79sdPXNHJhjxMK5eiNI
z?f-^_tA2e+(}@7jo!ZTCTrAAZ0V&g?0X&V&_L-^BV@8U=hVos<!%#CpBgkYt*ZTLE
z!@}zI+m-}oipNEX#A$&z?oGd@hVXxj<9w&bvXAFH!w=-9(~%)Hqpw#2_|tY@n)JCh
zpLY?`WeqvRf^>*+=~RlBaEkvdQxm{P!FrIrmRwLL6E@!FP9FNCG}+o{9Z=UTRaOx!
zCG8$F$va3`1|LE@qE#T@Mq`B9(dd*)FI+?x!B;had{j!u#K|Ipn;93eA|Lu`X&-xb
zL|*q7V`5YraIP))tWJ)I4(#>_@Pit}jJ!UuNhHmY1X-C6b|O__8Im-EU$|_7YAeVs
zJhql#1I_tUY;F4Nn+?!cymn)u^DNvU@R&0C+|yKHa|nX^d#sZ{I*#hKuf>!;uF*bv
zqtvXX2#PgCCz#a6tZQs9G?q5inE6gf={dDLf-`Xw94V!f!OW{UTf`pIOl9WaJg1|>
zt%|ckByAHMBNC!*54)n}XU$s=PfG^b`Om44PHild0M@$MdJb71mhIzh>st}vi+kq1
zC#0t5--v(TN>i}J+gp5`W+%g~F{S@m`Cm~JM5*#(T1pDs#40GL^oSZdgr#ELS6pi_
z9Th$!U^bs<O<5e{epWP(s|N_X<Z*ExTUkNd$l`0);5=!Qv$1IYYK+Un3yeg|hd~gL
z(KJdJ81Wug;x0DrT~<1THL}plu3uDK=jDQG<#_<WEfL`7;vGdPhF0CBxG&qX4~QR^
z<V}Tn&SMtC>&YSJ@<2@-*P*ePAep94oPqOJ1~%1Ro>g4D8^rqm7-=*!w#>49b2XT-
zdCmiTHA>ZcgQr_dH5LU}qk8W1hjKLSVaU(~&UXgd-i3;z0lvBL<tB85kpSl-!H0=!
zssj3dbo&a;BeC7bEGqn($3;&IGt&-c0%XqwkUz2ks**c|N5s2KvR?1QQXrn$#T%FK
zV8>`(SrQXQGaaHnUn$Z3LKnLX4n|*#{Y;&E*mj`8yCU-X+3Wrd03YwQCiDdRR~VOu
zt*Q<9v<M~{v%k**z*Ww-h-&Mi;%`(SJ|@EU;R?k{=Ytlh%o?1}*EON3S~pYO_RxTe
zttCiQ!#v;fxTMTSObpIrbh=|kO)BeLMd|zofG_VUI#H09IrXk|m83kkBL(iS&+S(r
zrT18v?;hh(kEQgY;<A=-+G(R@DmlXnO3Kb_tfYZq4x>a<jKaY2y{JSV!of0PDL*^2
z!g4ZSv`8K1JT59?p05;e{AT^yObC+Myuq#aeBq4*v*2ohwXnDkSKa;+nTe>eAO_BB
ztAU9WU94sPz<RsQ&n*FaRe|iro3zHja5|@d2~$j(H%n6zXS+3y9&p_Y=xel(li}Y_
zA_9QNn!QeNtSGE1D(`BMz_y~|Za4kyTL7>vcPs!<^IPWsQj#B9&VvE#nbG}a)<loC
zgc-LQIfuoJlJ=a(^_CPrjjqr*YoCnbVDqpHYp`k=C>598xWD-l!NF9pa8w2lOM%4F
z`OodktcCqjtRzA$jxR0t?4nljyaQh=53NVy)FJ}W)35q{fxQk`To|$-aTr!)q(QUi
zuEiZ~W90{KHDa7ET$Jl4Cm>#9IFvIg?_-b9Ew<W9T052AFI=3Tyw-Q056GY&#OK|#
z;4~57-7%%(q7$S<){(Grmd^RQ6QOXedVAQ-y8gGS{>tKeuLq0j6=_D=+Oz;>T6{}W
zb;Oh|Mu5L)33ePo4=4(Q#@43Z4&g#sRd;2-PbCyybH!z=NV^>1E~goFh0wSr&@QQ~
zsoPddZ_(PAU`B#i2ne3H$a!m#F0SNYqmn^wER_HOdz1?7K}hLWCrouA(vCC&u<#VI
z>xD8MVA{sn&HZ~;%V!I9!ex_n$as5)&GHwiYKOfOF;0=9<0*0XiwKyx`gt;KgOr{s
z%zjNjZ;-)ksFsfkaK(8~8BJ^EJlfa3Rg3LyuXom<?iMbb+OQT(V+q|^F|^3UVxAeB
zo3-b>_a<L%Xc3?coc^{*udb4;SHC09J<{qKIe&pTcMb1%B?5e~R|xF6Y84N?V<qe|
z0=%Hbl2&D~;x0zDijowAxI<kjcOn3IPtO(`1LxNlUPgt%w1ArbJ)MrT=6%(<idy*x
z*Dmh~sP*EC`{!q58kot?O!2`qV($II)fxg*o#zGrdNQW;FYcV?uqSqUh}lLfO$({G
zwCNi7Q6&8Adyv>2nHIADxiy~K0zy~V7LF?^>^xY;GUwbNI7h(Ra-`r`zk!rKx_6e;
z7@}E1HJ7boW|Df=&Y;-eP*G%bBz>+boW*Ol)=W!jFjKZkEjsJRNH|*H$AeqcXe;N_
z*KMREbj^enkp`8=dr$nac0O6_i5}s4!eub7urG$c7^&6}n{e*_|5ov`Z>_qllSp#-
zqdoCFarYJ@d?=$=C0!v>0K7A}72|;sce7Wa=(%R}2CZqH#+tg~Hi<@pYuqMx5mF2K
z#jRECFWpJ8siJOQaxXD8;S?bgP(9g!bCPugC^x|0OGH!hM#`M8k(iiMlSoSDHhcaV
z3yIod9BK)cb%XPs(pku(dv8qX4Xq?13JUv3{mcOSk-1YrN^eAf%LT{6riB_HQp1D6
z=n!(Ub34&gilwjGsjcL6s!cM-t(!CHUg}A^wjZ-4k4r08(^g*C^D(8H0bm0u{f#}p
zHP?VqRunCAxRhQgj>Fb4S&K!p)`Pyg$)AOMHk-VBDH3-8G`<NdmlZ5xlE*^dxvs{P
zeg-Lhz*047oD(GW{N4d|J^jjz%R@#O;Wbx@is+)bQk3LJTW#p+5Sb8Ej{@k<1z*S$
z%5@yuDQ>oD@s+bi{gqVe2=Gk+c!T0}MU3x7fb9gwP-P-O0QdzadDs#k=o#QCd8IN%
z-<pW4{a~ke9DrY-KJAtNc2qEcBjc$RIj`?E-u0&``P!V|?Kz=2TbniZLx-VK+D43N
zj{P2w^U5m+RBg4T5nq>WQp18ZU_YXct=xX&B-4=`Tu>tG7Kao|l?Evd0Ps`HB$JES
z<M6IX&?D*vN|CGZ9qVWI=B=`DQ|lz4rPZ9UtqWzsf(fZHKru3;Q?&mlf-fRrPZLx6
z`=mL$MQehn$(Yl$QxwLv=4H{uN{)C*r~mNJSNqW20d=3ND18R(vq~gd&X0`BRm2FW
zJ+B3g=|H(I0N|4m;Ez;?fh7V(g>;Q2SaVqN?%%)O2&-li<Lcpb>M5lG;Jzp@;3J}P
zN0WVVA1wB@v&F1TO}-N=dV{qM)b#n9lb13QT*lFl;&crE8OOJ3ul5@FpMJmX!RM(7
zsP%M{mMJaWA}F~NCR<uBj2StmO9E;yXB6+k1}WVJDSZV}dYyBJpm>T}9+#H$2t^$N
za7T+XM5psdR=;~j!dm{zl+@!^%}dWKz{_hV?y3{P&LS$eObjgxU>%m>0ns^Y8yvq<
zTR(5Lg9q*N)Kn2?^h<tPwxny}`HgjyZ>g${`p3H=rJ{d*TN`p51t%4b|0O&=;n6XB
zt-gt4W%E$#o!SE_!D?hnXbpjIV~AAi$9aBFG95^1A=A<Fue8$<izNuooX?ESi{$v3
zm9HOJC(sHo-)ctIT05iV!iBrC@}G-)jplWu+8sh`KWxbiwEWFpJ`{I1+N)+N5D^+1
z8B>CY(~=(Zd=_pPWe$v$Y)7=7(q3Qrn9}9wh$L@xH!V|}ry{`Z9@1os6NZ-GwwC;0
zE(ny>vW3@_ttru4Dg4#)9PY<88vVxb<FIZiN3{Lb&><}REH#PJp*Yyfhf1dscb-{&
zJ?<$>sO9#a()zBo@Z4A!=FoB;X-A5Bo^)a0`gG2@fv>oJRaE<XK34BZk=Lh+cZa~o
z^)#IUzi5}ZSSE$q0>^86y+MdiO%-vA=8-e`L)}c*`pUH%Mh(W-ttbV~A1Wu*ixr*Z
zF#wbl_kU4DQp^PclLSR7^ce4ijt@1k=%!U{-7)ElC<h@@!e-94nVLQ_mNnDwj<f=3
zO)F&aqOwew@QN#|10m$ljLZaRum*cuD{n{3<Fd7|S<x;_+rrHYXN%hAP#2%a&Ya+W
z754o%F<WNf1k?my3y9ZO5X|w7);KpA23kCqm;--|9y9{?!hE<$&n{#^D+X_en50@g
zsHBq^^W$3ck}~SWj#VENCk)dD)~*s&RkQ7NLGF*&lE;-P{utqkkrkqB&M=VLb|xKA
zy(!*@dYq^_>KnRnO+cNCfN2@&3FGlQh7QphJ?5>%U}v;O(i*6s3evVl;;8@}c@|wO
z!0OR!E!(I4RB<FomRVujTwA|zgiX%YIj@-Wy%ZH^tzsq@VA|mVTby{8S8S19yKt=O
z5E8CuH6_s8D78VU0C1UecHr_8xN8Z8Ty~FRZPtWVJgq$rDmsKT4e}(r)Z2;sii?Q^
zi-=qyB2yA{!CQlsN1AD&R(Iu*xM&vorL7H4oYaS<jwEg*5l^W=Sc{lmwyECnxF~7@
zO&rZaG7%lTp`n3b6_>^V!ZKB~xQ8-<$(J=+Tp%zmQ)Jpyaala(wZj^%xr2J)@+?Ri
zx76vNAEP!k+(AbCw<u}^LX$Ysq>E_A;2!%LjUbgvvgSETnKjVUFMzC8aI38l^b6Ox
zmG()qNZV4mvmzyE9SEzjebNezwaM_(Vs=t-c`_TZL0IiikC+u;;Jg**wN$F;YkL}j
zS=)yB!bRE5kRsE0AC4_zw0Yo>h8$@%#M9nEw8X`IAS{!zOj;eUDFT?`U?#&+F_62S
zD)zu_mMK5DGX!R)NU`K49^2aKG&7Woys~cgXj6N;hNAY+)xss+&`EF}n?mANP{%F0
z+#avH$s(+7v9h6l7xxPn5z`d8>WT^7q$VtLaNaA1_8cE8XuZ!>#Kp!V8oR|sjPcu`
zs21qr*kmNgrTpO4WJbO7G5Q8AYtjg~G0BlntJsqsp$wwE44C;Qay_8#D+sw8nBf>V
zRn(eCwmL?1<7IiLXXPL)nDI=yNnJ%n0$?PyS5w7h!ScKnl*Z*$pa^WR=y>X4qpPH~
zoz2=AbVPjIaR&+xocE6Q_es{Yw?6J_QBxS`#dln35wYoM%?mpekE=IN5_Vp3ILM9}
z6(Hce<Ue1zMI7G<?iQ+5^i~lq<@3H(<ovHCT^8pON&L-`Dk<0C0HI0Y)mqw64yfx<
zzl23mHZBr7o~qWymE=d;`bx)O8BZqZ471|1$VP*_IDJH?idKfV^&GH56SD!=Wsm$P
z>a~e=XLIb)Uurp!DhQ|52+k5uM#MKAM<EO|N)IF{1!#Qi$kS(g!!EsE+w+P`!@Z*Y
z<K=B|oGE1S+xE8ZofA+gs~O8@sQ-p~;1Onv>TPpg6-A@o_c9d*6EPoq3h$x}3)kJu
zJB!C9O$fB&TCJ1Be&K?O6bGEg5M~6(a8{7J#Zk}CXtl7_&@k4_`L#4fS6OA&Ndl|b
zsK~R~du+X<e(D%3-65!yZrb4#r%z};yOacuCs}Lsmy+1nLaC9qd$Mo|8H}VgIpYo-
z>2BxPa#Po+Mzp2`v)}1QmR_%Q?lp6*;)3dc7@<)Pj=<er*0hSFmZ_g~f?6^ax!28k
zTo{Rx^JLff&euRT9_y9KunbL`tiAY_bcl>D$h1$`I$u#*gxB~Mb*yO5c?<o;Y71ov
z)m<!H9qgbY6Wuqf>W(efhNhL4pqAC^&O@uneUT>%S1mJ;BF2b?OTxaUpO0GjCm!9R
zh10{Q{4~3ls(4%i7WPaluW8*D=dI2&OV3G@om4YPO2txsEXm8geAcxA%w^%CBKEkO
zI2jI$yatvq%yG--@W|&@=hAuTsaUx}RdLnhTxz_FIYLNAf^&?^6I`k>hx5dVV}G-g
z{H$5vwWB8%GhbI0*uu8N!ccsNVyr*a`#cC?{5H);qg+}?Li&VH6>+=fTJO1f-R4G3
z%`DrB`>CRU0|ORDLseds1aGRiZWJY?Tgp#wts)j|!P(tNdPYPbdUPJ2x0UmA=72gf
zpfcU+Vf-wN5<m;B#}%Do`u~@#6d9@Q2_Zj$Eh_6UkTu_mN~^|rT+}wP!N#09e<SG*
zRvs5r0W+Ad7OLwd0%ZsXmg5_JOw6=>3&BvrgigVEF8CGexe2ZoAPXKwhp+&qR&uF?
z>1Zp_Jpq+>F&zzVp`2-6MsP5a%=wT;2yD^rg)n{w1LN0K6UAAh1{IkB_a&R3<-(=K
zvb4^x)&ys6d;5xu3q4**eCq2$%5Pj=qsQ7rcCEBW%Sd1=u0xc0)Q&{S9fC>jp@?<Z
zSa`PJ9UY>)x8h>b@Ai_Px_Z+1&&zx#+)bf2<s&ZayFDi%2SA6A@8g_E*OgU97c<Q9
zf<8`Jg9C0_p#aS!O_Nc;y>Fb{AyyOzjF?TBZZhfBn7;A&km>*>f3jW1ptbRk=n&D8
zz{~i}Q<;mkJA^a|)7VdI$*C5+EQImGFpSS=1k<t&b7lbSY!z9*qNyyjAsMsJTZR$;
zwx@LKhYd1u6@9ObHMz;k@v{<JvDZRne{M;+mYgC8GU~B*YV0{aDq^d}(ZNep<-Tmr
z0Tl#)EnqSj0SlF#G3Tu*yjrS*m1<GNbX^Ex{OB;`-)b4*%S9%mDLxc0N?x>9)!uhK
zQ#H-;4PpEVE(Yh5sVOn_+UiEH=bTkxuZA!_8p3!>FT3TQ*3I*&A|Qh*s+xithCw)8
zi-A}@u~%3(ANrWMSHWIdMqotNE73KQI>ILWtXs|!MfOE+RJ_$wNh{9YRUG*}A><!~
zFupC3LoJbIyd)@#q||D=pVp?jSiPx27{5@vymFsgwrCznt{X?PMHb0xA&kEcVf=9U
zo?6r--sER#8?jorfVfUL^FZ!-SSM#6w`!JK7q%NBAVph6#D5FbEmlf)!0s|QBlsmq
z>GP1%1&dCqRjVnrq9NqlhGBei81la)*9WW`(OisFJUtG|j|ld4^6x)}A>XNS0QFp)
z!*H^2|BGV2^H?4g^ugg>IQYK=_!r0HY6$teA>@0!wl<byWBD0U`Tzj@I#$E0Na4i<
zXEG{WP@~e1%Oag~N$9*I?N;BaIUNExraP8O!g06i5*Of~0PwY#((OG+w7tN{5XOrk
z<WCR7_!4$OtuG|{g4M`eFd$wElCA##Up*iLI@KtbN$QXBg+mgX%by*0y2#2Xw8b&`
zX9(jHA>`XNP=O|*OzQ{7!4{CxMM&v$0Pqr(_D<O}W5jLX0&J#=%VGni{Tv1|vrb-M
zac;C=L=-q51@I7^LN0suYXI;=Na;Q;h}bG`(kyzzP%hB?!4Sq@l{TdIJ*UZ)a{IS@
zZDx)1WQ*s;-(DSt{Gc|4TWS{>M~si{TC>c0YH5cIT<)aJNfyg-%r6W>{&Z;{Jz0_(
zHxZ3fZ~Zrr(j76SuLHmvgj|Q!CaN4HDgvrjb7=i+?B_kS50^9=UlC9-qccvej`O&F
z3n_hcpPkqvsm1d-*H~75_b`mdA&gf9Au|a;(*j}IikPb|a6RP8Y4n%FkT3K&KHT3=
zRp@VcJZls%FpWrCUbrywElz+Pp9>*BFbw0nuAd{3TY7Cw=^g<15u|h_GD9pB<085m
zsB#s(c@tf(Ne$n|OSsca3Tnv@+U_Bh6(FMQ2=FSTw1JdvIiw=M`g{oEts#t$7o4b0
z-N7-JOo)LgOJmwt5DS#R4F=c0pZ<R}gz*zrUXoSjG^@HEIjcl@JLlzR8VTk<zVJvQ
zY%U!LX}jMDVLTp&d^c8sX^Fbl%2j&4;JJ{}$04QPVYo5bwIG4AwL65hz0(F~sJC^<
z&{xf37BM41B?o2py0;*uZ$L_SwT5k4csiPjD}?crA>=>MW_4K=5}^r%khYDrSTvS&
z`tvWec%_9<$ynT!WA;36@R!*(8T-t2n@NkZDUW{|_@6DHe-9ylc^JlvE!Rdbq4Erl
zxfxP=ET;4iz|-B)1&T@l+FLhk_ScgJZ?3owK|qxNJ4*6{g<~L#+7(FYX9dUFw}sll
zfyHIg0y563tPg~ce>#oR72t0coF2FqlD2cvkT@yFgkdP8(ELHIzr2RPs~OyckRKd|
z{3fQwv^Ya3@jC}8H%r_6a|q)@g-ERRtJ74k+VmXk@5=Q70Czx2&lLPCDvUcV1XOQ+
zs3+@T1<qTg8eSisI-U#_h*m~|h=Je>kkY3jz|9^Rfkl_8y_=M3VHn0ciuFqf<G<wA
zE(>>koHUBlA#ituH6?%~mm&h~@#}l;k~V_NlAuIwYpS}Qp%zz~n?)UK9Wj-fTx$2D
zk|kZ)k!r{L=Ix`!$4omI(?*@mTFCojN<WVPSGizi#sdA=()L=-7nL_c-6X9?Oc_as
z(2(HHe*YSz^p$ADv04eIvZvH|a|pQzqhDTQAu_hIwi2cjXz-sU!e(Yn`B1#=4<Y1R
zEyIhJ797F4ZVMs5z?%uyY1CBuc1F{$xoxc-C8+ltSNpJBAW!hGr$ZR;ct<4zrBuA|
z{v)RJXDVc4<uq~jn&TGgP?u;sNpEMZN~|uRHIEDEN#dIk;J*Oiu2@YAEq!u}7@AnH
zPGmYEoXB*pacvsz2PNAu;}bwGT1yVkScA-qi?wi-K47&Ywm4X7D)|udhl+*~OE=<<
z3H_PZqHMmJ;-|6r00DE^IC<{nojTx5KIFjxwK6m<Kn?)6#*`k9DZK`Y09g#2*VtNH
z9EDZgk%fa~z1XdiAA%BbEvEE8kkW$`y}`@YZlQh5WIEpqA-~OYq%sj=nh9H$ab<3Y
zZ%;#-q+{rb{k=L2<0Z`nqm}!3@6MCG&lf|;S235;I#9zxCY88hlx2?mJC+2C%7-i#
zOPVRJHK^qT|4QjSPzr-WpWqx+XBd}vlB_W)P%O^6)xTB8$5vdlao}GdrO#@;?5z?D
z@3gSUbV3-PJaaU#gT2(^vveXIk*bIeG^M<#G=TN&bx-Uu8LyRaPdncU?|Q1n=dfe4
z{(WW!ADO*5P$X9_bCOF(sw(ZW5PvU(@m|YyXA$^YRV}kr?E4|5X93_E8FyAq6+MfU
zhP=wY){FmmBdIte!5Kg6bx7$cNa=RZLgXF0DypoD!;p*V-HXzREQ@=yNNM1#j4AD&
z#!H>JK#Lad>EckKm8oc%(X9zmlWWFz>Ip5ER;>ftGjW_G%uL24v9Ma?9C>{h@{{F8
zsA;8p*otdz_+{V)0H2LJeJ?4p)=mvA&ugWJZYfJQ+u3=p;_je)A5wascU0QyXhAT#
z%U%D2A>?0%kgwr3DcIsA=K#`-_)Hq$NiAPpxzW+{r>`xa>FHq@FKDKJ+7r>@0xMm#
zg&P&Zcv(}?VxL_*9i*IPrD2M#g<MU4UkD*TQn!y@qsm_46s2&8y8_~kitBZ3=}@$b
zr_o_W2F9!eLrtGuGv^_tLT~tZ0p6`dM~g+QH5W33@jZnVU1U0vr`0-L+SVpwEe)?x
z%mjfolXM7#Mp5qiU#Klxtlz6N;L&oycn67b!o0>exP^fWebs0Yb*76p{UhcvhHUe>
zVaN~6DJWWVJ}Wa{`!^@kM}T`ErJq1bS1~$-MVD%|`6kz!mXvDiWRa-2z6B|L2LSGD
z@wDnaRxZ<@VaSgU!}xcMm0hRdtYtMLBTJzv5O^97&LXcL*y34Ber9;kTOo}9RdAM8
ze6UroYQe*%>gxl;kbgFbzY(m73kTr=dOC!IHfY2WmuTB*TCz0#`^KbaCFMibfm#ov
z$GBtPUxLEEXIe#V#GiJJVg63m9QEMoP<P&wX~tA#StcvqKmrZ<FNFN?Fr3MBWGpL-
z_Q6zZfs-Of!I_i32r2*gsy!`}tq;vXcx`s1bf?#RZ(8p%Zktp4{;6G?g&#{zOD&1d
z6*-e)RjaWPLcZssYyEP;Rkh?)YhaDGDz2{AdtyqTu~dH66nEu$;!mQ{Ob>f=Q7rwu
zr7D{)gdv3SrxQ?3;2arETwYG8*4W6B{y=ena2^rnzeVx6gm(6?!!Uks81l_6&KTa%
zh@N4gGooq{uz#fh-55T_TR>;DZI?_NYmzFT7L<`m@rZuE>#FVK_kY^yUB?R^tk?5h
z^zz5I2<*-0o5m|$lZ|KH2~UEwr}dEjcH(2*J^{b~rkK#U-_@F-O)XF~!<uHj^JGiR
z7>|_r6in!Ad-k?<+GH_?)Hoejr)C;q_AumocAUC1ERt6hjKbs>cSBt>?lCGx7OaRe
zIgBCpyVxKV`Oy1{;i5L2rk6=(FZjg@GYDOreoU(En=LtNEm8H>kucJ3+&o3yzrs)E
z^l39RXDXZG;dzlTMF&{9f|knhM<I;wm6*tfIO(+SWu0Pj)p==whavw4x3kfu0@2P9
zoS(fk*|oHu<nslW{5oZ!?Y$mbv25)%*E%6x{Cp$h#alR4-X!HcFK8IXkAyHzG9Av9
zK?+D68Cg$8fb)@^98y*;S{KvV<9EZ5KT$rbRU|J>bhNpE*6hGu`?oVB98Yzl+8a%+
zS`e(P6=dSvxJZ&pjK2-TiG1jy7Q?lG^Hv7GhaqpltBJp{xjT4tRbExN<vDFTG7MvJ
zA^qMyO-D|8(Xrs=#U(Rb9{zO_XkTF~{|I3`@r1IP_-VmW%Q4qfU|NEuRWlpHcvlGH
zH-{m=%};MLgNy0>%P4FN&kEq_6f(E$^z|q5A@8tEYhY+~`>+mTEc-wvS@#Tr)m|`~
z6TcMz4q?2#$XRx7m01+c(u7g&B;{Qi)~*9OQMKHzo?M7;hA@7s;8?X}#{<;fsMIHK
zb<J4~g^=GL!uaz-9+rgBlHOB8DxQPul=z!cP{`-u3QsHK;qT9BE#44TZ}x&!*V<#P
zx#=c@b*cqhI@I*fIvtsCtWWP`I-FC(NE-Q3JSxuk&+<F&bqa&KqI)Zh{`)cEZi{S3
zQ#E<sLql=V?57srnVkoZ3`72l)YfrrI|eH#@hKI~R^w?}ymK!f8istERX^;}DSL$A
z9`iv_t7tI-w3hrHD_4sHDU%HS!0w_x)3{NoFAO12$pgx!6Io+Dqu~6!xbtYwE=`(+
z4C+b!?nRyOjMAx}i^te5UTkOdsCS3J78UvCBU|T;1SLb#y;A2_S(r=g-4ffhfa#W-
znB`otB)p3htV8M$ElI{!4=o{Zp~!T;Jq+X9TxbHe`0(1dOkz?LUx-TNp~FZsE1=%r
zT|>xFI80V|R}0qYb&%D>a%oO%4>qcS8z!gPdqc?IFP20UpN?{(wcd#Mo0%@(5x4Lm
zlf6sC+jAj|57Z=MuTb6+qh_s^UGH&7jKb<i?X3=GjQ284Ix3+BYd6c0;AU~onm8_n
zCFXG4FO6#^4Y)5B$a0Z=x6m7?Jii{iC@r1ELSpoUkXWC$-sLCK@yA0Le@`0@VmGd}
zGb)y*Eomj!60ngVE$f*2>l<J3?aw8B=&oA-*aO${T%+CM0If!GUca3~(kZ4p=))7s
zn23<##I+eYu`<cN#>Lb%LwZd{)mSUjgMj?}UZ&GR^gXoWNAHB1miIGweihs8BHn%#
zbA`omDrzBHzlK&^V9JLz@pX9<#;2S0jk;R!UYjP(xAdYad0~Q%=b1j|&C0&DWG;Hb
zC8yZ-y-eo{7yQ6SRb_(2Nr`V|HoL|*OXEZ^4CCKI7$2R}8!R@+5=bst&}i{YONz6H
z;-ZBftN{$wAm{EKed1(7+pKrAfb@1e)J$M4IPV|#@*%HcMH_12@#fNMWJx-Nbs_U|
zHM~>Fsl>l+7>Z0M|C@58q<!A0#f^6fz(W*d$4ox7lr+YBYaX)Tov^m(4YBVHv(Ih?
z&0D6`9<s8KragJDm4s?;phLNQ==|`P4!4={P~#L8nYkH~T(F|1_;CpNy_C~!Ym$Ah
z&=j#%^nkCuShSAls^W(ExwEo9GXh#kY>Qz7S@hJR{NtA(I|syKNz$i}LT~sn$IIzu
zscbp9CSURgVoH}hk#5{Y5L0?2rgUHHXXtfo&hW1jbHBgPme^UD!-%(&Yr(db^o$Gl
zaV{Y_7<zls=iX^GEcEg%d)VBpw2HkXHNDAh6&6v%&_A4F;TbTLj!>s3IhnKprsA=9
z%Mv`dkX~R<9>1TGuP<0+HQLvzP1@!*CII^&h3`O0Z$e7jUi&liIp4;V{sjPEhm`Js
z%1pAydw7q}bk02$!uU^mqL&p@N$h5r83Jr3&X<wIO^I`gxS5~+?!^#_G;A~xmMykX
zUIz*GJuK#5Ej_E%l@VzV-@Ci8GdW7eT@z?t3|?|)GIWBnR_0n$+|Fe6|02_QyqFhS
zCo>+W0B!39DP07B$6*=WzU^&;Qx?OSxB1^nKnkRE!CPS+!b)ctPR_p{?XaTEl2CCs
z+>yjpdF^6G+d{o}8!b1Rowsj?kdF%Y>pWEuU2+vYUe-N)mo!z`<dgL>2eMNq1jTm7
z#n3!<MKkR);cA%))4<acv4Fteo-}nTLp80A%o0d}c#U6xlpcl>7P?M3-u9$5OyLaM
zDvb161SpYoADUNRTJD$j?ybRKEAnb-AwO0G>=r>hPE^$_T$y0%XYt&}%r5Dh>o`e=
za?y2O?1_1Kri{ui&}XCDV+^g?(P20N5no>4<>=BG&nz6tQoY_LPK%&23Nz7KQf<I#
zzTUILFh1aI!?n4DmXjgw{Kelt`HNqPc*6MBs3{ZwU#d7F$-IOBmlUYG4`B)Ik(x}^
z*Db}JbQtnKv>x+PdeGXCQnJwDp$?k=MF!TMEM7a?=rgE7i*<Pthdj2^D38mVPArYO
zt#`&5q4e%)gewB%a)?1zsqT6El2M3)=aYM;pI@A`lNY2>z9zUt<LscpdLX4cA*H7w
zrMKz?<9RsfeBrXlv$&S^v{kI)-)HYzQkK6QQ@Uue2)3}gJ=QBB<hu&Nb4Lu$it{mh
z?1_ZjPA%TX?avCA{rcW<)j}TD(qLLL8Jn5&Emo|W*A`M>2}Hmc>lh1uy^yS{GR$rl
zv){$Ys2l^H8U$2-Q^4I^z+OwRh*sNa!Ncb7RTcwC=?jq3%XKI(U=<g@);dL!?%Xi7
zit~1Hk>j^}lz`Gd0>DG1mDQ%hcsdA6#a5DsCTY#HJ8w6PxV*OirmS)#r_`F*taBd0
z+<Cc5@MN<6#TIE_OQmaS6?<V?T464?gF9kr{!cCdl&39Zqo!<BM6G8sr;wivolHQ#
zKefCn!MK;XYzb$b=nWr=0M9QLDPjSEv*)%}kX$;E<8G?BXcOzUakdX7BI^e+rF${_
z%bEk(OWHQMPkcUv{IXyINQ$fLp^pB1%&h0Vd`)1M<R>=f_YXsM3!_`zVT2pApL^BQ
zGPbfHd0;P)_PIr7fe$06Pt(<ul#{r?#C{V({;)RmLz`RZNe-^2c=t}hyVvTZV(#BP
z#^v?>XCmshtC)A<|FcE)jR<g(cHWYvZ1IuO+<bT89r>%f3qKQS+L;(6Wx-HT3c(#!
zH(7jN(DV9*VHj^~)hhSaEuK1{daA0{6_=_ECgAfoau8=G!1DETc$^r;n#V=b6kiK7
zcbg`lUzks5EFx9Q4MH1oGF4f(0l*WG((8N7Dpq(FRL?Ccpc%$x!G)x%uxvBV-(&rr
z=+D#tUyJ~sfs}5x5}d7}!J6sp%zfhh!!Z727v8~{7iKj5T&H7{It|UuItx|W_>H<#
z=&^8lk1wlL^t6heu|0NDg)n}JzEh0`TVotokgbt3Dv+jG%8M_$sPVrMLcYVx?)Fpw
z(nT6~ZQ&zRTKL(5RAE_jjB8%;RCw3ciV;aCZmhuhRkc;`!+PJZ#gu*-0Y1=!6m5k+
zsG-zO<&hr>Vf-_m>_fI`8tWP|!;$MY=#GILR29eI`z?0PUe^($zSgHR>y>I<O=*g~
z@@t+c42BP2mLZbs<(m7&`D2~_|LPPUb)R&1@(wXPzn>PY`y;@!6S#eP!7moBsvWE!
