ࡱ>  /1"#$%&'()*+,-.Y bjbj(((( JBJB;zzDp.z """""""f ff"h f f 2 }Tnr.  0-l-\-(fff""L^fffffff-fffffffffz :   Windows Vista Application Development Requirements for User Account Control Compatibility Microsoft Corporation Published: September 2006 Author: Jennifer Allen and the HYPERLINK "http://blogs.msdn.com/uac"User Account Control team Abstract This white paper is intended to assist application developers with designing Windows Vista capable applications that are User Account Control compliant. Detailed steps about the design process are included, along with code samples, requirements, and best practices. This paper also details the technical updates and changes to the user experience in Windows Vista.  This is a preliminary document and may be changed substantially prior to final commercial release of the software described herein. The information contained in this document represents the current view of Microsoft Corporation on the issues discussed as of the date of publication. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information presented after the date of publication. This White Paper is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS DOCUMENT. Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or for any purpose, without the express written permission of Microsoft Corporation. Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property. Unless otherwise noted, the example companies, organizations, products, domain names, e-mail addresses, logos, people, places and events depicted herein are fictitious, and no association with any real company, organization, product, domain name, email address, logo, person, place or event is intended or should be inferred. 2006 Microsoft Corporation. All rights reserved. Microsoft, ActiveX, ClickOnce, IntelliMirror, Microsoft .NET, Visual Studio, Windows Installer, WindowsNT, Windows Vista, and Windows XP are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners. Contents  TOC \o "1-4" \h  HYPERLINK \l "_Toc145915518" Windows Vista Application Development Requirements for User Account Control Compatibility  PAGEREF _Toc145915518 \h 7  HYPERLINK \l "_Toc145915519" Why User Account Control?  PAGEREF _Toc145915519 \h 7  HYPERLINK \l "_Toc145915520" Windows Vista Updates  PAGEREF _Toc145915520 \h 9  HYPERLINK \l "_Toc145915521" UAC is Enabled by Default  PAGEREF _Toc145915521 \h 9  HYPERLINK \l "_Toc145915522" All Subsequent User Accounts are Created as Standard Users  PAGEREF _Toc145915522 \h 9  HYPERLINK \l "_Toc145915523" Elevation Prompts are Displayed on the Secure Desktop by Default  PAGEREF _Toc145915523 \h 9  HYPERLINK \l "_Toc145915524" Elevation Prompts for Background Applications are Minimized to the Taskbar  PAGEREF _Toc145915524 \h 10  HYPERLINK \l "_Toc145915525" Elevations are blocked in the User's Logon Path  PAGEREF _Toc145915525 \h 10  HYPERLINK \l "_Toc145915526" Built-in Administrator Account is Disabled by Default on New Installations  PAGEREF _Toc145915526 \h 10  HYPERLINK \l "_Toc145915527" User Account Control and Remote Scenarios  PAGEREF _Toc145915527 \h 11  HYPERLINK \l "_Toc145915528" New Default Access Control List (ACL) Settings  PAGEREF _Toc145915528 \h 11  HYPERLINK \l "_Toc145915529" New UAC Security Settings and Security Setting Name Changes  PAGEREF _Toc145915529 \h 13  HYPERLINK \l "_Toc145915530" How UAC Works  PAGEREF _Toc145915530 \h 13  HYPERLINK \l "_Toc145915531" New Technologies for Windows Vista  PAGEREF _Toc145915531 \h 13  HYPERLINK \l "_Toc145915532" ActiveX Installer Service  PAGEREF _Toc145915532 \h 13  HYPERLINK \l "_Toc145915533" Installer Detection  PAGEREF _Toc145915533 \h 14  HYPERLINK \l "_Toc145915534" Patching Applications in a UAC Environment  PAGEREF _Toc145915534 \h 15  HYPERLINK \l "_Toc145915535" Security Center Integration  PAGEREF _Toc145915535 \h 15  HYPERLINK \l "_Toc145915536" User Interface Privilege Isolation  PAGEREF _Toc145915536 \h 15  HYPERLINK \l "_Toc145915537" Virtualization  PAGEREF _Toc145915537 \h 17  HYPERLINK \l "_Toc145915538" Access Token Changes  PAGEREF _Toc145915538 \h 21  HYPERLINK \l "_Toc145915539" UAC Architecture  PAGEREF _Toc145915539 \h 23  HYPERLINK \l "_Toc145915540" Standard User Launch Path  PAGEREF _Toc145915540 \h 25  HYPERLINK \l "_Toc145915541" Elevated Launch Path  PAGEREF _Toc145915541 \h 25  HYPERLINK \l "_Toc145915542" Will UAC Affect your Application?  PAGEREF _Toc145915542 \h 25  HYPERLINK \l "_Toc145915543" Why Do I Need to Remove My Applications Administrative Dependencies?  PAGEREF _Toc145915543 \h 26  HYPERLINK \l "_Toc145915544" Reducing Your Application's Total Cost of Ownership  PAGEREF _Toc145915544 \h 26  HYPERLINK \l "_Toc145915545" Secure by Default  PAGEREF _Toc145915545 \h 26  HYPERLINK \l "_Toc145915546" How Do I Determine If My Application Has Administrative Dependencies?  PAGEREF _Toc145915546 \h 28  HYPERLINK \l "_Toc145915547" What Are the Requirements If I Have a Legitimate Administrator Application?  PAGEREF _Toc145915547 \h 29  HYPERLINK \l "_Toc145915548" Designing Applications for Windows Vista  PAGEREF _Toc145915548 \h 29  HYPERLINK \l "_Toc145915549" Step One: Test Your Application for Application Compatibility  PAGEREF _Toc145915549 \h 30  HYPERLINK \l "_Toc145915550" Step Two: Classify Your Application as a Standard User, Administrator, or Mixed User Application  PAGEREF _Toc145915550 \h 31  HYPERLINK \l "_Toc145915551" Questions to Help Classify Your Application  PAGEREF _Toc145915551 \h 31  HYPERLINK \l "_Toc145915552" Analyzing the Answers to Classify Your Application  PAGEREF _Toc145915552 \h 33  HYPERLINK \l "_Toc145915553" Verify the Application or Control Panel Works with UAC:  PAGEREF _Toc145915553 \h 33  HYPERLINK \l "_Toc145915554" Step Three: Redesign Your Application's Functionality for UAC Compatibility  PAGEREF _Toc145915554 \h 33  HYPERLINK \l "_Toc145915555" Windows Vista Application Run-time Requirements  PAGEREF _Toc145915555 \h 33  HYPERLINK \l "_Toc145915556" Step Four: Redesign Your Application's User Interface for UAC Compatibility  PAGEREF _Toc145915556 \h 41  HYPERLINK \l "_Toc145915557" Impact of UAC on the Windows User Experience  PAGEREF _Toc145915557 \h 41  HYPERLINK \l "_Toc145915558" Goals of the UAC User Experience  PAGEREF _Toc145915558 \h 41  HYPERLINK \l "_Toc145915559" Elevation Prompt  PAGEREF _Toc145915559 \h 42  HYPERLINK \l "_Toc145915560" User Experience Process Flow  PAGEREF _Toc145915560 \h 44  HYPERLINK \l "_Toc145915561" Elevation Entry Points  PAGEREF _Toc145915561 \h 45  HYPERLINK \l "_Toc145915562" User Interface Implementation  PAGEREF _Toc145915562 \h 49  HYPERLINK \l "_Toc145915563" When to Add the Shield Icon to Your Application's User Interface  PAGEREF _Toc145915563 \h 52  HYPERLINK \l "_Toc145915564" Key Decisions for Designing Administrator-Only Applications  PAGEREF _Toc145915564 \h 55  HYPERLINK \l "_Toc145915565" Step Five: Redesign Your Application's Installer  PAGEREF _Toc145915565 \h 58  HYPERLINK \l "_Toc145915566" Step Six: Create and Embed an Application Manifest with Your Application  PAGEREF _Toc145915566 \h 60  HYPERLINK \l "_Toc145915567" Application Manifest Schema  PAGEREF _Toc145915567 \h 60  HYPERLINK \l "_Toc145915568" How to Create an Embedded Manifest with Microsoft Visual Studio  PAGEREF _Toc145915568 \h 65  HYPERLINK \l "_Toc145915569" Building Application Manifests within C/C++ Code with Visual Studio 2005 for Windows Vista Only Applications  PAGEREF _Toc145915569 \h 66  HYPERLINK \l "_Toc145915570" Building and Embedding a Manifest with Microsoft Visual Studio 2005 for Windows XP and Windows Vista Applications  PAGEREF _Toc145915570 \h 67  HYPERLINK \l "_Toc145915571" Step Seven: Test Your Application  PAGEREF _Toc145915571 \h 68  HYPERLINK \l "_Toc145915572" Step Eight: Authenticode Sign Your Application  PAGEREF _Toc145915572 \h 69  HYPERLINK \l "_Toc145915573" Example Signing Procedure  PAGEREF _Toc145915573 \h 69  HYPERLINK \l "_Toc145915574" Step Nine: Participate in the Windows Vista Logo Program  PAGEREF _Toc145915574 \h 71  HYPERLINK \l "_Toc145915575" Deploying and Patching Applications for Standard Users  PAGEREF _Toc145915575 \h 71  HYPERLINK \l "_Toc145915576" Deploying to a Single Computer  PAGEREF _Toc145915576 \h 72  HYPERLINK \l "_Toc145915577" Deploying to all users in