zRqM9x?QcG(L#+0(Ud*cBR}0!(0PyVyaF-{nxJPS)y{1&&JNm@<cMR{Mb*`hBQGn|s
zX)2K91xCEbbMstBFHf^GuBgMbyl<o}#mjVN7;@J4@gqa>%u39PlI6(mq_fxkX&Cau
zHNC;ALh#TSs0CsI-tUeneXC$Wbp?YiND5qOYSFfy&<pPMWt*#ov}zBr{bfGGD-qy}
z0C3UbWYNO7mwq>iw~N8$e}!-oGv;=Oz+6i7&Jo!GaxIP0^xEk?%7E#U7EYms*z1`J
zclU$$P8Ny_!Z75&^Q|FP5@*!Q3im+b`73p$#-*+dLw>EuB<2xOR<4S7w9LIvxmaUL
zkDYLzhy|+RW!0ef^;j=f%SB~tArNY?B-k%p$YO-?x>lbBn?~+F-|r&8M~mLl;(%c>
zDzr{fr$y|+5XS#mdTfniNGu*gJfcEwyo=!B5<Efu^zrKu^a<##Hdx|XVlkhyR0q~Y
zukc22k1BjIT4Pruvru8q44K6baBbtMOlKRy`0m!yw?*q$ALqD}={y7ge~i<#Fbdce
z;H}__7O~hywQza&w_dnv8paCKno}YWtc#*_KuT}NLZ1M5Z%v=jR)$^@Ft^QN$P;~H
zd<h>O(b`#zcc{_Y>aq>6LBOe>*N45%F;?-m_+9jf@@`GznXGDlE34`y9v7yp*Gx`0
z)&An|p4;6m^SfHhVXqRueod(+PB={fKP)mGz`$*6a=5?fx%Lpjnj%7n@C1i)TE&_>
zh7AfLvA^hN-~IegNa;TzrCYqM%OM2F#a3qWU3-%r2#v~fI}0~y$_^*9wotSE_^t-S
zwZcsv8DWzPM2optC0@P1=51NypER-`JaB+ZVmbZ&OM974D_PefP?o+>04NqPUju+Q
zDG+;3F^CLDs-`0l)fUR*(zaO)uWXC(#c-NNU4;pFS6pLdFP%(S0WS0$j<hafA&l>v
zeAupWJVJ~;PbF08lDo4qDs3OqGTwa%TW&|Y*+-wK)!Gpi*Ap1F#JN1u0#j|kstnE#
z!-)selax%y6C$9so8j(Su#@Rrf|UMB0_^n#%~Vtre`}5}%^q6~=q`ca6~Am-x3GZV
zY!MkUNI-tXIbel-|MQsA2PyWwHZxMA+tVr=rq1J2yMd3!nIy9|IdZ5mo6|_?cRy!I
zT9POu+Sjdqe_nn%Tpt|5_&lXvUms|WBC*zS$*I7on!ecE{-Ah(^$zy%rUIW%3;`a5
zl%CU6ALznEU`Y{~IL;R@POI2@T%fkKVHPiJAGt~`VlC&{0{KQv=^Mqo(BtCS%WxBE
zA4~RQiJ$vd-Odp@SRuTHPpF~-I*3;F2Z!|LQXgxJ#>?XdAhku4#_Mf~h9H%|Yd@?k
z5ba1wM8VoVQpY)If^fB<qgF}3sIma=0f6rUz!iZCfbz3g>H`Mi(~H1XLqygFW1RB1
zkoQ~(y@l$MZ5t`PZ1?|HA*D?OxY^P<NWW{z4V>r`@7~cT@>^7HCvR;tvN}iI->fj_
zzgs&kOI4-LXzV%N@(8nsp$IwYl9+Ouv_#l*dczs!^~x}uL{#14mDpG&Dq40iq;zXc
z35p9TRy{-x`=J&vVsYX~sdGAnmTaoU@b*(hZhs?%(P8^bO-E+~iHL*$&qGQdjsO=d
z0}?Ak-$Iv}+Q)Ju{mn3(xvx?_U6{Ec_B`z`Ctpt?jQ3cie64{g=&{#|WUaO<+OlsN
z36t^S)Ipbn3UF0E!lW<shG&XQN2{l7u}RT_+ORYA`_x{h6LG;aUri8`IZPACO(Uyq
zZM7i0_U5<1xVTD5vnXpoer$qy_P3>?{clL=-G|^cdco<P&C~d335ls`Kx-#o=|+wX
ztTLe<!9qUr!-r@UyQKUa!m<LdxbhQJ9wD9ntBC-^{#_jWtHUrBzpo;OZ6=3$95p#o
zY25j)UtLsIh)0&x9$^<}6fSD2C5zQm(JN-IUjvj@kz>v?w28<KCgwv2gorzPydG2f
zn8#qCR~26WJb8cJQH0OKuydclrEb!|DvNoZR0}z6`*9CnOUwII3HZH6V3sO^YZHc{
zR6BHB{n}`4L|O5ekQ!$qpFCa&Vf>Gp-r$jU^w4b)+@=lC>~*qj;#xfn(~5+s8mrjm
zJT9vdA8Q#s1LrAnEV^i85+*`>N#c13);D{Pjg_|Iskp7v$qE1ZKnUY6&%!%0dDEv{
zdZ~<0+~Rrh{MW3u;vU6;Fj=(A8!TUjL`DnY#N(O-(WNAnI<IaWb6!_r<A3k%W~}5w
zjWVFc7;q8UmC~jOe5NWG2DFb9v2(c~Y%Kt+<}Qq4TuNPHWZGeIC_&IdW{-_ERKv;+
z_xRw??Q<sj#9w)L6CDUIdDhJy$Jzl*i|mIzpEL>7no7#cFfIoH1KPPHYD(KhwTaai
zaC8Wwq1U3CdQ4NUl@mfF*yEffO>N0cJ!*Fdz%6FBEfp4uaba`_JUoM>Z>SbLq~eN<
z=p3uK4n=`zaTqSat~9@k<9uP)6PDDyx;BqJ3XoP=92y9#_1e<70%+YRr@O{6o$^cD
zd2r17wXgi5??3W>R%zkZc$2Bfb-OBL15`Vxs3cUsqxnr-wX?Oxp-H3em8}iM^tXIw
z#ow+-t?O!Z<7tVtx?QWln@M-Sta0g;ZJ{!gShV>6u}2A_b%9V4xZ7gJTD^;Q3m2_q
zubm?CgH44Kpt1KyJ)JGAV_fZVIl;J?i#Rfi&5Do3i;#INY+c!Gt#?W3B90S}i>i*u
zMNILzf!QXCsm=eLEnJ6|u(Ujep;TO%jYY$zj`QnBCTcHO^vCDnF~?qaUT>Th-WQH>
z)uF7Joe)wnVOYX+)ixe^xHzpRu65xn3s>Y8mi+~d=?*n)a=~GgnMQ6c9{MVbYfnIB
z+PtU{RwH1%xIpvR-$ol3?-dYxe7_K#<7He#J+4|m&gN-(ov=9AagT&>OMnh4vhH!=
zYKe$c#ihr%C@xA~IhPU|uWk#M)ymqEigSu_NgO2P!i!S7BrJp|&4M7HYS{l0tZ<5P
zNkVDGK!GIOYUm?tz2>H8QjO<)Q<79K69#~!`6f;@&8&8DcFi4I)1^F9R$;q#_eV>1
znhY%FW63;F>dP^Jp0U6^YB5CYp<&b9txgs$${B&fd6Xng>G`POaaqj|nL)%>;%uRd
zmPDc@h^8Wtk6>J0Eay<|<NSU1tzzA=aMSu4YQd)ROWMSudON<}QMc=aSY$ecX9d-+
zu;n0FZDp6`FU~_*2W6iA{gK57U!!2RPFXd)l?BEn35J=AGg@t61SwFg=n&RaW7Gt3
zu2r-S7bwF)Y|_e5ABdK6V<j7Fr}I{AD_613D=uu&qO%#Ww0D)|^ReXg;7$Hf=K{2_
z;#*bV`-KaSs>i*Cu!Bv%7A3JB9m1B^nxHHl!&3q(H}+>pmXXo^aTEfUUNDKQy;vu8
zd{K;xBa(7~85D&AGe;zj&20Odo?x?=<EM}VUB(lxGhx@fc9p=CDmB@AcC8&-D<(~Z
zp6Pn=SkZVqsHko2d0e;$5arM~l96G=Bys+?M_$b8Jf=r8iU3VOHMC2l!ztrkCAd#)
zTPkeIx><65h=O)e@)c9lL70k5!t6A37mF3T)?wicoF4@rdAmylHf@|&T$cDYsaxS(
zS5QALFJ9qck|SPR$7^ZAC^(YRDbxz*)FZ8pvi0+}0J-%SgfZu%V8tx@QE7QmJUf5u
zb;G6ph7wsv3lm;gkfMbbRuNFG3yc@IwuJ01HH`VP-lAq?+d<i3_+$Y)ZgGFG`uv-d
ztb0}v)OO23SnH}d&6R9>Q{OQvaPg>DxqpabHLti9v<3`Z#wZN+b4;bene37JzZo5(
z1tXk4ALj&AVJa9oQZ99@B&>_jFxCs#p}&9c<BU0<2`3avdpHugikaYpoo@5^5Nm|#
z=HD_!)9UZ61XQewq5ycz`GJ}$?s;5VmcKRh!FmT3s*nwE4hB@%1trGT+Q7)*{#MJH
z*H)}6jLSe@(D-wS3md&qZlv$d148#W@2bp(%anUCPI2Jy;E_%HnYMXsRm*6N7PZ%<
zI;g>-U9^n<&lWBWNXN6}&JHkb(~Mc&YB4UWn!utoFkxI(#kET2LF|m9kOCbMM!jN^
zIJbh?UT<VUqpc$He$>z)YPE`tCX*aSAOuuTdX2>uSnJ0wf%7ydPbo}B<k}j^jK$eC
zbS!C>H6Xlau)|_pS}u;qy$~7Y9#bhJ+GL-#!)fM>)Q&vFK}%4Ab<%<|=aGslTJar<
zoGBR*@__%=;w`4R%bqS=o+^t0>LVqQ(mysm<SO0^SxfBR(;@H>Se;X_bp2JoJNEjM
z^%AXj(H?3OY&dra%9D#bfNPUL+!>+*^N)J;*q(*W@*XufFL`H??hulEhLO<_#)Vs}
zTt#XfS4q~y=M-Hb1ncHni%7MSv!6FTa~FFs?{R}c44lUlD3ohNu5S3azgMkQw6u$!
z)NpmKqJ}hR^(B%n@>=pkdjn;HB$tU;B`T6BA02Ao;Ia1M7OtoujiMGc%tS3x7#Y=i
zuJNv|r%Gj0e(HrwK`zA{9!~cc`F)h=5cqaCnvuVi9%Rknl-{E(T=b0|*B|o50hdd9
zhH+V@%395)X2DxHpn9w&ys{TrtC-1D9zr{XGV1HUsYTY3rm*Es+oDxmw2B%z4kJLe
zFz2Jjd!DGcq?;OdtU2puwKcU?9YEoK_|Kbn!qiYRRiu)ymtZ?ZN~I#o$N|^!jsDE;
z7SL;YhG-SPMw$3yf>BOzO}CJAtJu>3u!nw=nkuS%vnT?l62Ic`rC4EHR$q0lwLty2
z3>-Gg=a59(*urHYR%`s#J(w_eE!HAy4j-oRVxIR^T}RJ&pb%@sp@5_6GSONisi@Zt
zLw;Om(M&IHRKyaots@KB%@ae`LJwJK6&X1TNj9zUohW50YITb<t)j(bQhIHy7cNe-
zSTp1?AYPeXBpD}ibO>uUpf>s4lG`{7oVm=KYK|%mu-0@igfVN>0~UIWW;<+>wbqYI
z%W+b;H~vR0N2nF*Yfv#G<kF1rx6oAVZr06*ARx{>sy33Z)C!D7M*E}<GfpmD8xIn;
zHoZbY=5z=aMAz)UG8{Kj$8^0&Z@m1)mJ9>yc9-CMW<p?>LoA*yLBTaAfBX3s(zz$q
z9d(EBn3!o(isk-1-$TiEG=UiyFJ+zXv!p|4IX2cx(&COF-Hlnvk5vNG%jy}iZnipQ
zU?(-3t7vH%1xb|k*vv)N8ut%POX=lsX<J1sES9s4;<b$A-#uX2Ukx3^5?{7z6+P24
zZO_h36^lc}-)Vs;O-SXR8&T19nJTteH@8ldwC`El+QbUOs(+64l(7Qy>z^aSb6QLk
ziK!jM<7zRAn~SU|fiyZjtXg3#FL7}^5X>)f+%Ke6^d>c1MAp`AFIz><zI-GXDM}WE
zTt{!0a9VG|Q@5WzQ$-7JOG91_Vf>-y?!c2zGs<7VDlSWzUJ|9Pa)eeFiPNwQW|A1C
zRAz?I8EH&MQ>|>RnSvV0PZWT4F_l`Huu7j3kx$L(5Iv0YyyuYgFAdITHphYY-pZ78
z?l-NxvmULZIU}yc0hQsQe2#7x@#!I#W{nf*eAdkX@KH$VbJzmrRSamjLG{9g{>;RP
zk?~><Mtwy}-D>WpS{Hy5aGsz;M2bYJ%$KAvLW;<X{Qbt#-f01LZd;Jj?U2&l9H@=A
zirFwJ%mNTkZ)+IFC#;{*nsTl>Ufxx+XF5;_<6Xm$U&F_*nT$}vtebIx_TqI%7Wzj_
z=@O)L4N`gzQhG1~ysPytqO!G_gY$x2ixf9c83~GlYy7>oR!l}}saHHMhQeTpFpGxI
z28ytZUf(mC>Xg#O=?3{%0QkJ6TH6s&rRjQR$=$leYkX@M@&~<gKu=Z5#*=B4{5|`7
z<luiFGc}|7b2^G_l=}H2Eq`Qc6)(-OlD8nG??6g-0)U#oqaCMLfc1u}rXm+Af#5qt
zV$Tx$($EVKBS9~wGY99feWu!60*_i@cTwVT$tH~(%>cq;;f<Imma6{#>Be|%djCt7
zVOjB<rzV2<bdWO~q_3l4$iE9=ykNyJwX_G*aXds`oM%!w4Ee($<f~lugu63h_8YXT
z1QrO(-5DdmCB&=zp8#+KDcx#49$NMMLh?gZNElyB<736>^)L#;A_<!a%V<e7kF%7Y
zNas1ytanV$$WT6_6vuY<nvGYls(CE{yl2Aqu2rAsl4Y2)v~I>1B+0rNw?tpv{5M+o
zr)Awxs!ZB*-z?KL>bWwh2w{9)8=Qefg)2(k)07`A<}|g6*u_%X$3I1YPeMvJdzkgy
zUFFns-kQ*($x~GFpNPlSdIyy%`O{XB!lD$RuB^EtL!ThAK!nGo#VtkLG^JZ1rLRCr
z{{Y-i?UFR`!bR3N7t%sDrQ6K>Y6#;U7W$BtDx|f}Qb~SVJ#{P-mSM=B8iw&2AOB4!
z^sYtL^i)xc&z-c2_1Jy+xEcX|7E`*<TXCQS)IB)QO#U?Vg@`yrsAvzg>}P8YNR?iH
z+A0!(9+9AQpr5IB&0zix6K7WxjE$9lB%SjB@F@WJV<f!7ruV*N%x$>5CR^j2M(XEv
zGW?3v{iKyhYq5N?m@0}XKh`Mq)|8+fr)zw+X6w=ul1zATWsZb;WVws(E3Sy}rz&35
zTQQ}}F{QhDdCo^Vs8l3ju5cd0*DE5p7bO*n0s&Qv_hA?p8?~mSY)FBzQ8-oz{<XQO
zLxTGWj+N2}A*El;a4eGMQs4>8bv8E=q&Zv^ZY+gpoIDE8@^*{V&jPwzwxenl58){-
zO`k#-KQs*aO-#14raEBJNh70tU%Nv{2MT7b;tJfx7l4-|z@w1T#TI{ZjDQN-WNU?C
zU?hz9B#J@J<7$*`u<j61Fi|u)NeC9zhcFT>3swZUBc}8Wr1WnCWB-y}@{<+BZE5(G
zkxu7iJ6}4~THszoENLY@caFmZLdeh5ff;;QhAa)5z3#~J*~&>owP~!0UrN7)ls-D2
zK5Drt`-LkK_QKeEM<Qd9Y)25Fn`>VpqE&1?DQhFadf%|zM9n@%;j?QjoMUAqXqChj
z+!IoI3{rX(QvgukN8KuFDwwmd3@SWkL=6HtLxS0J1$Vy1lQYpv*UL(NtSzAhP_uGA
zhGD#I7{)(w_OclGs8qopS@eh}ts+G!z!tP+b#Mhz`d$QhpOqG|$W>%q9#+(W`eGoq
z5pkyYbxLM5m;6{_rZfb@J##)9swj~<K`hFm2N@BTAq^j9Rn~==(#K*-zXyP86t_;`
zpIy?1Oq@*>*Xj|2V+y4eE}hT)7Rj3x=W@Hk_KM(YNjo9zXdet=d~?|fqS`4!XGLnY
zOrG;`0_UldKS~mt-Tz+)fF~iPThxABb6Xp(jUv)~C`X7$I7pzW&-ioOUM&EctBAF6
zLNYZq6-3=Gh^cHO;>olwC~=2l-4g+R5CN{J188xY%O%S-ShtF6&X$C6QQF=y7u?yy
zQMCGUS&8mqnub>O-69L3?%ahpQn+38^l-ecBdyX&)>2g&Cjx4#(cQF-mmsCjmb<d#
z5@8L51p^L5veSt)XkZAa8Ycinm9mu_9t`Gxt`Jz_bsHs}qu^Li0l*t-9E(}FFpNvU
zg)h?!RW`_f7SI1QgnYqbOYY%#y7io`ftOl6mDWL`5?@~kVSJkE!72Njb)TQfR#8ib
zsN1bbhlt|wU}ty!LN<IBQYviecQNm~AxHO!7kor~rdCvf+C8Dh>?kTig>hMLO46VP
zCIYGoyCW>A>&YSNozLKT1m?$LT$4=avk~B>DBy40xq(b_FIjk%bBv2O-^AO<8Xp^m
z{D)!4cUsIez2sbrG|a@D@68sr1_exu*S9I173L=-;9p0U3vID*DMCi0<b8hj^IMbi
z=bc!!OETv*RRvQykqZDP=&k}`wd6>x^yM@Vwr=l;N`++iYg{Gf-;tn+#F+E5_Vxit
z>Dh^hEIO@5rH9z`{an&uhjXnW<p?41w-9B@E5#$vGO)8qzO3{JlH_Zp+gsdGTd}g4
z-_V5+@;7U8>Y5gj8K7}&#<;u>Hs256^@zxaR`Fz7vpfRVV%sX20<mfpwV=F)-!;!w
zR2du^60IX=11&A|NFZzkxMyl@uacOYHoKDEpGy`!?J`$!9W}=35-Sn*OT&=gPvKhH
zh13(-XK`E+ldQEYa4%clQsM0+K^a0AuV6ebOmvMWV=o<0H9RiLY%W$6NyJ##1Wpsz
zQSg6^DScv(e=X<`m2etmh%<s@k|9n_>5vO~);4Z?MX=4}O<T$wQEItRvp|d>EVXYK
z!FbjxMu1xY;8doA9Y^x`Qr`zw5euy%;Uau_nev{|iff&rxOn_-7{+^h4B9MlYZev4
zs#Vl@>1bEomK9cmi-nLsvAZ+KB5aNhp|PM|xI<7WItoCUGQLADu5uUuDWr5C2F`<q
zu0YWTG(fcm{I9f%7VMKcZ{`lD*2L<l7+gfgG*F-=Y~s$n;ZsGIN@_<LnhFRm9z<(?
z$&v`ZbB7>14C$IEUCj4G7;m%W9a?BoR?jjeNN-CVY4I7CrUeGa$J+~NA42{&9VSa^
zw~nqG{FLU*`6&26q1r%1ZWD<Bhgoa$CZzN`ZsEbSd>Bs%3xHh>7zp+~L5|#7sWZ|^
zxFVp|oG$7!a^{Mal`~4_MFuUftey+w{paO|5*fxl_PfY<pGA&?S5;gZ{OHV&3xiQ;
zLxN$*e+?mjy5Pv3D81J2T^qWCzQ#LMY}xTv<H6YiHiR(#xZE|?5#wYW`H=;Ct6N1%
z9)tO~Qyy8>#lcrZ%==+J>l7agkk-mdornjN{BYbVtpznO7R`}JK|(E{&z`?VI?6H?
zc+_B<#5QVhUURK238?uxbu*tm_wNw$)Ai)g+y1v^tTqM0dRWgb#8qoXBeQswsmenk
zjDMgPEL`%V2Iqw&=@qs`wQ@q(Dr=y}dChC4gBW?1G3i5GFi4C`x<g9s|K5))a&5J+
z?__0)yFRG+Yf-5xz!om*9FYQh_abYHv+5Z*zn-{P)mGs|{wRd;y;{<!hL+(mTWF0g
z>mrWyW-n@RF>NIm!gy;4<Clw)y#^?&9{<R4CpcZW5MY(!5lNcH$Ylm%(?BNGX4Rq+
z?+wBtMYTD|wze8P)WYZ6Cs{|1pGCC5k>jQj9$%4~wo2_FL8+klVJibe#$vmA|4Wt&
zdDklDYP!B!w0=Jf<HxbK(7TBA%ulp*U@Oo0R+5=Tr=<1gvG7Qy1?=6!kdH&iR|wDT
zBaJ=vyj3(vHTZA}jDLig_7Sd~q*JM8f2j0oOd`XFZEQW!WZZdkN{8SoA|d=k^pxj5
z6Y<@UsoKh82%N7!_xF{^TAnKI38?j?@Z@}deRo687Y`j~e4dYPrQ3NYKXd!FYadVW
zuV3x)uh}AYWWnKJ=Er539-5|i-2W*8rQ}}PKL~dJS+`o)K%4r5^0*oUV5MVAU|KZy
zN-G`e6V!Xjat#piWN(Hrelvve&OI;d5Q)-O7|3Egsam*NTuytwu9rFC%ntg~A><cl
zxYv<}!MkV`u?Z5x>W;`1k)l9=5d0tomqyAEkOF^^K?0Z2XaVQ7&H;#^e9HxTkhmbe
ze{>iIHwaO%-6Kau!FgcUwIt$*7zt{xsiju2XnV(BhL9g<g?c=y7;pP%j{EaY0JY3s
zPphfL#Izcx5b|vyj8BFz{<C&Kl>kYYVO&&NGS!Mi<%JL>o)#g$iORb^$Ka-{d6?>F
zt7+@C%z3QhGVBZML$9uYIB;IMh)LUz!~%xe^)M+v9CJQ|@x>7GBSmRq&Gghp54Pln
zc6|>|a;`PKx;KdD$$Q+{Lg)7k!+5{t3#e^vuvD1HNNh;T1Cd69UbGnQL=Z7o+rvD!
zYSTT9b3%o2Y5bV9dNeLqk<E+5u)?(>0T)msDM=)r$at6mLrY=YA4qR5i4K9=+KgWb
z;pB0vmK$Y}^jI{CTKw3`-$J&<n*p}8cfA}k53w&+ts=$2s>z&`bY(Ts;(pKjVX0!}
z(F?ZbaZ&HbnH3U7f=vX}865)U#tBZXz)(ck<47!Mkz24RHw}TpLAqBU4+q9|0mHEl
z<wV*FFKPFSom!t4pza0pwM=}EMYML|0!940)+Z_|S{9KwNmUHY!o^M9B4G_f@Ts<1
z2LSEDb(*WlkxD7akJ5*~4gyhn&NqLjkvNXRd2`8{6z_Sxg%GZ_obiMOTOB0K3zyf;
zw3*(oFf_E<32XINr-86i9-);AAz0P06bKF7fpbGu&?!(EOy$RAweF=(=E>fNTxdy3
z1YvO_Q6N;uQE9%&(kY0nNAY}OY;CMsK*?rEs~gnlPPMj18d;(E{;g$QuL<NKxh3BH
zJ=H4Gffy<tmsi{@CHQFfhjToYq&7(9<HoqC-^IP;$14J7jziSg&R8fA4i{R}b|;L>
zGXeBQgjoY^y{<3TLZn;8)oTIq#Bp0`5)ye<d$$3kRpf#fumI91=<URKFpRa0iH|uO
z6~bp87<UO&5I$qhw~BEwI)oI%Mh0CVB62DyRwS?zlTFl?h8qxInU)v~uoi+}>W$qV
z3J12H1HFn3H?QNoh1njLRm=2)Y!&CZii#APNN}=9IgRonrFd3Sl_W}Kl*vVNI)wH7
zke;V<6+yvc<0um30;HgnU=9@=y+Jd1)M96K#pRL6c<`zg-@IP=tZGf;AsF)BMaUgh
zWZ-{T_Zd=p2vT~RC3G^sqrh&pn*=kFlDw+K$T5Z60rGxZOMIQ?hOu9`IH7u!DlaA5
zJ`xL?%4?0e0jUM{QuWOcP`yK`gGz54HtyEJfO+BavTa)qY|Gu;r7{;P$9;TyOzGLl
z=x^m&j)qP!<9do;6&Y?92GnB|0-(YfD5^m1@y=v2N?JvazI5IyVuJ)pyp9Hv5OHG?
z&4ilVVuJLjbe~l{fA;@3Bfz)jIRrhDbb4XZ8u;bBm<O(@oYnZx>sjsbwbxD?wPo|{
z;ws6+pDBqhYEN<OglF;@sRf8+SW96MHOUlD?I9<SgagJ_Ys;&NESvMVNCrHYmcwCR
z%tA-WnkZ>k9fm@+ploYNSAr#QqudxDoF_l^z!E+51S?V0`}f{$slqa>Jd7R&ftHcF
zXDZ>r<YsNnEit7h0pOq90%e{q3Q5eO8J?yZVeD>Lxy|x|-+HH4)bo+ZRYar71o{UR
z?g~ttoP?cm9%>3|126anco9;1Bm!JGwAn#xcXXblazz2;$DPholx-apcv?`cmCw{Z
z-U}&x4*=ed4B;>;oH8xiMG3n>J+uT;sicFfKGU`p-{b;eqsJuzW4BArvWEAH$gv@n
z4_pw*@;ff+PX8HGx~+xAa45%?L%wGZ^^HqIq$Pt|)Z$v=sdqYQ{jxMR9Iy*g_&B8W
zTP6UOm81X@5Ly!~sS1K@D~X?@6jP6VhO>XSy)O=^ne#}crIGIdgXwWUBcD;O=CJpq
z{MDAmg9Ru3J^<YNf5{)~yg!R*{?}{4uvoWxC=lK%u?LV@7O)8LD5Uf<=8{U<EGsY=
zD%61^Y;rcv6h4Gm@(@Dht#vXaRbQtSmooS^V#5W3HbUw^84OJoEQ@imxHdJVl3@Nk
zr1YVdE~RA<<-LJh?3z9M>*9%dcDxq{%Zr6+#;j81=LxNqFt`YCS4`>Y2=E3)Xq3j~
zBsi}~n~sX4>!`TkxCx%u9YU}U+H&o4Wa8_=;8R8sYgPE9($<Ff9{v_n`U0eM(c%(p
z0kAcTjW(Uy;|8NiFYnc9vEY2~MWq)8<yrl`rvIM*pHyEd4Up1LPVTY{=ZnHhxCIB~
zi-hHviQybF_O`W7X{D2To~y`)Oeh^_(QE+4qGnl;#ACnP_FItBWk~6cmVnhmw{czr
z1Fva<R&%U&K=o=AEgtSx%Eci$V?9e?M1OZ-BCq}t<xxp~@`9k7a#>~ZDr{loysz+W
zY_(Oic1k>tCyRs#Ju-L`Fu0Zq3&h0Qlm|cM!?k?wDggWlQhHwrl(i~6tR{WEhG>=!
zqXiObC5)d|TrKo~o_)4QK<b%Z^!U7n%)nbArK1S&8bxpLh^j^T4_BpV!X#*ChONb+
zR^ueGV9qNR8Oezw3JxBTTaY-4gXHkAdz8fMhasg4)>f}a>t?NXEv=qp%`I(DyN#w+
zvB&hlqbj%FQ7j}^?E#Z;KI_7F(n12<J@J*^<{V8mZA>&cBt#-vCJJs5Xaz*jA-vkq
zxgQtzIU<t@i7nn3bwT3Ok;y`oQ|kI=^AAYr%LT`36`uDPjCrpgFS*ony<4rROi9))
z8`py5S_82|B;y`Z9zpQG?muBkr*xI&6j5SbYU-y6pT(@2m0nb{#bN8Q_GU%a^My-m
z%4gJRMus@5!Oj>0>YK2W>AYJq$Fq>TwP3rZDzj8P9#cSTz;ny~vYzwWzSdK<v}y-?
zkmGuh>%3x7Na^MX@Yx9PSE$2WiQrg_N`dO-h}QtZkD@G`>-VoDG}{&j57HfipnOEe
zUK$Ht)$q6|ei-XLkMr}M1%L+tK;`=CB}!{uWi=B^tK!A#XlrR-wfLUe)~0nK=)uPC
zDHYPRkQPkKQ_iC;Qc4#grKe!Wq882XD5**mxLZ^}gGR52X%)TRXcESyH9bU0svO`h
z39Kd8)pZqDWIF!=GvM7iRkH?+^x%2*WW%?1N3CndK@Id<^?}+i)XMC)-kH3<N1BDb
z+^qrNy|J*VXZAT{q!r;U#f4{}t`vkcg~gQ!BS8xUfE}l~=R8MUhzehP&e##CNi5>*
zL1a<B4ggO;O1Iw#26_)1x+OmF(7HvJJA~HRL0e{8LBCdJuNUNR0T{g;FzPr$N*{|U
z{Z`@%iQedr*NfSXh*pvEH`hMq3zsE~)%u8n4;Bc<f(4I^0OiJVk98Q)66a-wZ8*<%
zO<t+R8JL?Mx0)ho=u0NDW(%K7I#^zZQtcO@tqQDDNlTc4rhh-dzfyV>0RHB=a5W28
zG+yi#2)_0DHIbMf0nYb`vya{+pS|4-z^@^t4@UsAMR@CE&VwEIbf<0c<!faJh--|6
zTxr3OT0Q0u6^&-~_&NlZCrx>#ShTwe>pGUH6(a?b5^YFQCznja2hVO>2$R^qb;ZS1
zMNtq*v-~T`2Y&f)(Ve0)9joK3mH2FhIi%{xQv_HCQC>ei@3702*VZed><})dJtvPX
zjO7+)bEV^ZKLGp`Ci+AaCV(sxoC3TpnUFJ#tL5aYjReK2QS#)X6LWO&YiFOa&>Noa
zfn%LVpz(QlX!US3J~wxW-e1rmFZiC4ieB4l5v3zjx4nGmPm+THl_~^Cnov~oma6S;
zwdK8*2Q(L1bEbw->4G8t4sSz?Oy|cD;J(_0wC4@bb55PNp<k=nfakNDukBvoa}SA+
z2hjGA=XxgrS#*~zVYUEp+lhRr&?l%!G$OX1vU`zY*AO1nR+98cauUqeCUOyJ%mg$N
z6F}71ueP#2JAQwHls*Lvj^)wpX<u(WSFE&~mJnqx>)m=&GrvyDrj<Ti4_k{vdT8|&
zZd<Xd-oPj9@UKE4cq>v_f(q+q)~}w*0VG7$+JOtIC@8HWMJgp09H2}Qu{0&RP29_L
zZtj6ow#0vVb-+EWo;^`!J>`MUj;*cAX(gC>+yq)!^*vkBL)lPkKHDT8dLX9sTyfQm
z65hkabg8D3XBYj}Bh2OQ;Bx}1xbKA3Pqg{`mj(aZMW*A`67~qLXw?T=ytR5yKwE-3
zT93oDE#JlH6+NG4CZmQw;vFhjC>1@XD%1&C>~kW(=T789M!g>yj=?{+)&*EP7UaUk
zXf8#*8NL6%DhvLe^={!vdCn0Je(D{5c%36!{?>z4^%(4#WCz~G<B(Ig-hM&7$gNgP
z&|?WxWj_}CoF|KXNMw{V7Rexoscx<N%aKo4k{=_lEb7U%f0<-D7rb^ZtvIGdnW6m~
zYiD8&W%XoG^r*zdeeYRid85XxVU#`E+g6L{UhkpB4YjW+=5?@Rd0&Zy=al51E*KG-
z98fi%Y3|2`dh>HGs6z1TNsJu86A|EcPricZJU*`k>0Z-tuK>KqG4VPgH~R*8M&qqt
zjt9Jy1`j<PP`x5s3o%w|QD+s{$6%5Vv61wYt0>i;F_IsR2pxNV&*PFTnnB8?T>kz_
zEb(zOnGUCH@VNh4hY?;7ymji=QuS%=YFesJS3%^pGWJYHdhorx;JbIK*vhhRsW?5U
z+|>eh5dbd5lwOJ2s)b8)Hdr?sU1D*OHN{CI7OUCk`*oaTI=!ZQhagxVD*y1EuwT7o
zNaWvXMU<_JTMtduA<FPWF^pSV2WxB0eP0uOqJ%cQNi9euDYX_K&x{0HFOE|lS8<0B
zl6zKBV|bj}EBiE^7K%zwo}#sy>n)43TIg6gUoF<}R(T)`&iBH6Je7$>ZSLin^b8s3
z$xX2i4KzY<#C_uZvB-xCeFD)hM#_Y6sbSn&^_~(4KG!OunUY-Q;qKoO2lsSIg|^@`
zmUhSMHqt{L=QRQB5xmiA>Es!fsZ1JLDhThLq9r}V%F1p5zO@&g1%uMyZii|iCi=w9
zkkTjPF4TeKN-^eyTMs_Tea8L56@?&*1p|JMV-=asZb5cUmc7>9t?$#z9pX^?-jgDA
zkl}=f2Vxl=--v`>%R<^JW%9C`dq|Kh{{6`G@g#ld)O}R}*4Kfs)?+HhlM!Z!L^$mW
z5#ZrC(-pQ<C@ocor&4S6<mxpA>><(9RQ_H~FPrjX>BF^EMJxBJl?P+>%eKgsJZ-Ah
zh)tT{SYn-|eVC??cSL~Wf`5^z*MvKS*D?svV6L@_6yCLqc{`fh%~(SqBqPKg!zk~~
zxFy%YI-&Hw-a8?+E}+7D=&O#NKG}zgUg{-y)<%Q34kj#^kk^$#st}5}IHq)e1o$QF
z!c0*fR}{iBJc@x+aGncv-7Q`v*6qIm;2x-|EDQCfhgjGm+44$=dQpxviVp94SaKd)
z#ox%^_94#o6f3uKzr2}_+C|CJ9(na<RuZ9xiBJ9QRDnGL0DoS1)Gu4Lt#&w|eGO|Q
zxcm3F0PvB0nvNxe)<Q7V`siEW6Rn-G7az6YzAde>C8|)nzn<@j1?PK74|?Sy_Q1bd
zO8xT!a6P)uR^NN<IY{Z2xNFD$fq2qyt<|@*zk6GoxMt743;>T}E~GsL%-#y^yhQoE
z=ou}OaBDT#vOlVh&)WvJ+QE9Xd@W;L&jI(~R4qRJt&#{Y?m%rTrc~Op;|Oqt(kk{a
zj++xurv<C<%}U7XT~>aZ)js@C3sLKW)I(Z!UXf)UY|x6`t*$)_z}j=-*Xv7ZJvmyd
zB~1WGi(RxwziBa4luoEJwF7_;LQ20Z;So{LDq5$T(|c?uJgsd17ZG64%3M5F(Jh{F
zRv-1&%DcrrrspEr%etnQ%~SKjWBs?cF<+};pCvV@#SYqQaOfpYYF!7kpJz%RD((u8
zTcHGrJ2zEae~ATOOX+6KvGF(^w3<C?D!dkYLJtwMCvaAp#A=^!?Ve1S>><lxZ%cM)
z9#;?N$yO$O4_loc7?TF*x0=>jquwTetlPY)F+Hn{LmK||uzG2=jp_AsE0w9mO}YI0
Z{{ViWACRbmA3gv8002ovPDHLkV1h&o6`KG6

literal 0
HcmV?d00001

diff --git a/1-AD/resources/asazlab.bgi b/1-AD/resources/asazlab.bgi
new file mode 100644
index 0000000000000000000000000000000000000000..f830ed9997538203f467dd5b0856978da8025a47
GIT binary patch
literal 1568
zcmZ`(&rjPh6b}0#Z7?=zhn;=lGKnfJMPh)ES~?gKg^HGOm@hAhlbR-W<~X!~koI>^
zJM1}W)7F$!uW`Qbeb3Kd>})uW(*}PODVdAFd4rE8%=I3lCo`_O6czFBwd1@)qALa0
zQdRgbRDDEz0NKa`)e3I&Ojqn0G8=|v6Me%2J#18zlb6(GuG3tf@R&I!`!mMYfF<b`
zZJ(ZrP}aO8En4b;1`o0_&7?XXFlK1?>blUsGK8~^aRYIjLdsNue?jDUpZ1iD6eLDP
zTm9N?8abPbxw!7C!?#G7rB#KlGc2~~l#zB}ax7!1+FZ}2h!@>`S4yf2sd;$6Bs89w
zYJFcZHaFR<$}H+!Mp9TD!p<j*0aFPV5U-$3vzICS&YAJMEhkHJn#QjNCxsh-@ohd*
zrNcS}k@4csPosKcw?P9IhAtH{=e|r*&<2P>M0Iy(=aGg|Xzj%~aA_!bOhbPNDr4Fu
zEyW=|czW7gf26*#1oOxNRV--i?$XGt)TLgWGkjbHyUU;vnd}!}Q>2*cD~*_73UF7F
zEA9_*I+xVlnp>-XbDQ-iddJy##6{4gxnC!n>of%w(2#F8_V!#F^Wvr_#mz@YJQ`+=
zCTR)H`}gTk3Nlc@1s4%%J>-g!bMVME8IQ*`$lxIcuZB)hKWv!FSl<tKrlV9z&3sJ`
zf5=Re3rN@zvQ0Y0-C3HEUG~XOrZPNq`xJNjEQcJ<iK7`f7516B<31xjJjj-4k+Nmo
z)-h=Xfnr%^sTP=LBJhV?Fw&6;nqljf$Y)ZPNOf;Z3eZk14KYWfaLdwExGgIV%<9$_
zsns%L6;sw!rL3fES=r=S?*$X*ge~l_5b{`)Q_yS-wj&n%OnlKND_iYUge_UzUga21
ZO!?V0R-SMc2btsi!5?15H+60L@E^Xv#IXPX

literal 0
HcmV?d00001

diff --git a/1-AD/scripts/1-vmbootstrap/1-Set-Initial-Settings.ps1 b/1-AD/scripts/1-vmbootstrap/1-Set-Initial-Settings.ps1
new file mode 100644
index 0000000..f20880e
--- /dev/null
+++ b/1-AD/scripts/1-vmbootstrap/1-Set-Initial-Settings.ps1
@@ -0,0 +1,36 @@
+# Author: Roberto Rodriguez (@Cyb3rWard0g)
+# License: GPL-3.0
+
+[CmdletBinding()]
+param (
+    [Parameter(Mandatory=$false)]
+    [string]$SetupType
+)
+
+# Install DSC Modules
+& .\2-Install-DSC-Modules.ps1 -SetupType $SetupType
+
+# Custom Settings applied
+& .\3-Prepare-Box.ps1
+
+# Windows Security Audit Categories
+if ($SetupType -eq 'DC')
+{
+    & .\4-Enable-WinAuditCategories.ps1 -SetDC
+}
+else
+{
+    & .\4-Enable-WinAuditCategories.ps1
+}
+
+# PowerShell Logging
+& .\5-Enable-PowerShell-Logging.ps1
+
+# Set SACLs
+& .\6-Set-SACLs.ps1
+
+# Set Wallpaper
+& .\7-Set-WallPaper.ps1
+
+# Disable Defender Bits
+& .\8-disable-defender.ps1
\ No newline at end of file
diff --git a/1-AD/scripts/1-vmbootstrap/2-Install-DSC-Modules.ps1 b/1-AD/scripts/1-vmbootstrap/2-Install-DSC-Modules.ps1
new file mode 100644
index 0000000..cedaa19
--- /dev/null
+++ b/1-AD/scripts/1-vmbootstrap/2-Install-DSC-Modules.ps1
@@ -0,0 +1,25 @@
+#Requires -Version 5
+
+[CmdletBinding()]
+param (
+    [Parameter(Mandatory)]
+    [ValidateSet("DC",'Endpoint')]
+    [string]$SetupType
+
+)
+Set-ExecutionPolicy Unrestricted -Force
+
+[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
+
+Install-PackageProvider -Name NuGet -MinimumVersion 2.8.5.201 -Force
+Set-PSRepository -Name PSGallery -InstallationPolicy Trusted
+
+Install-Module -Name ActiveDirectoryDsc -RequiredVersion 6.0.1
+Install-Module -Name NetworkingDsc -RequiredVersion 8.2.0
+Install-Module -Name xPSDesiredStateConfiguration -RequiredVersion 9.1.0
+Install-Module -Name ComputerManagementDsc -RequiredVersion 8.4.0
+
+if ($SetupType -ne 'Endpoint')
+{
+    Install-Module -Name xDnsServer -RequiredVersion 1.16.0.0
+}
\ No newline at end of file
diff --git a/1-AD/scripts/1-vmbootstrap/3-Prepare-Box.ps1 b/1-AD/scripts/1-vmbootstrap/3-Prepare-Box.ps1
new file mode 100644
index 0000000..07be818
--- /dev/null
+++ b/1-AD/scripts/1-vmbootstrap/3-Prepare-Box.ps1
@@ -0,0 +1,212 @@
+# Author: Roberto Rodriguez (@Cyb3rWard0g)
+# License: GPL-3.0
+
+$ErrorActionPreference = "Stop"
+
+# Network Changes
+Write-host 'Setting network connection type to Private..'
+Get-NetConnectionProfile | Set-NetConnectionProfile -NetworkCategory Private
+
+# Stop Windows Update
+Write-Host "Disabling Windows Updates.."
+Set-Service wuauserv -StartupType Disabled
+Stop-Service wuauserv
+
+# Firewall Changes
+Write-Host "Allow ICMP Traffic through firewall"
+& netsh advfirewall firewall add rule name="ALL ICMP V4" protocol=icmpv4:any,any dir=in action=allow
+
+Write-Host "Enable WMI traffic through firewall"
+& netsh advfirewall firewall set rule group="windows management instrumentation (wmi)" new enable=yes
+
+Write-Host "Enable Inbound RPC Dynamic Ports"
+# Reference:
+# https://serverfault.com/questions/430705/how-do-i-allow-remote-iisreset-through-the-firewall-on-win-server-2008
+# https://stackoverflow.com/questions/21092050/comexception-when-trying-to-get-application-pools-using-servermanager
+# Local port: Dynamic RPC
+# Remote port: ALL
+# Protocol number: 6
+# Executable: %windir%\\system32\\dllhost.exe
+# Remote privilege: Administrator
+& netsh advfirewall firewall add rule name="COM+ Remote Administration (All Programs)" dir=in action=allow description="" program="$Env:WinDir\system32\dllhost.exe" enable=yes localport=RPC protocol=tcp
+
+Write-Host "Enable Explorer.exe Inbound (i.e. COM Method ShellWindows)"
+& netsh advfirewall firewall add rule name="Windows Explorer UDP" dir=in action=allow description="" program="$Env:WinDir\explorer.exe" enable=yes localport=any protocol=udp remoteip=localsubnet
+& netsh advfirewall firewall add rule name="Windows Explorer TCP" dir=in action=allow description="" program="$Env:WinDir\explorer.exe" enable=yes localport=any protocol=tcp remoteip=localsubnet
+
+## Configured firewall to allow SMB
+Write-Host "Enable File and Printer Sharing"
+& netsh advfirewall firewall set rule group="File and Printer Sharing" new enable=Yes
+
+# Power Settings
+Write-Host "Setting Power Performance"
+$HPGuid = (Get-WmiObject -Class win32_powerplan -Namespace root\cimv2\power -Filter "ElementName='High performance'").InstanceID.tostring()
+$regex = [regex]"{(.*?)}$"
+$PowerConfig = $regex.Match($HPGuid).groups[1].value 
+& powercfg -S $PowerConfig
+# Idle timeouts
+powercfg.exe -x -monitor-timeout-ac 0
+powercfg.exe -x -monitor-timeout-dc 0
+powercfg.exe -x -disk-timeout-ac 0
+powercfg.exe -x -disk-timeout-dc 0
+powercfg.exe -x -standby-timeout-ac 0
+powercfg.exe -x -standby-timeout-dc 0
+powercfg.exe -x -hibernate-timeout-ac 0
+powercfg.exe -x -hibernate-timeout-dc 0
+
+# Disable Hibernation
+Set-ItemProperty HKLM:\SYSTEM\CurrentControlSet\Control\Power\ -name HiberFileSizePercent -value 0
+Set-ItemProperty HKLM:\SYSTEM\CurrentControlSet\Control\Power\ -name HibernateEnabled -value 0
+
+# Set TimeZone
+Write-host "Setting Time Zone to Eastern Standard Time"
+Set-TimeZone -Name "Eastern Standard Time"
+
+# Removing OneDrive
+Write-Host "Removing OneDrive..."
+$onedrive = Get-Process onedrive -ErrorAction SilentlyContinue
+if ($onedrive) {
+  taskkill /f /im OneDrive.exe
+}
+if (Test-Path "$env:systemroot\SysWOW64\OneDriveSetup.exe") {
+    & $env:systemroot\SysWOW64\OneDriveSetup.exe /uninstall /q
+     if (!(Test-Path HKCR:))
+    {
+        New-PSDrive -Name HKCR -PSProvider Registry -Root HKEY_CLASSES_ROOT
+    }
+    if (Test-Path "HKCR:\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}") {
+        Remove-Item -Force -Path "HKCR:\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}"
+    }
+    if (Test-Path "HKCR:\Wow6432Node\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}") {
+        Remove-Item -Force -Path "HKCR:\Wow6432Node\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}"
+    }
+}
+
+# Disabling A few Windows 10 Settings:
+# Reference:
+# https://docs.microsoft.com/en-us/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services
+
+$regConfig = @"
+regKey,name,value,type
+"HKLM:\SOFTWARE\Policies\Microsoft\Windows\OOBE","DisablePrivacyExperience",1,"DWord"
+"HKLM:\SOFTWARE\Policies\Microsoft\Windows\Windows Search","AllowCortana",0,"DWord"
+"HKLM:\SOFTWARE\Policies\Microsoft\Windows\Windows Search","AllowSearchToUseLocation",0,"DWord"
+"HKLM:\SOFTWARE\Policies\Microsoft\Windows\Windows Search","DisableWebSearch",1,"DWord"
+"HKLM:\SOFTWARE\Policies\Microsoft\Windows\Windows Search","ConnectedSearchUseWeb",0,"DWord"
+"HKLM:\SOFTWARE\Policies\Microsoft\Windows\Device Metadata","PreventDeviceMetadataFromNetwork",1,"DWord"
+"HKLM:\SOFTWARE\Policies\Microsoft\FindMyDevice","AllowFindMyDevice",0,"DWord"
+"HKLM:\SOFTWARE\Policies\Microsoft\Windows\PreviewBuilds","AllowBuildPreview",0,"DWord"
+"HKLM:\SOFTWARE\Policies\Microsoft\Internet Explorer\Suggested Sites","Enabled",0,"DWord"
+"HKLM:\SOFTWARE\Policies\Microsoft\Internet Explorer","AllowServicePoweredQSA",0,"DWord"
+"HKLM:\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Explorer\AutoComplete","AutoSuggest","no","String"
+"HKLM:\SOFTWARE\Policies\Microsoft\Internet Explorer\Geolocation","PolicyDisableGeolocation",1,"DWord"
+"HKLM:\SOFTWARE\Policies\Microsoft\Internet Explorer\PhishingFilter","EnabledV9",0,"DWord"
+"HKLM:\SOFTWARE\Policies\Microsoft\Internet Explorer\BrowserEmulation","DisableSiteListEditing",1,"DWord"
+"HKLM:\SOFTWARE\Policies\Microsoft\Internet Explorer\FlipAhead","Enabled",0,"DWord"
+"HKLM:\SOFTWARE\Policies\Microsoft\Internet Explorer\Feeds","BackgroundSyncStatus",0,"DWord"
+"HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer","AllowOnlineTips",0,"DWord"
+"HKCU:\SOFTWARE\Microsoft\Internet Explorer\Main","Start Page","about:blank","String"
+"HKCU:\SOFTWARE\Microsoft\Internet Explorer\Control Panel","HomePage",1,"DWord"
+"HKCU:\SOFTWARE\Policies\Microsoft\Internet Explorer\Main","DisableFirstRunCustomize",1,"DWord"
+"HKLM:\SYSTEM\CurrentControlSet\Services\LicenseManager","Start",4,"DWord"
+"HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Main","PreventFirstRunPage",1,"DWord"
+"HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Main","AllowPrelaunch", 0, "Dword"
+"HKLM:\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\PushNotifications","NoCloudApplicationNotification",1,"DWord"
+"HKLM:\SOFTWARE\Policies\Microsoft\Windows\OneDrive","DisableFileSyncNGSC",1,"DWord"
+"HKLM:\SOFTWARE\Microsoft\OneDrive","PreventNetworkTrafficPreUserSignIn",1,"DWord"
+"HKCU:\SOFTWARE\Microsoft\Speech_OneCore\Settings\OnlineSpeechPrivacy","HasAccepted",0,"DWord"
+"HKLM:\SOFTWARE\Policies\Microsoft\Speech","AllowSpeechModelUpdate",0,"DWord"
+"HKCU:\SOFTWARE\Microsoft\InputPersonalization","RestrictImplicitTextCollection",1,"DWord"
+"HKCU:\SOFTWARE\Microsoft\InputPersonalization","RestrictImplicitInkCollection",1,"DWord"
+"HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\AdvertisingInfo","Enabled",0,"DWord"
+"HKLM:\SOFTWARE\Policies\Microsoft\Windows\AdvertisingInfo","DisabledByGroupPolicy",1,"DWord"
+"HKLM:\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy","LetAppsAccessLocation",2,"DWord"
+"HKLM:\SOFTWARE\Policies\Microsoft\Windows\LocationAndSensors","DisableLocation",1,"DWord"
+"HKLM:\SOFTWARE\Policies\Microsoft\Windows\DataCollection","DoNotShowFeedbackNotifications",1,"DWord"
+"HKLM:\SOFTWARE\Policies\Microsoft\Windows\DataCollection","AllowTelemetry",0,"DWord"
+"HKLM:\SOFTWARE\Policies\Microsoft\Windows\CloudContent","DisableWindowsConsumerFeatures",1,"DWord"
+"HKCU:\SOFTWARE\Policies\Microsoft\Windows\CloudContent","DisableTailoredExperiencesWithDiagnosticData",1,"DWord"
+"HKLM:\SOFTWARE\Policies\Policies\Microsoft\Windows\System","EnableSmartScreen",0,"DWord"
+"HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender\SmartScreen","ConfigureAppInstallControlEnabled",1,"DWord"
+"HKLM:\SOFTWARE\Policies\Microsoft\Windows Defender\SmartScreen","ConfigureAppInstallControl","Anywhere","String"
+"@
+
+Write-host "Setting up Registry keys for additional settings.."
+$regConfig | ConvertFrom-Csv | ForEach-Object {
+    if(!(Test-Path $_.regKey)){
+        Write-Host $_.regKey " does not exist.."
+        New-Item $_.regKey -Force
+    }
+    Write-Host "Setting " $_.regKey
+    New-ItemProperty -Path $_.regKey -Name $_.name -Value $_.value -PropertyType $_.type -force
+}
+
+# Additional registry configurations
+# References:
+# https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/network-security-lan-manager-authentication-level
+# https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/network-security-restrict-ntlm-outgoing-ntlm-traffic-to-remote-servers
+# https://github.com/eladshamir/Internal-Monologue/blob/85134e4ebe5ea9e7f6b39d4b4ad467e40a0c9eca/InternalMonologue/InternalMonologue.cs
+
+$regConfig = @"
+regKey,name,value,type
+"HKLM:\SYSTEM\CurrentControlSet\Control\Lsa","LmCompatibilityLevel",2,"DWord"
+"HKLM:\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0","NTLMMinClientSec",536870912,"DWord"
+"HKLM:\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0","RestrictSendingNTLMTraffic",0,"DWord"
+"@
+
+Write-host "Setting up Registry keys for additional settings.."
+$regConfig | ConvertFrom-Csv | ForEach-Object {
+    if(!(Test-Path $_.regKey)){
+        Write-Host $_.regKey " does not exist.."
+        New-Item $_.regKey -Force
+    }
+    Write-Host "Setting " $_.regKey
+    New-ItemProperty -Path $_.regKey -Name $_.name -Value $_.value -PropertyType $_.type -force
+}
+
+# Set up PSRemoting 
+$ServiceName = 'WinRM'
+$arrService = Get-Service -Name $ServiceName
+
+if ($arrService.Status -eq 'Running')
+{
+    Write-Host "$ServiceName Service is now Running"
+}
+else
+{
+    Write-host 'Enabling WinRM..'
+    winrm quickconfig -q
+    write-Host "Setting WinRM to start automatically.."
+    & sc.exe config WinRM start= auto
+}
+
+# Enable Remote Registry Service 
+$ServiceName = 'remoteregistry'
+$arrService = Get-Service -Name $ServiceName
+
+if ($arrService.Status -eq 'Running')
+{
+    Write-Host "$ServiceName Service is now Running"
+}
+else
+{
+    Write-host 'Enabling Remote Registry..'
+    & sc start remoteregistry
+    write-Host "Setting Remote Registry to start automatically.."
+    & sc.exe config remoteregistry start= auto
+}
+
+# Setting UAC level to Never Notify
+Write-Host "Setting UAC level to Never Notify.."
+Set-ItemProperty -Force -Path "HKLM:\Software\Microsoft\Windows\CurrentVersion\Policies\System" -Name "ConsentPromptBehaviorAdmin" -Value 0
+
+# *** Registry modified to allow storage of wdigest credentials ***
+Write-Host "Setting WDigest to use logoncredential.."
+Set-ItemProperty -Force -Path "HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\WDigest" -Name "UseLogonCredential" -Value "1"
+
+# RDP enabled for all Windows hosts
+# Adding Authenticated Users to Remote Desktop Users
+write-Host "Adding Authenticated Users to Remote Desktop Users.."
+Add-LocalGroupMember -Group "Remote Desktop Users" -Member "Authenticated Users" -ErrorAction SilentlyContinue
+Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server' -name "fDenyTSConnections" -value 0
+Enable-NetFirewallRule -DisplayGroup "Remote Desktop"
\ No newline at end of file
diff --git a/1-AD/scripts/1-vmbootstrap/4-Enable-WinAuditCategories.ps1 b/1-AD/scripts/1-vmbootstrap/4-Enable-WinAuditCategories.ps1
new file mode 100644
index 0000000..dc527a3
--- /dev/null
+++ b/1-AD/scripts/1-vmbootstrap/4-Enable-WinAuditCategories.ps1
@@ -0,0 +1,70 @@
+# Author: Roberto Rodriguez (@Cyb3rWard0g)
+# License: GPL-3.0
+
+[CmdletBinding()]
+param (
+    [Parameter(Mandatory=$false)]
+    [switch]$SetDC
+)
+
+# Enabling Audit Policies
+write-Host "Enabling Sub-categories .."
+
+Write-host "Enabling Audit System Sub-Categories"
+# Not auditing: IPsec Driver 
+& auditpol.exe /set /subcategory:"Security System Extension","System Integrity","Other System Events","Security State Change" /success:enable /failure:enable
+
+Write-host "Enabling Audit Logon/Logoff Sub-Categories"
+# Not auditing: IPsec Main Mode, IPsec Quick Mode, IPsec Extended Mode, Network Policy Server, "User / Device Claims"
+& auditpol.exe /set /subcategory:"Logon","Logoff","Account Lockout","Special Logon","Other Logon/Logoff Events","Group Membership" /success:enable /failure:enable
+
+Write-host "Enabling Audit Object Access Sub-Categories"
+# Not auditing: Application Generated, Filtering Platform Packet Drop 
+& auditpol.exe /set /subcategory:"File System","Registry","Kernel Object","SAM","Certification Services","Handle Manipulation","File Share","Filtering Platform Connection","Other Object Access Events","Detailed File Share","Removable Storage","Central Policy Staging" /success:enable /failure:enable
+
+Write-host "Enabling Audit Privilege Use Sub-Categories"
+# Not auditing:  
+& auditpol.exe /set /subcategory:"Non Sensitive Privilege Use","Other Privilege Use Events","Sensitive Privilege Use" /success:enable /failure:enable
+
+Write-host "Enabling Audit Detailed Tracking Sub-Categories"
+# Not auditing:  
+& auditpol.exe /set /subcategory:"Process Creation","Process Termination","DPAPI Activity","RPC Events","Plug and Play Events","Token Right Adjusted Events" /success:enable /failure:enable
+
+Write-host "Enabling Audit Policy Change Sub-Categories"
+# Not auditing:  
+& auditpol.exe /set /subcategory:"Audit Policy Change","Authentication Policy Change","Authorization Policy Change","MPSSVC Rule-Level Policy Change","Filtering Platform Policy Change","Other Policy Change Events" /success:enable /failure:enable
+
+Write-host "Enabling Audit Account Management Sub-Categories"
+# Not auditing: 
+& auditpol.exe /set /subcategory:"Computer Account Management","Security Group Management","Distribution Group Management","Application Group Management","Other Account Management Events","User Account Management" /success:enable /failure:enable
+
+Write-host "Enabling Audit Account Logon Sub-Categories"
+# Not auditing: Kerberos Service Ticket Operations, Kerberos Authentication Service
+& auditpol.exe /set /subcategory:"Other Account Logon Events","Credential Validation" /success:enable /failure:enable
+
+if ($SetDC)
+{
+    Write-host "Enabling Audit DS Access Sub-Categories"
+    # Not auditing:  
+    & auditpol.exe /set /subcategory:"Directory Service Access","Directory Service Changes","Directory Service Replication","Detailed Directory Service Replication" /success:enable /failure:enable
+
+    Write-host "Enabling Audit Account Logon Sub-Categories"
+    # Not auditing:  
+    & auditpol.exe /set /subcategory:"Kerberos Service Ticket Operations","Other Account Logon Events","Kerberos Authentication Service","Credential Validation" /success:enable /failure:enable
+}
+
+$regConfig = @"
+regKey,name,value,type
+"HKLM:\SYSTEM\CurrentControlSet\Control\Lsa","scenoapplylegacyauditpolicy",1,"DWord"
+"HKLM:\Software\Microsoft\Windows\CurrentVersion\Policies\System\Audit","ProcessCreationIncludeCmdLine_Enabled",1,"DWord"
+"@
+
+Write-host "Setting up Registry keys for additional auditing settings.."
+$regConfig | ConvertFrom-Csv | ForEach-Object {
+    if(!(Test-Path $_.regKey)){
+        Write-Host $_.regKey " does not exist.."
+        New-Item $_.regKey -Force
+    }
+    Write-Host "Setting " $_.regKey
+    New-ItemProperty -Path $_.regKey -Name $_.name -Value $_.value -PropertyType $_.type -force
+}
\ No newline at end of file
diff --git a/1-AD/scripts/1-vmbootstrap/5-Enable-PowerShell-Logging.ps1 b/1-AD/scripts/1-vmbootstrap/5-Enable-PowerShell-Logging.ps1
new file mode 100644
index 0000000..f4533f9
--- /dev/null
+++ b/1-AD/scripts/1-vmbootstrap/5-Enable-PowerShell-Logging.ps1
@@ -0,0 +1,21 @@
+# Author: Roberto Rodriguez (@Cyb3rWard0g)
+# License: GPL-3.0
+
+# Enable PowerShell Logging
+$regConfig = @"
+regKey,name,value,type
+"HKLM:\SOFTWARE\Policies\Microsoft\Windows\PowerShell\ScriptBlockLogging","EnableScriptBlockLogging",1,"DWORD"
+"HKLM:\SOFTWARE\Policies\Microsoft\Windows\PowerShell\ScriptBlockLogging","EnableScriptBlockInvocationLogging",1,"DWORD"
+"HKLM:\SOFTWARE\Policies\Microsoft\Windows\PowerShell\ModuleLogging","EnableModuleLogging",1,"DWORD"
+"HKLM:\SOFTWARE\Policies\Microsoft\Windows\PowerShell\ModuleLogging\ModuleNames",*,*,"String"
+"@
+
+Write-host "Setting up PowerShell registry settings.."
+$regConfig | ConvertFrom-Csv | ForEach-Object {
+    if(!(Test-Path $_.regKey)){
+        Write-Host $_.regKey " does not exist.."
+        New-Item $_.regKey -Force
+    }
+    Write-Host "Setting " $_.regKey
+    New-ItemProperty -Path $_.regKey -Name $_.name -Value $_.value -PropertyType $_.type -force
+}
\ No newline at end of file
diff --git a/1-AD/scripts/1-vmbootstrap/6-Set-SACLs.ps1 b/1-AD/scripts/1-vmbootstrap/6-Set-SACLs.ps1
new file mode 100644
index 0000000..6d78301
--- /dev/null
+++ b/1-AD/scripts/1-vmbootstrap/6-Set-SACLs.ps1
@@ -0,0 +1,85 @@
+# Author: Roberto Rodriguez (@Cyb3rWard0g)
+# License: GPL-3.0
+
+# REGISTRY
+Import-Module .\Set-AuditRule.ps1
+
+$AuditRules = @"
+regKey;wellKnownSidType;rights;inheritanceFlags;propagationFlags;auditFlags
+"HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Run";"AuthenticatedUserSid";"QueryValues";"None";"None";"Success"
+"HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce";"AuthenticatedUserSid";"QueryValues";"None";"None";"Success"
+"HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run";"AuthenticatedUserSid";"QueryValues";"None";"None";"Success"
+"HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce";"AuthenticatedUserSid";"QueryValues";"None";"None";"Success"
+"HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\RunService";"AuthenticatedUserSid";"QueryValues";"None";"None";"Success"
+"HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceService";"AuthenticatedUserSid";"QueryValues";"None";"None";"Success"
+"HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunService";"AuthenticatedUserSid";"QueryValues";"None";"None";"Success"
+"HKLM:\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnceService";"AuthenticatedUserSid";"QueryValues";"None";"None";"Success"
+"HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon";"AuthenticatedUserSid";"QueryValues";"None";"None";"Success"
+"HKLM:\SOFTWARE\Policies\Microsoft Services\AdmPwd";"AuthenticatedUserSid";"QueryValues";"None";"None";"Success"
+"HKLM:\SYSTEM\CurrentControlSet\Control\Lsa";"AuthenticatedUserSid";"QueryValues";"None";"None";"Success"
+"HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\RunMRU";"AuthenticatedUserSid";"QueryValues";"None";"None";"Success"
+"HKLM:\SYSTEM\CurrentControlSet\Services\SysmonDrv\Parameters";"AuthenticatedUserSid";"QueryValues";"None";"None";"Success"
+"HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\Audit";"AuthenticatedUserSid";"QueryValues";"None";"None";"Success"
+"HKLM:\SOFTWARE\Policies\Microsoft\Windows\EventLog\EventForwarding\SubscriptionManager";"AuthenticatedUserSid";"QueryValues";"None";"None";"Success"
+"HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\webcam";"AuthenticatedUserSid";"SetValue,WriteKey";"ContainerInherit";"InheritOnly";"Success"
+"HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\CapabilityAccessManager\ConsentStore\microphone";"AuthenticatedUserSid";"SetValue,WriteKey";"ContainerInherit";"InheritOnly";"Success"
+"HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\TelemetryController";"AuthenticatedUserSid";"SetValue,WriteKey";"ContainerInherit";"InheritOnly";"Success"
+"HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\WDigest";"AuthenticatedUserSid";"QueryValues,SetValue,WriteKey";"None";"None";"Success"
+"HKLM:\SYSTEM\CurrentControlSet\Control\Lsa\JD";"AuthenticatedUserSid";"QueryValues";"None";"None";"Success"
+"HKLM:\SYSTEM\CurrentControlSet\Control\Lsa\Skew1";"AuthenticatedUserSid";"QueryValues";"None";"None";"Success"
+"HKLM:\SYSTEM\CurrentControlSet\Control\Lsa\GBG";"AuthenticatedUserSid";"QueryValues";"None";"None";"Success"
+"HKLM:\SYSTEM\CurrentControlSet\Control\Lsa\Data";"AuthenticatedUserSid";"QueryValues";"None";"None";"Success"
+"HKLM:\SOFTWARE\Microsoft\Internet Explorer";"AuthenticatedUserSid";"QueryValues";"None";"None";"Success"
+"@
+
+write-host "Enabling audit rules.."
+$AuditRules | ConvertFrom-Csv -Delimiter ';' | ForEach-Object {
+    if(!(Test-Path $_.regKey)){
+        Write-Host $_.regKey " does not exist.."
+    }
+    else {
+        Write-Host "Updating SACL of " $_.regKey
+        Set-AuditRule -RegistryPath $_.regKey -WellKnownSidType $_.wellKnownSidType -Rights $_.rights.split(",") -InheritanceFlags $_.inheritanceFlags -PropagationFlags $_.propagationFlags -AuditFlags $_.auditFlags -ErrorAction SilentlyContinue
+    }
+}
+
+# SERVICES
+
+# Update SDDL of a service and add (AU;SAFA;RPWPDTCCLC;;;WD)
+<#
+Ace Type:
+"AU": SYSTEM_AUDIT_ACE_TYPE
+Ace Flags:
+"SA"    : SUCCESSFUL_ACCESS_ACE_FLAG
+"FA"    : FAILED_ACCESS_ACE_FLAG
+Rights:
+RP : SERVICE_START – start the service
+WP: SERVICE_STOP – stop the service
+DT: SERVICE_PAUSE_CONTINUE – pause / continue the service
+CC – SERVICE_QUERY_CONFIG – ask the SCM for the service's current configuration
+LC – SERVICE_QUERY_STATUS – ask the SCM for the service's current status
+Object Guid: NA
+Inherit Object Guid: NA
+Account SIDs:
+  * WD: SDDL_EVERYONE
+  * NU: SDDL_NETWORK
+#>
+$ServiceRules = @"
+service;addition
+"IKEEXT";"(AU;SAFA;RPWPDTCCLC;;;WD)"
+"SessionEnv";"S:(AU;SAFA;RPWPDTCCLC;;;WD)"
+"scmanager";"(AU;SAFA;GA;;;NU)"
+"@
+
+$ServiceRules | ConvertFrom-Csv -Delimiter ';' | ForEach-Object {
+    if(Get-Service $service){
+        Write-Host "[+] Processing " $_.service
+        # Get Sddl
+        $sddl = (& $env:SystemRoot\System32\sc.exe sdshow $_.service | Out-String).Trim()
+        # Define new Sddl
+        $newSddl = ('{0}{1}' -f $sddl, $_.addition).Trim()
+        # Update Sddl
+        write-host "  [>] Updating SDDL.."
+        & $env:SystemRoot\System32\sc.exe sdset $_.service "$newSddl"
+    }
+} 
\ No newline at end of file
diff --git a/1-AD/scripts/1-vmbootstrap/7-Set-WallPaper.ps1 b/1-AD/scripts/1-vmbootstrap/7-Set-WallPaper.ps1
new file mode 100644
index 0000000..336a1f3
--- /dev/null
+++ b/1-AD/scripts/1-vmbootstrap/7-Set-WallPaper.ps1
@@ -0,0 +1,21 @@
+# Author: Roberto Rodriguez (@Cyb3rWard0g)
+# License: GPL-3.0
+
+[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
+
+Resolve-DnsName github.com
+Resolve-DnsName raw.githubusercontent.com
+Resolve-DnsName live.sysinternals.com
+
+$wc = new-object System.Net.WebClient
+# Download BgInfo
+$wc.DownloadFile('http://live.sysinternals.com/bginfo.exe', 'C:\ProgramData\bginfo.exe')
+
+# Copy Wallpaper
+$wc.DownloadFile('https://github.com/AntiSyphon/asazlab/raw/main/1-AD/resources/AS.jpg', 'C:\ProgramData\AS.jpg')
+
+# Copy BGInfo config
+$wc.DownloadFile('https://github.com/AntiSyphon/asazlab/raw/main/1-AD/resources/asazlab.bgi', 'C:\ProgramData\asazlab.bgi')
+
+# Set Run Key
+New-ItemProperty -Path "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" -Name "BgInfo" -Value "C:\ProgramData\bginfo.exe C:\ProgramData\asazlab.bgi /silent /timer:0 /nolicprompt" -PropertyType "String" -force
\ No newline at end of file
diff --git a/1-AD/scripts/1-vmbootstrap/8-disable-defender.ps1 b/1-AD/scripts/1-vmbootstrap/8-disable-defender.ps1
new file mode 100644
index 0000000..4c8ae50
--- /dev/null
+++ b/1-AD/scripts/1-vmbootstrap/8-disable-defender.ps1
@@ -0,0 +1,9 @@
+[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
+mkdir c:\ASAZ
+cd c:\ASAZ
+Add-MpPreference -ExclusionPath C:\ASAZ
+IEX(New-Object Net.Webclient).DownloadString('https://raw.githubusercontent.com/AntiSyphon/asazlab/main/1-AD/scripts/1-vmbootstrap/9-disable-defender%20.ps1') 
+                                              
+
+
+
diff --git a/1-AD/scripts/1-vmbootstrap/Set-AuditRule.ps1 b/1-AD/scripts/1-vmbootstrap/Set-AuditRule.ps1
new file mode 100644
index 0000000..97825cc
--- /dev/null
+++ b/1-AD/scripts/1-vmbootstrap/Set-AuditRule.ps1
@@ -0,0 +1,326 @@
+function Set-AuditRule
+{
+    <#
+    .SYNOPSIS
+
+    Sets an access control entry (ACE) on a system access control list (SACL) of a file, registry or ad object security descriptor.
+
+    .PARAMETER RegistryPath
+
+    Path of the registry securable object
+    
+    .PARAMETER FilePath
+
+    Path of the file securable object
+
+    .PARAMETER AdObjectPath
+
+    Path of the Ad securable object
+
+    .PARAMETER WellKnownSidType
+
+    Commonly used Security Identifier. We leverage the parameter attribute called ArgumentCompleter to add tab completion values.
+    These values are obtained from the System.Security.Principal.WellKnownSidType enum.
+    Examples:
+    - WorldSid -> Indicates a SID that matches everyone.
+    - NetworkSid -> Indicates a SID for a network account. This SID is added to the process of a token when it logs on across a network.
+    - BuiltinAdministratorsSid -> Indicates a SID that matches the administrator account.
+    - AccountDomainAdminsSid -> Indicates a SID that matches the account domain administrator group.
+    - AccountDomainUsersSid -> Indicates a SID that matches the account domain users group.
+
+    .PARAMETER Rights
+    
+    Specifies the types of access attempts to monitor. Access control rights that can be applied to a registry, file or ad objects.
+    These values are served dynamically from the following Enums: System.Security.AccessControl.RegistryRights, System.Security.AccessControl.FileSystemRights and System.DirectoryServices.ActiveDirectoryRights.
+
+    .PARAMETER InheritanceFlag
+
+    Inheritance flags specify the semantics of inheritance for access control entries (ACEs).
+    These values are served dynamically from the following Enums: System.DirectoryServices.ActiveDirectorySecurityInheritance and System.Security.AccessControl.InheritanceFlags.
+
+    .PARAMETER PropagationFlags
+
+    Specifies how Access Control Entries (ACEs) are propagated to child objects. These flags are significant only if inheritance flags are present.
+    These values are serverd dynamically from the following Enum: System.Security.AccessControl.PropagationFlags. 
+
+    .PARAMETER AuditFlags
+
+    Specifies the conditions for auditing attempts to access a securable object. Success or Failure.
+    These values are served dynamically from the following Enum: System.Security.AccessControl.AuditFlags.
+
+    .NOTES
+    
+    Author: Roberto Rodriguez (@Cyb3rWard0g)
+    License: GPL-3.0
+
+    Reference: 
+    - @adbertram - https://www.enowsoftware.com/solutions-engine/bid/185867/Powershell-Upping-your-Parameter-Validation-Game-with-Dynamic-Parameters-Part-II
+    - https://social.technet.microsoft.com/Forums/ie/en-US/b012f66e-08d1-46d2-b659-6ee004e721c0/powershell-to-set-sacl-on-files?forum=ITCG
+    - http://giuoco.org/security/configure-file-and-registry-auditing-with-powershell/
+    - https://medium.com/@cryps1s/detecting-windows-endpoint-compromise-with-sacls-cd748e10950
+    - https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_functions_advanced_parameters?view=powershell-7.1#argumentcompleter-attribute
+    - https://docs.microsoft.com/en-us/dotnet/api/system.security.principal.wellknownsidtype?view=net-5.0
+    - https://docs.microsoft.com/en-us/windows/win32/secauthz/sid-strings
+
+    .EXAMPLE
+
+    PS > Get-Acl -Path HKLM:\SYSTEM\CurrentControlSet\Services\Sysmondrv\Parameters\ -Audit | fl
+
+    Path   : Microsoft.PowerShell.Core\Registry::HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sysmondrv\Parameters\
+    Owner  : BUILTIN\Administrators
+    Group  : DESKTOP-WARDOG\None
+    Access : BUILTIN\Administrators Allow  FullControl
+             ..
+             ...
+    Audit  :
+    Sddl   : O:BAG:...
+    
+    PS > Set-AuditRule -RegistryPath HKLM:\SYSTEM\CurrentControlSet\Services\Sysmondrv\Parameters\ -WellKnownSidType WorldSid -Rights ReadKey,QueryValues -InheritanceFlags None -PropagationFlags None -AuditFlags Success
+    
+    PS > Get-Acl -Path HKLM:\SYSTEM\CurrentControlSet\Services\Sysmondrv\Parameters\ -Audit | fl
+
+    Path   : Microsoft.PowerShell.Core\Registry::HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sysmondrv\Parameters\
+    Owner  : BUILTIN\Administrators
+    Group  : DESKTOP-WARDOG\None
+    Access : BUILTIN\Administrators Allow  FullControl
+             ..
+             ...
+    Audit  : Everyone Success  ReadKey
+    Sddl   : O:BAG:...S:AI(AU;SA;KR;;;WD)
+
+    .EXAMPLE
+
+    PS > Get-Acl -Path C:\tools\test.txt -Audit | fl
+
+    Path   : Microsoft.PowerShell.Core\FileSystem::C:\tools\test.txt
+    Owner  : RIVENDELL\cbrown
+    Group  : 
+    Access : BUILTIN\Administrators Allow  FullControl
+             NT AUTHORITY\SYSTEM Allow  FullControl
+             BUILTIN\Users Allow  ReadAndExecute, Synchronize
+             NT AUTHORITY\Authenticated Users Allow  Modify, Synchronize
+    Audit  : 
+    Sddl   : O:S-1-5...