a Domain  PAGEREF _Toc145915577 \h 72  HYPERLINK \l "_Toc145915578" Patching Applications as a Standard User with Windows Installer 4.0  PAGEREF _Toc145915578 \h 72  HYPERLINK \l "_Toc145915579" Windows Installer 4.0 Standard User Uninstall Behavior  PAGEREF _Toc145915579 \h 73  HYPERLINK \l "_Toc145915580" Troubleshooting Common Issues  PAGEREF _Toc145915580 \h 73  HYPERLINK \l "_Toc145915581" ActiveX Installation Issues  PAGEREF _Toc145915581 \h 73  HYPERLINK \l "_Toc145915582" Resolution  PAGEREF _Toc145915582 \h 73  HYPERLINK \l "_Toc145915583" ActiveX Documents Do Not Install  PAGEREF _Toc145915583 \h 74  HYPERLINK \l "_Toc145915584" Resolution  PAGEREF _Toc145915584 \h 74  HYPERLINK \l "_Toc145915585" Application, Framework, or Add-in Required  PAGEREF _Toc145915585 \h 74  HYPERLINK \l "_Toc145915586" Resolution  PAGEREF _Toc145915586 \h 74  HYPERLINK \l "_Toc145915587" Administrative Permission is Required for Installation/Patching  PAGEREF _Toc145915587 \h 74  HYPERLINK \l "_Toc145915588" Resolution  PAGEREF _Toc145915588 \h 75  HYPERLINK \l "_Toc145915589" Per-User Application Settings Locations  PAGEREF _Toc145915589 \h 75  HYPERLINK \l "_Toc145915590" Application Defaults to Saving in a Protected Directory  PAGEREF _Toc145915590 \h 76  HYPERLINK \l "_Toc145915591" Resolution  PAGEREF _Toc145915591 \h 77  HYPERLINK \l "_Toc145915592" References  PAGEREF _Toc145915592 \h 77  HYPERLINK \l "_Toc145915593" Virtualization Reference  PAGEREF _Toc145915593 \h 77  HYPERLINK \l "_Toc145915594" File virtualization  PAGEREF _Toc145915594 \h 77  HYPERLINK \l "_Toc145915595" Registry Virtualization:  PAGEREF _Toc145915595 \h 77  HYPERLINK \l "_Toc145915596" Applicability  PAGEREF _Toc145915596 \h 77  HYPERLINK \l "_Toc145915597" UAC Security Settings Reference  PAGEREF _Toc145915597 \h 78  HYPERLINK \l "_Toc145915598" Configuring UAC Security Settings  PAGEREF _Toc145915598 \h 78  HYPERLINK \l "_Toc145915599" UAC Security Settings  PAGEREF _Toc145915599 \h 79  HYPERLINK \l "_Toc145915600" Task Scheduler Code Sample  PAGEREF _Toc145915600 \h 86  Windows Vista Application Development Requirements for User Account Control Compatibility This document contains information to assist application developers with ensuring that their applications are User Account Control (UAC) compatible. Sections in this paper include:  HYPERLINK \l "DSDOC_BKMK_WhyUAC3bbc4962_40ae_40b5_8b70" \o "Why User Account Control?" Why User Account Control? -- Details why UAC was developed.  HYPERLINK \l "DSDOC_BKMK_HowUACWorks3bbc4962_40ae_40b5" \o "How UAC Works" How UAC Works -- Details the UAC functionality.  HYPERLINK \l "DSDOC_BKMK_WillUACAffect3bbc4962_40ae_40" \o "Will UAC Affect your Application?" Will UAC Affect your Application? -- How to determine whether you will have to make your application UAC compatible.  HYPERLINK \l "DSDOC_BKMK_DesigningVistaApps3bbc4962_40" \o "Designing Applications for Windows Vista" Designing Applications for Windows Vista -- How to design your application to be UAC compatible.  HYPERLINK \l "DSDOC_BKMK_DeployingStandard3bbc4962_40a" \o "Deploying and Patching Applications for Standard Users" Deploying and Patching Applications for Standard Users -- How to ensure that your application can be deployed for standard users.  HYPERLINK \l "DSDOC_BKMK_NETAppInfo3bbc4962_40ae_40b5_" \o "Troubleshooting Common Issues" Troubleshooting Common Issues -- Lists common development and installation issues that arise in Microsoft .NET applications.  HYPERLINK \l "DSDOC_BKMK_References3bbc4962_40ae_40b5_" \o "References" References -- Includes a virtualization reference and a security settings reference. Why User Account Control? Application developers have consistently created Microsoft Windows applications that require excessive user rights and Windows privileges, often requiring that the executing user be an administrator. As a result, few Windows users run with the least user rights and Windows privileges required. Many enterprises, seeking to balance ease of deployment and ease of use with security have often resorted to deploying their desktops as administrator due to standard user application compatibility problems. The following list details additional reasons why it is difficult to run as a standard user on pre-Microsoft Windows VistaTM computers: 1. Many Windows applications require that the logged on user be an administrator but do not actually require administrator-level access. These applications perform a variety of administrator access checks before being permitted to run, including: a. Administrator access token check. b. "All access" access requests in system protected locations. c. Write data to protected locations, such as %ProgramFiles%, %WinDir%, and HKLM\Software. 2. Many Windows applications are not designed with the concept of least-privilege and do not separate user and administrator functionality into two separate processes. 3. Windows 2000 and Windows XP create each new user account as an administrator by default; therefore, key Windows components, such as the Date and Time and the Power Management control panels do not work well for a standard user 4. Windows 2000 and Windows XP administrators must create two separate user accounts--one for administrative tasks and a standard user account to perform day-to-day tasks. Therefore, users must log off their standard user accounts and log back in as an administrator or use Run As in order to perform any administrative task. With User Account Control (UAC), Microsoft is providing a technology to simplify deploying standard user desktops, in the enterprise and at home. Building off of the Windows security architecture as originally designed in the Microsoft Windows NT 3.1 operating system, the UAC team sought to implement a standard user model that was both flexible and more secure. In previous versions of Windows, one access token is created for an administrator during the logon process. The administrator's access token includes most Windows privileges and most administrative security identifiers (SIDs). This access token ensures that an administrator can install applications, configure the operating system, and access any resource. The UAC team took a drastically different approach to the access token creation process in Windows Vista. When an administrator user logs on to a Windows Vista computer, two access tokens are created: a filtered standard user access token, and a full administrator access token. Instead of launching the desktop (Explorer.exe) with the administrator's access token, the standard user access token is used. All child processes inherit from this initial launch of the desktop (the explorer.exe process), which helps limit Windows Vista's attack surface. By default, all users, including administrators, log on to a Windows Vista computer as standard users. Note There is one exception to the preceding statement: Guests log onto the computer with fewer user rights and privileges than standard users. When an administrator attempts to perform an administrative task, such as installing an application, UAC prompts the user to approve the action. When the user approves the action, the task is launched with the administrator's full administrator access token. This is the default administrator prompt behavior, and it is configurable in the local Security Policy Manager snap-in (secpol.msc) and with Group Policy (gpedit.msc). Note An administrator account on a Windows Vista computer with UAC enabled is also called an administrator account in Admin Approval Mode. Admin Approval Mode identifies the default user experience for administrators. Each administrative elevation is also process specific, which prevents other processes from using the access token without prompting the user for approval. As a result, administrator users have more granular control on what applications install while greatly impacting malicious software that expects the logged on user to be running with a full administrator access token. Standard users also have the opportunity to elevate in flow and perform administrative tasks by using the UAC infrastructure. When a standard user attempts to perform an administrative task, UAC prompts the user to enter valid credentials for an administrator account. This is the default standard user prompt behavior, and it is configurable in the local Security Policy Manager snap-in (secpol.msc) and with Group Policy (gpedit.msc). Windows Vista Updates The following updates are reflective of the cumulative core changes in functionality that have occurred in Windows Vista. UAC is Enabled by Default As a result, you might encounter some compatibility problems with different applications that have not yet been updated for the Windows Vista UAC component. If an application requires an administrator access token (this is indicative from an "access denied" error being returned when you attempt to run the application), you can run the program as an administrator by using the Run as administrator option on the context menu (right-click). How to do this is documented later in this document in the Running Programs as an Administrator section. All Subsequent User Accounts are Created as Standard Users Both standard user accounts and administrator user accounts can take advantage of the UAC enhanced security. On new installations, by default, the first user account created is a local administrator account in Admin Approval Mode (UAC enabled). All subsequent accounts are then created as standard users. Elevation Prompts are Displayed on the Secure Desktop by Default The consent and credential prompts are displayed on the secure desktop by default in Windows Vista. Elevation Prompts for Background Applications are Minimized to the Taskbar Background applications will automatically prompt the user for elevation on the taskbar, rather than automatically going to the secure desktop for elevation. The elevation prompt will appear minimized on the taskbar and will blink to notify the user that an application has requested elevation. An example of a background elevation occurs when a user browses to a Web site and begins downloading an installation file. The user then goes to check e-mail while the installation downloads in the background. Once the download completes in the background and the install begins, the elevation is detected as a background task rather than a foreground task. This detection prevents the installation from abruptly stealing focus of the user's screen while the user is performing another task--reading e-mail. This behavior creates a better user experience for the elevation prompt. Information about how application developers can ensure that their applications are not minimized to the taskbar when they request elevation is available later in this document. Elevations are blocked in the User's Logon Path Applications that start when the user logs on and require elevation are now blocked in the logon path. Without blocking applications from prompting for elevation in the user's log on path, both standard users and administrators would have to respond to a User Account Control dialog box on every log on. Windows Vista notifies the user if an application has been blocked by placing an icon in the system tray. The user can then right-click this icon to run applications that were blocked from prompting for elevation as the user logged on. The user can manage which startup applications are disabled or removed from this list by double-clicking on the tray icon. Built-in Administrator Account is Disabled by Default on New Installations The built-in Administrator account is disabled by default in Windows Vista. If Windows Vista determines during an upgrade from Windows XP that the built-in administrator is the only active local administrator account, Windows Vista leaves the account enabled and places the account in Admin Approval Mode. The built-in administrator account, by default, cannot log on to the computer in safe mode. Please see the following sections for more information. The built-in administrator account is created during setup with the user name Administrator. Non-Domain Joined When there is at least one enabled local administrator account, safe mode will not allow logon with the disabled built-in administrator account. Instead, any local administrator account can be used to logon. If the last local administrator account is inadvertently demoted, disabled, or deleted then safe mode will allow the disabled built-in administrator account to logon for disaster recovery. Domain Joined The disabled built-in administrator account in all cases cannot logon in safe mode. A user account that is a member of the Domain Admins group can log on to the computer to create a local administrator if none exists. Note If the domain administrative account had never logged on before, then the computer must be started in Safe Mode with Networking since the credentials will not have been cached. Note Once the machine is disjoined, it will revert back to the non-domain joined behavior depicted previously. User Account Control and Remote Scenarios When an administrator logs on to a Windows Vista computer remotely, through Remote Desktop for instance, the user is logged on to the computer as a standard user by default. Remote administration has been modified to be restrictive on the wire. This helps prevent malicious software from performing application loopbacks if a user is running with administrative potential. Local User Accounts When a user with an administrator account in a Windows Vista computer's local Security Accounts Manager (SAM) database remotely connects to a Windows Vista computer, the user has no elevation potential on the remote computer and cannot perform administrative tasks. If the user wants to administer the workstation with a SAM account, the user must interactively log on to the computer to be administered. Domain User Accounts When a user with a domain user account logs on to a Windows Vista computer remotely where the user is a member of the Administrators group, the domain user will run with a full administrator access token on the remote computer and UAC will not be in effect. New Default Access Control List (ACL) Settings The ACLs on certain Windows directories have been changed to enable data sharing and collaboration in data directories and outside of users' protected directories. A user's protected directory is their user profile (E.G. C:\Users\Denise\Pictures\), while an example of a data directory is location outside of the operating system partition on a data drive (E.G. D:\Pictures\). Because the root directory, C in this instance, is protected by more restrictive ACLs, users were unable to use data directories in early versions of Windows Vista. These ACL changes ensure that users can share and edit files without having to provide approval to a User Account Control dialog box. Additionally, users can now make a folder private. This change ensures that users can still easily maintain data confidentiality and integrity on data drives. These private folders will still be readable by other administrators if they elevate and should be used to keep data private from standard users. The following are the default ACL settings on %systemroot% and the data drive in Windows XP. Windows XP %systemroot% and data drive ACL settings User or GroupAccess Control EntryBUILTIN\AdministratorsFull controlNT AUTHORITY\SYSTEMFull controlCREATOR OWNERFull controlBUILTIN\UsersRead Special access: FILE_APPEND_DATA Special access: FILE_WRITE_DATAEveryoneRead The following table details the new Windows Vista data drive ACL settings for data drives created with format.exe. Windows Vista data drive ACL settings User or GroupAccess Control EntryBUILTIN\AdministratorsFull controlNT AUTHORITY\SYSTEMFull controlNT AUTHORITY\Authenticated UsersModifyBUILTIN\UsersRead and execute Generic read, generic execute The following table details the new Windows Vista operating system root (%systemroot%) ACL settings. Windows Vista %systemroot% ACL settings User or GroupAccess Control EntryBUILTIN\AdministratorsFull controlNT AUTHORITY\SYSTEMFull controlBUILTIN\UsersRead and executeNT AUTHORITY\Authenticated UsersModify Append dataMandatory Label\High Mandatory LevelNo write New UAC Security Settings and Security Setting Name Changes The new security settings and security setting name updates are detailed in the Reference section of this document. How UAC Works This section describes the architectural and functional components of UAC for application developers. New