+
+    PS > Set-AuditRule -FilePath C:\tools\test4.txt.txt -WellKnownSidType WorldSid -Rights Read,Modify -InheritanceFlags None -PropagationFlags None -AuditFlags Success
+
+    PS > Get-Acl -Path C:\tools\test.txt -Audit | fl
+
+    Path   : Microsoft.PowerShell.Core\FileSystem::C:\tools\test.txt
+    Owner  : RIVENDELL\cbrown
+    Group  : 
+    Access : BUILTIN\Administrators Allow  FullControl
+             NT AUTHORITY\SYSTEM Allow  FullControl
+             BUILTIN\Users Allow  ReadAndExecute, Synchronize
+             NT AUTHORITY\Authenticated Users Allow  Modify, Synchronize
+    Audit  : Everyone Success  Modify
+    Sddl   : O:S-1-5... S:AI(AU;SA;CCDCLCSWRPWPLOCRSDRC;;;WD)
+
+    .EXAMPLE
+
+    PS > Enter-PSSession MORDORDC -Credential theshire\pgustavo
+    [MORDORDC]: PS > Import-Module activedirectory 
+    [MORDORDC]: PS > Get-Acl -Path 'AD:\CN=Domain Admins,CN=Users,DC=theshire,DC=local' -Audit | fl
+    [MORDORDC]: PS > Set-AuditRule -AdObjectPath 'AD:\CN=Domain Admins,CN=Users,DC=theshire,DC=local' -WellKnownSidType WorldSid -Rights GenericRead -InheritanceFlags None -AuditFlags Success
+    [MORDORDC]: PS > Get-Acl -Path 'AD:\CN=Domain Admins,CN=Users,DC=theshire,DC=local' -Audit | fl
+
+    #>
+
+    [CmdletBinding(DefaultParameterSetName='NoParam')]
+    param
+    (
+        [Parameter(Position=0,Mandatory=$true,ParameterSetname='RegistryAudit')]
+        [ValidateScript({Test-Path $_})]
+        [string]$RegistryPath,
+
+        [Parameter(Position=0,Mandatory=$true,ParameterSetname='FileAudit')]
+        [ValidateScript({Test-Path $_})]
+        [string]$FilePath,
+        
+        [Parameter(Position=0,Mandatory=$true,ParameterSetname='AdObjectAudit')]
+        [string]$AdObjectPath,
+
+        [Parameter(Position=1,Mandatory=$true)]
+        [ArgumentCompleter( {
+            param (
+                $CommandName,
+                $ParameterName,
+                $WordToComplete,
+                $CommandAst,
+                $FakeBoundParameters
+            )
+            [System.Security.Principal.WellKnownSidType].DeclaredMembers | Where-object { $_.IsStatic } | Select-Object -ExpandProperty name | Where-object {$_ -like "$wordToComplete*"}
+        })]
+        [String]$WellKnownSidType
+    )
+    DynamicParam {
+        if ($PSCmdlet.ParameterSetName -eq 'AdObjectAudit')
+        {
+            $ParamOptions = @(
+                @{
+                'Name' = 'Rights';
+                'Mandatory' = $true;
+                'ValidateSetOptions' = ([System.DirectoryServices.ActiveDirectoryRights]).DeclaredMembers | Where-object { $_.IsStatic } | Select-Object -ExpandProperty name
+                },
+                @{
+                'Name' = 'InheritanceFlags';
+                'Mandatory' = $true;
+                'ValidateSetOptions' = ([System.DirectoryServices.ActiveDirectorySecurityInheritance]).DeclaredMembers | Where-object { $_.IsStatic } | Select-Object -ExpandProperty name
+                },
+                @{
+                'Name' = 'AuditFlags';
+                'Mandatory' = $true;
+                'ValidateSetOptions' = ([System.Security.AccessControl.AuditFlags]).DeclaredMembers | Where-object { $_.IsStatic } | Select-Object -ExpandProperty name
+                },
+                @{
+                'Name' = 'AttributeGUID';
+                'Mandatory' = $false;
+                }
+            )
+
+            $DomainSidArray = ("AccountAdministratorSid","AccountGuestSid","AccountKrbtgtSid","AccountDomainAdminsSid","AccountDomainUsersSid","AccountDomainGuestsSid","AccountComputersSid","AccountControllersSid","AccountCertAdminsSid","AccountSchemaAdminsSid","AccountEnterpriseAdminsSid","AccountPolicyAdminsSid","AccountRasAndIasServersSid")
+            if ($DomainSidArray.Contains($WellKnownSidType))
+            {
+                $DomainSidOption = @{
+                    'Name' = 'DomainSid';
+                    'Mandatory' = $true
+                }
+                $ParamOptions = @($DomainSidOption) + $ParamOptions
+            }
+        }
+        else
+        {
+            If ($PSCmdlet.ParameterSetName -eq 'RegistryAudit'){$AccessRights = [System.Security.AccessControl.RegistryRights]}
+            If ($PSCmdlet.ParameterSetName -eq 'FileAudit'){$AccessRights = [System.Security.AccessControl.FileSystemRights]}
+            $ParamOptions = @(
+                @{
+                'Name' = 'Rights';
+                'Mandatory' = $true;
+                'ValidateSetOptions' = ($AccessRights).DeclaredMembers | Where-object { $_.IsStatic } | Select-Object -ExpandProperty name
+                },
+                @{
+                'Name' = 'InheritanceFlags';
+                'Mandatory' = $true;
+                'ValidateSetOptions' = ([System.Security.AccessControl.InheritanceFlags]).DeclaredMembers | Where-object { $_.IsStatic } | Select-Object -ExpandProperty name
+                },
+                @{
+                'Name' = 'PropagationFlags';
+                'Mandatory' = $true;
+                'ValidateSetOptions' = ([System.Security.AccessControl.PropagationFlags]).DeclaredMembers | Where-object { $_.IsStatic } | Select-Object -ExpandProperty name
+                },
+                @{
+                'Name' = 'AuditFlags';
+                'Mandatory' = $true;
+                'ValidateSetOptions' = ([System.Security.AccessControl.AuditFlags]).DeclaredMembers | Where-object { $_.IsStatic } | Select-Object -ExpandProperty name
+                }
+            )
+        }
+
+        $RuntimeParamDic = New-Object System.Management.Automation.RuntimeDefinedParameterDictionary
+        foreach ($Param in $ParamOptions) {
+            $RuntimeParam = New-DynamicParam @Param
+            $RuntimeParamDic.Add($Param.Name, $RuntimeParam)
+        }
+        return $RuntimeParamDic
+    }
+
+    begin {
+        $PsBoundParameters.GetEnumerator() | ForEach-Object { New-Variable -Name $_.Key -Value $_.Value -ea 'SilentlyContinue'}
+    }
+
+    process
+    {
+        try 
+        {
+            if ($DomainSid)
+            {
+                $IdentityReference = New-Object System.Security.Principal.SecurityIdentifier([System.Security.Principal.WellKnownSidType]$WellKnownSidType, [System.Security.Principal.SecurityIdentifier]$DomainSid)
+            }
+            else
+            {
+                $IdentityReference = New-Object System.Security.Principal.SecurityIdentifier([System.Security.Principal.WellKnownSidType] $WellKnownSidType,$Null)
+            }
+            if ($PSCmdlet.ParameterSetName -eq 'AdObjectAudit')
+            {
+                if ($AttributeGUID)
+                {
+                    $AuditRuleObject = New-Object System.DirectoryServices.ActiveDirectoryAuditRule($IdentityReference,$Rights,$AuditFlags,[guid]$AttributeGUID, $InheritanceFlags,[guid]'00000000-0000-0000-0000-000000000000')
+                }
+                else {
+                    $AuditRuleObject = New-Object System.DirectoryServices.ActiveDirectoryAuditRule($IdentityReference,$Rights,$AuditFlags,[guid]'00000000-0000-0000-0000-000000000000', $InheritanceFlags,[guid]'00000000-0000-0000-0000-000000000000')
+                    
+                }
+                $path = $AdObjectPath
+            }
+            else
+            {
+                If($PSCmdlet.ParameterSetName -eq 'RegistryAudit')
+                {
+                    $AuditRule = "System.Security.AccessControl.RegistryAuditRule"
+                    $Path = $RegistryPath
+                }
+                If($PSCmdlet.ParameterSetName -eq 'FileAudit')
+                {
+                    $AuditRule = "System.Security.AccessControl.FileSystemAuditRule"
+                    $Path = $FilePath
+                }
+                $AuditRuleObject = New-Object $AuditRule($IdentityReference,$Rights,$InheritanceFlags,$PropagationFlags,$AuditFlags)
+            }
+            $Acl = Get-Acl $Path -Audit
+            Write-Verbose "[+] Old ACL: $($Acl | Format-List | Out-String)"
+            Write-Verbose "[+] Adding ACE to SACL: $($AuditRuleObject | Out-String)"
+            $Acl.SetAuditRule($AuditRuleObject)
+            Set-Acl $Path $Acl
+            Write-Verbose "[+] New ACL: $($Acl | Format-List | Out-String)"
+        } 
+        catch 
+        {
+            Write-Error $_.Exception.Message
+        }
+    }
+}
+
+function New-DynamicParam {
+    [CmdletBinding()]
+    [OutputType('System.Management.Automation.RuntimeDefinedParameter')]
+    param (
+        [Parameter(Mandatory)]
+        [ValidateNotNullOrEmpty()]
+        [string]$Name,
+        [Parameter(Mandatory=$false)]
+        [array]$ValidateSetOptions,
+        [Parameter()]
+        [switch]$Mandatory = $false,
+        [Parameter()]
+        [switch]$ValueFromPipeline = $false,
+        [Parameter()]
+        [switch]$ValueFromPipelineByPropertyName = $false
+    )
+
+    $Attrib = New-Object System.Management.Automation.ParameterAttribute
+    $Attrib.Mandatory = $Mandatory.IsPresent
+    $Attrib.ValueFromPipeline = $ValueFromPipeline.IsPresent
+    $Attrib.ValueFromPipelineByPropertyName = $ValueFromPipelineByPropertyName.IsPresent
+
+    # Create AttributeCollection object for the attribute
+    $Collection = new-object System.Collections.ObjectModel.Collection[System.Attribute]
+    # Add our custom attribute
+    $Collection.Add($Attrib)
+    # Add Validate Set
+    if ($ValidateSetOptions)
+    {
+        $ValidateSet= new-object System.Management.Automation.ValidateSetAttribute($Param.ValidateSetOptions)
+        $Collection.Add($ValidateSet)
+    }
+
+    # Create Runtime Parameter
+    if ($Param.Name -eq 'Rights' -or $Param.Name -eq 'AuditFlags')
+    {
+        $DynParam = New-Object System.Management.Automation.RuntimeDefinedParameter($Param.Name, [array], $Collection)
+    }
+    else
+    {
+        $DynParam = New-Object System.Management.Automation.RuntimeDefinedParameter($Param.Name, [string], $Collection)
+    }
+    $DynParam
+}
\ No newline at end of file
diff --git a/1-AD/templates/AddADUsers.json b/1-AD/templates/AddADUsers.json
new file mode 100644
index 0000000..e0765ba
--- /dev/null
+++ b/1-AD/templates/AddADUsers.json
@@ -0,0 +1,60 @@
+{
+  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
+  "contentVersion": "1.0.0.0",
+  "parameters": {
+    "vmName": {
+      "type": "string"
+    },
+    "AddUsersScript": {
+      "type": "string"
+    },
+    "domainFQDN": {
+      "type": "string"
+    },
+    "adminUsername": {
+      "type": "string"
+    },
+    "adminPassword": {
+      "type": "securestring"
+    },
+    "location": {
+      "type": "string",
+      "metadata": {
+        "description": "Location for all resources."
+      }
+    }
+  },
+  "resources": [
+    {
+      "name": "[concat(parameters('vmName'), '/PowerShellDSC')]",
+      "type": "Microsoft.Compute/virtualMachines/extensions",
+      "apiVersion": "2019-12-01",
+      "location": "[parameters('location')]",
+      "properties": {
+        "publisher": "Microsoft.Powershell",
+        "type": "DSC",
+        "typeHandlerVersion": "2.77",
+        "autoUpgradeMinorVersion": true,
+        "settings": {
+          "wmfVersion": "latest",
+          "configuration": {
+            "url": "[parameters('AddUsersScript')]",
+            "script": "AddUsers1.ps1",
+            "function": "AddUsers"
+          },
+          "configurationArguments": {
+            "DomainFQDN": "[parameters('DomainFQDN')]"
+          }
+        },
+        "protectedSettings": {
+          "configurationArguments": {
+            "AdminCreds": {
+              "UserName": "[parameters('adminUsername')]",
+              "Password": "[parameters('adminPassword')]"
+            }
+          }
+        }
+      }
+    }
+  ]
+}
\ No newline at end of file
diff --git a/1-AD/templates/acds.json b/1-AD/templates/acds.json
new file mode 100644
index 0000000..58c92ce
--- /dev/null
+++ b/1-AD/templates/acds.json
@@ -0,0 +1,60 @@
+{
+  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
+  "contentVersion": "1.0.0.0",
+  "parameters": {
+    "vmName": {
+      "type": "string"
+    },
+    "acdsScript": {
+      "type": "string"
+    },
+    "domainFQDN": {
+      "type": "string"
+    },
+    "adminUsername": {
+      "type": "string"
+    },
+    "adminPassword": {
+      "type": "securestring"
+    },
+    "location": {
+      "type": "string",
+      "metadata": {
+        "description": "Location for all resources."
+      }
+    }
+  },
+  "resources": [
+    {
+      "name": "[concat(parameters('vmName'), '/PowerShellDSC')]",
+      "type": "Microsoft.Compute/virtualMachines/extensions",
+      "apiVersion": "2019-12-01",
+      "location": "[parameters('location')]",
+      "properties": {
+        "publisher": "Microsoft.Powershell",
+        "type": "DSC",
+        "typeHandlerVersion": "2.77",
+        "autoUpgradeMinorVersion": true,
+        "settings": {
+          "wmfVersion": "latest",
+          "configuration": {
+            "url": "[parameters('acdsScript')]",
+            "script": "ADCS.ps1",
+            "function": "ADCSDeploy"
+          },
+          "configurationArguments": {
+            "DomainFQDN": "[parameters('DomainFQDN')]"
+          }
+        },
+        "protectedSettings": {
+          "configurationArguments": {
+            "AdminCreds": {
+              "UserName": "[parameters('adminUsername')]",
+              "Password": "[parameters('adminPassword')]"
+            }
+          }
+        }
+      }
+    }
+  ]
+}
\ No newline at end of file
diff --git a/1-AD/templates/addspns.json b/1-AD/templates/addspns.json
new file mode 100644
index 0000000..04a4019
--- /dev/null
+++ b/1-AD/templates/addspns.json
@@ -0,0 +1,60 @@
+{
+  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
+  "contentVersion": "1.0.0.0",
+  "parameters": {
+    "vmName": {
+      "type": "string"
+    },
+    "spnsScript": {
+      "type": "string"
+    },
+    "domainFQDN": {
+      "type": "string"
+    },
+    "adminUsername": {
+      "type": "string"
+    },
+    "adminPassword": {
+      "type": "securestring"
+    },
+    "location": {
+      "type": "string",
+      "metadata": {
+        "description": "Location for all resources."
+      }
+    }
+  },
+  "resources": [
+    {
+      "name": "[concat(parameters('vmName'), '/PowerShellDSC')]",
+      "type": "Microsoft.Compute/virtualMachines/extensions",
+      "apiVersion": "2019-12-01",
+      "location": "[parameters('location')]",
+      "properties": {
+        "publisher": "Microsoft.Powershell",
+        "type": "DSC",
+        "typeHandlerVersion": "2.77",
+        "autoUpgradeMinorVersion": true,
+        "settings": {
+          "wmfVersion": "latest",
+          "configuration": {
+            "url": "[parameters('spnsScript')]",
+            "script": "spns.ps1",
+            "function": "Addspns"
+          },
+          "configurationArguments": {
+            "DomainFQDN": "[parameters('DomainFQDN')]"
+          }
+        },
+        "protectedSettings": {
+          "configurationArguments": {
+            "AdminCreds": {
+              "UserName": "[parameters('adminUsername')]",
+              "Password": "[parameters('adminPassword')]"
+            }
+          }
+        }
+      }
+    }
+  ]
+}
\ No newline at end of file
diff --git a/1-AD/templates/badblood.json b/1-AD/templates/badblood.json
new file mode 100644
index 0000000..092e84e
--- /dev/null
+++ b/1-AD/templates/badblood.json
@@ -0,0 +1,60 @@
+{
+  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
+  "contentVersion": "1.0.0.0",
+  "parameters": {
+    "vmName": {
+      "type": "string"
+    },
+    "badbloodScript": {
+      "type": "string"
+    },
+    "domainFQDN": {
+      "type": "string"
+    },
+    "adminUsername": {
+      "type": "string"
+    },
+    "adminPassword": {
+      "type": "securestring"
+    },
+    "location": {
+      "type": "string",
+      "metadata": {
+        "description": "Location for all resources."
+      }
+    }
+  },
+  "resources": [
+    {
+      "name": "[concat(parameters('vmName'), '/PowerShellDSC')]",
+      "type": "Microsoft.Compute/virtualMachines/extensions",
+      "apiVersion": "2019-12-01",
+      "location": "[parameters('location')]",
+      "properties": {
+        "publisher": "Microsoft.Powershell",
+        "type": "DSC",
+        "typeHandlerVersion": "2.77",
+        "autoUpgradeMinorVersion": true,
+        "settings": {
+          "wmfVersion": "latest",
+          "configuration": {
+            "url": "[parameters('badbloodScript')]",
+            "script": "badblood.ps1",
+            "function": "badblood"
+          },
+          "configurationArguments": {
+            "DomainFQDN": "[parameters('DomainFQDN')]"
+          }
+        },
+        "protectedSettings": {
+          "configurationArguments": {
+            "AdminCreds": {
+              "UserName": "[parameters('adminUsername')]",
+              "Password": "[parameters('adminPassword')]"
+            }
+          }
+        }
+      }
+    }
+  ]
+}
\ No newline at end of file
diff --git a/1-AD/templates/createADForest.json b/1-AD/templates/createADForest.json
new file mode 100644
index 0000000..7f7d72c
--- /dev/null
+++ b/1-AD/templates/createADForest.json
@@ -0,0 +1,64 @@
+{
+  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
+  "contentVersion": "1.0.0.0",
+  "parameters": {
+    "vmName": {
+      "type": "string"
+    },
+    "createADForestScript": {
+      "type": "string"
+    },
+    "domainFQDN": {
+      "type": "string"
+    },
+    "adminUsername": {
+      "type": "string"
+    },
+    "adminPassword": {
+      "type": "securestring"
+    },
+    "domainUsers": {
+      "type": "secureObject"
+    },
+    "location": {
+      "type": "string",
+      "metadata": {
+        "description": "Location for all resources."
+      }
+    }
+  },
+  "resources": [
+    {
+      "name": "[concat(parameters('vmName'), '/PowerShellDSC')]",
+      "type": "Microsoft.Compute/virtualMachines/extensions",
+      "apiVersion": "2019-12-01",
+      "location": "[parameters('location')]",
+      "properties": {
+        "publisher": "Microsoft.Powershell",
+        "type": "DSC",
+        "typeHandlerVersion": "2.77",
+        "autoUpgradeMinorVersion": true,
+        "settings": {
+          "wmfVersion": "latest",
+          "configuration": {
+            "url": "[parameters('createADForestScript')]",
+            "script": "Create-AD.ps1",
+            "function": "Create-AD"
+          },
+          "configurationArguments": {
+            "DomainFQDN": "[parameters('DomainFQDN')]"
+          }
+        },
+        "protectedSettings": {
+          "configurationArguments": {
+            "AdminCreds": {
+              "UserName": "[parameters('adminUsername')]",
+              "Password": "[parameters('adminPassword')]"
+            },
+            "DomainUsers": "[parameters('domainUsers').array]"
+          }
+        }
+      }
+    }
+  ]
+}
\ No newline at end of file
diff --git a/1-AD/templates/fileshares.json b/1-AD/templates/fileshares.json
new file mode 100644
index 0000000..f275f2f
--- /dev/null
+++ b/1-AD/templates/fileshares.json
@@ -0,0 +1,60 @@
+{
+  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
+  "contentVersion": "1.0.0.0",
+  "parameters": {
+    "vmName": {
+      "type": "string"
+    },
+    "filesharesScript": {
+      "type": "string"
+    },
+    "domainFQDN": {
+      "type": "string"
+    },
+    "adminUsername": {
+      "type": "string"
+    },
+    "adminPassword": {
+      "type": "securestring"
+    },
+    "location": {
+      "type": "string",
+      "metadata": {
+        "description": "Location for all resources."
+      }
+    }
+  },
+  "resources": [
+    {
+      "name": "[concat(parameters('vmName'), '/PowerShellDSC')]",
+      "type": "Microsoft.Compute/virtualMachines/extensions",
+      "apiVersion": "2019-12-01",
+      "location": "[parameters('location')]",
+      "properties": {
+        "publisher": "Microsoft.Powershell",
+        "type": "DSC",
+        "typeHandlerVersion": "2.77",
+        "autoUpgradeMinorVersion": true,
+        "settings": {
+          "wmfVersion": "latest",
+          "configuration": {
+            "url": "[parameters('filesharesScript')]",
+            "script": "fileshares.ps1",
+            "function": "fileshares"
+          },
+          "configurationArguments": {
+            "DomainFQDN": "[parameters('DomainFQDN')]"
+          }
+        },
+        "protectedSettings": {
+          "configurationArguments": {
+            "AdminCreds": {
+              "UserName": "[parameters('adminUsername')]",
+              "Password": "[parameters('adminPassword')]"
+            }
+          }
+        }
+      }
+    }
+  ]
+}
\ No newline at end of file
diff --git a/1-AD/templates/joinDomain.json b/1-AD/templates/joinDomain.json
new file mode 100644
index 0000000..a57e461
--- /dev/null
+++ b/1-AD/templates/joinDomain.json
@@ -0,0 +1,68 @@
+{
+  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
+  "contentVersion": "1.0.0.0",
+  "parameters": {
+    "vmName": {
+      "type": "string"
+    },
+    "joinDomainScript": {
+      "type": "string"
+    },
+    "domainFQDN": {
+      "type": "string"
+    },
+    "adminUsername": {
+      "type": "string"
+    },
+    "adminPassword": {
+      "type": "securestring"
+    },
+    "dcIpAddress": {
+      "type": "string"
+    },
+    "joinOU": {
+      "type": "string"
+    },
+    "location": {
+      "type": "string",
+      "metadata": {
+        "description": "Location for all resources."
+      }
+    }
+  },
+  "resources": [
+    {
+      "name": "[concat(parameters('vmName'), '/PowerShellDSC')]",
+      "type": "Microsoft.Compute/virtualMachines/extensions",
+      "apiVersion": "2019-12-01",
+      "location": "[parameters('location')]",
+      "properties": {
+        "publisher": "Microsoft.Powershell",
+        "type": "DSC",
+        "typeHandlerVersion": "2.77",
+        "autoUpgradeMinorVersion": true,
+        "settings": {
+          "wmfVersion": "latest",
+          "configuration": {
+            "url": "[parameters('joinDomainScript')]",
+            "script": "Join-Domain.ps1",
+            "function": "Join-Domain"
+          },
+          "configurationArguments": {
+            "DomainFQDN": "[parameters('DomainFQDN')]",
+            "DCIPAddress": "[parameters('dcIpAddress')]",
+            "JoinOU": "[parameters('joinOU')]"
+          }
+        },
+        "protectedSettings": {
+          "configurationArguments": {
+            "AdminCreds": {
+              "UserName": "[parameters('adminUsername')]",
+              "Password": "[parameters('adminPassword')]"
+            }
+          }
+        }
+      }
+    }
+  ]
+}
\ No newline at end of file
diff --git a/1-AD/templates/lab_dc.json b/1-AD/templates/lab_dc.json
new file mode 100644
index 0000000..5b26d20
--- /dev/null
+++ b/1-AD/templates/lab_dc.json
@@ -0,0 +1,60 @@
+{
+  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
+  "contentVersion": "1.0.0.0",
+  "parameters": {
+    "vmName": {
+      "type": "string"
+    },
+    "LAB_DC_CradleScript": {
+      "type": "string"
+    },
+    "domainFQDN": {
+      "type": "string"
+    },
+    "adminUsername": {
+      "type": "string"
+    },
+    "adminPassword": {
+      "type": "securestring"
+    },
+    "location": {
+      "type": "string",
+      "metadata": {
+        "description": "Location for all resources."
+      }
+    }
+  },
+  "resources": [
+    {
+      "name": "[concat(parameters('vmName'), '/PowerShellDSC')]",
+      "type": "Microsoft.Compute/virtualMachines/extensions",
+      "apiVersion": "2019-12-01",
+      "location": "[parameters('location')]",
+      "properties": {
+        "publisher": "Microsoft.Powershell",
+        "type": "DSC",
+        "typeHandlerVersion": "2.77",
+        "autoUpgradeMinorVersion": true,
+        "settings": {
+          "wmfVersion": "latest",
+          "configuration": {
+            "url": "[parameters('LAB_DC_CradleScript')]",
+            "script": "lab_dc.ps1",
+            "function": "lab_dc"
+          },
+          "configurationArguments": {
+            "DomainFQDN": "[parameters('DomainFQDN')]"
+          }
+        },
+        "protectedSettings": {
+          "configurationArguments": {
+            "AdminCreds": {
+              "UserName": "[parameters('adminUsername')]",
+              "Password": "[parameters('adminPassword')]"
+            }
+          }
+        }
+      }
+    }
+  ]
+}
\ No newline at end of file
diff --git a/1-AD/templates/lab_svr.json b/1-AD/templates/lab_svr.json
new file mode 100644
index 0000000..d4a3609
--- /dev/null
+++ b/1-AD/templates/lab_svr.json
@@ -0,0 +1,60 @@
+{
+  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
+  "contentVersion": "1.0.0.0",
+  "parameters": {
+    "vmName": {
+      "type": "string"
+    },
+    "LAB_SVR_CradleScript": {
+      "type": "string"
+    },
+    "domainFQDN": {
+      "type": "string"
+    },
+    "adminUsername": {
+      "type": "string"
+    },
+    "adminPassword": {
+      "type": "securestring"
+    },
+    "location": {
+      "type": "string",
+      "metadata": {
+        "description": "Location for all resources."
+      }
+    }
+  },
+  "resources": [
+    {
+      "name": "[concat(parameters('vmName'), '/PowerShellDSC')]",
+      "type": "Microsoft.Compute/virtualMachines/extensions",
+      "apiVersion": "2019-12-01",
+      "location": "[parameters('location')]",
+      "properties": {
+        "publisher": "Microsoft.Powershell",
+        "type": "DSC",
+        "typeHandlerVersion": "2.77",
+        "autoUpgradeMinorVersion": true,
+        "settings": {
+          "wmfVersion": "latest",
+          "configuration": {
+            "url": "[parameters('LAB_SVR_CradleScript')]",
+            "script": "lab_svr.ps1",
+            "function": "lab_svr"
+          },
+          "configurationArguments": {
+            "DomainFQDN": "[parameters('DomainFQDN')]"
+          }
+        },
+        "protectedSettings": {
+          "configurationArguments": {
+            "AdminCreds": {
+              "UserName": "[parameters('adminUsername')]",
+              "Password": "[parameters('adminPassword')]"
+            }
+          }
+        }
+      }
+    }
+  ]
+}
\ No newline at end of file
diff --git a/1-AD/templates/lab_ws.json b/1-AD/templates/lab_ws.json
new file mode 100644
index 0000000..a170c26
--- /dev/null
+++ b/1-AD/templates/lab_ws.json
@@ -0,0 +1,60 @@
+{
+  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
+  "contentVersion": "1.0.0.0",
+  "parameters": {
+    "vmName": {
+      "type": "string"
+    },
+    "LAB_WS_CradleScript": {
+      "type": "string"
+    },
+    "domainFQDN": {
+      "type": "string"
+    },
+    "adminUsername": {
+      "type": "string"
+    },
+    "adminPassword": {
+      "type": "securestring"
+    },
+    "location": {
+      "type": "string",
+      "metadata": {
+        "description": "Location for all resources."
+      }
+    }
+  },
+  "resources": [
+    {
+      "name": "[concat(parameters('vmName'), '/PowerShellDSC')]",
+      "type": "Microsoft.Compute/virtualMachines/extensions",
+      "apiVersion": "2019-12-01",
+      "location": "[parameters('location')]",
+      "properties": {
+        "publisher": "Microsoft.Powershell",
+        "type": "DSC",
+        "typeHandlerVersion": "2.77",
+        "autoUpgradeMinorVersion": true,
+        "settings": {
+          "wmfVersion": "latest",
+          "configuration": {
+            "url": "[parameters('LAB_WS_CradleScript')]",
+            "script": "lab_ws.ps1",
+            "function": "lab_ws"
+          },
+          "configurationArguments": {
+            "DomainFQDN": "[parameters('DomainFQDN')]"
+          }
+        },
+        "protectedSettings": {
+          "configurationArguments": {
+            "AdminCreds": {
+              "UserName": "[parameters('adminUsername')]",
+              "Password": "[parameters('adminPassword')]"
+            }
+          }
+        }
+      }
+    }
+  ]
+}
\ No newline at end of file
diff --git a/1-AD/templates/pivotlab.json b/1-AD/templates/pivotlab.json
new file mode 100644
index 0000000..0268687
--- /dev/null
+++ b/1-AD/templates/pivotlab.json
@@ -0,0 +1,60 @@
+{
+  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
+  "contentVersion": "1.0.0.0",
+  "parameters": {
+    "vmName": {
+      "type": "string"
+    },
+    "pivotlabScript": {
+      "type": "string"
+    },
+    "domainFQDN": {
+      "type": "string"
+    },
+    "adminUsername": {
+      "type": "string"
+    },
+    "adminPassword": {
+      "type": "securestring"
+    },
+    "location": {
+      "type": "string",
+      "metadata": {
+        "description": "Location for all resources."
+      }
+    }
+  },
+  "resources": [
+    {
+      "name": "[concat(parameters('vmName'), '/PowerShellDSC')]",
+      "type": "Microsoft.Compute/virtualMachines/extensions",
+      "apiVersion": "2019-12-01",
+      "location": "[parameters('location')]",
+      "properties": {
+        "publisher": "Microsoft.Powershell",
+        "type": "DSC",
+        "typeHandlerVersion": "2.77",
+        "autoUpgradeMinorVersion": true,
+        "settings": {
+          "wmfVersion": "latest",
+          "configuration": {
+            "url": "[parameters('pivotlabScript')]",
+            "script": "pivotlab.ps1",
+            "function": "pivotlab1"
+          },
+          "configurationArguments": {
+            "DomainFQDN": "[parameters('DomainFQDN')]"
+          }
+        },
+        "protectedSettings": {
+          "configurationArguments": {
+            "AdminCreds": {
+              "UserName": "[parameters('adminUsername')]",
+              "Password": "[parameters('adminPassword')]"
+            }
+          }
+        }
+      }
+    }
+  ]
+}
\ No newline at end of file
diff --git a/1-AD/templates/sysmonInstall.json b/1-AD/templates/sysmonInstall.json
new file mode 100644
index 0000000..15b1bc1
--- /dev/null
+++ b/1-AD/templates/sysmonInstall.json
@@ -0,0 +1,44 @@
+{
+  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
+  "contentVersion": "1.0.0.0",
+  "parameters": {
+    "vmName": {
+      "type": "string"
+    },
+    "installSysmonScript": {
+      "type": "string"
+    },
+    "location": {
+      "type": "string",
+      "metadata": {
+        "description": "Location for all resources."
+      }
+    }
+  },
+  "resources": [
+    {
+      "name": "[concat(parameters('vmName'), '/PowerShellDSC')]",
+      "type": "Microsoft.Compute/virtualMachines/extensions",
+      "apiVersion": "2019-12-01",
+      "location": "[parameters('location')]",
+      "properties": {
+        "publisher": "Microsoft.Powershell",
+        "type": "DSC",
+        "typeHandlerVersion": "2.77",
+        "autoUpgradeMinorVersion": true,
+        "settings": {
+          "wmfVersion": "latest",
+          "configuration": {
+            "url": "[parameters('installSysmonScript')]",
+            "script": "Install-Sysmon.ps1",
+            "function": "Install-Sysmon"
+          },
+          "configurationArguments": {}
+        },
+        "protectedSettings": {
+          "configurationArguments": {}
+        }
+      }
+    }
+  ]
+}
\ No newline at end of file
diff --git a/1-AD/templates/vnet-dns-server.json b/1-AD/templates/vnet-dns-server.json
new file mode 100644
index 0000000..24ecfe4
--- /dev/null
+++ b/1-AD/templates/vnet-dns-server.json
@@ -0,0 +1,55 @@
+{
+  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
+  "contentVersion": "1.0.0.0",
+  "parameters": {
+    "virtualNetworkName": {
+      "type": "string",
+      "metadata": {
+        "description": "The name of the Virtual Network to Create"
+      }
+    },
+    "virtualNetworkAddressRange": {
+      "type": "string",
+      "metadata": {
+        "description": "The address range of the new VNET in CIDR format"
+      }
+    },
+    "subnets": {
+      "type": "array",
+      "metadata": {
+        "description": "all subnets available"
+      }
+    },
+    "DNSServerAddress": {
+      "type": "array",
+      "metadata": {
+        "description": "The DNS address(es) of the DNS Server(s) used by the VNET"
+      }
+    },
+    "location": {
+      "type": "string",
+      "metadata": {
+        "description": "Location for all resources."
+      }
+    }
+  },
+  "resources": [
+    {
+      "type": "Microsoft.Network/virtualNetworks",
+      "apiVersion": "2019-02-01",
+      "name": "[parameters('virtualNetworkName')]",
+      "location": "[parameters('location')]",
+      "properties": {
+        "addressSpace": {
+          "addressPrefixes": [
+            "[parameters('virtualNetworkAddressRange')]"
+          ]
+        },
+        "dhcpOptions": {
+          "dnsServers": "[parameters('DNSServerAddress')]"
+        },
+        "subnets": "[parameters('subnets')]"
+      }
+    }
+  ]
+}
\ No newline at end of file
diff --git a/2-C2/2-C2-azuredeploy.json b/2-C2/2-C2-azuredeploy.json
new file mode 100644
index 0000000..9b8efce
--- /dev/null
+++ b/2-C2/2-C2-azuredeploy.json
@@ -0,0 +1,428 @@
+{
+  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
+  "contentVersion": "1.0.0.0",
+  "parameters": {
+    "utcValue": {
+      "type": "string",
+      "defaultValue": "[utcNow()]",
+      "metadata": {
+        "description": "Returns the current (UTC) datetime value in the specified format. If no format is provided, the ISO 8601 (yyyyMMddTHHmmssZ) format is used"
+      }
+    },
+    "adminUsername": {
+      "type": "string",
+      "metadata": {
+        "description": "Username for the Virtual Machine."
+      }
+    },
+    "authenticationType": {
+      "type": "string",
+      "defaultValue": "password",
+      "allowedValues": [
+        "sshPublicKey",
+        "password"
+      ],
+      "metadata": {
+        "description": "Type of authentication to use on the Virtual Machine. SSH key is recommended."
+      }
+    },
+    "adminPasswordOrKey": {
+      "type": "securestring",
+      "metadata": {
+        "description": "SSH Key or password for the Virtual Machine. SSH key is recommended."
+      }
+    },
+    "remoteAccessMode": {
+      "type": "string",
+      "defaultValue": "AllowPublicIP",
+      "allowedValues": [
+        "AllowPublicIP",
+        "AzureBastionHost"
+      ],
+      "metadata": {
+        "description": "Do you want to restrict access to your environment by a Public IP or set up an Azure Bastion Host. If the former, make sure you add your public IP address to the variable 'allowedIPAddresses'"
+      }
+    },
+    "allowedIPAddresses": {
+      "type": "string",
+      "metadata": {
+        "description": "The sourceAddressPrefixes allowed to connect to this deployment"
+      },
+      "defaultValue": "*"
+    },
+    "azureBastionHostName": {
+      "type": "string",
+      "metadata": {
+        "description": "Name of Azure Bastion Host assigned to the Virtual network in this template"
+      },
+      "defaultValue": "LinuxBastionHost"
+    },
+    "vmName": {
+      "type": "string",
+      "defaultValue": "C2001",
+      "metadata": {
+        "description": "Name of the virtual machine"
+      }
+    },
+    "vmSize": {
+      "type": "string",
+      "defaultValue": "Standard_B2s",
+      "allowedValues": [
+        "Standard_A2",
+        "Standard_A3",
+        "Standard_B2s",
+        "Standard_B2ms",
+        "Standard_A2_v2",
+        "Standard_A4_v2",
+        "Standard_DS2",
+        "Standard_DS11"
+      ],
+      "metadata": {
+        "description": "Size of the virtual machine. Reference: https://docs.microsoft.com/en-us/azure/virtual-machines/sizes-general"
+      }
+    },
+    "ubuntuSKU": {
+      "type": "string",
+      "defaultValue": "18.04-LTS",
+      "allowedValues": [
+        "18.04-LTS",
+        "19.04",
+        "20_04-lts",
+        "20.04-lts",
+        "20_04",
+        "20.04"
+      ],
+      "metadata": {
+        "description": "The Ubuntu version for the VM. This will pick a fully patched image of this given Ubuntu version."