Technologies for Windows Vista The following sections detail new technologies for Windows Vista, including installer detection, standard user patching with Windows Installer 4.0, User Interface Privilege Isolation, and virtualization. ActiveX Installer Service The ActiveX Installer Service enables enterprises to delegate ActiveX control installation for standard users. This service ensures that routine business tasks are not impeded by failed ActiveX control installations and updates. Windows Vista also includes Group Policy settings that enable IT professionals to define Host URLs from which standard users can install ActiveX controls. The ActiveX Installer Service consists of a Windows service, a Group Policy administrative template, and some changes in Internet Explorer and is an optional component that will only be enabled on clients where it is installed. Installer Detection Installation programs are applications designed to deploy software, and most write to system directories and registry keys. These protected system locations are typically writeable only by administrator users; this means that standard users do not have sufficient access to install programs. Windows Vista heuristically detects installation programs and requests administrator credentials or approval from the administrator user in order to run with access privileges. Windows Vista also heuristically detects updater and un-installation programs. Note that a design goal of UAC is to prevent installations from being executed without the user's knowledge and consent since they write to protected areas of the file system and registry. Important When developing new installation programs, much like developing programs for Windows Vista, be sure to embed an application manifest with an appropriate requestedExecutionLevel element (see the Step Six: Create and Embed an Application Manifest with Your Application section). When the requestedExecutionLevel is present in the embedded application manifest, it overrides Installer Detection. Installer Detection only applies to: 1. 32 bit executables 2. Applications without a requestedExecutionLevel 3. Interactive processes running as a Standard User with LUA enabled Before a 32 bit process is created, the following attributes are checked to determine whether it is an installer: Filename includes keywords like "install," "setup," "update," etc. Keywords in the following Versioning Resource fields: Vendor, Company Name, Product Name, File Description, Original Filename, Internal Name, and Export Name. Keywords in the side-by-side manifest embedded in the executable. Keywords in specific StringTable entries linked in the executable. Key attributes in the RC data linked in the executable. Targeted sequences of bytes within the executable. Note The keywords and sequences of bytes were derived from common characteristics observed from various installer technologies. Ensure that you thoroughly review the entirety of this document, including the Step Six: Create and Embed an Application Manifest with Your Application section. Note The User Account Control: Detect application installations and prompt for elevation setting must be enabled for installer detection to detect installation programs. This setting is enabled by default and can be configured with the Security Policy Manager snap-in (secpol.msc) or with Group Policy (gpedit.msc). General information and an overview of the Microsoft Windows Installer can be found at MSDN (HYPERLINK "http://go.microsoft.com/fwlink/?LinkId=30197"http://go.microsoft.com/fwlink/?LinkId=30197). Patching Applications in a UAC Environment Microsoft Windows Installer 4.0 was designed with UAC in mind in order to make application installations and patching easier. With the introduction of Windows Installer 4.0, patches can be applied to applications without reinstalling a newer version of the application. This method is ideal when an application is deployed in a per-computer install and patches need to be deployed by a user without requiring an administrative access token. For information about how to create and apply patches to applications, see MSDN (HYPERLINK "http://go.microsoft.com/fwlink/?LinkId=71492"http://go.microsoft.com/fwlink/?LinkId=71492). Security Center Integration When UAC is disabled on a Windows Vista computer, the Security Center creates an alert and prompts the user to re-enable UAC. Security Center displays this alert once the computer has been restarted after the UAC setting change. User Interface Privilege Isolation User Interface Privilege Isolation (UIPI) is one of the mechanisms that help isolate applications running as a full administrator from processes running as an account lower than an administrator on the same interactive desktop. UIPI is specific to the windowing and graphics subsystem known as USER that supports windows and user interface controls. UIPI prevents a lower privilege application from using Windows messages to send input from one process to a higher privilege process. Sending input from one process to another allows a process to inject input into another process without the user providing keyboard or mouse actions. The concept behind UIPI is simple. Windows Vista defines a set of user interface privilege levels in a hierarchical fashion. The nature of the levels is such that higher privilege levels can send window messages to applications running at lower levels. However, lower levels cannot send window messages to application windows at higher levels. The user interface privilege level is at the process level. When a process is initialized, the User subsystem calls into the security subsystem to determine the desktop integrity level assigned in the processs security access token. The desktop integrity level is set by the security subsystem when the process is created and does not change. Hence, the user interface privilege level also is set by the User subsystem when the process is created and does not change. All applications run by a standard user have the same user interface privilege level. As a standard user, applications are run at a single privilege level. UIPI does not interfere or change the behavior of window messaging between applications at the same privilege level. UIPI comes into effect for a user who is a member of the administrators group and may be running applications as a standard user (sometimes referred to as a process with a filtered access token) and also processes running with a full administrator access token on the same desktop. UIPI prevents lower privilege processes from accessing higher privilege processes by blocking the following behavior. A lower privilege process cannot: Perform a window handle validation of higher process privilege. SendMessage or PostMessage to higher privilege application windows. These application programming interfaces (APIs) return success but silently drop the window message. Use thread hooks to attach to a higher privilege process. Use Journal hooks to monitor a higher privilege process. Perform dynamic link-library (DLL) injection to a higher privilege process. With UIPI enabled, the following shared USER resources are still shared between processes at different privilege levels: Desktop window, which actually owns the screen surface Desktop heap read-only shared memory Global atom table Clipboard Painting to the screen is another action that is not blocked by UIPI. Painting to the screen refers to the process of using the Paint method to display content on an external output a monitor, for example. The USER/graphics device interface (GDI) model does not allow control over painting surfaces; therefore, it is possible for a lower privilege application to paint over the surface region of a higher privilege application window. Note Because the Windows Shell (Explorer) is running as a standard user process, any other process running as standard user can still send it keystrokes. This is the primary reason why an administrator account in Admin Approval Mode is prompted for elevation consent when it initiates an administrative action, such as double-clicking on a Setup.exe or clicking on an elevation Shield icon. Virtualization Important Virtualization is implemented to improve application compatibility problems for