+      }
+    },
+    "virtualNetworkName": {
+      "type": "string",
+      "metadata": {
+        "description": "Name of the Virtual Network"
+      },
+      "defaultValue": "vnet-c2"
+    },
+    "virtualNetworkAddressRange": {
+      "type": "string",
+      "metadata": {
+        "description": "Virtual Network address range"
+      },
+      "defaultValue": "10.0.0.0/16"
+    },
+    "subnetRange": {
+      "type": "string",
+      "metadata": {
+        "description": "subnet range"
+      },
+      "defaultValue": "10.0.0.0/24"
+    },
+    "VMPrivateIPAddress": {
+      "type": "string",
+      "metadata": {
+        "description": "Private IP for the C2 VM"
+      },
+      "defaultValue": "10.0.0.8"
+    },
+    "subnetName": {
+      "type": "string",
+      "metadata": {
+        "description": "Name of the subnet"
+      },
+      "defaultValue": "snet-c2"
+    },
+    "azureBastionSubnetRange": {
+      "type": "string",
+      "metadata": {
+        "description": "Address Range of the Azure Bastion service"
+      },
+      "defaultValue": "192.168.3.0/27"
+    },
+    "c2Framework": {
+      "type": "string",
+      "defaultValue": "metasploit",
+      "allowedValues": [
+        "empire",
+        "covenant",
+        "metasploit"
+      ],
+      "metadata": {
+        "description": "C2 framework to deploy"
+      }
+    },
+    "location": {
+      "type": "string",
+      "defaultValue": "[resourceGroup().location]",
+      "metadata": {
+        "description": "Location for all resources."
+      }
+    }
+  },
+  "variables": {
+    "storageAccountName": "[concat('stonux',uniquestring(resourceGroup().id,parameters('utcValue')))]",
+    "doc2pipname": "[concat('pip-', variables('vmName'))]",
+    "virtualNetworkName": "[parameters('virtualNetworkName')]",
+    "virtualNetworkAddressRange": "[parameters('virtualNetworkAddressRange')]",
+
+    "subnetName": "[parameters('subnetName')]",
+    "subnetRange": "[parameters('subnetRange')]",
+    "vmPrivateIPPrefixArray": "[take(split(variables('subnetRange'),'.'),3)]",
+    "vmPrivateIPAddresPrefix": "[format('{0}.{1}.{2}.',variables('vmPrivateIPPrefixArray')[0], variables('vmPrivateIPPrefixArray')[1], variables('vmPrivateIPPrefixArray')[2])]",
+    "subnetRef": "[resourceId('Microsoft.Network/virtualNetworks/subnets', variables('virtualNetworkName'), variables('subnetName'))]",
+
+    "bastionSubnetName": "AzureBastionSubnet",
+
+    "nsg-id": { "id": "[resourceId('Microsoft.Network/networkSecurityGroups', 'nsg-ssh-allow')]" },
+    "networkSecurityGroup": "[if(equals(parameters('remoteAccessMode'), 'AllowPublicIP'), variables('nsg-id'), json('null'))]",
+
+    "subnets": [
+      {
+        "name": "[variables('subnetName')]",
+        "properties": {
+          "addressPrefix": "[variables('subnetRange')]",
+          "networkSecurityGroup": "[variables('networkSecurityGroup')]"
+        }
+      }
+    ],
+    "azureBastionSubnet": [
+      {
+        "name": "[variables('bastionSubnetName')]",
+        "properties": {
+          "addressPrefix": "[parameters('azureBastionSubnetRange')]"
+        }
+      }
+    ],
+    "allSubnets": "[if(equals(parameters('remoteAccessMode'),'AzureBastionHost'), concat(variables('subnets'), variables('azureBastionSubnet')), variables('subnets'))]",
+
+    "linuxConfiguration": {
+      "disablePasswordAuthentication": true,
+      "ssh": {
+        "publicKeys": [
+          {
+            "path": "[concat('/home/', parameters('adminUsername'), '/.ssh/authorized_keys')]",
+            "keyData": "[parameters('adminPasswordOrKey')]"
+          }
+        ]
+      }
+    },
+
+    "c2SetupScript": "https://raw.githubusercontent.com/AntiSyphon/asazlab/main/2-C2/scripts/Install-C2s.sh",
+    "vmName": "[parameters('vmName')]"
+  },
+  "resources": [
+    {
+      "type": "Microsoft.Storage/storageAccounts",
+      "apiVersion": "2018-11-01",
+      "name": "[variables('storageAccountName')]",
+      "location": "[parameters('location')]",
+      "sku": {
+        "name": "Standard_LRS"
+      },
+      "kind": "Storage",
+      "properties": {
+      }
+    },
+    {
+      "condition": "[equals(parameters('remoteAccessMode'), 'AllowPublicIP')]",
+      "name": "nsg-ssh-allow",
+      "comments": "Default Network Security Group for Linux endpoints",
+      "type": "Microsoft.Network/networkSecurityGroups",
+      "apiVersion": "2019-08-01",
+      "location": "[parameters('location')]",
+      "properties": {
+        "securityRules": [
+          {
+            "name": "default-allow-22",
+            "properties": {
+              "priority": 100,
+              "access": "Allow",
+              "direction": "Inbound",
+              "destinationPortRange": "22",
+              "protocol": "Tcp",
+              "sourcePortRange": "*",
+              "sourceAddressPrefix": "[parameters('allowedIPAddresses')]",
+              "destinationAddressPrefix": "*"
+            }
+          }
+        ]
+      }
+    },
+    {
+      "type": "Microsoft.Network/virtualNetworks",
+      "apiVersion": "2019-02-01",
+      "name": "[parameters('virtualNetworkName')]",
+      "location": "[parameters('location')]",
+      "dependsOn": [
+        "[resourceId('Microsoft.Network/networkSecurityGroups', 'nsg-ssh-allow')]"
+      ],
+      "properties": {
+        "addressSpace": {
+          "addressPrefixes": [
+            "[variables('virtualNetworkAddressRange')]"
+          ]
+        },
+        "subnets": "[variables('allSubnets')]"
+      }
+    },
+    {
+      "condition": "[equals(parameters('remoteAccessMode'),'AzureBastionHost')]",
+      "type": "Microsoft.Network/publicIPAddresses",
+      "apiVersion": "2018-11-01",
+      "name": "[concat('pip-', parameters('azureBastionHostName'))]",
+      "location": "[parameters('location')]",
+      "sku": {
+        "name": "Standard"
+      },
+      "properties": {
+        "publicIPAllocationMethod": "Static"
+      }
+    },
+    {
+      "condition": "[equals(parameters('remoteAccessMode'),'AzureBastionHost')]",
+      "type": "Microsoft.Network/bastionHosts",
+      "apiVersion": "2020-05-01",
+      "name": "[parameters('azureBastionHostName')]",
+      "location": "[parameters('location')]",
+      "dependsOn": [
+        "[resourceId('Microsoft.Network/publicIPAddresses/', concat('pip-', parameters('azureBastionHostName')))]",
+        "[resourceId('Microsoft.Network/virtualNetworks/', variables('virtualNetworkName'))]"
+      ],
+      "properties": {
+        "ipConfigurations": [
+          {
+            "name": "IpConf",
+            "properties": {
+              "privateIPAllocationMethod": "Dynamic",
+              "publicIPAddress": {
+                "id": "[resourceId('Microsoft.Network/publicIPAddresses/', concat('pip-', parameters('azureBastionHostName')))]"
+              },
+              "subnet": {
+                "id": "[resourceId('Microsoft.Network/virtualNetworks/subnets',parameters('virtualNetworkName'), variables('bastionSubnetName'))]"
+              }
+            }
+          }
+        ]
+      }
+    },
+    {
+      "condition": "[equals(parameters('remoteAccessMode'),'AllowPublicIP')]",
+      "type": "Microsoft.Network/publicIPAddresses",
+      "apiVersion": "2018-11-01",
+      "name": "[variables('doc2pipname')]",
+      "location": "[parameters('location')]",
+      "properties": {
+        "publicIPAllocationMethod": "Static",
+        "dnsSettings": {
+          "domainNameLabel": "[toLower(concat(variables('vmName'), '-', uniquestring(resourceGroup().id, parameters('utcValue'))))]"
+        }
+      }
+    },
+    {
+      "type": "Microsoft.Network/networkInterfaces",
+      "apiVersion": "2019-11-01",
+      "name": "[concat('nic-', variables('vmName'))]",
+      "location": "[parameters('location')]",
+      "dependsOn": [
+        "[resourceId('Microsoft.Network/publicIPAddresses/', concat('pip-', variables('vmName')))]",
+        "[resourceId('Microsoft.Network/virtualNetworks/', parameters('virtualNetworkName'))]"
+      ],
+      "properties": {
+        "ipConfigurations": [
+          {
+            "name": "ipconfig1",
+            "properties": {
+              "privateIPAllocationMethod": "Static",
+              "privateIPAddress": "[parameters('VMPrivateIPAddress')]",
+              "publicIPAddress": "[if(equals(parameters('remoteAccessMode'),'AllowPublicIP'), json(concat('{\"id\":', '\"', resourceId('Microsoft.Network/publicIPAddresses/', concat('pip-', variables('vmName'))),'\"}')),json('null'))]",
+              "subnet": {
+                "id": "[variables('subnetRef')]"
+              }
+            }
+          }
+        ]
+      }
+    },
+    {
+      "type": "Microsoft.Compute/virtualMachines",
+      "apiVersion": "2019-03-01",
+      "name": "[variables('vmName')]",
+      "location": "[parameters('location')]",
+      "dependsOn": [
+        "[resourceId('Microsoft.Network/networkInterfaces/', concat('nic-', variables('vmName')))]"
+      ],
+      "properties": {
+        "hardwareProfile": {
+          "vmSize": "[parameters('vmSize')]"
+        },
+        "storageProfile": {
+          "osDisk": {
+            "createOption": "fromImage"
+          },
+          "imageReference": {
+            "publisher": "Canonical",
+            "offer": "0001-com-ubuntu-server-focal",
+            "sku": "20_04-lts",
+            "version": "20.04.202111290"
+          }
+        },
+        "networkProfile": {
+          "networkInterfaces": [
+            {
+              "id": "[resourceId('Microsoft.Network/networkInterfaces/', concat('nic-', variables('vmName')))]"
+            }
+          ]
+        },
+        "osProfile": {
+          "computerName": "[variables('vmName')]",
+          "adminUsername": "[parameters('adminUsername')]",
+          "adminPassword": "[parameters('adminPasswordOrKey')]",
+          "linuxConfiguration": "[if(equals(parameters('authenticationType'), 'password'), json('null'), variables('linuxConfiguration'))]"
+        }
+      }
+    },
+    {
+      "type": "Microsoft.Compute/virtualMachines/extensions",
+      "apiVersion": "2019-03-01",
+      "name": "[concat(variables('vmName'), '/C2Setup')]",
+      "location": "[parameters('location')]",
+      "dependsOn": [
+        "[concat('Microsoft.Compute/virtualMachines/', variables('vmName'))]"
+      ],
+      "properties": {
+        "publisher": "Microsoft.Azure.Extensions",
+        "type": "CustomScript",
+        "typeHandlerVersion": "2.1",
+        "autoUpgradeMinorVersion": true,
+        "settings": {},
+        "protectedSettings": {
+          "commandToExecute": "[concat('bash Install-C2s.sh -r', ' ', parameters('c2Framework'))]",
+          "fileUris": [
+            "[variables('c2SetupScript')]"
+          ]
+        }
+      }
+    }
+  ],
+  "outputs": {
+    "vmName": {
+      "type": "string",
+      "value": "[variables('vmName')]"
+    },
+    "vmResourceID": {
+      "type": "string",
+      "value": "[resourceId('Microsoft.Compute/virtualMachines/', variables('vmName'))]"
+    },
+    "virtualNetworkName": {
+      "type": "string",
+      "value": "[parameters('virtualNetworkName')]"
+    },
+    "virtualNetworkId": {
+      "type": "string",
+      "value": "[resourceId('Microsoft.Network/virtualNetworks/', parameters('virtualNetworkName'))]"
+    },
+    "C2PublicIP": {
+      "type": "string",
+      "value": "[reference(resourceId('Microsoft.Network/publicIPAddresses',variables('doc2pipname'))).IpAddress]"
+    }
+  }
+}
diff --git a/2-C2/artifacts/.gitkeep b/2-C2/artifacts/.gitkeep
new file mode 100644
index 0000000..e69de29
diff --git a/2-C2/scripts/Install-C2s.sh b/2-C2/scripts/Install-C2s.sh
new file mode 100644
index 0000000..22c2d41
--- /dev/null
+++ b/2-C2/scripts/Install-C2s.sh
@@ -0,0 +1,123 @@
+#!/bin/bash
+
+# Run as root, please, it's just easier that way
+sudo -s
+
+# housekeeping
+apt update
+apt upgrade -y
+
+# Install python3.9
+mkdir /opt/install-logs/
+apt install python3.9 -y | tee -a /opt/install-logs/python3.9.log
+apt update |tee -a /opt/install-logs/apt-update-after-python.log
+
+# Use virtual environments to containerize python-based tooling
+apt install python3.9-dev python3.9-venv -y | tee -a /opt/install-logs/python-devs.log
+
+# pip installer for 3.9
+curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py
+python3.9 get-pip.py | tee -a /opt/install-logs/pip.log
+
+# install a pre-req for a cffi package req
+apt install libffi-dev -y | tee -a /opt/install-logs/libffi.log
+
+# Add nmap whois zip
+apt install nmap net-tools whois zip -y
+
+# impacket install and setup
+cd /opt/
+git clone https://github.com/SecureAuthCorp/impacket.git
+cd impacket
+python3.9 -m venv imp-env
+source imp-env/bin/activate
+python3.9 -m pip install wheel
+python3.9 -m pip install -r requirements.txt
+python3.9 -m pip install .
+deactivate
+cd /opt/
+
+# CrackMapExec install and setup
+cd /opt/
+git clone https://github.com/DefensiveOrigins/APT22Things.git
+mv APT22Things CrackMap
+cd CrackMap
+python3.9 -m venv cme-venv
+source cme-venv/bin/activate
+python3.9 -m pip install wheel
+python3.9 -m pip install -r requirements.txt
+python3.9 cme
+deactivate
+cd /opt/
+
+# PlumHound install
+cd /opt/ 
+git clone https://github.com/PlumHound/PlumHound.git
+cd PlumHound
+python3.9 -m venv ph-venv
+source ph-venv/bin/activate
+python3.9 -m pip install wheel
+python3.9 -m pip install -r requirements.txt
+deactivate
+cd /opt/
+
+# BloodHound.py
+cd /opt/
+git clone https://github.com/fox-it/BloodHound.py.git
+cd BloodHound.py
+python3.9 -m venv bh-env
+source bh-env/bin/activate
+python3.9 -m pip install wheel
+python3.9 setup.py install
+deactivate
+
+cd /opt/
+
+# neo4j install
+echo "deb http://httpredir.debian.org/debian stretch-backports main" | sudo tee -a /etc/apt/sources.list.d/stretch-backports.list
+wget -O - https://debian.neo4j.com/neotechnology.gpg.key | sudo apt-key add -
+echo 'deb https://debian.neo4j.com stable 4.4' > /etc/apt/sources.list.d/neo4j.list
+apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 0E98404D386FA1D9 648ACFD622F3D138
+apt update
+apt install apt-transport-https -y 
+apt install neo4j -y
+systemctl stop neo4j
+cd /usr/bin
+echo "dbms.default_listen_address=0.0.0.0" >> /etc/neo4j/neo4j.conf
+
+# don't open the console dave. especially not during bootstrap
+systemctl start neo4j
+
+# metasploit. 
+sudo -s
+apt install -y build-essential zlib1g zlib1g-dev libpq-dev libpcap-dev libsqlite3-dev ruby ruby-dev
+mkdir /opt/apps /opt/apps/msf
+cd /opt/apps/msf
+curl https://raw.githubusercontent.com/rapid7/metasploit-omnibus/master/config/templates/metasploit-framework-wrappers/msfupdate.erb > msfinstall
+chmod 755 msfinstall
+./msfinstall |tee -a msf-install.log
+
+# silenttrinity
+cd /opt/
+git clone https://github.com/DefensiveOrigins/SILENTTRINITY.git
+cd SILENTTRINITY/
+python3.9 -m venv st-env
+source st-env/bin/activate
+python3.9 -m pip install wheel
+python3.9 -m pip install -r requirements.txt
+deactivate
+
+# john the password ripper
+mkdir -p ~/src
+apt -y install git build-essential libssl-dev zlib1g-dev
+apt -y install yasm pkg-config libgmp-dev libpcap-dev libbz2-dev
+cd ~/src
+git clone https://github.com/openwall/john -b bleeding-jumbo john
+cd ~/src/john/src
+./configure && make -s clean && make -sj4
+mkdir /opt/john
+cp ~/src/john/run/* -r /opt/john/
+
+# setup location hashes
+mkdir /opt/hashes
+
diff --git a/CNAME b/CNAME
new file mode 100644
index 0000000..d2867bf
--- /dev/null
+++ b/CNAME
@@ -0,0 +1 @@
+www.asazlab.com
\ No newline at end of file
diff --git a/LICENSE b/LICENSE
new file mode 100644
index 0000000..f288702
--- /dev/null
+++ b/LICENSE
@@ -0,0 +1,674 @@
+                    GNU GENERAL PUBLIC LICENSE
+                       Version 3, 29 June 2007
+
+ Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/>
+ Everyone is permitted to copy and distribute verbatim copies
+ of this license document, but changing it is not allowed.
+
+                            Preamble
+
+  The GNU General Public License is a free, copyleft license for
+software and other kinds of works.
+
+  The licenses for most software and other practical works are designed
+to take away your freedom to share and change the works.  By contrast,
+the GNU General Public License is intended to guarantee your freedom to
+share and change all versions of a program--to make sure it remains free
+software for all its users.  We, the Free Software Foundation, use the
+GNU General Public License for most of our software; it applies also to
+any other work released this way by its authors.  You can apply it to
+your programs, too.
+
+  When we speak of free software, we are referring to freedom, not
+price.  Our General Public Licenses are designed to make sure that you
+have the freedom to distribute copies of free software (and charge for
+them if you wish), that you receive source code or can get it if you
+want it, that you can change the software or use pieces of it in new
+free programs, and that you know you can do these things.
+
+  To protect your rights, we need to prevent others from denying you
+these rights or asking you to surrender the rights.  Therefore, you have
+certain responsibilities if you distribute copies of the software, or if
+you modify it: responsibilities to respect the freedom of others.
+
+  For example, if you distribute copies of such a program, whether
+gratis or for a fee, you must pass on to the recipients the same
+freedoms that you received.  You must make sure that they, too, receive
+or can get the source code.  And you must show them these terms so they
+know their rights.
+
+  Developers that use the GNU GPL protect your rights with two steps:
+(1) assert copyright on the software, and (2) offer you this License
+giving you legal permission to copy, distribute and/or modify it.
+
+  For the developers' and authors' protection, the GPL clearly explains
+that there is no warranty for this free software.  For both users' and
+authors' sake, the GPL requires that modified versions be marked as
+changed, so that their problems will not be attributed erroneously to
+authors of previous versions.
+
+  Some devices are designed to deny users access to install or run
+modified versions of the software inside them, although the manufacturer
+can do so.  This is fundamentally incompatible with the aim of
+protecting users' freedom to change the software.  The systematic
+pattern of such abuse occurs in the area of products for individuals to
+use, which is precisely where it is most unacceptable.  Therefore, we
+have designed this version of the GPL to prohibit the practice for those
+products.  If such problems arise substantially in other domains, we
+stand ready to extend this provision to those domains in future versions
+of the GPL, as needed to protect the freedom of users.
+
+  Finally, every program is threatened constantly by software patents.
+States should not allow patents to restrict development and use of
+software on general-purpose computers, but in those that do, we wish to
+avoid the special danger that patents applied to a free program could
+make it effectively proprietary.  To prevent this, the GPL assures that
+patents cannot be used to render the program non-free.
+
+  The precise terms and conditions for copying, distribution and
+modification follow.
+
+                       TERMS AND CONDITIONS
+
+  0. Definitions.
+
+  "This License" refers to version 3 of the GNU General Public License.
+
+  "Copyright" also means copyright-like laws that apply to other kinds of
+works, such as semiconductor masks.
+
+  "The Program" refers to any copyrightable work licensed under this
+License.  Each licensee is addressed as "you".  "Licensees" and
+"recipients" may be individuals or organizations.
+
+  To "modify" a work means to copy from or adapt all or part of the work
+in a fashion requiring copyright permission, other than the making of an
+exact copy.  The resulting work is called a "modified version" of the
+earlier work or a work "based on" the earlier work.
+
+  A "covered work" means either the unmodified Program or a work based
+on the Program.
+
+  To "propagate" a work means to do anything with it that, without
+permission, would make you directly or secondarily liable for
+infringement under applicable copyright law, except executing it on a
+computer or modifying a private copy.  Propagation includes copying,
+distribution (with or without modification), making available to the
+public, and in some countries other activities as well.
+
+  To "convey" a work means any kind of propagation that enables other
+parties to make or receive copies.  Mere interaction with a user through
+a computer network, with no transfer of a copy, is not conveying.
+
+  An interactive user interface displays "Appropriate Legal Notices"
+to the extent that it includes a convenient and prominently visible
+feature that (1) displays an appropriate copyright notice, and (2)
+tells the user that there is no warranty for the work (except to the
+extent that warranties are provided), that licensees may convey the
+work under this License, and how to view a copy of this License.  If
+the interface presents a list of user commands or options, such as a
+menu, a prominent item in the list meets this criterion.
+
+  1. Source Code.
+
+  The "source code" for a work means the preferred form of the work
+for making modifications to it.  "Object code" means any non-source
+form of a work.
+
+  A "Standard Interface" means an interface that either is an official
+standard defined by a recognized standards body, or, in the case of
+interfaces specified for a particular programming language, one that
+is widely used among developers working in that language.
+
+  The "System Libraries" of an executable work include anything, other
+than the work as a whole, that (a) is included in the normal form of
+packaging a Major Component, but which is not part of that Major
+Component, and (b) serves only to enable use of the work with that
+Major Component, or to implement a Standard Interface for which an
+implementation is available to the public in source code form.  A
+"Major Component", in this context, means a major essential component
+(kernel, window system, and so on) of the specific operating system
+(if any) on which the executable work runs, or a compiler used to
+produce the work, or an object code interpreter used to run it.
+
+  The "Corresponding Source" for a work in object code form means all
+the source code needed to generate, install, and (for an executable
+work) run the object code and to modify the work, including scripts to
+control those activities.  However, it does not include the work's
+System Libraries, or general-purpose tools or generally available free
+programs which are used unmodified in performing those activities but
+which are not part of the work.  For example, Corresponding Source
+includes interface definition files associated with source files for
+the work, and the source code for shared libraries and dynamically
+linked subprograms that the work is specifically designed to require,
+such as by intimate data communication or control flow between those
+subprograms and other parts of the work.
+
+  The Corresponding Source need not include anything that users
+can regenerate automatically from other parts of the Corresponding
+Source.
+
+  The Corresponding Source for a work in source code form is that
+same work.
+
+  2. Basic Permissions.
+
+  All rights granted under this License are granted for the term of
+copyright on the Program, and are irrevocable provided the stated
+conditions are met.  This License explicitly affirms your unlimited
+permission to run the unmodified Program.  The output from running a
+covered work is covered by this License only if the output, given its
+content, constitutes a covered work.  This License acknowledges your
+rights of fair use or other equivalent, as provided by copyright law.
+
+  You may make, run and propagate covered works that you do not
+convey, without conditions so long as your license otherwise remains
+in force.  You may convey covered works to others for the sole purpose
+of having them make modifications exclusively for you, or provide you
+with facilities for running those works, provided that you comply with
+the terms of this License in conveying all material for which you do
+not control copyright.  Those thus making or running the covered works
+for you must do so exclusively on your behalf, under your direction
+and control, on terms that prohibit them from making any copies of
+your copyrighted material outside their relationship with you.
+
+  Conveying under any other circumstances is permitted solely under
+the conditions stated below.  Sublicensing is not allowed; section 10
+makes it unnecessary.
+
+  3. Protecting Users' Legal Rights From Anti-Circumvention Law.
+
+  No covered work shall be deemed part of an effective technological
+measure under any applicable law fulfilling obligations under article
+11 of the WIPO copyright treaty adopted on 20 December 1996, or
+similar laws prohibiting or restricting circumvention of such
+measures.
+
+  When you convey a covered work, you waive any legal power to forbid
+circumvention of technological measures to the extent such circumvention
+is effected by exercising rights under this License with respect to
+the covered work, and you disclaim any intention to limit operation or
+modification of the work as a means of enforcing, against the work's
+users, your or third parties' legal rights to forbid circumvention of
+technological measures.
+
+  4. Conveying Verbatim Copies.
+
+  You may convey verbatim copies of the Program's source code as you
+receive it, in any medium, provided that you conspicuously and
+appropriately publish on each copy an appropriate copyright notice;
+keep intact all notices stating that this License and any
+non-permissive terms added in accord with section 7 apply to the code;
+keep intact all notices of the absence of any warranty; and give all
+recipients a copy of this License along with the Program.
+
+  You may charge any price or no price for each copy that you convey,
+and you may offer support or warranty protection for a fee.
+
+  5. Conveying Modified Source Versions.
+
+  You may convey a work based on the Program, or the modifications to
+produce it from the Program, in the form of source code under the
+terms of section 4, provided that you also meet all of these conditions:
+
+    a) The work must carry prominent notices stating that you modified
+    it, and giving a relevant date.
+
+    b) The work must carry prominent notices stating that it is
+    released under this License and any conditions added under section
+    7.  This requirement modifies the requirement in section 4 to
+    "keep intact all notices".
+
+    c) You must license the entire work, as a whole, under this
+    License to anyone who comes into possession of a copy.  This
+    License will therefore apply, along with any applicable section 7
+    additional terms, to the whole of the work, and all its parts,
+    regardless of how they are packaged.  This License gives no
+    permission to license the work in any other way, but it does not
+    invalidate such permission if you have separately received it.
+
+    d) If the work has interactive user interfaces, each must display
+    Appropriate Legal Notices; however, if the Program has interactive
+    interfaces that do not display Appropriate Legal Notices, your
+    work need not make them do so.
+
+  A compilation of a covered work with other separate and independent
+works, which are not by their nature extensions of the covered work,
+and which are not combined with it such as to form a larger program,
+in or on a volume of a storage or distribution medium, is called an
+"aggregate" if the compilation and its resulting copyright are not
+used to limit the access or legal rights of the compilation's users
+beyond what the individual works permit.  Inclusion of a covered work
+in an aggregate does not cause this License to apply to the other
+parts of the aggregate.
+
+  6. Conveying Non-Source Forms.
+
+  You may convey a covered work in object code form under the terms
+of sections 4 and 5, provided that you also convey the
+machine-readable Corresponding Source under the terms of this License,
+in one of these ways:
+
+    a) Convey the object code in, or embodied in, a physical product
+    (including a physical distribution medium), accompanied by the
+    Corresponding Source fixed on a durable physical medium
+    customarily used for software interchange.
+
+    b) Convey the object code in, or embodied in, a physical product
+    (including a physical distribution medium), accompanied by a
+    written offer, valid for at least three years and valid for as
+    long as you offer spare parts or customer support for that product
+    model, to give anyone who possesses the object code either (1) a
+    copy of the Corresponding Source for all the software in the
+    product that is covered by this License, on a durable physical
+    medium customarily used for software interchange, for a price no
+    more than your reasonable cost of physically performing this
+    conveying of source, or (2) access to copy the
+    Corresponding Source from a network server at no charge.
+
+    c) Convey individual copies of the object code with a copy of the
+    written offer to provide the Corresponding Source.  This
+    alternative is allowed only occasionally and noncommercially, and
+    only if you received the object code with such an offer, in accord
+    with subsection 6b.
+
+    d) Convey the object code by offering access from a designated
+    place (gratis or for a charge), and offer equivalent access to the
+    Corresponding Source in the same way through the same place at no
+    further charge.  You need not require recipients to copy the
+    Corresponding Source along with the object code.  If the place to
+    copy the object code is a network server, the Corresponding Source
+    may be on a different server (operated by you or a third party)
+    that supports equivalent copying facilities, provided you maintain
+    clear directions next to the object code saying where to find the
+    Corresponding Source.  Regardless of what server hosts the
+    Corresponding Source, you remain obligated to ensure that it is
+    available for as long as needed to satisfy these requirements.
+
+    e) Convey the object code using peer-to-peer transmission, provided
+    you inform other peers where the object code and Corresponding
+    Source of the work are being offered to the general public at no
+    charge under subsection 6d.
+
+  A separable portion of the object code, whose source code is excluded
+from the Corresponding Source as a System Library, need not be
+included in conveying the object code work.
+
+  A "User Product" is either (1) a "consumer product", which means any
+tangible personal property which is normally used for personal, family,
+or household purposes, or (2) anything designed or sold for incorporation
+into a dwelling.  In determining whether a product is a consumer product,
+doubtful cases shall be resolved in favor of coverage.  For a particular
+product received by a particular user, "normally used" refers to a
+typical or common use of that class of product, regardless of the status
+of the particular user or of the way in which the particular user
+actually uses, or expects or is expected to use, the product.  A product
+is a consumer product regardless of whether the product has substantial
+commercial, industrial or non-consumer uses, unless such uses represent
+the only significant mode of use of the product.
+
+  "Installation Information" for a User Product means any methods,
+procedures, authorization keys, or other information required to install
+and execute modified versions of a covered work in that User Product from
+a modified version of its Corresponding Source.  The information must
+suffice to ensure that the continued functioning of the modified object
+code is in no case prevented or interfered with solely because
+modification has been made.
+
+  If you convey an object code work under this section in, or with, or
+specifically for use in, a User Product, and the conveying occurs as
+part of a transaction in which the right of possession and use of the
+User Product is transferred to the recipient in perpetuity or for a
+fixed term (regardless of how the transaction is characterized), the
+Corresponding Source conveyed under this section must be accompanied
+by the Installation Information.  But this requirement does not apply
+if neither you nor any third party retains the ability to install
+modified object code on the User Product (for example, the work has
+been installed in ROM).
+
+  The requirement to provide Installation Information does not include a
+requirement to continue to provide support service, warranty, or updates
+for a work that has been modified or installed by the recipient, or for
+the User Product in which it has been modified or installed.  Access to a
+network may be denied when the modification itself materially and
+adversely affects the operation of the network or violates the rules and
+protocols for communication across the network.
+
+  Corresponding Source conveyed, and Installation Information provided,
+in accord with this section must be in a format that is publicly
+documented (and with an implementation available to the public in
+source code form), and must require no special password or key for
+unpacking, reading or copying.
+
+  7. Additional Terms.
+
+  "Additional permissions" are terms that supplement the terms of this
+License by making exceptions from one or more of its conditions.
+Additional permissions that are applicable to the entire Program shall
+be treated as though they were included in this License, to the extent
+that they are valid under applicable law.  If additional permissions
+apply only to part of the Program, that part may be used separately
+under those permissions, but the entire Program remains governed by
+this License without regard to the additional permissions.
+
+  When you convey a copy of a covered work, you may at your option
+remove any additional permissions from that copy, or from any part of
+it.  (Additional permissions may be written to require their own
+removal in certain cases when you modify the work.)  You may place
+additional permissions on material, added by you to a covered work,
+for which you have or can give appropriate copyright permission.
+
+  Notwithstanding any other provision of this License, for material you
+add to a covered work, you may (if authorized by the copyright holders of
+that material) supplement the terms of this License with terms:
+
+    a) Disclaiming warranty or limiting liability differently from the
+    terms of sections 15 and 16 of this License; or
+
+    b) Requiring preservation of specified reasonable legal notices or
+    author attributions in that material or in the Appropriate Legal
+    Notices displayed by works containing it; or
+
+    c) Prohibiting misrepresentation of the origin of that material, or
+    requiring that modified versions of such material be marked in
+    reasonable ways as different from the original version; or
+
+    d) Limiting the use for publicity purposes of names of licensors or
+    authors of the material; or
+
+    e) Declining to grant rights under trademark law for use of some
+    trade names, trademarks, or service marks; or
+
+    f) Requiring indemnification of licensors and authors of that
+    material by anyone who conveys the material (or modified versions of
+    it) with contractual assumptions of liability to the recipient, for
+    any liability that these contractual assumptions directly impose on
+    those licensors and authors.
+
+  All other non-permissive additional terms are considered "further
+restrictions" within the meaning of section 10.  If the Program as you
+received it, or any part of it, contains a notice stating that it is
+governed by this License along with a term that is a further
+restriction, you may remove that term.  If a license document contains
+a further restriction but permits relicensing or conveying under this
+License, you may add to a covered work material governed by the terms
+of that license document, provided that the further restriction does
+not survive such relicensing or conveying.
+
+  If you add terms to a covered work in accord with this section, you
+must place, in the relevant source files, a statement of the
+additional terms that apply to those files, or a notice indicating
+where to find the applicable terms.
+
+  Additional terms, permissive or non-permissive, may be stated in the
+form of a separately written license, or stated as exceptions;
+the above requirements apply either way.
+
+  8. Termination.
+
+  You may not propagate or modify a covered work except as expressly
+provided under this License.  Any attempt otherwise to propagate or
+modify it is void, and will automatically terminate your rights under
+this License (including any patent licenses granted under the third
+paragraph of section 11).
+
+  However, if you cease all violation of this License, then your
+license from a particular copyright holder is reinstated (a)
+provisionally, unless and until the copyright holder explicitly and
+finally terminates your license, and (b) permanently, if the copyright
+holder fails to notify you of the violation by some reasonable means
+prior to 60 days after the cessation.
+
+  Moreover, your license from a particular copyright holder is
+reinstated permanently if the copyright holder notifies you of the
+violation by some reasonable means, this is the first time you have
+received notice of violation of this License (for any work) from that
+copyright holder, and you cure the violation prior to 30 days after
+your receipt of the notice.
+
+  Termination of your rights under this section does not terminate the
+licenses of parties who have received copies or rights from you under
+this License.  If your rights have been terminated and not permanently
+reinstated, you do not qualify to receive new licenses for the same
+material under section 10.
+
+  9. Acceptance Not Required for Having Copies.
+
+  You are not required to accept this License in order to receive or
+run a copy of the Program.  Ancillary propagation of a covered work
+occurring solely as a consequence of using peer-to-peer transmission
+to receive a copy likewise does not require acceptance.  However,
+nothing other than this License grants you permission to propagate or
+modify any covered work.  These actions infringe copyright if you do
+not accept this License.  Therefore, by modifying or propagating a
+covered work, you indicate your acceptance of this License to do so.
+
+  10. Automatic Licensing of Downstream Recipients.
+
+  Each time you convey a covered work, the recipient automatically
+receives a license from the original licensors, to run, modify and
+propagate that work, subject to this License.  You are not responsible
+for enforcing compliance by third parties with this License.
+
+  An "entity transaction" is a transaction transferring control of an
+organization, or substantially all assets of one, or subdividing an
+organization, or merging organizations.  If propagation of a covered
+work results from an entity transaction, each party to that
+transaction who receives a copy of the work also receives whatever
+licenses to the work the party's predecessor in interest had or could
+give under the previous paragraph, plus a right to possession of the
+Corresponding Source of the work from the predecessor in interest, if
+the predecessor has it or can get it with reasonable efforts.
+
+  You may not impose any further restrictions on the exercise of the
+rights granted or affirmed under this License.  For example, you may
+not impose a license fee, royalty, or other charge for exercise of
+rights granted under this License, and you may not initiate litigation
+(including a cross-claim or counterclaim in a lawsuit) alleging that
+any patent claim is infringed by making, using, selling, offering for
+sale, or importing the Program or any portion of it.
+
+  11. Patents.
+
+  A "contributor" is a copyright holder who authorizes use under this
+License of the Program or a work on which the Program is based.  The
+work thus licensed is called the contributor's "contributor version".
+
+  A contributor's "essential patent claims" are all patent claims
+owned or controlled by the contributor, whether already acquired or
+hereafter acquired, that would be infringed by some manner, permitted
+by this License, of making, using, or selling its contributor version,
+but do not include claims that would be infringed only as a
+consequence of further modification of the contributor version.  For
+purposes of this definition, "control" includes the right to grant
+patent sublicenses in a manner consistent with the requirements of
+this License.
+
+  Each contributor grants you a non-exclusive, worldwide, royalty-free
+patent license under the contributor's essential patent claims, to
+make, use, sell, offer for sale, import and otherwise run, modify and
+propagate the contents of its contributor version.
+
+  In the following three paragraphs, a "patent license" is any express
+agreement or commitment, however denominated, not to enforce a patent
+(such as an express permission to practice a patent or covenant not to
+sue for patent infringement).  To "grant" such a patent license to a
+party means to make such an agreement or commitment not to enforce a
+patent against the party.
+
+  If you convey a covered work, knowingly relying on a patent license,
+and the Corresponding Source of the work is not available for anyone
+to copy, free of charge and under the terms of this License, through a
+publicly available network server or other readily accessible means,
+then you must either (1) cause the Corresponding Source to be so
+available, or (2) arrange to deprive yourself of the benefit of the
+patent license for this particular work, or (3) arrange, in a manner
+consistent with the requirements of this License, to extend the patent
+license to downstream recipients.  "Knowingly relying" means you have
+actual knowledge that, but for the patent license, your conveying the
+covered work in a country, or your recipient's use of the covered work
+in a country, would infringe one or more identifiable patents in that
+country that you have reason to believe are valid.
+
+  If, pursuant to or in connection with a single transaction or
+arrangement, you convey, or propagate by procuring conveyance of, a
+covered work, and grant a patent license to some of the parties
+receiving the covered work authorizing them to use, propagate, modify
+or convey a specific copy of the covered work, then the patent license
+you grant is automatically extended to all recipients of the covered
+work and works based on it.
+
+  A patent license is "discriminatory" if it does not include within
+the scope of its coverage, prohibits the exercise of, or is
+conditioned on the non-exercise of one or more of the rights that are
+specifically granted under this License.  You may not convey a covered
+work if you are a party to an arrangement with a third party that is
+in the business of distributing software, under which you make payment
+to the third party based on the extent of your activity of conveying
+the work, and under which the third party grants, to any of the
+parties who would receive the covered work from you, a discriminatory
+patent license (a) in connection with copies of the covered work
+conveyed by you (or copies made from those copies), or (b) primarily
+for and in connection with specific products or compilations that
+contain the covered work, unless you entered into that arrangement,
+or that patent license was granted, prior to 28 March 2007.
+
+  Nothing in this License shall be construed as excluding or limiting
+any implied license or other defenses to infringement that may
+otherwise be available to you under applicable patent law.
+
+  12. No Surrender of Others' Freedom.
+
+  If conditions are imposed on you (whether by court order, agreement or
+otherwise) that contradict the conditions of this License, they do not
+excuse you from the conditions of this License.  If you cannot convey a
+covered work so as to satisfy simultaneously your obligations under this
+License and any other pertinent obligations, then as a consequence you may
+not convey it at all.  For example, if you agree to terms that obligate you
+to collect a royalty for further conveying from those to whom you convey
+the Program, the only way you could satisfy both those terms and this
+License would be to refrain entirely from conveying the Program.
+
+  13. Use with the GNU Affero General Public License.
+
+  Notwithstanding any other provision of this License, you have
+permission to link or combine any covered work with a work licensed
+under version 3 of the GNU Affero General Public License into a single
+combined work, and to convey the resulting work.  The terms of this
+License will continue to apply to the part which is the covered work,
+but the special requirements of the GNU Affero General Public License,
+section 13, concerning interaction through a network will apply to the
+combination as such.
+
+  14. Revised Versions of this License.
+
+  The Free Software Foundation may publish revised and/or new versions of
+the GNU General Public License from time to time.  Such new versions will
+be similar in spirit to the present version, but may differ in detail to
+address new problems or concerns.
+
+  Each version is given a distinguishing version number.  If the
+Program specifies that a certain numbered version of the GNU General
+Public License "or any later version" applies to it, you have the
+option of following the terms and conditions either of that numbered
+version or of any later version published by the Free Software
+Foundation.  If the Program does not specify a version number of the
+GNU General Public License, you may choose any version ever published
+by the Free Software Foundation.
+
+  If the Program specifies that a proxy can decide which future
+versions of the GNU General Public License can be used, that proxy's
+public statement of acceptance of a version permanently authorizes you
+to choose that version for the Program.
+
+  Later license versions may give you additional or different
+permissions.  However, no additional obligations are imposed on any
+author or copyright holder as a result of your choosing to follow a
+later version.
+
+  15. Disclaimer of Warranty.
+
+  THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
+APPLICABLE LAW.  EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
+HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY
+OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO,
+THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+PURPOSE.  THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM
+IS WITH YOU.  SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF
+ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
+
+  16. Limitation of Liability.
+
+  IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
+WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS
+THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY
+GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE
+USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF
+DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD
+PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS),
+EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF
+SUCH DAMAGES.
+
+  17. Interpretation of Sections 15 and 16.
+
+  If the disclaimer of warranty and limitation of liability provided
+above cannot be given local legal effect according to their terms,
+reviewing courts shall apply local law that most closely approximates
+an absolute waiver of all civil liability in connection with the
+Program, unless a warranty or assumption of liability accompanies a
+copy of the Program in return for a fee.
+
+                     END OF TERMS AND CONDITIONS
+
+            How to Apply These Terms to Your New Programs
+
+  If you develop a new program, and you want it to be of the greatest
+possible use to the public, the best way to achieve this is to make it
+free software which everyone can redistribute and change under these terms.
+
+  To do so, attach the following notices to the program.  It is safest
+to attach them to the start of each source file to most effectively
+state the exclusion of warranty; and each file should have at least
+the "copyright" line and a pointer to where the full notice is found.
+
+    <one line to give the program's name and a brief idea of what it does.>
+    Copyright (C) <year>  <name of author>
+
+    This program is free software: you can redistribute it and/or modify
+    it under the terms of the GNU General Public License as published by
+    the Free Software Foundation, either version 3 of the License, or
+    (at your option) any later version.
+
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU General Public License for more details.
+
+    You should have received a copy of the GNU General Public License
+    along with this program.  If not, see <https://www.gnu.org/licenses/>.
+
+Also add information on how to contact you by electronic and paper mail.
+
+  If the program does terminal interaction, make it output a short
+notice like this when it starts in an interactive mode:
+
+    <program>  Copyright (C) <year>  <name of author>
+    This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
+    This is free software, and you are welcome to redistribute it
+    under certain conditions; type `show c' for details.
+
+The hypothetical commands `show w' and `show c' should show the appropriate
+parts of the General Public License.  Of course, your program's commands
+might be different; for a GUI interface, you would use an "about box".
+
+  You should also get your employer (if you work as a programmer) or school,
+if any, to sign a "copyright disclaimer" for the program, if necessary.
+For more information on this, and how to apply and follow the GNU GPL, see
+<https://www.gnu.org/licenses/>.
+
+  The GNU General Public License does not permit incorporating your program
+into proprietary programs.  If your program is a subroutine library, you
+may consider it more useful to permit linking proprietary applications with
+the library.  If this is what you want to do, use the GNU Lesser General
+Public License instead of this License.  But first, please read
+<https://www.gnu.org/licenses/why-not-lgpl.html>.
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..755984f
--- /dev/null
+++ b/README.md
@@ -0,0 +1,40 @@
+# Antisyphon Training Azure Lab Environment
+
+*In development* 
+
+Antisyphon Training Azure Lab  Environment is used within the Antisyphon Training courses provided by Antisyphon Training,and Black Hills Information Security.
+
+For more information on upcoming classes, see our classes at https://www.antisyphontraining.com/.
+
+# Deployment 
+Click below to start the deployment of the Defensive Origins Lab Environment within your Azure account.
+
+[![Deploy ASAZ-LAB](https://aka.ms/deploytoazurebutton)](https://portal.azure.com/#create/Microsoft.Template/uri/%68%74%74%70%73%3a%2f%2f%72%61%77%2e%67%69%74%68%75%62%75%73%65%72%63%6f%6e%74%65%6e%74%2e%63%6f%6d%2f%41%6e%74%69%53%79%70%68%6f%6e%2f%61%73%61%7a%6c%61%62%2f%6d%61%69%6e%2f%61%7a%75%72%65%2d%64%65%70%6c%6f%79%2e%6a%73%6f%6e/createUIDefinitionUri/%68%74%74%70%73%3a%2f%2f%72%61%77%2e%67%69%74%68%75%62%75%73%65%72%63%6f%6e%74%65%6e%74%2e%63%6f%6d%2f%41%6e%74%69%53%79%70%68%6f%6e%2f%61%73%61%7a%6c%61%62%2f%6d%61%69%6e%2f%75%69%64%65%66%69%6e%69%74%69%6f%6e%2e%6a%73%6f%6e)
+
+NOTE: Deployment times vary, but expect the full deployment in the Azure cloud to complete within one hour.
+
+## Training Course Pre-Requisites
+Are you attending an Antisyphon Training course that utilizes the Antisyhpon Training Azure Lab Environment?  See the below links for additional information on the DOAZLab Pre-Requisites for Defensive Origins training courses. 
+* https://github.com/AntiSyphon/asazlab-prereqs
+
+## Location
+While the deployment within Azure should be region agnostic, some deployed resources may not be available in all regions.
+The following locations have specifically been tested:
+* US EAST (any)
+* US WEST (any)
+
+# Components
+* Windows Server /w Active Directory.
+  * Domain: asazlab.com
+* Windows Workstation 21h1-pro
+
+# Acknowledgments
+* Open Threat Research Forge: https://github.com/OTRF
+* Microsoft Sentinel2Go: https://github.com/OTRF/Microsoft-Sentinel2Go
+* OTRF Blacksmith Components: https://github.com/OTRF/Blacksmith
+* Roberto Rodriguez (@Cyb3rWard0g)
+* Sysmon Modular: https://github.com/olafhartong/sysmon-modular/wiki 
+* Defensive Origins: https://defensiveorigins.com/
+
+# License
+ * GPLv3
diff --git a/_config.yml b/_config.yml
new file mode 100644
index 0000000..58dcf7f
--- /dev/null
+++ b/_config.yml
@@ -0,0 +1,12 @@
+theme: minima
+url: "https://www.asazlab.com"
+plugins:
+  - jekyll-titles-from-headings
+  - jekyll-sitemap
+titles_from_headings:
+  enabled:     true
+  strip_title: true
+  collections: false
+twitter_username: BHInfoSecurity
+github_username:  AntiSyphon
+youtube_username: BlackHillsInformationSecurity
diff --git a/azure-deploy.json b/azure-deploy.json
new file mode 100644
index 0000000..e5a14f8
--- /dev/null
+++ b/azure-deploy.json
@@ -0,0 +1,245 @@
+{
+  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
+  "contentVersion": "1.0.0.0",
+  "parameters": {
+    "pricingTier": {
+      "type": "string",
+      "allowedValues": [
+        "PerGB2018",
+        "Free",
+        "Standalone",
+        "PerNode",
+        "Standard",
+        "Premium"
+      ],
+      "defaultValue": "PerGB2018",
+      "metadata": {
+        "description": "Pricing tier: pergb2018 or legacy tiers (Free, Standalone, PerNode, Standard or Premium) which are not available to all customers."
+      }
+    },
+    "dataRetention": {
+      "type": "int",
+      "defaultValue": 30
+    },
+    "allowedIPAddresses": {
+      "type": "string",
+      "metadata": {
+        "description": "The sourceAddressPrefixes allowed to connect to this deployment"
+      }
+    },
+    "windowsServerVersion": {
+      "type": "string",
+      "defaultValue": "latest",
+      "allowedValues": [
+        "17763.1999.2106060321",
+        "latest"
+      ],
+      "metadata": {
+        "description": "The specific version for the Server VM."
+      }
+    },
+    "vmSize": {
+      "type": "string",
+      "defaultValue": "Standard_B2s",
+      "allowedValues": [
+        "Standard_A2",
+        "Standard_A3",
+        "Standard_B2s",
+        "Standard_B2ms",
+        "Standard_A2_v2",
+        "Standard_A4_v2",
+        "Standard_DS2",
+        "Standard_DS11"
+      ],
+      "metadata": {
+        "description": "Size of the virtual machine. Reference: https://docs.microsoft.com/en-us/azure/virtual-machines/sizes-general"
+      }
+    },
+    "location": {
+      "type": "string",
+      "defaultValue": "[resourceGroup().location]",
+      "metadata": {
+        "description": "Location for all resources."
+      }
+    },
+    "doenablesysmon": {
+      "type": "bool",
+      "defaultValue": true
+    },
+    "doenablesysmonparsers": {
+      "type": "bool",
+      "defaultValue": false
+    },
+     "doimmediatePurgeDataOn30Days": {
+      "type": "bool",
+      "defaultValue": true
+    },
+    "dowscount": {
+      "type": "int",
+      "defaultValue": 1
+    }
+  },
+  "variables": {
+    "uri_azure_win10_ad": "https://raw.githubusercontent.com/AntiSyphon/asazlab/main/1-AD/1-AD-azuredeploy.json",
+    "uri_azure_c2": "https://raw.githubusercontent.com/AntiSyphon/asazlab/main/2-C2/2-C2-azuredeploy.json",
+    "asadminusername": "asadmin",
+    "asadminpassword": "asLabAdmin1!",
+    "asnameprefix": "WS0",
+    "asWSKU": "21h1-pro",
+    "asServerSKU": "2019-Datacenter",
+    "asServerVer": "latest",
+    "asfqdn": "asazlab.com",
+    "asc2": "metasploit",
+    "asc2ubuntusku": "20_04-lts",
+    "asworkspaceprefix": "LA-workspace",
+    "asremoteaccessmode": "AllowPublicIP"
+  },
+  "resources": [
+    {
+      "name": "deployWinAD",
+      "type": "Microsoft.Resources/deployments",
+      "apiVersion": "2020-10-01",
+      "properties": {
+        "mode": "Incremental",
+        "templateLink": {
+          "uri": "[variables('uri_azure_win10_ad')]",
+          "contentVersion": "1.0.0.0"
+        },
+        "parameters": {
+          "adminUsername": {
+            "value": "[variables('asadminusername')]"
+          },
+          "adminPassword": {
+            "value": "[variables('asadminpassword')]"
+          },
+          "numberOfWorkstations": {
+            "value": "[parameters('dowscount')]"
+          },
+          "vmNamePrefix": {
+            "value": "[variables('asnameprefix')]"
+          },
+          "windowsDesktopSKU": {
+            "value": "[variables('asWSKU')]"
+          },
+          "windowsServerSKU": {
+            "value": "[variables('asServerSKU')]"
+          },
+          "vmSize": {
+            "value": "[parameters('vmSize')]"
+          },
+          "windowsServerVersion": {
+            "value": "[parameters('windowsServerVersion')]"
+          },
+          "domainFQDN": {
+            "value": "[variables('asfqdn')]"
+          },
+          "identityType": {
+            "value": "SystemAssigned"
+          },
+          "remoteAccessMode": {
+            "value": "[variables('asremoteaccessmode')]"
+          },
+          "allowedIPAddresses": {
+            "value": "[parameters('allowedIPAddresses')]"
+          },
+          "enableSysmon": {
+            "value": "[parameters('doenablesysmon')]"
+          },
+          "location": {
+            "value": "[parameters('location')]"
+          }
+        }
+      }
+    },
+    {
+      "name": "deployC2",
+      "type": "Microsoft.Resources/deployments",
+      "apiVersion": "2020-10-01",
+      "properties": {
+        "mode": "Incremental",
+        "templateLink": {
+          "uri": "[variables('uri_azure_c2')]",
+          "contentVersion": "1.0.0.0"
+        },
+        "parameters": {
+          "adminUsername": {
+            "value": "[variables('asadminusername')]"
+          },
+          "authenticationType": {
+            "value": "password"
+          },
+          "adminPasswordOrKey": {
+            "value": "[variables('asadminpassword')]"
+          },
+          "vmName": {
+            "value": "Nux01"
+          },
+          "ubuntuSKU": {
+            "value": "[variables('asc2ubuntusku')]"
+          },
+          "vmSize": {
+            "value": "[parameters('vmSize')]"
+          },
+          "allowedIPAddresses": {
+            "value": "[parameters('allowedIPAddresses')]"
+          },
+          "c2Framework": {
+            "value": "[variables('asc2')]"
+          }
+        }
+      }
+    },
+    {
+      "name": "vnet-c2/peering-to-remote-vnet-win",
+      "type": "Microsoft.Network/virtualNetworks/virtualNetworkPeerings",
+      "apiVersion": "2019-11-01",
+      "dependsOn": [
+        "deployC2",
+        "deployWinAD"
+      ],
+      "location": "[parameters('location')]",
+      "properties": {
+        "allowVirtualNetworkAccess": true,
+        "allowForwardedTraffic": false,
+        "allowGatewayTransit": false,
+        "useRemoteGateways": false,
+        "remoteVirtualNetwork": {
+          "id": "[reference('deployWinAD').outputs.virtualNetworkId.value]"
+        }
+      }
+    },
+    {
+      "name": "vnet-win/peering-to-remote-vnet-c2",
+      "type": "Microsoft.Network/virtualNetworks/virtualNetworkPeerings",
+      "apiVersion": "2019-11-01",
+      "dependsOn": [
+        "deployC2",
+        "deployWinAD"
+      ],
+      "location": "[parameters('location')]",
+      "properties": {
+        "allowVirtualNetworkAccess": true,
+        "allowForwardedTraffic": false,
+        "allowGatewayTransit": false,
+        "useRemoteGateways": false,
+        "remoteVirtualNetwork": {
+          "id": "[if(not(equals(variables('asc2'), 'None')), reference('deployC2').outputs.virtualNetworkId.value, 'Resource not deployed')]"
+        }
+      }
+    }
+  ],
+  "outputs": {
+    "C2PublicIP": {
+      "type": "string",
+      "value": "[reference('deployC2').outputs.C2PublicIP.value]"
+    },
+    "DCPublicIP": {
+      "type": "string",
+      "value": "[reference('deployWinAD').outputs.DCPublicIP.value]"
+    },
+    "WSPublicIP": {
+      "type": "string",
+      "value": "[reference('deployWinAD').outputs.WSPublicIP.value]"
+    }
+  }
+}
diff --git a/images/AS.png b/images/AS.png
new file mode 100644
index 0000000000000000000000000000000000000000..f99529bad3622237e2609c632d2c6444579f5f99
GIT binary patch
literal 28142
zcmV)>K!d-DP)<h;3K|Lk000e1NJLTq00Axl008<31^@s6ADF7n003>ZNkl<Zc-rl~
zf23{Kxjr6s#1Rn@5m6OU6*WgyL{wE(RaDd!RaJFFEfrO<b-d#mGa{-~92HfyEp=U0
zRaI40RaFsJMO9T*Ra8V(L{vpoRYb&b9Oq-~HP_yAj`{u`W9^fBzu!NWv(MUV&o$Rv
zbB_7G&-?ti>86`*dRP6pe*OAQ+;jV%%fHz3n#X(_me*6io9|1#U(`0J*GSvJj)&%$
zaj&W0*K^FM@5p*QvHcx}@nQ($=Y}C4dA7yvSJ`F=`H>LD3!3BPIi{BLTRIk=bJVh(
z*6Trg9B$OU)z_<QTl0-zkNS<y>me;lJ@?o98L9p2am=V~v}{|u&H4Y!ViLmm(P0>$
zABKD_gmLTLFX}aAo5L_(9ftgi5b_5?7~gfs;~<@9*6+Jz-#q8|d7R&ey4HHV|4mZ0
zVW|QvcRKA|nyTu!-*bOsJ>fK!k!BmzvD9pft30S<Dpe>_^*Jpl?+ao4VF+bW8Lx+M
z^4MDUSNh(|Hm7Zu$D1MK%OQ-nOXnT;*`@DK`aZN3vE~M*xxsn1t3A)Oi?wEdEc?!_
zE!^|Ub6;OBd&*U9tH!ke+5>5QAIm}2{7$-Hxc!q(YV887d0*+ZA&hrVi^rR@1?Bo~
z@ygp?C-v<8W(!x|zu&7N<VQmoFLH~K=4N2MNUi5|k88vFcb3+<<@(gN?b^1}3tb=&
z-AbqV;w^Xi9u<SN?AKsW)~Zw54^1ngSy(K`Upl#{_YYybC4}+u5b`VY1?z0#%BKrg
z&;2ditQN=pdzRMpe?k}^3?ZAoe{J<-!GKzEA5X{8<Gow(G4K0p@Z`q#<I7s<fNSt5
zO`9i`@0RvVvk<jl43^Je*$-`1X<6{73$t3V3Xb(i2>DNCaoR0VyM^j(A<5JK>59t=
z5A6S6wmDm@>dLG9e08eI-Ywn8Gz*5*R#{(X{a&n4h~-@HT#MSzr2TA`o0|4}L0d%&
zZsfh-dz>iNYD053wYIOGg~d`rw=TAp6KA(z<p+jgd~T0p?H*?f)masE`tP;{<HMex
z!1>vGkE_LV`v2c|72$Xb_1>B)$Fgr$sKSa(8gU)hjmnF=X}ccJ=d&CKVqfIDk`^Pd
zw0Bxy-+Ccie?G4%i}gJ%pTqjvGPNt!%P{2s9)|I)^#YNp%IBn2?C~8e7tmd+xL>UH
z72f{mdNB)O{A~#1$A)2KaT)K8)LLn4zIO{Gp{>%q)r<ALJ@AD0{8pdamg(9%WxU_I
z2%YBw^iCQfm&Y)Sw+};pDun#zS(US_s_LJYufZ3tmPgs<e$hPpHzV)Ar~nK8^`j8R
zd*2E4ffgD>D~+b--+8ao77B=S-*xSh2VnPL3fA|rkln0+uIA3vTE1I|c`X%Jna+hU
zer6c*OGx{-sBY#9#o6ofs#WxIpz8hJPZiG=tc)z2tEy}Ncs+#i$q@4G)`5kkV)9fV
zTIfN0Zd&$5OPcn)zh~g!sa%E6r(@c-v?o#@ui<oP$HEp~kr(Lqa;Yrfrezo+y)K0D
zfe^-LvG#8b#%FACSX5kA>`wZuyM=50p3An8TDVUC|Kc#@&+OUvmdTX{S31-r&pLfO
z@9ARizqhJa*r}q0)1d|AETErt)wNVo9#W!ZIAI+uc<*o?DNG3CJ;RW{6T*0fp4ipc
z(kMN)7RrTY5w8fS*J&z-xNoI>{Pna@yJ<N+c~FPA;H`4AR*sd2>uHq*T6md@h09tR
zTL4JSMehZowe6{e%xP^0JY(bD)1s>Nx;P9Oc2l@awuFj>09!n^UJ48KH)ji1zRp)(
z>*wa5WA<~w?~aEd-#uTztg<pI)X;-|V{N@HAbF4Lp%;hKQXrs(hlS8-A@Ny$XQc&r
zdiGvJfZpIb_eE-3#94(^s+UiNF#fq-tZJ-k&(E5J@%Uo3`gz;?7}OP4y+7Fg5%^pE
zcx@uo-lD;-Jm<Pq^XQ=$wD1f)lSc2kZf(mg*Yau&u-r|obOZ}V<Q+%9Q$*p17Myec
z-z`{q2x0vBBv!s&KWYrCp4?R=(^Y#`gY!K<*BqRm?+1>-;h$qYT*z~3$DcyT4~LL1
zv<R;)7nY~eu~H|j#OBsYvE@CiotwDOTNaO&()pcm!T)bql#CaAsjzMzhVhwU$p2nm
z$eCEEbPsBw>$z}M?hxulYQ0bRYpcb$Ea*R(gya9`Zf^fyyLN7}OjoSpRIS#}N^G;b
zJ8&(5l|(6($F2LN6%_Aug?UqOta<f><5^?HMyFfBv;SwR&D?4o6tqqZWt+==$ZX4s
z?HdK)&s*Z@xk9-8MhN3w7Ak>d@Svf$c)aU+0_swmY`KOlLT#;vR`LF}(Yl6<q$z{7
zjC~F5;gD_%UO?8$4Ay?O((Vkyi9gowc2l&>VpQ})S{$fFEN?CQtKskMw2I63(hU!C
zwK!470$tSq7Q(nG28kM+%QBg^+Rs>UuT~KJf7||&i)t^KPU}v4$HP{_pw-jKqJ8ra
z549Y&GkU}L{X%cR78xAG=Blf8H6~FIN_AxM6w@pKYdQp~kwm3P+-H^+^r@YEK7{-c
z&5hGKakl6rt)>Iog|k;tVgd0jR!0_3G*qi-6`|fJAlf=s_A36ZcdK5yH|%vGjCbtV
z;k7^3nqf{|!1cwvu1>PB0G_!+v`oLS=gT$`Ne}WFGFlDt?Jc&zud1^mF#q9RKGa+C
z=5Y!+56r3uXn&*DhGuZSw_KuiVq=+bdW4=<j*FGxT8W`=9)|I=!;oK`i;m}<r#T3{
z<Tl~ItEYDJ)~uSuRjl<haNa7Dk&eX~b3U(_^2^C0Mx3o#_1OMnZ7BLVUmu2CZV<N>
z0AEAE_I~dcQ^eNy(84L!!lmW9u(sW+<Kv+m+^9*!A?|wCzwb@OU@qn|{rXisAzLp<
z)WwTeOiRi`MsT3@WU`u2cAqNlDlUE^N-f%J3I)Aj*LFSg<5m6p(p*0De|fTZ9@qIn
zD##mQ)ne^^J!P!dCDpROhy3Dpz%foysH>!9yU1OjBg*5#7dUFMvlCFIN$!pgfzdFQ
zW`@}F>wR2L8u{nf$9DREkq>=d13P#!3A|D>?@iSUZCE~AuPMEXQ)-<Iw#I!~!EVc>
zvBkf>MU<@}-&rI{`-Mva*QKc-4@~R9><SC(<~cu`lx{tr(ffJ1X=AmxZM@n)56!}3
zD$uG=Je0`VqlYy9jgODxIf&ZPXNv=bR>sjocxrJRwcHr$g$oCzMY)T3A+M{DwJZpE
zzpcmhf~#E4j0Ck4(X0|=Qwtx)c_W4!8|~t2706r8T?_BZvo99DmxU@~<%}5@wswQC
zR_90y1;ZPiX5kg}u&l9+$gzE!I7X|9+Oky~72KsvUflHsT-hWennqe=-6EGcll<WN
zNvu_@+h5v-XMIdGB-iQZjaO*ga{$%q{@cS)pmq4w0`8;Nti=$`)r)rOowcM-uRCfl
zSJhT*VpfH0Xni4t&(Ie%rTwd?mD2lA7+1@2pZjsq{$TW?wZ^zI;evrrUe|){)8B0@
zDiRB)t;cz3g=M^)EG=co1FLwHEn<?jmrigfYvn^FME6dz?j$_kNPs!k{zw2cMSVa(
zc=T`P7*`K~evWY|-W&Cy$NciK3F;cq$2{#9$7<6Gq+4)J>y5dkYV%TqTHmJ^W$ECa
z(dR+3vmB@!@qm;rKuQ-a+Q<3ArSYX&dsN{U`WZD~{rsBLiMvBs0v9wD=F*R=-p7$x
zaF?zY*c5e1m7tteS;y6lHCnG1q0`!KTU>{|8K0iT$YcJg;(mI3g*?Pct4_}Yez)#V
zD}IOVX9Tz>0(=)z+F16xUbvPQsYWDCgZdbjRZ}YP;0zq&YOOq}uneyC#mofjg%=C`
zSmInGQF)y{zp>mjA*Dwmz()>w(`>y-dyEn-=lr2R??S6+H9ND)a5Rn+o{5xqOsg^N
z(@bo*Z9z(RKuS+QO8<hCu0u+XY1{^8RmetHZP|p>YoIzamd?D$+7j@=-A$KT#jK!a
zWTmZhHqb#((ykhuKl#o9z6t<WAf+EbO7}(pR~CcUbnuYie2d<)73e2EuPwpGI!SAt
zm{_%xExNEC+X8?KF{RG{zzY%J`pKdNa6JM%W@FCh4JC}$2&g&TAw?U&qRNm(Y}?C+
zzvgk#3kc@k%2$?>2z~AQg;GQ|7D@}GR2HuNcm8@zDML!PLP}=Qvo+w?nzrSkI(UW@
z7N-~E{@R@nys6YJiPb$?JCBguQf0=J9sqz}O%>MlIQ_e?xGdY>Ra`jOjLTU@=J$2{
zSSDL6Y~ogJYwNvHNm@l}->r_WwA6>j0oN^KUV-ycRdlj&mG6Cbqq;sVVt<VQpN5of
zwm6`+Ttn9Brq(G%TEIOC>l!{AY2EAz4A6d=J#dg#48<FWpgj(d(z^j*3n{&Mx?q))
zceZ%VD=y7@V$69gk*5Z#G3<tu^l;!e(Q<8jEb@3*230*_6Hw}RqhvizBzB|6XJfIs
z*;iciN_)C#U5x<GLQ40~t1qi%u_x%I2OYu+qI>?{>|k-8f>BQ><vUr_TBd~&;3%f_
zcUUe`*XMWM>Hm+}gvYyz3m@x`s|t$}4zK;?X;Cs}myCGPAJn>;5?Irg&6%`$t}83<
z_xQ1q!TIWZ_-Z^`tj->1H?g-MrEfz@cm4nN&>fPjwb_Q=C?hRarL~Rj6;!Knio~`%
z(HkCyl>R(FIp>Sk>ZApD%;KCnC!k_XcMUL4RTXt*!9{){mDtvkgv5QXOXfVKp`;_#
z@ckVTLh8EW;wP5lMq6RbTSYi)6Xz}C{P8-Z^mt6^R*weKYE@(T4A#g&i`34FRSWBi
z4H)#q3TgF=J(6>^@9RmCE@gfMct51{Gf3%5y+GC2)?yKxEnFImU{`VJHF#W%mnC2o
zThOZQZml?|gppFMqO_n&(?d?{$Svx%$XctltH62m+^8OZj43@7Q@Y@F>+PWpv<A6q
z175Yh{MLZjMXP8@NVcZWYQ@+d>V)QCXck&&Um>O2A*IWZ(i_A{xO&9p!uFW<?ny0N
zQdoq|DI#CzF|-kt%243E2Q;o1E>2s?Svd=soNzoc=bpN;2$)YRF75fTThOjSN<W5_
z?(?`kcor9{Q$(w?gmuwVE@<t^H?96mE%wTmfKH1?(*EZNa1l~^G^X_GqM9NWsYtzM
zTDY`BgVHLlCuAcb^T{ZcfvV8Bma}f1kbT(pXwf<5JSA!3NwqZnL1P7td7agC2x(E4
z7Ou!YUv7xsfRyg+=>cz@SX%6#tdq``g;oUT4<Y^0PAYmxhpg{KeL1Bqgp@uE0MAc%
z#Z$ZrX#>}|#(XSZO%*j0xHCG$h}tM?9=KDgZ(Fl%ZhH?wb}2v9zG?PX|9A8;!4@wa
zIKTfqr>$ajK5#$B8XE;D^od6!z|A*u@YI@w)pJ{{JA{?~uQA8d<Sh2!p7ai;1%P`2
z;JdLbSO``zUy$Y}V?;pt*@^m?&FUp@*3|<hOQEO&dF38TQwjL0tCG-cz4R0fk4u*K
zU~~^$G+s|)v5d*}=glU`Pd!zH<s^BzP*vy3>C_po)PD;AAHnDoy^9J>Ht2bUKdblq
zysTS#SkJa>OY^rAj`c(Y_}7BUfSiP}s=(&Y$N54=R9srEBDdh+9$NSUfInBaRGHvD
zEocYZUc}$oAflo}tXsl*!N$^xmMt@N3@}Ft(oJJy`K<G);^{e1RaMl_fdB68n9>g-
zz`b!=z%1u}Yfh+_OL-oK4QlIS&9uQnaqw71TavadmEcKR2=Ez5=>=?37^%rnMKZ;(
zi`iZDF$<ZIBA{}K)0p;-u3$3h4oXiOmlc<n+=!?IwtT*$HXv4(4H+l38|@^x#<-#Z
zq*pu&eWJ*RZqc|3Yf|IAfV|c1*s`{m_T><IJ*^e3WwdJXoVQFaBfx_btJyNfHlLi4
zphHlf=WME&O}_EgX&M!6&s^kNOV)tq=CTfiT|2$v`H42FN6p4pOk6h>y3Ycfm(CsG
z_r$sOGNg1OAJWnvtaJyfJ&q;3wntJp=?-D3sw@E*R#KX!^0Np&Pb;jH?t+xQ0|0ME
z?1UmJEX|1+@#i129G|nPqL#14i>f(4cUzc7-g>?N89Z;R_mkII`f!QZnuP1=v9V0c
z7T~;a-Yi;0LUDoOV<}yQlztfjPUS<I>rsnyc|GN|GCvKOT#2vyMx9oS!{gUu)jw(W
zr5O4_N=E?j5A@{1na+5-sHo238SZ70{M5{O`9d3oi5tybqH`NZOo+U_$!R1<olmu`
z4K2+XDG;4-ir}&qRW0O3+wz{;+E5i0G2}rB%-qfM?D6(oKBVD&Su-Fk3KNei#nRfM
z*3DXPXlquSb&=}f5zhdpMW*w~6PZpefYvTX#Q!71oS(gq!`3FV!fGAqG83U1nP{Cd
zf-7aTRcy5guER2Prh#;uiv`E7CyP>Bxfo__v^ehqoY!!-G_53c16@8|EAk<z<U<yN
z0c$R#Mz&|^oLp;-XHl?3n6+%H$EbB`3-5~nKRYpbtEW8}#bH*a*Hgt<pIAsqk8M|5
zah+jYdBeqMQH0ZafuhK%n7<V@y{rCi+k@9bf%Dwt5c`bvM3nd4$8j$Fz4Hp3S2&=e
zJT7c99WmNOEzBo4Ux1x^0KbQn9x8rt+UwD46>U+zXtu9W=$Htot^6D<*;G49w{p#5
zN_PUlH)6rDsL}MA0C*jHZT<Y}WUQx+>-Tv~W8$`dt}I+@8A?X0jWwG*qlq>=IFH-H
z%(u4>%jj+QJrB#kX&LL56|0o!(2TX`7+t~Q%z4duJon>TRo(>YG*<k-nj=U!jV!1)
zae1Tt38eIXtE;g!Y1?Cg<ykOAKQ7C}%R0sDWjU+GP$nGfQ2=;#1)O7dFzuAECYdUy
zLA9-o2JEE6GIR;exDQoEs|}9ph5X%Ct2fi0S3BlB7p-QW8frx2xKr#p<wwggB*A&Z
zkY}aF(41%M*Zn(A@*zuW=56JyLA2II4_yPSdOvS#sRrE~O7Z=3#p4?QJ`5>655$xY
z1wn<$p!ZRg_K#TvvUQU6x@yV@C_fVV!pu5<u9JQ;YPd()+F08Vyj7$I2IH#gt6B5>
zU|~em1tXFSg#NqH+L`YcE)sBWIe)NoSmGE?@}ZL(c;!B!<w{!kUfQH?Yo245R?(Z}
z(Ia_8noI(~dn3U2B#@KR7;>dNMRSOh=Mth>go=QwFxT7If-xkIb&3mRjX&e9n^j?+
z43BHMs8~O9W`)+c=sI%(?2UBZ)pQ67bgwb1NGwc|=n5jeIN>+u<+=MiNa-Wx#;#@8
zTQeRsmhP75I&ms_2y5ilxFyT>0HDZpo`jVCNtw5;#>+HE1{cK=rF$*az_t^Gung)1
z(5C#*+PkbU8PqY<tLL^7cgX6;g!^%2g?AXAQiR)9(+d~Err%hMHPMQTI@g5rFH(Fk
z={e#&jsS%|@qI|?o;m-^>%*lXx>~9(^S1ssSR`W~Htwc{pM{kE0)(hFR+GVqOm;9m
z8P)F9U~4^DM1a!ydpu^jNt{_XkElQx6B%PXr?nuPYO(N^3VF|MN4?p*)?pbVQf+0F
z-mz?#$JJ-XgK#qn)DyH2o5*_NajhnWjIMQYUMXJ((z(j~F79sdPXNHJhjxMK5eiNI
z?f-^_tA2e+(}@7jo!ZTCTrAAZ0V&g?0X&V&_L-^BV@8U=hVos<!%#CpBgkYt*ZTLE
z!@}zI+m-}oipNEX#A$&z?oGd@hVXxj<9w&bvXAFH!w=-9(~%)Hqpw#2_|tY@n)JCh
zpLY?`WeqvRf^>*+=~RlBaEkvdQxm{P!FrIrmRwLL6E@!FP9FNCG}+o{9Z=UTRaOx!