applications running as a standard user on Windows Vista. Developers must not rely on virtualization being present in subsequent versions of Windows. Prior to Windows Vista, many applications were typically run by administrators. As a result, applications could freely read and write system files and registry keys. If these applications were run by a standard user, they would fail due to insufficient access. Windows Vista improves application compatibility for these users by redirecting writes (and subsequent file or registry operations) to a per-user location within the users profile. For example, if an application attempts to write to C:\Program Files\Contoso\Settings.ini, and the user does not have permissions to write to that directory, the write will get redirected to C:\Users\\AppData\Local\VirtualStore\Program Files\contoso\settings.ini. For the registry, if an application attempts to write to HKEY_LOCAL_MACHINE\Software\Contoso\ it will automatically get redirected to HKEY_CURRENT_USER\Software\Classes\VirtualStore\MACHINE\Software\Contoso or HKEY_USERS\< User SID >_Classes\VirtualStore\Machine\Software\Contoso. The following figure details the virtualization process in Windows Vista. In this example, Denise is an administrator in Admin Approval Mode and Brian is a standard user. Virtualization is comprised of two components: file virtualization and registry virtualization. Virtualization process  Important While developing Windows Vista programs, to reduce the complexity of virtualized files and registry keys, be sure to embed an application manifest with an appropriate requestedExecutionLevel in order to turn off file and registry virtualization. Virtualization is only enabled for: 32 bit interactive processes Administrator writeable file/folder and registry keys Virtualization is disabled for: 64 bit processes Non-interactive processes Processes that impersonate Kernel mode callers Executables that have a requestedExecutionLevel Virtualization and roaming: Virtualization files/folder and registry keys do not roam (see roaming profiles) Associated with global objects that do not roam File Virtualization File virtualization addresses the situation where an application relies on the ability to store a file, such as a configuration file, in a system location typically writeable only by administrators. Running programs as a standard user in this situation might result in program failures due to insufficient levels of access. When an application writes to a system location only writeable by administrators, Windows then writes all subsequent file operations to a user-specific path under the Virtual Store directory, which is located at %LOCALAPPDATA%\VirtualStore. Later, when the application reads back this file, the system will provide the one in the Virtual Store. Because the Windows security infrastructure processes the virtualization without the applications assistance, the application believes it was able to successfully read and write directly to Program Files. The transparency of file virtualization enables applications the perception that they are writing and reading from the protected resource, when in fact they are accessing the virtualized version. Note When you enumerate resources in folders and in the registry, Windows Vista will merge global file/folder and registry keys into a single list. In this merged view, the global (protected) resource is listed along with the virtualized resource. Important The virtual copy will always be present to the application first. For example, config.ini is available in \PF\App\config.ini and %LOCALAPPDATA%\VirtualStore\config.ini, and the config.ini in the virtual store will always be the one read, even if \PF\App\config.ini is updated. The following figure details how global and merged views for virtualized resources are displayed for different users. Virtualized resources and views  The following is an example of the file virtualization process: Syed Abbas, a sales representative at Woodgrove Bank, is running under a standard user account on a computer he shares with other sales representatives. Syed often uses a spreadsheet application to update and save a file under the Program Files\SalesV1\ directory: \Program Files\SalesV1\SalesData.txt. Although Program Files\SalesV1\ is protected, the file will be saved successfully from the spreadsheet application's point-of-view because of Windows Vista file virtualization. To achieve this, the file write is redirected to Users\username\appdata\Virtual Store\Program Files\SalesV1\SalesData.txt. When Syed opens Windows Explorer and browses to the Program Files directory, he will see the global view of the SalesData.txt file. Note For Syed to discover his virtualized files, he must navigate to the virtual store with the Compatibility files button on the Explorer toolbar. However, after Stuart Munson, another sales representative, logs in to the workstation, he will NOT see the file SalesData.txt in the Program Files\SalesV1\ directory. If different user uses the computer and writes the \Program files\SalesV1\SalesData.txt file, that write will also virtualize to that user's virtual store. The files Syed updates and saves will remain independent of the other virtualized files on the system. Registry Virtualization Registry virtualization is similar to file virtualization but applies to registry keys under HKEY_LOCAL_MACHINE\SOFTWARE. This feature permits applications that rely on the ability to store configuration information in HKEY_LOCAL_MACHINE\SOFTWARE to continue to when they are run under a standard user account. The keys and data are redirected to HKEY_CLASSES_ROOT\VirtualStore\SOFTWARE. As in the file virtualization case, each user has a virtualized copy of any values that an application stored in HKLM. Registry Virtualization Details Can be turned on/off on individual keys in the Software hive New FLAGS option in reg.exe for key level virtualization control: Allows recursive enable/disable of virtualization and control of  open access right policy ZwQueryKey: Programmatically query the virtualization flags for a key. Virtualization happens on top of WoW64 redirection Enabled both in the 64 bit and 32 bit registry views: HKU\{SID}_Classes\VirtualStore\Machine\Software and HKU\{SID}_Classes\VirtualStore\Machine\Software\SYSWOW3264 Most legacy 32 bit apps will use the 32 bit view Virtualization is intended only to assist in application compatibility with existing programs. Applications designed for Windows Vista should NOT perform writes to sensitive system areas, nor should they rely on virtualization to provide redress for incorrect application behavior. When updating existing code to run on Windows Vista, developers should ensure that, during run-time, applications only store data in per-user locations or in computer locations within %alluserprofile% (CSIDL_COMMON_APPDATA) that have access control list (ACL) settings properly set. Important Microsoft intends to remove virtualization from future versions of the Windows operating system as more applications are migrated to Windows Vista. For example, virtualization is disabled on 64-bit applications. Virtualization Recommendations Virtualization is intended only to assist in application compatibility with existing programs. Applications designed for Windows Vista should NOT perform writes to sensitive system areas, nor should they rely on virtualization to provide redress for incorrect application behavior. When updating existing code to run on Windows Vista, developers should ensure that, during run-time, applications only store data in per-user locations or in computer locations within %alluserprofile% that have access control list (ACL) settings properly set. Important Microsoft intends to remove virtualization from future versions of the Windows operating system as more applications are migrated to Windows Vista. For example, virtualization is disabled on 64-bit applications. Add an application manifest with an appropriate requestedExecutionLevel for your interactive applications. This will turn virtualization off for the manifested application. Do not use the registry as an inter-process communication mechanism. Services and user applications will have different views of the key. Test your application on Windows Vista: Ensure that processes running as standard user do not write to global namespaces like %systemroot%. For filter driver developers: Check your altitude range (HYPERLINK "http://go.microsoft.com/fwlink/?LinkId=71503"http://go.microsoft.com/fwlink/?LinkId=71503). See File System Filters and fltmc.exe (HYPERLINK "http://go.microsoft.com/fwlink/?LinkId=71504"http://go.microsoft.com/fwlink/?LinkId=71504). These must be higher than FSFilter virtualization. Remember that virtualized resources are per-user copies of global resources. Access Token Changes When a user logs on to a Windows Vista computer, Windows looks at the administrative Windows privileges and Relative IDs (RIDs) that the user account possesses to determine if the user should receive two access tokens (a filtered access token and a full access token). Windows will create two access tokens for the user if either of the following is true: 1. The users account contains any of the following RIDs. DOMAIN_GROUP_RID_ADMINS DOMAIN_GROUP_RID_CONTROLLERS DOMAIN_GROUP_RID_CERT_ADMINS DOMAIN_GROUP_RID_SCHEMA_ADMINS DOMAIN_GROUP_RID_ENTERPRISE_ADMINS DOMAIN_GROUP_RID_POLICY_ADMINS DOMAIN_ALIAS_RID_ADMINS DOMAIN_ALIAS_RID_POWER_USERS DOMAIN_ALIAS_RID_ACCOUNT_OPS DOMAIN_ALIAS_RID_SYSTEM_OPS DOMAIN_ALIAS_RID_PRINT_OPS DOMAIN_ALIAS_RID_BACKUP_OPS DOMAIN_ALIAS_RID_RAS_SERVERS DOMAIN_ALIAS_RID_PREW2KCOMPACCESS DOMAIN_ALIAS_RID_NETWORK_CONFIGURATION_OPS DOMAIN_ALIAS_RID_CRYPTO_OPERATORS 2. The user s account contains any privileges other than those of a standard user account. A standard user account contains only the following privileges. SeChangeNotifyPrivilege SeShutdownPrivilege SeUndockPrivilege SeIncreaseWorkingSetPrivilege SeTimeZonePrivilege Note What privileges the filtered token contain are based on whether the original token contained any of the restricted RIDS listed above. If any of the restricted RIDs were in the token, all of the privileges are removed except: SeChangeNotifyPrivilege SeShutdownPrivilege SeUndockPrivilege SeReserveProcessorPrivilege SeTimeZonePrivilege If no restricted RIDs were in the token, only the following privileges are removed: SeCreateTokenPrivilege SeTcbPrivilege SeTakeOwnershipPrivilege SeBackupPrivilege SeRestorePrivilege SeDebugPrivilege SeImpersonatePrivilege SeRelabelPrivilege The first access token, called the filtered access token, has the previous RIDs (if present) marked as USE_FOR_DENY_ONLY in the access token and the administrative Windows privileges, not listed previously, removed. The filtered access token will be used by default when the user launches applications. The unmodified full access token, called the linked access token, is attached to the filtered access token and is used when requests are made to launch applications with a full administrative access token. More information on RIDs can be found at MSDN (HYPERLINK "http://go.microsoft.com/fwlink/?LinkId=71494"http://go.microsoft.com/fwlink/?LinkId=71494). More information on Windows privileges can be found at MSDN (HYPERLINK "http://go.microsoft.com/fwlink/?LinkId=71495"http://go.microsoft.com/fwlink/?LinkId=71495). UAC Architecture The following diagram represents the process flow for executable launches in Windows Vista. UAC architecture  The following is a description of the process flow displayed in the UAC architecture diagram and how UAC is implemented when an executable attempts to launch. Standard User Launch Path The Windows Vista standard user launch path is similar to the Windows XP launch path, but includes some modifications. 1. ShellExecute() calls CreateProcess(). 2. CreateProcess() calls AppCompat, Fusion, and Installer Detection to assess if the application requires elevation. The executable is then inspected to determine its requestedExecutionLevel, which is stored in the executable's application manifest. The AppCompat database stores information for an application's application compatibility fix entries. Installer Detection detects setup executables. 3. CreateProcess() returns a Win32 error code stating ERROR_ELEVATION_REQUIRED. 4. ShellExecute() looks specifically for this new error and, upon receiving it, calls across to the Application Information service (AIS) to attempt the elevated launch. Elevated Launch Path The Windows Vista elevated launch path is a new Windows launch path. 1. AIS receives the call from ShellExecute() and re-evaluates the requested execution level and Group Policy to determine if the elevation is allowed and to define the elevation user experience. 2. If the requested execution level requires elevation, the service launches the elevation prompt on the callers interactive desktop (based on Group Policy), using the HWND passed in from ShellExecute(). 3. Once the user has given consent or valid credentials, AIS will retrieve the corresponding access token associated with the appropriate user, if necessary. For example, an application requesting a requestedExecutionLevel of highestAvailable will retrieve different access tokens for a user that is only a member of the Backup Operators group than for a member of the local Administrators group. 4. AIS re-issues a CreateProcessAsUser() call, supplying the administrator access token and specifying the callers interactive desktop. Will UAC Affect your Application? Whether or not your application will be affected by UAC depends on the applications current state. In a number of cases, no changes will be necessary to comply with Microsoft Windows Security requirements. However, some applications, including line of business (LOB) applications, may require changes to their install, function, and update processes to properly work in a Windows Vista UAC environment. Note If an application works well as standard user on Windows XP, then it will work well as a standard user on Windows Vista. Why Do I Need to Remove My Applications Administrative Dependencies? One fundamental step toward increasing the security of the overall computing environment is to allow users to run without using their administrative access token. If an application only operates or installs when the user is an administrator, users are being forced to run applications with unnecessary elevated access. The fundamental problem is that when users are always forced to run applications using elevated access tokens, deceptive or malicious code can easily modify the operating system, or worse, affect other users. Microsofts goal is for customers to understand that applications should not unnecessarily run as an administrator, and to question any time they are asked to approve an applications request to run as an administrator. UAC is a fundamental component for helping to achieve this goal and will go a long way toward restoring a more secure computing environment for all users. Reducing Your Application's Total Cost of Ownership The standard user account is very attractive to IT administrators interested in increasing security and control over their managed machines while reducing total cost of ownership (TCO). Because a standard user account cannot make system changes, there is a direct relationship to the reduction of TCO and better controlling application installation and system-wide modifications. The standard user account is also attractive to home users where parents share a computer with children. Microsoft Windows Vista includes integrated parental controls, which are only successfully implemented by creating children's user accounts as standard users. Standard user accounts also cannot change or delete files created by other users. They cannot read files in other users profiles, infect system files, or alter system-shared executables, either accidentally or deliberately. Standard user accounts result in an overall improvement in computer security and parental controls. Secure by Default At Microsoft, the tenets of Microsoft's Trustworthy Computing Initiative have been ingrained into software development. Consequently, improved security has been an integral part of the Windows Vista development process. The security pillar of Trustworthy Computing encompasses three fundamentals: secure by design, secure by default, and secure in deployment. How you and other ISVs develop your applications to contribute to the overall security of the