zCG8$F$va3`1|LE@qE#T@Mq`B9(dd*)FI+?x!B;had{j!u#K|Ipn;93eA|Lu`X&-xb
zL|*q7V`5YraIP))tWJ)I4(#>_@Pit}jJ!UuNhHmY1X-C6b|O__8Im-EU$|_7YAeVs
zJhql#1I_tUY;F4Nn+?!cymn)u^DNvU@R&0C+|yKHa|nX^d#sZ{I*#hKuf>!;uF*bv
zqtvXX2#PgCCz#a6tZQs9G?q5inE6gf={dDLf-`Xw94V!f!OW{UTf`pIOl9WaJg1|>
zt%|ckByAHMBNC!*54)n}XU$s=PfG^b`Om44PHild0M@$MdJb71mhIzh>st}vi+kq1
zC#0t5--v(TN>i}J+gp5`W+%g~F{S@m`Cm~JM5*#(T1pDs#40GL^oSZdgr#ELS6pi_
z9Th$!U^bs<O<5e{epWP(s|N_X<Z*ExTUkNd$l`0);5=!Qv$1IYYK+Un3yeg|hd~gL
z(KJdJ81Wug;x0DrT~<1THL}plu3uDK=jDQG<#_<WEfL`7;vGdPhF0CBxG&qX4~QR^
z<V}Tn&SMtC>&YSJ@<2@-*P*ePAep94oPqOJ1~%1Ro>g4D8^rqm7-=*!w#>49b2XT-
zdCmiTHA>ZcgQr_dH5LU}qk8W1hjKLSVaU(~&UXgd-i3;z0lvBL<tB85kpSl-!H0=!
zssj3dbo&a;BeC7bEGqn($3;&IGt&-c0%XqwkUz2ks**c|N5s2KvR?1QQXrn$#T%FK
zV8>`(SrQXQGaaHnUn$Z3LKnLX4n|*#{Y;&E*mj`8yCU-X+3Wrd03YwQCiDdRR~VOu
zt*Q<9v<M~{v%k**z*Ww-h-&Mi;%`(SJ|@EU;R?k{=Ytlh%o?1}*EON3S~pYO_RxTe
zttCiQ!#v;fxTMTSObpIrbh=|kO)BeLMd|zofG_VUI#H09IrXk|m83kkBL(iS&+S(r
zrT18v?;hh(kEQgY;<A=-+G(R@DmlXnO3Kb_tfYZq4x>a<jKaY2y{JSV!of0PDL*^2
z!g4ZSv`8K1JT59?p05;e{AT^yObC+Myuq#aeBq4*v*2ohwXnDkSKa;+nTe>eAO_BB
ztAU9WU94sPz<RsQ&n*FaRe|iro3zHja5|@d2~$j(H%n6zXS+3y9&p_Y=xel(li}Y_
zA_9QNn!QeNtSGE1D(`BMz_y~|Za4kyTL7>vcPs!<^IPWsQj#B9&VvE#nbG}a)<loC
zgc-LQIfuoJlJ=a(^_CPrjjqr*YoCnbVDqpHYp`k=C>598xWD-l!NF9pa8w2lOM%4F
z`OodktcCqjtRzA$jxR0t?4nljyaQh=53NVy)FJ}W)35q{fxQk`To|$-aTr!)q(QUi
zuEiZ~W90{KHDa7ET$Jl4Cm>#9IFvIg?_-b9Ew<W9T052AFI=3Tyw-Q056GY&#OK|#
z;4~57-7%%(q7$S<){(Grmd^RQ6QOXedVAQ-y8gGS{>tKeuLq0j6=_D=+Oz;>T6{}W
zb;Oh|Mu5L)33ePo4=4(Q#@43Z4&g#sRd;2-PbCyybH!z=NV^>1E~goFh0wSr&@QQ~
zsoPddZ_(PAU`B#i2ne3H$a!m#F0SNYqmn^wER_HOdz1?7K}hLWCrouA(vCC&u<#VI
z>xD8MVA{sn&HZ~;%V!I9!ex_n$as5)&GHwiYKOfOF;0=9<0*0XiwKyx`gt;KgOr{s
z%zjNjZ;-)ksFsfkaK(8~8BJ^EJlfa3Rg3LyuXom<?iMbb+OQT(V+q|^F|^3UVxAeB
zo3-b>_a<L%Xc3?coc^{*udb4;SHC09J<{qKIe&pTcMb1%B?5e~R|xF6Y84N?V<qe|
z0=%Hbl2&D~;x0zDijowAxI<kjcOn3IPtO(`1LxNlUPgt%w1ArbJ)MrT=6%(<idy*x
z*Dmh~sP*EC`{!q58kot?O!2`qV($II)fxg*o#zGrdNQW;FYcV?uqSqUh}lLfO$({G
zwCNi7Q6&8Adyv>2nHIADxiy~K0zy~V7LF?^>^xY;GUwbNI7h(Ra-`r`zk!rKx_6e;
z7@}E1HJ7boW|Df=&Y;-eP*G%bBz>+boW*Ol)=W!jFjKZkEjsJRNH|*H$AeqcXe;N_
z*KMREbj^enkp`8=dr$nac0O6_i5}s4!eub7urG$c7^&6}n{e*_|5ov`Z>_qllSp#-
zqdoCFarYJ@d?=$=C0!v>0K7A}72|;sce7Wa=(%R}2CZqH#+tg~Hi<@pYuqMx5mF2K
z#jRECFWpJ8siJOQaxXD8;S?bgP(9g!bCPugC^x|0OGH!hM#`M8k(iiMlSoSDHhcaV
z3yIod9BK)cb%XPs(pku(dv8qX4Xq?13JUv3{mcOSk-1YrN^eAf%LT{6riB_HQp1D6
z=n!(Ub34&gilwjGsjcL6s!cM-t(!CHUg}A^wjZ-4k4r08(^g*C^D(8H0bm0u{f#}p
zHP?VqRunCAxRhQgj>Fb4S&K!p)`Pyg$)AOMHk-VBDH3-8G`<NdmlZ5xlE*^dxvs{P
zeg-Lhz*047oD(GW{N4d|J^jjz%R@#O;Wbx@is+)bQk3LJTW#p+5Sb8Ej{@k<1z*S$
z%5@yuDQ>oD@s+bi{gqVe2=Gk+c!T0}MU3x7fb9gwP-P-O0QdzadDs#k=o#QCd8IN%
z-<pW4{a~ke9DrY-KJAtNc2qEcBjc$RIj`?E-u0&``P!V|?Kz=2TbniZLx-VK+D43N
zj{P2w^U5m+RBg4T5nq>WQp18ZU_YXct=xX&B-4=`Tu>tG7Kao|l?Evd0Ps`HB$JES
z<M6IX&?D*vN|CGZ9qVWI=B=`DQ|lz4rPZ9UtqWzsf(fZHKru3;Q?&mlf-fRrPZLx6
z`=mL$MQehn$(Yl$QxwLv=4H{uN{)C*r~mNJSNqW20d=3ND18R(vq~gd&X0`BRm2FW
zJ+B3g=|H(I0N|4m;Ez;?fh7V(g>;Q2SaVqN?%%)O2&-li<Lcpb>M5lG;Jzp@;3J}P
zN0WVVA1wB@v&F1TO}-N=dV{qM)b#n9lb13QT*lFl;&crE8OOJ3ul5@FpMJmX!RM(7
zsP%M{mMJaWA}F~NCR<uBj2StmO9E;yXB6+k1}WVJDSZV}dYyBJpm>T}9+#H$2t^$N
za7T+XM5psdR=;~j!dm{zl+@!^%}dWKz{_hV?y3{P&LS$eObjgxU>%m>0ns^Y8yvq<
zTR(5Lg9q*N)Kn2?^h<tPwxny}`HgjyZ>g${`p3H=rJ{d*TN`p51t%4b|0O&=;n6XB
zt-gt4W%E$#o!SE_!D?hnXbpjIV~AAi$9aBFG95^1A=A<Fue8$<izNuooX?ESi{$v3
zm9HOJC(sHo-)ctIT05iV!iBrC@}G-)jplWu+8sh`KWxbiwEWFpJ`{I1+N)+N5D^+1
z8B>CY(~=(Zd=_pPWe$v$Y)7=7(q3Qrn9}9wh$L@xH!V|}ry{`Z9@1os6NZ-GwwC;0
zE(ny>vW3@_ttru4Dg4#)9PY<88vVxb<FIZiN3{Lb&><}REH#PJp*Yyfhf1dscb-{&
zJ?<$>sO9#a()zBo@Z4A!=FoB;X-A5Bo^)a0`gG2@fv>oJRaE<XK34BZk=Lh+cZa~o
z^)#IUzi5}ZSSE$q0>^86y+MdiO%-vA=8-e`L)}c*`pUH%Mh(W-ttbV~A1Wu*ixr*Z
zF#wbl_kU4DQp^PclLSR7^ce4ijt@1k=%!U{-7)ElC<h@@!e-94nVLQ_mNnDwj<f=3
zO)F&aqOwew@QN#|10m$ljLZaRum*cuD{n{3<Fd7|S<x;_+rrHYXN%hAP#2%a&Ya+W
z754o%F<WNf1k?my3y9ZO5X|w7);KpA23kCqm;--|9y9{?!hE<$&n{#^D+X_en50@g
zsHBq^^W$3ck}~SWj#VENCk)dD)~*s&RkQ7NLGF*&lE;-P{utqkkrkqB&M=VLb|xKA
zy(!*@dYq^_>KnRnO+cNCfN2@&3FGlQh7QphJ?5>%U}v;O(i*6s3evVl;;8@}c@|wO
z!0OR!E!(I4RB<FomRVujTwA|zgiX%YIj@-Wy%ZH^tzsq@VA|mVTby{8S8S19yKt=O
z5E8CuH6_s8D78VU0C1UecHr_8xN8Z8Ty~FRZPtWVJgq$rDmsKT4e}(r)Z2;sii?Q^
zi-=qyB2yA{!CQlsN1AD&R(Iu*xM&vorL7H4oYaS<jwEg*5l^W=Sc{lmwyECnxF~7@
zO&rZaG7%lTp`n3b6_>^V!ZKB~xQ8-<$(J=+Tp%zmQ)Jpyaala(wZj^%xr2J)@+?Ri
zx76vNAEP!k+(AbCw<u}^LX$Ysq>E_A;2!%LjUbgvvgSETnKjVUFMzC8aI38l^b6Ox
zmG()qNZV4mvmzyE9SEzjebNezwaM_(Vs=t-c`_TZL0IiikC+u;;Jg**wN$F;YkL}j
zS=)yB!bRE5kRsE0AC4_zw0Yo>h8$@%#M9nEw8X`IAS{!zOj;eUDFT?`U?#&+F_62S
zD)zu_mMK5DGX!R)NU`K49^2aKG&7Woys~cgXj6N;hNAY+)xss+&`EF}n?mANP{%F0
z+#avH$s(+7v9h6l7xxPn5z`d8>WT^7q$VtLaNaA1_8cE8XuZ!>#Kp!V8oR|sjPcu`
zs21qr*kmNgrTpO4WJbO7G5Q8AYtjg~G0BlntJsqsp$wwE44C;Qay_8#D+sw8nBf>V
zRn(eCwmL?1<7IiLXXPL)nDI=yNnJ%n0$?PyS5w7h!ScKnl*Z*$pa^WR=y>X4qpPH~
zoz2=AbVPjIaR&+xocE6Q_es{Yw?6J_QBxS`#dln35wYoM%?mpekE=IN5_Vp3ILM9}
z6(Hce<Ue1zMI7G<?iQ+5^i~lq<@3H(<ovHCT^8pON&L-`Dk<0C0HI0Y)mqw64yfx<
zzl23mHZBr7o~qWymE=d;`bx)O8BZqZ471|1$VP*_IDJH?idKfV^&GH56SD!=Wsm$P
z>a~e=XLIb)Uurp!DhQ|52+k5uM#MKAM<EO|N)IF{1!#Qi$kS(g!!EsE+w+P`!@Z*Y
z<K=B|oGE1S+xE8ZofA+gs~O8@sQ-p~;1Onv>TPpg6-A@o_c9d*6EPoq3h$x}3)kJu
zJB!C9O$fB&TCJ1Be&K?O6bGEg5M~6(a8{7J#Zk}CXtl7_&@k4_`L#4fS6OA&Ndl|b
zsK~R~du+X<e(D%3-65!yZrb4#r%z};yOacuCs}Lsmy+1nLaC9qd$Mo|8H}VgIpYo-
z>2BxPa#Po+Mzp2`v)}1QmR_%Q?lp6*;)3dc7@<)Pj=<er*0hSFmZ_g~f?6^ax!28k
zTo{Rx^JLff&euRT9_y9KunbL`tiAY_bcl>D$h1$`I$u#*gxB~Mb*yO5c?<o;Y71ov
z)m<!H9qgbY6Wuqf>W(efhNhL4pqAC^&O@uneUT>%S1mJ;BF2b?OTxaUpO0GjCm!9R
zh10{Q{4~3ls(4%i7WPaluW8*D=dI2&OV3G@om4YPO2txsEXm8geAcxA%w^%CBKEkO
zI2jI$yatvq%yG--@W|&@=hAuTsaUx}RdLnhTxz_FIYLNAf^&?^6I`k>hx5dVV}G-g
z{H$5vwWB8%GhbI0*uu8N!ccsNVyr*a`#cC?{5H);qg+}?Li&VH6>+=fTJO1f-R4G3
z%`DrB`>CRU0|ORDLseds1aGRiZWJY?Tgp#wts)j|!P(tNdPYPbdUPJ2x0UmA=72gf
zpfcU+Vf-wN5<m;B#}%Do`u~@#6d9@Q2_Zj$Eh_6UkTu_mN~^|rT+}wP!N#09e<SG*
zRvs5r0W+Ad7OLwd0%ZsXmg5_JOw6=>3&BvrgigVEF8CGexe2ZoAPXKwhp+&qR&uF?
z>1Zp_Jpq+>F&zzVp`2-6MsP5a%=wT;2yD^rg)n{w1LN0K6UAAh1{IkB_a&R3<-(=K
zvb4^x)&ys6d;5xu3q4**eCq2$%5Pj=qsQ7rcCEBW%Sd1=u0xc0)Q&{S9fC>jp@?<Z
zSa`PJ9UY>)x8h>b@Ai_Px_Z+1&&zx#+)bf2<s&ZayFDi%2SA6A@8g_E*OgU97c<Q9
zf<8`Jg9C0_p#aS!O_Nc;y>Fb{AyyOzjF?TBZZhfBn7;A&km>*>f3jW1ptbRk=n&D8
zz{~i}Q<;mkJA^a|)7VdI$*C5+EQImGFpSS=1k<t&b7lbSY!z9*qNyyjAsMsJTZR$;
zwx@LKhYd1u6@9ObHMz;k@v{<JvDZRne{M;+mYgC8GU~B*YV0{aDq^d}(ZNep<-Tmr
z0Tl#)EnqSj0SlF#G3Tu*yjrS*m1<GNbX^Ex{OB;`-)b4*%S9%mDLxc0N?x>9)!uhK
zQ#H-;4PpEVE(Yh5sVOn_+UiEH=bTkxuZA!_8p3!>FT3TQ*3I*&A|Qh*s+xithCw)8
zi-A}@u~%3(ANrWMSHWIdMqotNE73KQI>ILWtXs|!MfOE+RJ_$wNh{9YRUG*}A><!~
zFupC3LoJbIyd)@#q||D=pVp?jSiPx27{5@vymFsgwrCznt{X?PMHb0xA&kEcVf=9U
zo?6r--sER#8?jorfVfUL^FZ!-SSM#6w`!JK7q%NBAVph6#D5FbEmlf)!0s|QBlsmq
z>GP1%1&dCqRjVnrq9NqlhGBei81la)*9WW`(OisFJUtG|j|ld4^6x)}A>XNS0QFp)
z!*H^2|BGV2^H?4g^ugg>IQYK=_!r0HY6$teA>@0!wl<byWBD0U`Tzj@I#$E0Na4i<
zXEG{WP@~e1%Oag~N$9*I?N;BaIUNExraP8O!g06i5*Of~0PwY#((OG+w7tN{5XOrk
z<WCR7_!4$OtuG|{g4M`eFd$wElCA##Up*iLI@KtbN$QXBg+mgX%by*0y2#2Xw8b&`
zX9(jHA>`XNP=O|*OzQ{7!4{CxMM&v$0Pqr(_D<O}W5jLX0&J#=%VGni{Tv1|vrb-M
zac;C=L=-q51@I7^LN0suYXI;=Na;Q;h}bG`(kyzzP%hB?!4Sq@l{TdIJ*UZ)a{IS@
zZDx)1WQ*s;-(DSt{Gc|4TWS{>M~si{TC>c0YH5cIT<)aJNfyg-%r6W>{&Z;{Jz0_(
zHxZ3fZ~Zrr(j76SuLHmvgj|Q!CaN4HDgvrjb7=i+?B_kS50^9=UlC9-qccvej`O&F
z3n_hcpPkqvsm1d-*H~75_b`mdA&gf9Au|a;(*j}IikPb|a6RP8Y4n%FkT3K&KHT3=
zRp@VcJZls%FpWrCUbrywElz+Pp9>*BFbw0nuAd{3TY7Cw=^g<15u|h_GD9pB<085m
zsB#s(c@tf(Ne$n|OSsca3Tnv@+U_Bh6(FMQ2=FSTw1JdvIiw=M`g{oEts#t$7o4b0
z-N7-JOo)LgOJmwt5DS#R4F=c0pZ<R}gz*zrUXoSjG^@HEIjcl@JLlzR8VTk<zVJvQ
zY%U!LX}jMDVLTp&d^c8sX^Fbl%2j&4;JJ{}$04QPVYo5bwIG4AwL65hz0(F~sJC^<
z&{xf37BM41B?o2py0;*uZ$L_SwT5k4csiPjD}?crA>=>MW_4K=5}^r%khYDrSTvS&
z`tvWec%_9<$ynT!WA;36@R!*(8T-t2n@NkZDUW{|_@6DHe-9ylc^JlvE!Rdbq4Erl
zxfxP=ET;4iz|-B)1&T@l+FLhk_ScgJZ?3owK|qxNJ4*6{g<~L#+7(FYX9dUFw}sll
zfyHIg0y563tPg~ce>#oR72t0coF2FqlD2cvkT@yFgkdP8(ELHIzr2RPs~OyckRKd|
z{3fQwv^Ya3@jC}8H%r_6a|q)@g-ERRtJ74k+VmXk@5=Q70Czx2&lLPCDvUcV1XOQ+
zs3+@T1<qTg8eSisI-U#_h*m~|h=Je>kkY3jz|9^Rfkl_8y_=M3VHn0ciuFqf<G<wA
zE(>>koHUBlA#ituH6?%~mm&h~@#}l;k~V_NlAuIwYpS}Qp%zz~n?)UK9Wj-fTx$2D
zk|kZ)k!r{L=Ix`!$4omI(?*@mTFCojN<WVPSGizi#sdA=()L=-7nL_c-6X9?Oc_as
z(2(HHe*YSz^p$ADv04eIvZvH|a|pQzqhDTQAu_hIwi2cjXz-sU!e(Yn`B1#=4<Y1R
zEyIhJ797F4ZVMs5z?%uyY1CBuc1F{$xoxc-C8+ltSNpJBAW!hGr$ZR;ct<4zrBuA|
z{v)RJXDVc4<uq~jn&TGgP?u;sNpEMZN~|uRHIEDEN#dIk;J*Oiu2@YAEq!u}7@AnH
zPGmYEoXB*pacvsz2PNAu;}bwGT1yVkScA-qi?wi-K47&Ywm4X7D)|udhl+*~OE=<<
z3H_PZqHMmJ;-|6r00DE^IC<{nojTx5KIFjxwK6m<Kn?)6#*`k9DZK`Y09g#2*VtNH
z9EDZgk%fa~z1XdiAA%BbEvEE8kkW$`y}`@YZlQh5WIEpqA-~OYq%sj=nh9H$ab<3Y
zZ%;#-q+{rb{k=L2<0Z`nqm}!3@6MCG&lf|;S235;I#9zxCY88hlx2?mJC+2C%7-i#
zOPVRJHK^qT|4QjSPzr-WpWqx+XBd}vlB_W)P%O^6)xTB8$5vdlao}GdrO#@;?5z?D
z@3gSUbV3-PJaaU#gT2(^vveXIk*bIeG^M<#G=TN&bx-Uu8LyRaPdncU?|Q1n=dfe4
z{(WW!ADO*5P$X9_bCOF(sw(ZW5PvU(@m|YyXA$^YRV}kr?E4|5X93_E8FyAq6+MfU
zhP=wY){FmmBdIte!5Kg6bx7$cNa=RZLgXF0DypoD!;p*V-HXzREQ@=yNNM1#j4AD&
z#!H>JK#Lad>EckKm8oc%(X9zmlWWFz>Ip5ER;>ftGjW_G%uL24v9Ma?9C>{h@{{F8
zsA;8p*otdz_+{V)0H2LJeJ?4p)=mvA&ugWJZYfJQ+u3=p;_je)A5wascU0QyXhAT#
z%U%D2A>?0%kgwr3DcIsA=K#`-_)Hq$NiAPpxzW+{r>`xa>FHq@FKDKJ+7r>@0xMm#
zg&P&Zcv(}?VxL_*9i*IPrD2M#g<MU4UkD*TQn!y@qsm_46s2&8y8_~kitBZ3=}@$b
zr_o_W2F9!eLrtGuGv^_tLT~tZ0p6`dM~g+QH5W33@jZnVU1U0vr`0-L+SVpwEe)?x
z%mjfolXM7#Mp5qiU#Klxtlz6N;L&oycn67b!o0>exP^fWebs0Yb*76p{UhcvhHUe>
zVaN~6DJWWVJ}Wa{`!^@kM}T`ErJq1bS1~$-MVD%|`6kz!mXvDiWRa-2z6B|L2LSGD
z@wDnaRxZ<@VaSgU!}xcMm0hRdtYtMLBTJzv5O^97&LXcL*y34Ber9;kTOo}9RdAM8
ze6UroYQe*%>gxl;kbgFbzY(m73kTr=dOC!IHfY2WmuTB*TCz0#`^KbaCFMibfm#ov
z$GBtPUxLEEXIe#V#GiJJVg63m9QEMoP<P&wX~tA#StcvqKmrZ<FNFN?Fr3MBWGpL-
z_Q6zZfs-Of!I_i32r2*gsy!`}tq;vXcx`s1bf?#RZ(8p%Zktp4{;6G?g&#{zOD&1d
z6*-e)RjaWPLcZssYyEP;Rkh?)YhaDGDz2{AdtyqTu~dH66nEu$;!mQ{Ob>f=Q7rwu
zr7D{)gdv3SrxQ?3;2arETwYG8*4W6B{y=ena2^rnzeVx6gm(6?!!Uks81l_6&KTa%
zh@N4gGooq{uz#fh-55T_TR>;DZI?_NYmzFT7L<`m@rZuE>#FVK_kY^yUB?R^tk?5h
z^zz5I2<*-0o5m|$lZ|KH2~UEwr}dEjcH(2*J^{b~rkK#U-_@F-O)XF~!<uHj^JGiR
z7>|_r6in!Ad-k?<+GH_?)Hoejr)C;q_AumocAUC1ERt6hjKbs>cSBt>?lCGx7OaRe
zIgBCpyVxKV`Oy1{;i5L2rk6=(FZjg@GYDOreoU(En=LtNEm8H>kucJ3+&o3yzrs)E
z^l39RXDXZG;dzlTMF&{9f|knhM<I;wm6*tfIO(+SWu0Pj)p==whavw4x3kfu0@2P9
zoS(fk*|oHu<nslW{5oZ!?Y$mbv25)%*E%6x{Cp$h#alR4-X!HcFK8IXkAyHzG9Av9
zK?+D68Cg$8fb)@^98y*;S{KvV<9EZ5KT$rbRU|J>bhNpE*6hGu`?oVB98Yzl+8a%+
zS`e(P6=dSvxJZ&pjK2-TiG1jy7Q?lG^Hv7GhaqpltBJp{xjT4tRbExN<vDFTG7MvJ
zA^qMyO-D|8(Xrs=#U(Rb9{zO_XkTF~{|I3`@r1IP_-VmW%Q4qfU|NEuRWlpHcvlGH
zH-{m=%};MLgNy0>%P4FN&kEq_6f(E$^z|q5A@8tEYhY+~`>+mTEc-wvS@#Tr)m|`~
z6TcMz4q?2#$XRx7m01+c(u7g&B;{Qi)~*9OQMKHzo?M7;hA@7s;8?X}#{<;fsMIHK
zb<J4~g^=GL!uaz-9+rgBlHOB8DxQPul=z!cP{`-u3QsHK;qT9BE#44TZ}x&!*V<#P
zx#=c@b*cqhI@I*fIvtsCtWWP`I-FC(NE-Q3JSxuk&+<F&bqa&KqI)Zh{`)cEZi{S3
zQ#E<sLql=V?57srnVkoZ3`72l)YfrrI|eH#@hKI~R^w?}ymK!f8istERX^;}DSL$A
z9`iv_t7tI-w3hrHD_4sHDU%HS!0w_x)3{NoFAO12$pgx!6Io+Dqu~6!xbtYwE=`(+
z4C+b!?nRyOjMAx}i^te5UTkOdsCS3J78UvCBU|T;1SLb#y;A2_S(r=g-4ffhfa#W-
znB`otB)p3htV8M$ElI{!4=o{Zp~!T;Jq+X9TxbHe`0(1dOkz?LUx-TNp~FZsE1=%r
zT|>xFI80V|R}0qYb&%D>a%oO%4>qcS8z!gPdqc?IFP20UpN?{(wcd#Mo0%@(5x4Lm
zlf6sC+jAj|57Z=MuTb6+qh_s^UGH&7jKb<i?X3=GjQ284Ix3+BYd6c0;AU~onm8_n
zCFXG4FO6#^4Y)5B$a0Z=x6m7?Jii{iC@r1ELSpoUkXWC$-sLCK@yA0Le@`0@VmGd}
zGb)y*Eomj!60ngVE$f*2>l<J3?aw8B=&oA-*aO${T%+CM0If!GUca3~(kZ4p=))7s
zn23<##I+eYu`<cN#>Lb%LwZd{)mSUjgMj?}UZ&GR^gXoWNAHB1miIGweihs8BHn%#
zbA`omDrzBHzlK&^V9JLz@pX9<#;2S0jk;R!UYjP(xAdYad0~Q%=b1j|&C0&DWG;Hb
zC8yZ-y-eo{7yQ6SRb_(2Nr`V|HoL|*OXEZ^4CCKI7$2R}8!R@+5=bst&}i{YONz6H
z;-ZBftN{$wAm{EKed1(7+pKrAfb@1e)J$M4IPV|#@*%HcMH_12@#fNMWJx-Nbs_U|
zHM~>Fsl>l+7>Z0M|C@58q<!A0#f^6fz(W*d$4ox7lr+YBYaX)Tov^m(4YBVHv(Ih?
z&0D6`9<s8KragJDm4s?;phLNQ==|`P4!4={P~#L8nYkH~T(F|1_;CpNy_C~!Ym$Ah
z&=j#%^nkCuShSAls^W(ExwEo9GXh#kY>Qz7S@hJR{NtA(I|syKNz$i}LT~sn$IIzu
zscbp9CSURgVoH}hk#5{Y5L0?2rgUHHXXtfo&hW1jbHBgPme^UD!-%(&Yr(db^o$Gl
zaV{Y_7<zls=iX^GEcEg%d)VBpw2HkXHNDAh6&6v%&_A4F;TbTLj!>s3IhnKprsA=9
z%Mv`dkX~R<9>1TGuP<0+HQLvzP1@!*CII^&h3`O0Z$e7jUi&liIp4;V{sjPEhm`Js
z%1pAydw7q}bk02$!uU^mqL&p@N$h5r83Jr3&X<wIO^I`gxS5~+?!^#_G;A~xmMykX
zUIz*GJuK#5Ej_E%l@VzV-@Ci8GdW7eT@z?t3|?|)GIWBnR_0n$+|Fe6|02_QyqFhS
zCo>+W0B!39DP07B$6*=WzU^&;Qx?OSxB1^nKnkRE!CPS+!b)ctPR_p{?XaTEl2CCs
z+>yjpdF^6G+d{o}8!b1Rowsj?kdF%Y>pWEuU2+vYUe-N)mo!z`<dgL>2eMNq1jTm7
z#n3!<MKkR);cA%))4<acv4Fteo-}nTLp80A%o0d}c#U6xlpcl>7P?M3-u9$5OyLaM
zDvb161SpYoADUNRTJD$j?ybRKEAnb-AwO0G>=r>hPE^$_T$y0%XYt&}%r5Dh>o`e=
za?y2O?1_1Kri{ui&}XCDV+^g?(P20N5no>4<>=BG&nz6tQoY_LPK%&23Nz7KQf<I#
zzTUILFh1aI!?n4DmXjgw{Kelt`HNqPc*6MBs3{ZwU#d7F$-IOBmlUYG4`B)Ik(x}^
z*Db}JbQtnKv>x+PdeGXCQnJwDp$?k=MF!TMEM7a?=rgE7i*<Pthdj2^D38mVPArYO
zt#`&5q4e%)gewB%a)?1zsqT6El2M3)=aYM;pI@A`lNY2>z9zUt<LscpdLX4cA*H7w
zrMKz?<9RsfeBrXlv$&S^v{kI)-)HYzQkK6QQ@Uue2)3}gJ=QBB<hu&Nb4Lu$it{mh
z?1_ZjPA%TX?avCA{rcW<)j}TD(qLLL8Jn5&Emo|W*A`M>2}Hmc>lh1uy^yS{GR$rl
zv){$Ys2l^H8U$2-Q^4I^z+OwRh*sNa!Ncb7RTcwC=?jq3%XKI(U=<g@);dL!?%Xi7
zit~1Hk>j^}lz`Gd0>DG1mDQ%hcsdA6#a5DsCTY#HJ8w6PxV*OirmS)#r_`F*taBd0
z+<Cc5@MN<6#TIE_OQmaS6?<V?T464?gF9kr{!cCdl&39Zqo!<BM6G8sr;wivolHQ#
zKefCn!MK;XYzb$b=nWr=0M9QLDPjSEv*)%}kX$;E<8G?BXcOzUakdX7BI^e+rF${_
z%bEk(OWHQMPkcUv{IXyINQ$fLp^pB1%&h0Vd`)1M<R>=f_YXsM3!_`zVT2pApL^BQ
zGPbfHd0;P)_PIr7fe$06Pt(<ul#{r?#C{V({;)RmLz`RZNe-^2c=t}hyVvTZV(#BP
z#^v?>XCmshtC)A<|FcE)jR<g(cHWYvZ1IuO+<bT89r>%f3qKQS+L;(6Wx-HT3c(#!
zH(7jN(DV9*VHj^~)hhSaEuK1{daA0{6_=_ECgAfoau8=G!1DETc$^r;n#V=b6kiK7
zcbg`lUzks5EFx9Q4MH1oGF4f(0l*WG((8N7Dpq(FRL?Ccpc%$x!G)x%uxvBV-(&rr
z=+D#tUyJ~sfs}5x5}d7}!J6sp%zfhh!!Z727v8~{7iKj5T&H7{It|UuItx|W_>H<#
z=&^8lk1wlL^t6heu|0NDg)n}JzEh0`TVotokgbt3Dv+jG%8M_$sPVrMLcYVx?)Fpw
z(nT6~ZQ&zRTKL(5RAE_jjB8%;RCw3ciV;aCZmhuhRkc;`!+PJZ#gu*-0Y1=!6m5k+
zsG-zO<&hr>Vf-_m>_fI`8tWP|!;$MY=#GILR29eI`z?0PUe^($zSgHR>y>I<O=*g~
z@@t+c42BP2mLZbs<(m7&`D2~_|LPPUb)R&1@(wXPzn>PY`y;@!6S#eP!7moBsvWE!