operating system will be a key success factor for achieving Trustworthy Computing in Windows Vista. The goal of the remainder of this guide is to help teach developers how to: Write applications that do not require the user to be an administrator to perform routine tasks Create installation packages with Windows Installer 4.0 UAC patching technologies that deploy well to the standard user desktop in enterprises and also update correctly in the home. Identify standard user and administrative functionality and extrapolate administrative tasks for UAC compatibility Write application user interfaces that utilize the UAC functionality It is essential for the success of UAC that application developers embrace the philosophy of least-privilege and design their applications to function correctly when running with a standard user account. One of the goals of the Windows Vista release is to evangelize and encourage the principle of designing for standard users and administrators in Admin Approval Mode to all developers. Achieving this goal will assist in the prevention of various attacks against individual applications and mitigate the possibility that such attacks will compromise the security of the system. Although these goals can be accomplished in some degree today by requiring administrators to use two accounts, it tends to fail for the following reasons: It is nearly impossible to control a user that has a full administrator access token. Administrators can install applications and run any application or script that they wish. IT managers are always seeking ways to create "standard desktops" where users log on as standard users. Standard desktops greatly reduce help desk costs and reduce IT overhead. There is substantial overhead when switching between accounts whenever the user wishes to perform an administrative operation. After they perform an administrative operation, users may forget to switch back to their standard user account, or decide it is too much effort to switch back. As a result, users may decide to always log in to their administrative accounts, thus defeating the security measures. To help mitigate this, UAC introduces the concept of Admin Approval Mode. An Admin Approval Mode user account is a user account that is a member of the local administrators group on a system with UAC enabled. In the enterprise, Admin Approval Mode will be used as a bridge technology for migration to Windows Vista. Ideally, enterprises will run all users as standard users and disable the elevation prompt for standard users. This setup enables a managed standard desktop where installations are deployed with a software deployment technology, such as Microsoft Systems Management Server (SMS). Important Microsoft still recommends that members of the Domain Admins group continue to maintain two separate user accounts in Windows Vista: a standard user account and a domain administrator user account. All domain administration should be done with the domain administrator account. To further enhance security, consider deploying a smart card (HYPERLINK "http://go.microsoft.com/fwlink/?LinkId=71505"http://go.microsoft.com/fwlink/?LinkId=71505) solution in domain environments. The following are Windows Vista design goals for Admin Approval Mode: Eliminate the need for two separate accounts for users who are members of the administrators group: This goal is accomplished by running programs only with a standard user access token unless the user provides approval to use the full administrative access token. Protect processes running with a full administrative access token from being accessed or modified by those processes running as a standard user. Provide for a seamless transition between administrator and standard user workspaces. Currently, most Windows applications must be run as an administrator but do not actually perform administrative operations. These applications are a byproduct of the Microsoft Windows 9x operating systems philosophy: everyone is an administrator. The following are examples of problematic applications: Applications that unnecessarily write to HKEY_LOCAL_MACHINE (HKLM) or to system files within the file system. An ActiveX installation to facilitate a line-of-business application with a Web interface. Applications that unnecessarily request access to resources that require a full administrative access token. The next section presents new technologies for Windows Vista that impact ISVs. How Do I Determine If My Application Has Administrative Dependencies? To assist developers, ISVs, and organizations in evaluating their applications, Microsoft provides the Microsoft Standard User Analyzer. The Standard User Analyzer can be used to help identity non-UACcompliant behavior of an application. Microsoft recommends that developers run this tool to identify issues with running the application under a standard user account. These tests should be performed, even if the application already installs and runs properly under a standard user account on Windows XP. The application may perform operations, such as attempting to write to system registry locations, and make decisions based on the systems behavior, such as looking for an error response. Windows Vista may behave differently than earlier versions of the Windows operating system due to the addition of new application compatibility support. Therefore, it is recommended that all applications be tested with the new version of the Standard User Analyzer, which can be downloaded from Microsoft (HYPERLINK "http://go.microsoft.com/fwlink/?LinkId=71359"http://go.microsoft.com/fwlink/?LinkId=71359). The Standard User Analyzer will record all administrative operations encountered by an application, including registry/file system access and elevated API calls. This data is stored in a log file and is displayed within the tool. The Standard User Analyzer identifies the following common dependencies, in addition to many others: Dependency on objects that restrict the requested access to trusted users only. For example, HKEY_LOCAL_MACHINE only grants KEY_WRITE to administrators and SYSTEM an application that requests KEY_WRITE to HKEY_LOCAL_MACHINE will not work with UAC enabled. Use of Windows privileges that have security ramifications, such as SE_DEBUG_PRIVILEGE, which allows the debugging of other users' processes and is granted only to administrators. What Are the Requirements If I Have a Legitimate Administrator Application? For applications that, by design, perform legitimate administrative operations, Microsoft has implemented an extension to the trustInfo section of the current Windows XP application manifest schema. You can use these new attributes to indicate to the system that you have a legitimate administrative application; the system will automatically ask for approval from the user to launch the application with a full administrative access token. For information about how to extend the application manifest, see the Create and Embed an Application Manifest with Your Application section within this document. Designing Applications for Windows Vista The following list represents a workflow for designing your application for Windows Vista: 1.  HYPERLINK \l "DSDOC_BKMK_TestAppCompat3bbc4962_40ae_40" \o "Test your application for Windows Vista application compatibility" Test your application for Windows Vista application compatibility 2.  HYPERLINK \l "DSDOC_BKMK_ClassifyApp3bbc4962_40ae_40b5" \o "Classify your application as a standard user, administrator, or mixed user application" Classify your application as a standard user, administrator, or mixed user application 3.  HYPERLINK \l "DSDOC_BKMK_RedesignFunctionality3bbc4962" \o "Redesign your application's functionality for UAC compatibility" Redesign your application's functionality for UAC compatibility 4.  HYPERLINK \l "DSDOC_BKMK_RedesignUI3bbc4962_40ae_40b5_" \o "Redesign your application's user interface" Redesign your application's user interface 5.  HYPERLINK \l "DSDOC_BKMK_RedesignInstaller3bbc4962_40a" \o "Redesign your application's installer" Redesign your application's installer 6.  HYPERLINK \l "DSDOC_BKMK_EmbedManifest3bbc4962_40ae_40" \o "Create and embed an application manifest with your administrative applications" Create and embed an application manifest with your administrative applications 7.  