zRqM9x?QcG(L#+0(Ud*cBR}0!(0PyVyaF-{nxJPS)y{1&&JNm@<cMR{Mb*`hBQGn|s
zX)2K91xCEbbMstBFHf^GuBgMbyl<o}#mjVN7;@J4@gqa>%u39PlI6(mq_fxkX&Cau
zHNC;ALh#TSs0CsI-tUeneXC$Wbp?YiND5qOYSFfy&<pPMWt*#ov}zBr{bfGGD-qy}
z0C3UbWYNO7mwq>iw~N8$e}!-oGv;=Oz+6i7&Jo!GaxIP0^xEk?%7E#U7EYms*z1`J
zclU$$P8Ny_!Z75&^Q|FP5@*!Q3im+b`73p$#-*+dLw>EuB<2xOR<4S7w9LIvxmaUL
zkDYLzhy|+RW!0ef^;j=f%SB~tArNY?B-k%p$YO-?x>lbBn?~+F-|r&8M~mLl;(%c>
zDzr{fr$y|+5XS#mdTfniNGu*gJfcEwyo=!B5<Efu^zrKu^a<##Hdx|XVlkhyR0q~Y
zukc22k1BjIT4Pruvru8q44K6baBbtMOlKRy`0m!yw?*q$ALqD}={y7ge~i<#Fbdce
z;H}__7O~hywQza&w_dnv8paCKno}YWtc#*_KuT}NLZ1M5Z%v=jR)$^@Ft^QN$P;~H
zd<h>O(b`#zcc{_Y>aq>6LBOe>*N45%F;?-m_+9jf@@`GznXGDlE34`y9v7yp*Gx`0
z)&An|p4;6m^SfHhVXqRueod(+PB={fKP)mGz`$*6a=5?fx%Lpjnj%7n@C1i)TE&_>
zh7AfLvA^hN-~IegNa;TzrCYqM%OM2F#a3qWU3-%r2#v~fI}0~y$_^*9wotSE_^t-S
zwZcsv8DWzPM2optC0@P1=51NypER-`JaB+ZVmbZ&OM974D_PefP?o+>04NqPUju+Q
zDG+;3F^CLDs-`0l)fUR*(zaO)uWXC(#c-NNU4;pFS6pLdFP%(S0WS0$j<hafA&l>v
zeAupWJVJ~;PbF08lDo4qDs3OqGTwa%TW&|Y*+-wK)!Gpi*Ap1F#JN1u0#j|kstnE#
z!-)selax%y6C$9so8j(Su#@Rrf|UMB0_^n#%~Vtre`}5}%^q6~=q`ca6~Am-x3GZV
zY!MkUNI-tXIbel-|MQsA2PyWwHZxMA+tVr=rq1J2yMd3!nIy9|IdZ5mo6|_?cRy!I
zT9POu+Sjdqe_nn%Tpt|5_&lXvUms|WBC*zS$*I7on!ecE{-Ah(^$zy%rUIW%3;`a5
zl%CU6ALznEU`Y{~IL;R@POI2@T%fkKVHPiJAGt~`VlC&{0{KQv=^Mqo(BtCS%WxBE
zA4~RQiJ$vd-Odp@SRuTHPpF~-I*3;F2Z!|LQXgxJ#>?XdAhku4#_Mf~h9H%|Yd@?k
z5ba1wM8VoVQpY)If^fB<qgF}3sIma=0f6rUz!iZCfbz3g>H`Mi(~H1XLqygFW1RB1
zkoQ~(y@l$MZ5t`PZ1?|HA*D?OxY^P<NWW{z4V>r`@7~cT@>^7HCvR;tvN}iI->fj_
zzgs&kOI4-LXzV%N@(8nsp$IwYl9+Ouv_#l*dczs!^~x}uL{#14mDpG&Dq40iq;zXc
z35p9TRy{-x`=J&vVsYX~sdGAnmTaoU@b*(hZhs?%(P8^bO-E+~iHL*$&qGQdjsO=d
z0}?Ak-$Iv}+Q)Ju{mn3(xvx?_U6{Ec_B`z`Ctpt?jQ3cie64{g=&{#|WUaO<+OlsN
z36t^S)Ipbn3UF0E!lW<shG&XQN2{l7u}RT_+ORYA`_x{h6LG;aUri8`IZPACO(Uyq
zZM7i0_U5<1xVTD5vnXpoer$qy_P3>?{clL=-G|^cdco<P&C~d335ls`Kx-#o=|+wX
ztTLe<!9qUr!-r@UyQKUa!m<LdxbhQJ9wD9ntBC-^{#_jWtHUrBzpo;OZ6=3$95p#o
zY25j)UtLsIh)0&x9$^<}6fSD2C5zQm(JN-IUjvj@kz>v?w28<KCgwv2gorzPydG2f
zn8#qCR~26WJb8cJQH0OKuydclrEb!|DvNoZR0}z6`*9CnOUwII3HZH6V3sO^YZHc{
zR6BHB{n}`4L|O5ekQ!$qpFCa&Vf>Gp-r$jU^w4b)+@=lC>~*qj;#xfn(~5+s8mrjm
zJT9vdA8Q#s1LrAnEV^i85+*`>N#c13);D{Pjg_|Iskp7v$qE1ZKnUY6&%!%0dDEv{
zdZ~<0+~Rrh{MW3u;vU6;Fj=(A8!TUjL`DnY#N(O-(WNAnI<IaWb6!_r<A3k%W~}5w
zjWVFc7;q8UmC~jOe5NWG2DFb9v2(c~Y%Kt+<}Qq4TuNPHWZGeIC_&IdW{-_ERKv;+
z_xRw??Q<sj#9w)L6CDUIdDhJy$Jzl*i|mIzpEL>7no7#cFfIoH1KPPHYD(KhwTaai
zaC8Wwq1U3CdQ4NUl@mfF*yEffO>N0cJ!*Fdz%6FBEfp4uaba`_JUoM>Z>SbLq~eN<
z=p3uK4n=`zaTqSat~9@k<9uP)6PDDyx;BqJ3XoP=92y9#_1e<70%+YRr@O{6o$^cD
zd2r17wXgi5??3W>R%zkZc$2Bfb-OBL15`Vxs3cUsqxnr-wX?Oxp-H3em8}iM^tXIw
z#ow+-t?O!Z<7tVtx?QWln@M-Sta0g;ZJ{!gShV>6u}2A_b%9V4xZ7gJTD^;Q3m2_q
zubm?CgH44Kpt1KyJ)JGAV_fZVIl;J?i#Rfi&5Do3i;#INY+c!Gt#?W3B90S}i>i*u
zMNILzf!QXCsm=eLEnJ6|u(Ujep;TO%jYY$zj`QnBCTcHO^vCDnF~?qaUT>Th-WQH>
z)uF7Joe)wnVOYX+)ixe^xHzpRu65xn3s>Y8mi+~d=?*n)a=~GgnMQ6c9{MVbYfnIB
z+PtU{RwH1%xIpvR-$ol3?-dYxe7_K#<7He#J+4|m&gN-(ov=9AagT&>OMnh4vhH!=
zYKe$c#ihr%C@xA~IhPU|uWk#M)ymqEigSu_NgO2P!i!S7BrJp|&4M7HYS{l0tZ<5P
zNkVDGK!GIOYUm?tz2>H8QjO<)Q<79K69#~!`6f;@&8&8DcFi4I)1^F9R$;q#_eV>1
znhY%FW63;F>dP^Jp0U6^YB5CYp<&b9txgs$${B&fd6Xng>G`POaaqj|nL)%>;%uRd
zmPDc@h^8Wtk6>J0Eay<|<NSU1tzzA=aMSu4YQd)ROWMSudON<}QMc=aSY$ecX9d-+
zu;n0FZDp6`FU~_*2W6iA{gK57U!!2RPFXd)l?BEn35J=AGg@t61SwFg=n&RaW7Gt3
zu2r-S7bwF)Y|_e5ABdK6V<j7Fr}I{AD_613D=uu&qO%#Ww0D)|^ReXg;7$Hf=K{2_
z;#*bV`-KaSs>i*Cu!Bv%7A3JB9m1B^nxHHl!&3q(H}+>pmXXo^aTEfUUNDKQy;vu8
zd{K;xBa(7~85D&AGe;zj&20Odo?x?=<EM}VUB(lxGhx@fc9p=CDmB@AcC8&-D<(~Z
zp6Pn=SkZVqsHko2d0e;$5arM~l96G=Bys+?M_$b8Jf=r8iU3VOHMC2l!ztrkCAd#)
zTPkeIx><65h=O)e@)c9lL70k5!t6A37mF3T)?wicoF4@rdAmylHf@|&T$cDYsaxS(
zS5QALFJ9qck|SPR$7^ZAC^(YRDbxz*)FZ8pvi0+}0J-%SgfZu%V8tx@QE7QmJUf5u
zb;G6ph7wsv3lm;gkfMbbRuNFG3yc@IwuJ01HH`VP-lAq?+d<i3_+$Y)ZgGFG`uv-d
ztb0}v)OO23SnH}d&6R9>Q{OQvaPg>DxqpabHLti9v<3`Z#wZN+b4;bene37JzZo5(
z1tXk4ALj&AVJa9oQZ99@B&>_jFxCs#p}&9c<BU0<2`3avdpHugikaYpoo@5^5Nm|#
z=HD_!)9UZ61XQewq5ycz`GJ}$?s;5VmcKRh!FmT3s*nwE4hB@%1trGT+Q7)*{#MJH
z*H)}6jLSe@(D-wS3md&qZlv$d148#W@2bp(%anUCPI2Jy;E_%HnYMXsRm*6N7PZ%<
zI;g>-U9^n<&lWBWNXN6}&JHkb(~Mc&YB4UWn!utoFkxI(#kET2LF|m9kOCbMM!jN^
zIJbh?UT<VUqpc$He$>z)YPE`tCX*aSAOuuTdX2>uSnJ0wf%7ydPbo}B<k}j^jK$eC
zbS!C>H6Xlau)|_pS}u;qy$~7Y9#bhJ+GL-#!)fM>)Q&vFK}%4Ab<%<|=aGslTJar<
zoGBR*@__%=;w`4R%bqS=o+^t0>LVqQ(mysm<SO0^SxfBR(;@H>Se;X_bp2JoJNEjM
z^%AXj(H?3OY&dra%9D#bfNPUL+!>+*^N)J;*q(*W@*XufFL`H??hulEhLO<_#)Vs}
zTt#XfS4q~y=M-Hb1ncHni%7MSv!6FTa~FFs?{R}c44lUlD3ohNu5S3azgMkQw6u$!
z)NpmKqJ}hR^(B%n@>=pkdjn;HB$tU;B`T6BA02Ao;Ia1M7OtoujiMGc%tS3x7#Y=i
zuJNv|r%Gj0e(HrwK`zA{9!~cc`F)h=5cqaCnvuVi9%Rknl-{E(T=b0|*B|o50hdd9
zhH+V@%395)X2DxHpn9w&ys{TrtC-1D9zr{XGV1HUsYTY3rm*Es+oDxmw2B%z4kJLe
zFz2Jjd!DGcq?;OdtU2puwKcU?9YEoK_|Kbn!qiYRRiu)ymtZ?ZN~I#o$N|^!jsDE;
z7SL;YhG-SPMw$3yf>BOzO}CJAtJu>3u!nw=nkuS%vnT?l62Ic`rC4EHR$q0lwLty2
z3>-Gg=a59(*urHYR%`s#J(w_eE!HAy4j-oRVxIR^T}RJ&pb%@sp@5_6GSONisi@Zt
zLw;Om(M&IHRKyaots@KB%@ae`LJwJK6&X1TNj9zUohW50YITb<t)j(bQhIHy7cNe-
zSTp1?AYPeXBpD}ibO>uUpf>s4lG`{7oVm=KYK|%mu-0@igfVN>0~UIWW;<+>wbqYI
z%W+b;H~vR0N2nF*Yfv#G<kF1rx6oAVZr06*ARx{>sy33Z)C!D7M*E}<GfpmD8xIn;
zHoZbY=5z=aMAz)UG8{Kj$8^0&Z@m1)mJ9>yc9-CMW<p?>LoA*yLBTaAfBX3s(zz$q
z9d(EBn3!o(isk-1-$TiEG=UiyFJ+zXv!p|4IX2cx(&COF-Hlnvk5vNG%jy}iZnipQ
zU?(-3t7vH%1xb|k*vv)N8ut%POX=lsX<J1sES9s4;<b$A-#uX2Ukx3^5?{7z6+P24
zZO_h36^lc}-)Vs;O-SXR8&T19nJTteH@8ldwC`El+QbUOs(+64l(7Qy>z^aSb6QLk
ziK!jM<7zRAn~SU|fiyZjtXg3#FL7}^5X>)f+%Ke6^d>c1MAp`AFIz><zI-GXDM}WE
zTt{!0a9VG|Q@5WzQ$-7JOG91_Vf>-y?!c2zGs<7VDlSWzUJ|9Pa)eeFiPNwQW|A1C
zRAz?I8EH&MQ>|>RnSvV0PZWT4F_l`Huu7j3kx$L(5Iv0YyyuYgFAdITHphYY-pZ78
z?l-NxvmULZIU}yc0hQsQe2#7x@#!I#W{nf*eAdkX@KH$VbJzmrRSamjLG{9g{>;RP
zk?~><Mtwy}-D>WpS{Hy5aGsz;M2bYJ%$KAvLW;<X{Qbt#-f01LZd;Jj?U2&l9H@=A
zirFwJ%mNTkZ)+IFC#;{*nsTl>Ufxx+XF5;_<6Xm$U&F_*nT$}vtebIx_TqI%7Wzj_
z=@O)L4N`gzQhG1~ysPytqO!G_gY$x2ixf9c83~GlYy7>oR!l}}saHHMhQeTpFpGxI
z28ytZUf(mC>Xg#O=?3{%0QkJ6TH6s&rRjQR$=$leYkX@M@&~<gKu=Z5#*=B4{5|`7
z<luiFGc}|7b2^G_l=}H2Eq`Qc6)(-OlD8nG??6g-0)U#oqaCMLfc1u}rXm+Af#5qt
zV$Tx$($EVKBS9~wGY99feWu!60*_i@cTwVT$tH~(%>cq;;f<Imma6{#>Be|%djCt7
zVOjB<rzV2<bdWO~q_3l4$iE9=ykNyJwX_G*aXds`oM%!w4Ee($<f~lugu63h_8YXT
z1QrO(-5DdmCB&=zp8#+KDcx#49$NMMLh?gZNElyB<736>^)L#;A_<!a%V<e7kF%7Y
zNas1ytanV$$WT6_6vuY<nvGYls(CE{yl2Aqu2rAsl4Y2)v~I>1B+0rNw?tpv{5M+o
zr)Awxs!ZB*-z?KL>bWwh2w{9)8=Qefg)2(k)07`A<}|g6*u_%X$3I1YPeMvJdzkgy
zUFFns-kQ*($x~GFpNPlSdIyy%`O{XB!lD$RuB^EtL!ThAK!nGo#VtkLG^JZ1rLRCr
z{{Y-i?UFR`!bR3N7t%sDrQ6K>Y6#;U7W$BtDx|f}Qb~SVJ#{P-mSM=B8iw&2AOB4!
z^sYtL^i)xc&z-c2_1Jy+xEcX|7E`*<TXCQS)IB)QO#U?Vg@`yrsAvzg>}P8YNR?iH
z+A0!(9+9AQpr5IB&0zix6K7WxjE$9lB%SjB@F@WJV<f!7ruV*N%x$>5CR^j2M(XEv
zGW?3v{iKyhYq5N?m@0}XKh`Mq)|8+fr)zw+X6w=ul1zATWsZb;WVws(E3Sy}rz&35
zTQQ}}F{QhDdCo^Vs8l3ju5cd0*DE5p7bO*n0s&Qv_hA?p8?~mSY)FBzQ8-oz{<XQO
zLxTGWj+N2}A*El;a4eGMQs4>8bv8E=q&Zv^ZY+gpoIDE8@^*{V&jPwzwxenl58){-
zO`k#-KQs*aO-#14raEBJNh70tU%Nv{2MT7b;tJfx7l4-|z@w1T#TI{ZjDQN-WNU?C
zU?hz9B#J@J<7$*`u<j61Fi|u)NeC9zhcFT>3swZUBc}8Wr1WnCWB-y}@{<+BZE5(G
zkxu7iJ6}4~THszoENLY@caFmZLdeh5ff;;QhAa)5z3#~J*~&>owP~!0UrN7)ls-D2
zK5Drt`-LkK_QKeEM<Qd9Y)25Fn`>VpqE&1?DQhFadf%|zM9n@%;j?QjoMUAqXqChj
z+!IoI3{rX(QvgukN8KuFDwwmd3@SWkL=6HtLxS0J1$Vy1lQYpv*UL(NtSzAhP_uGA
zhGD#I7{)(w_OclGs8qopS@eh}ts+G!z!tP+b#Mhz`d$QhpOqG|$W>%q9#+(W`eGoq
z5pkyYbxLM5m;6{_rZfb@J##)9swj~<K`hFm2N@BTAq^j9Rn~==(#K*-zXyP86t_;`
zpIy?1Oq@*>*Xj|2V+y4eE}hT)7Rj3x=W@Hk_KM(YNjo9zXdet=d~?|fqS`4!XGLnY
zOrG;`0_UldKS~mt-Tz+)fF~iPThxABb6Xp(jUv)~C`X7$I7pzW&-ioOUM&EctBAF6
zLNYZq6-3=Gh^cHO;>olwC~=2l-4g+R5CN{J188xY%O%S-ShtF6&X$C6QQF=y7u?yy
zQMCGUS&8mqnub>O-69L3?%ahpQn+38^l-ecBdyX&)>2g&Cjx4#(cQF-mmsCjmb<d#
z5@8L51p^L5veSt)XkZAa8Ycinm9mu_9t`Gxt`Jz_bsHs}qu^Li0l*t-9E(}FFpNvU
zg)h?!RW`_f7SI1QgnYqbOYY%#y7io`ftOl6mDWL`5?@~kVSJkE!72Njb)TQfR#8ib
zsN1bbhlt|wU}ty!LN<IBQYviecQNm~AxHO!7kor~rdCvf+C8Dh>?kTig>hMLO46VP
zCIYGoyCW>A>&YSNozLKT1m?$LT$4=avk~B>DBy40xq(b_FIjk%bBv2O-^AO<8Xp^m
z{D)!4cUsIez2sbrG|a@D@68sr1_exu*S9I173L=-;9p0U3vID*DMCi0<b8hj^IMbi
z=bc!!OETv*RRvQykqZDP=&k}`wd6>x^yM@Vwr=l;N`++iYg{Gf-;tn+#F+E5_Vxit
z>Dh^hEIO@5rH9z`{an&uhjXnW<p?41w-9B@E5#$vGO)8qzO3{JlH_Zp+gsdGTd}g4
z-_V5+@;7U8>Y5gj8K7}&#<;u>Hs256^@zxaR`Fz7vpfRVV%sX20<mfpwV=F)-!;!w
zR2du^60IX=11&A|NFZzkxMyl@uacOYHoKDEpGy`!?J`$!9W}=35-Sn*OT&=gPvKhH
zh13(-XK`E+ldQEYa4%clQsM0+K^a0AuV6ebOmvMWV=o<0H9RiLY%W$6NyJ##1Wpsz
zQSg6^DScv(e=X<`m2etmh%<s@k|9n_>5vO~);4Z?MX=4}O<T$wQEItRvp|d>EVXYK
z!FbjxMu1xY;8doA9Y^x`Qr`zw5euy%;Uau_nev{|iff&rxOn_-7{+^h4B9MlYZev4
zs#Vl@>1bEomK9cmi-nLsvAZ+KB5aNhp|PM|xI<7WItoCUGQLADu5uUuDWr5C2F`<q
zu0YWTG(fcm{I9f%7VMKcZ{`lD*2L<l7+gfgG*F-=Y~s$n;ZsGIN@_<LnhFRm9z<(?
z$&v`ZbB7>14C$IEUCj4G7;m%W9a?BoR?jjeNN-CVY4I7CrUeGa$J+~NA42{&9VSa^
zw~nqG{FLU*`6&26q1r%1ZWD<Bhgoa$CZzN`ZsEbSd>Bs%3xHh>7zp+~L5|#7sWZ|^
zxFVp|oG$7!a^{Mal`~4_MFuUftey+w{paO|5*fxl_PfY<pGA&?S5;gZ{OHV&3xiQ;
zLxN$*e+?mjy5Pv3D81J2T^qWCzQ#LMY}xTv<H6YiHiR(#xZE|?5#wYW`H=;Ct6N1%
z9)tO~Qyy8>#lcrZ%==+J>l7agkk-mdornjN{BYbVtpznO7R`}JK|(E{&z`?VI?6H?
zc+_B<#5QVhUURK238?uxbu*tm_wNw$)Ai)g+y1v^tTqM0dRWgb#8qoXBeQswsmenk
zjDMgPEL`%V2Iqw&=@qs`wQ@q(Dr=y}dChC4gBW?1G3i5GFi4C`x<g9s|K5))a&5J+
z?__0)yFRG+Yf-5xz!om*9FYQh_abYHv+5Z*zn-{P)mGs|{wRd;y;{<!hL+(mTWF0g
z>mrWyW-n@RF>NIm!gy;4<Clw)y#^?&9{<R4CpcZW5MY(!5lNcH$Ylm%(?BNGX4Rq+
z?+wBtMYTD|wze8P)WYZ6Cs{|1pGCC5k>jQj9$%4~wo2_FL8+klVJibe#$vmA|4Wt&
zdDklDYP!B!w0=Jf<HxbK(7TBA%ulp*U@Oo0R+5=Tr=<1gvG7Qy1?=6!kdH&iR|wDT
zBaJ=vyj3(vHTZA}jDLig_7Sd~q*JM8f2j0oOd`XFZEQW!WZZdkN{8SoA|d=k^pxj5
z6Y<@UsoKh82%N7!_xF{^TAnKI38?j?@Z@}deRo687Y`j~e4dYPrQ3NYKXd!FYadVW
zuV3x)uh}AYWWnKJ=Er539-5|i-2W*8rQ}}PKL~dJS+`o)K%4r5^0*oUV5MVAU|KZy
zN-G`e6V!Xjat#piWN(Hrelvve&OI;d5Q)-O7|3Egsam*NTuytwu9rFC%ntg~A><cl
zxYv<}!MkV`u?Z5x>W;`1k)l9=5d0tomqyAEkOF^^K?0Z2XaVQ7&H;#^e9HxTkhmbe
ze{>iIHwaO%-6Kau!FgcUwIt$*7zt{xsiju2XnV(BhL9g<g?c=y7;pP%j{EaY0JY3s
zPphfL#Izcx5b|vyj8BFz{<C&Kl>kYYVO&&NGS!Mi<%JL>o)#g$iORb^$Ka-{d6?>F
zt7+@C%z3QhGVBZML$9uYIB;IMh)LUz!~%xe^)M+v9CJQ|@x>7GBSmRq&Gghp54Pln
zc6|>|a;`PKx;KdD$$Q+{Lg)7k!+5{t3#e^vuvD1HNNh;T1Cd69UbGnQL=Z7o+rvD!
zYSTT9b3%o2Y5bV9dNeLqk<E+5u)?(>0T)msDM=)r$at6mLrY=YA4qR5i4K9=+KgWb
z;pB0vmK$Y}^jI{CTKw3`-$J&<n*p}8cfA}k53w&+ts=$2s>z&`bY(Ts;(pKjVX0!}
z(F?ZbaZ&HbnH3U7f=vX}865)U#tBZXz)(ck<47!Mkz24RHw}TpLAqBU4+q9|0mHEl
z<wV*FFKPFSom!t4pza0pwM=}EMYML|0!940)+Z_|S{9KwNmUHY!o^M9B4G_f@Ts<1
z2LSEDb(*WlkxD7akJ5*~4gyhn&NqLjkvNXRd2`8{6z_Sxg%GZ_obiMOTOB0K3zyf;
zw3*(oFf_E<32XINr-86i9-);AAz0P06bKF7fpbGu&?!(EOy$RAweF=(=E>fNTxdy3
z1YvO_Q6N;uQE9%&(kY0nNAY}OY;CMsK*?rEs~gnlPPMj18d;(E{;g$QuL<NKxh3BH
zJ=H4Gffy<tmsi{@CHQFfhjToYq&7(9<HoqC-^IP;$14J7jziSg&R8fA4i{R}b|;L>
zGXeBQgjoY^y{<3TLZn;8)oTIq#Bp0`5)ye<d$$3kRpf#fumI91=<URKFpRa0iH|uO
z6~bp87<UO&5I$qhw~BEwI)oI%Mh0CVB62DyRwS?zlTFl?h8qxInU)v~uoi+}>W$qV
z3J12H1HFn3H?QNoh1njLRm=2)Y!&CZii#APNN}=9IgRonrFd3Sl_W}Kl*vVNI)wH7
zke;V<6+yvc<0um30;HgnU=9@=y+Jd1)M96K#pRL6c<`zg-@IP=tZGf;AsF)BMaUgh
zWZ-{T_Zd=p2vT~RC3G^sqrh&pn*=kFlDw+K$T5Z60rGxZOMIQ?hOu9`IH7u!DlaA5
zJ`xL?%4?0e0jUM{QuWOcP`yK`gGz54HtyEJfO+BavTa)qY|Gu;r7{;P$9;TyOzGLl
z=x^m&j)qP!<9do;6&Y?92GnB|0-(YfD5^m1@y=v2N?JvazI5IyVuJ)pyp9Hv5OHG?
z&4ilVVuJLjbe~l{fA;@3Bfz)jIRrhDbb4XZ8u;bBm<O(@oYnZx>sjsbwbxD?wPo|{
z;ws6+pDBqhYEN<OglF;@sRf8+SW96MHOUlD?I9<SgagJ_Ys;&NESvMVNCrHYmcwCR
z%tA-WnkZ>k9fm@+ploYNSAr#QqudxDoF_l^z!E+51S?V0`}f{$slqa>Jd7R&ftHcF
zXDZ>r<YsNnEit7h0pOq90%e{q3Q5eO8J?yZVeD>Lxy|x|-+HH4)bo+ZRYar71o{UR
z?g~ttoP?cm9%>3|126anco9;1Bm!JGwAn#xcXXblazz2;$DPholx-apcv?`cmCw{Z
z-U}&x4*=ed4B;>;oH8xiMG3n>J+uT;sicFfKGU`p-{b;eqsJuzW4BArvWEAH$gv@n
z4_pw*@;ff+PX8HGx~+xAa45%?L%wGZ^^HqIq$Pt|)Z$v=sdqYQ{jxMR9Iy*g_&B8W
zTP6UOm81X@5Ly!~sS1K@D~X?@6jP6VhO>XSy)O=^ne#}crIGIdgXwWUBcD;O=CJpq
z{MDAmg9Ru3J^<YNf5{)~yg!R*{?}{4uvoWxC=lK%u?LV@7O)8LD5Uf<=8{U<EGsY=
zD%61^Y;rcv6h4Gm@(@Dht#vXaRbQtSmooS^V#5W3HbUw^84OJoEQ@imxHdJVl3@Nk
zr1YVdE~RA<<-LJh?3z9M>*9%dcDxq{%Zr6+#;j81=LxNqFt`YCS4`>Y2=E3)Xq3j~
zBsi}~n~sX4>!`TkxCx%u9YU}U+H&o4Wa8_=;8R8sYgPE9($<Ff9{v_n`U0eM(c%(p
z0kAcTjW(Uy;|8NiFYnc9vEY2~MWq)8<yrl`rvIM*pHyEd4Up1LPVTY{=ZnHhxCIB~
zi-hHviQybF_O`W7X{D2To~y`)Oeh^_(QE+4qGnl;#ACnP_FItBWk~6cmVnhmw{czr
z1Fva<R&%U&K=o=AEgtSx%Eci$V?9e?M1OZ-BCq}t<xxp~@`9k7a#>~ZDr{loysz+W
zY_(Oic1k>tCyRs#Ju-L`Fu0Zq3&h0Qlm|cM!?k?wDggWlQhHwrl(i~6tR{WEhG>=!
zqXiObC5)d|TrKo~o_)4QK<b%Z^!U7n%)nbArK1S&8bxpLh^j^T4_BpV!X#*ChONb+
zR^ueGV9qNR8Oezw3JxBTTaY-4gXHkAdz8fMhasg4)>f}a>t?NXEv=qp%`I(DyN#w+
zvB&hlqbj%FQ7j}^?E#Z;KI_7F(n12<J@J*^<{V8mZA>&cBt#-vCJJs5Xaz*jA-vkq
zxgQtzIU<t@i7nn3bwT3Ok;y`oQ|kI=^AAYr%LT`36`uDPjCrpgFS*ony<4rROi9))
z8`py5S_82|B;y`Z9zpQG?muBkr*xI&6j5SbYU-y6pT(@2m0nb{#bN8Q_GU%a^My-m
z%4gJRMus@5!Oj>0>YK2W>AYJq$Fq>TwP3rZDzj8P9#cSTz;ny~vYzwWzSdK<v}y-?
zkmGuh>%3x7Na^MX@Yx9PSE$2WiQrg_N`dO-h}QtZkD@G`>-VoDG}{&j57HfipnOEe
zUK$Ht)$q6|ei-XLkMr}M1%L+tK;`=CB}!{uWi=B^tK!A#XlrR-wfLUe)~0nK=)uPC
zDHYPRkQPkKQ_iC;Qc4#grKe!Wq882XD5**mxLZ^}gGR52X%)TRXcESyH9bU0svO`h
z39Kd8)pZqDWIF!=GvM7iRkH?+^x%2*WW%?1N3CndK@Id<^?}+i)XMC)-kH3<N1BDb
z+^qrNy|J*VXZAT{q!r;U#f4{}t`vkcg~gQ!BS8xUfE}l~=R8MUhzehP&e##CNi5>*
zL1a<B4ggO;O1Iw#26_)1x+OmF(7HvJJA~HRL0e{8LBCdJuNUNR0T{g;FzPr$N*{|U
z{Z`@%iQedr*NfSXh*pvEH`hMq3zsE~)%u8n4;Bc<f(4I^0OiJVk98Q)66a-wZ8*<%
zO<t+R8JL?Mx0)ho=u0NDW(%K7I#^zZQtcO@tqQDDNlTc4rhh-dzfyV>0RHB=a5W28
zG+yi#2)_0DHIbMf0nYb`vya{+pS|4-z^@^t4@UsAMR@CE&VwEIbf<0c<!faJh--|6
zTxr3OT0Q0u6^&-~_&NlZCrx>#ShTwe>pGUH6(a?b5^YFQCznja2hVO>2$R^qb;ZS1
zMNtq*v-~T`2Y&f)(Ve0)9joK3mH2FhIi%{xQv_HCQC>ei@3702*VZed><})dJtvPX
zjO7+)bEV^ZKLGp`Ci+AaCV(sxoC3TpnUFJ#tL5aYjReK2QS#)X6LWO&YiFOa&>Noa
zfn%LVpz(QlX!US3J~wxW-e1rmFZiC4ieB4l5v3zjx4nGmPm+THl_~^Cnov~oma6S;
zwdK8*2Q(L1bEbw->4G8t4sSz?Oy|cD;J(_0wC4@bb55PNp<k=nfakNDukBvoa}SA+
z2hjGA=XxgrS#*~zVYUEp+lhRr&?l%!G$OX1vU`zY*AO1nR+98cauUqeCUOyJ%mg$N
z6F}71ueP#2JAQwHls*Lvj^)wpX<u(WSFE&~mJnqx>)m=&GrvyDrj<Ti4_k{vdT8|&
zZd<Xd-oPj9@UKE4cq>v_f(q+q)~}w*0VG7$+JOtIC@8HWMJgp09H2}Qu{0&RP29_L
zZtj6ow#0vVb-+EWo;^`!J>`MUj;*cAX(gC>+yq)!^*vkBL)lPkKHDT8dLX9sTyfQm
z65hkabg8D3XBYj}Bh2OQ;Bx}1xbKA3Pqg{`mj(aZMW*A`67~qLXw?T=ytR5yKwE-3
zT93oDE#JlH6+NG4CZmQw;vFhjC>1@XD%1&C>~kW(=T789M!g>yj=?{+)&*EP7UaUk
zXf8#*8NL6%DhvLe^={!vdCn0Je(D{5c%36!{?>z4^%(4#WCz~G<B(Ig-hM&7$gNgP
z&|?WxWj_}CoF|KXNMw{V7Rexoscx<N%aKo4k{=_lEb7U%f0<-D7rb^ZtvIGdnW6m~
zYiD8&W%XoG^r*zdeeYRid85XxVU#`E+g6L{UhkpB4YjW+=5?@Rd0&Zy=al51E*KG-
z98fi%Y3|2`dh>HGs6z1TNsJu86A|EcPricZJU*`k>0Z-tuK>KqG4VPgH~R*8M&qqt
zjt9Jy1`j<PP`x5s3o%w|QD+s{$6%5Vv61wYt0>i;F_IsR2pxNV&*PFTnnB8?T>kz_
zEb(zOnGUCH@VNh4hY?;7ymji=QuS%=YFesJS3%^pGWJYHdhorx;JbIK*vhhRsW?5U
z+|>eh5dbd5lwOJ2s)b8)Hdr?sU1D*OHN{CI7OUCk`*oaTI=!ZQhagxVD*y1EuwT7o
zNaWvXMU<_JTMtduA<FPWF^pSV2WxB0eP0uOqJ%cQNi9euDYX_K&x{0HFOE|lS8<0B
zl6zKBV|bj}EBiE^7K%zwo}#sy>n)43TIg6gUoF<}R(T)`&iBH6Je7$>ZSLin^b8s3
z$xX2i4KzY<#C_uZvB-xCeFD)hM#_Y6sbSn&^_~(4KG!OunUY-Q;qKoO2lsSIg|^@`
zmUhSMHqt{L=QRQB5xmiA>Es!fsZ1JLDhThLq9r}V%F1p5zO@&g1%uMyZii|iCi=w9
zkkTjPF4TeKN-^eyTMs_Tea8L56@?&*1p|JMV-=asZb5cUmc7>9t?$#z9pX^?-jgDA
zkl}=f2Vxl=--v`>%R<^JW%9C`dq|Kh{{6`G@g#ld)O}R}*4Kfs)?+HhlM!Z!L^$mW
z5#ZrC(-pQ<C@ocor&4S6<mxpA>><(9RQ_H~FPrjX>BF^EMJxBJl?P+>%eKgsJZ-Ah
zh)tT{SYn-|eVC??cSL~Wf`5^z*MvKS*D?svV6L@_6yCLqc{`fh%~(SqBqPKg!zk~~
zxFy%YI-&Hw-a8?+E}+7D=&O#NKG}zgUg{-y)<%Q34kj#^kk^$#st}5}IHq)e1o$QF
z!c0*fR}{iBJc@x+aGncv-7Q`v*6qIm;2x-|EDQCfhgjGm+44$=dQpxviVp94SaKd)
z#ox%^_94#o6f3uKzr2}_+C|CJ9(na<RuZ9xiBJ9QRDnGL0DoS1)Gu4Lt#&w|eGO|Q
zxcm3F0PvB0nvNxe)<Q7V`siEW6Rn-G7az6YzAde>C8|)nzn<@j1?PK74|?Sy_Q1bd
zO8xT!a6P)uR^NN<IY{Z2xNFD$fq2qyt<|@*zk6GoxMt743;>T}E~GsL%-#y^yhQoE
z=ou}OaBDT#vOlVh&)WvJ+QE9Xd@W;L&jI(~R4qRJt&#{Y?m%rTrc~Op;|Oqt(kk{a
zj++xurv<C<%}U7XT~>aZ)js@C3sLKW)I(Z!UXf)UY|x6`t*$)_z}j=-*Xv7ZJvmyd
zB~1WGi(RxwziBa4luoEJwF7_;LQ20Z;So{LDq5$T(|c?uJgsd17ZG64%3M5F(Jh{F
zRv-1&%DcrrrspEr%etnQ%~SKjWBs?cF<+};pCvV@#SYqQaOfpYYF!7kpJz%RD((u8
zTcHGrJ2zEae~ATOOX+6KvGF(^w3<C?D!dkYLJtwMCvaAp#A=^!?Ve1S>><lxZ%cM)
z9#;?N$yO$O4_loc7?TF*x0=>jquwTetlPY)F+Hn{LmK||uzG2=jp_AsE0w9mO}YI0
Z{{ViWACRbmA3gv8002ovPDHLkV1h&o6`KG6

literal 0
HcmV?d00001

diff --git a/uidefinition.json b/uidefinition.json
new file mode 100644
index 0000000..b16adce
--- /dev/null
+++ b/uidefinition.json
@@ -0,0 +1,116 @@
+{
+	"$schema": "https://schema.management.azure.com/schemas/0.1.2-preview/CreateUIDefinition.MultiVm.json#",
+	"handler": "Microsoft.Azure.CreateUIDef",
+	"version": "0.1.2-preview",
+	"parameters": {
+		"config": {
+			"isWizard": true,
+			"basics": {
+				"description": "<img width=302 src=\"https://github.com/AntiSyphon/asazlab/raw/main/images/AS.png\">\n\n\n Antisyphon Training Azure Lab Environment\n https://www.asazlab.com",
+				"location": {
+					"label": "Location",
+					"toolTip": "Location for all resources",
+					"resourceTypes": [
+						"Microsoft.OperationalInsights"
+					]
+				}
+			}
+		},
+		"basics": [
+			{
+				"name": "workspaceName",
+				"type": "Microsoft.Common.TextBox",
+				"label": "Workspace Name",
+				"placeholder": "",
+				"defaultValue": "LA-workspace",
+				"toolTip": "The workspace name should include 4-63 letters, digits or '-'. The '-' shouldn't be the first or the last symbol.",
+				"constraints": {
+					"required": true,
+					"regex": "^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$",
+					"validationMessage": "Only alphanumeric characters are allowed, and the value must be 1-30 characters long."
+				},
+				"visible": false
+			}
+		],
+		"steps": [
+			{
+				"name": "vmParameters",
+				"label": "VM Parameters",
+				"elements": [
+					{
+						"name": "vmSection",
+						"type": "Microsoft.Common.Section",
+						"label": "Customize your VM",
+						"elements": [
+							{
+								"name": "vmSize",
+								"type": "Microsoft.Compute.SizeSelector",
+								"label": "Size",
+								"toolTip": "",
+								"recommendedSizes": [
+									"Standard_A2",
+									"Standard_A3",
+									"Standard_B2s",
+									"Standard_B2ms",
+									"Standard_A2_v2",
+									"Standard_A4_v2",
+									"Standard_DS2",
+									"Standard_DS11"
+								],
+								"constraints": {
+									"allowedSizes": [
+										"Standard_A2",
+										"Standard_A3",
+										"Standard_B2s",
+										"Standard_B2ms",
+										"Standard_A2_v2",
+										"Standard_A4_v2",
+										"Standard_DS2",
+										"Standard_DS11"
+									]
+								},
+								"options": {
+									"hideDiskTypeFilter": false
+								},
+								"osPlatform": "Windows",
+								"imageReference": {
+									"publisher": "MicrosoftWindowsServer",
+									"offer": "WindowsServer",
+									"sku": "2012-R2-Datacenter"
+								},
+								"count": 1,
+								"visible": true
+							}
+						],
+						"visible": true
+					}
+				]
+			},
+			{
+				"name": "networkParameters",
+				"label": "Networking",
+				"elements": [
+					{
+						"name": "allowedIPAddresses",
+						"type": "Microsoft.Common.TextBox",
+						"label": "Allowed IP Addresses",
+						"placeholder": "0.0.0.0/0",
+						"defaultValue": "0.0.0.0/0",
+						"toolTip": "The sourceAddressPrefixes allowed to connect to this deployment.",
+						"constraints": {
+							"required": true,
+							"regex": "^(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)(?:\\/(\\d|[12]\\d|3[01]))?$",
+							"validationMessage": "Please enter a valid CIDR."
+						},
+						"visible": true
+					}
+				]
+			}
+		],
+		"outputs": {
+			"workspaceName": "[steps('basics').workspaceName]",
+			"vmSize": "[steps('vmParameters').vmSection.vmSize]",
+			"allowedIPAddresses": "[steps('networkParameters').allowedIPAddresses]"
+		}
+	}
+}