HYPERLINK \l "DSDOC_BKMK_TestApp3bbc4962_40ae_40b5_8b7" \o "Test your application" Test your application 8.  HYPERLINK \l "DSDOC_BKMK_SignApp3bbc4962_40ae_40b5_8b7" \o "Sign your application" Sign your application 9.  HYPERLINK \l "DSDOC_BKMK_ChooseLogo3bbc4962_40ae_40b5_" \o "Determine whether to pursue the Windows Vista Logo program" Determine whether to pursue the Windows Vista Logo program Step One: Test Your Application for Application Compatibility Testing for application compatibility with UAC can be easily performed by installing the Standard User Analyzer. The Standard User Analyzer is a free download on the Microsoft Web site (HYPERLINK "http://go.microsoft.com/fwlink/?LinkId=71359"http://go.microsoft.com/fwlink/?LinkId=71359). To utilize the Standard User Analyzer's graphical log display, you must install the Microsoft Application Verifier. The Application Verifier is a free download on the Microsoft Web site (HYPERLINK "http://go.microsoft.com/fwlink/?LinkId=71506"http://go.microsoft.com/fwlink/?LinkId=71506). The following procedure illustrates how to identify pre-Windows Vista administrative applications that do not run correctly on Windows Vista by using the Standard User Analyzer. Important There are two approaches you can take to utilize Standard User Analyzer: launch your application as standard user or launch your application elevated as an administrator. Launch your application as standard user. In this instance, the Standard User Analyzer is running in diagnosis mode. The application will fail at the first error it encounters and the Standard User Analyzer will report why it failed. Launch your application elevated as an administrator. In this instance, the Standard User Analyzer is running in prediction mode. The application will be able to run through its course and the Standard User Analyzer will predict and give an overview of the errors the application might encounter if it is run as standard user. Once the bugs are fixed and resolved, perform this procedure once more as a standard user without the Standard User Analyzer to ensure your application is working as expected on Windows Vista. To identify application compatibility problems for pre-Windows Vista applications 1. Log on to a Windows Vista computer as an administrator in Admin Approval Mode. 2. Click Start, click All Programs, and then click Standard User Analyzer. 3. In the Standard User Analyzer, for Target Application, specify the full directory path for an application to test or click the Browse button to locate the program's executable file with Windows Explorer. 4. Click Launch and then click Continue at the User Account Control dialog box. 5. After the test application launches, perform standard administrative tasks in the application, and close the application when you have completed. 6. In the Standard User Analyzer, examine the output on each tab. Use this data to identify the compatibility issues that the program might have. Step Two: Classify Your Application as a Standard User, Administrator, or Mixed User Application Administrative applications in Windows Vista often have a mixture of both administrative and standard user functionality. As a result, a number of options must be considered when deciding how your application will work in Windows Vista. The administrative functionality can be removed completely or separated from the standard user account functionality by prompting the user for approval. Questions to Help Classify Your Application Answer the following questions to determine whether your application will require any redesign for Windows Vista compatibility:  HYPERLINK \l "DSDOC_BKMK_ApplicationRunStandard3bbc496" \o "Does your application run as a standard user?" Does your application run as a standard user?  HYPERLINK \l "DSDOC_BKMK_FixedNoAdminToken3bbc4962_40a" \o "Can the administrative functionality be fixed to no longer require an administrator access token?" Can the administrative functionality be fixed to no longer require an administrator access token?  HYPERLINK \l "DSDOC_BKMK_AdminSectionsCut3bbc4962_40ae" \o "Can the administrative sections be removed from the program's functionality?" Can the administrative sections be removed from the program's functionality? Does Your Application Run as a Standard User? To answer this question, ensure that the application or feature be fully used by standard users. If any part of your feature requires the user to be an administrator, the answer to this question is No. How to verify that the application or control panel can be used by standard users: Thoroughly test the application or control panel as both a standard user and as an administrator. Verify that the user interactions are all exactly the same for both standard users and administrators. Check where the settings are stored in the registry. If any settings are stored in HKLM, the application or control panel will most likely require an administrator access token. If any of the settings are per-computer, the application or control panel will require an administrator access token. If any of the settings do anything in other users profiles, the application or control panel will require an administrator access token. Can the Administrative Functionality be fixed to no Longer Require an Administrator Access Token? If your application or control panel has settings or interactions that require a full administrator access token, can it be changed to work correctly as a standard user? Specifically, can the program store information in per-user settings instead? If it cannot, the answer to this question is "No." A good example of the kind of feature/setting that can be fixed is Calc.exe (the Windows Calculator). In Windows XP, the setting of Scientific versus Standard was a per-computer setting, which meant that a full administrative access token was needed to change the setting. In Windows Vista, this setting is stored in the user s profile. How to verify that administrative sections can be removed from the program s functionality: Thoroughly test the application or control panel as both a standard user and as an administrator. Can the experience be the same for both types of users? Is it possible to lower the access control lists (ACLs) required to write to the HKLM key? Note This course should not be taken lightly. Be cautious not to compromise the overall security of the system by lowering the control afforded by the ACL. Is it possible to change the user interface to set per-user state rather than global state (and do not expose global state modification through the user interface)? Can the Administrative Sections be removed from the Programs Functionality? Does your feature absolutely have to have this functionality? If you cannot cut the administrative features/functionality, the answer to this question is "No." To determine whether the administrative sections can be removed from the program's functionality, do the following: Test the control panel as a standard user as well as an administrator. What is the user scenario for retaining this feature? Is this setting/feature exposed elsewhere? Perhaps the functionality in the control panel is redundant. Analyzing the Answers to Classify Your Application If You Answered "Yes" to any of the Preceding Questions Make the necessary changes in the application or control panel (if any) to eliminate those items that require the user to have a full administrative access token. The following list details benefits of having a true standard user application: Your feature is equally usable for all users. This is the ideal state since most features should not require a full administrator access token. Your users will never see an elevation prompt with your features. Your features are much more secure by never requiring the administrator access token. If You Answered "No" to all of the Preceding Questions The application or control panel must be modified to make the feature work with UAC. Verify the Application or Control Panel Works with UAC: Finally, test the application or control panel as a standard user as well as an administrator. Ensure that other options (the previous questions) cannot be used for this particular application or control panel. Step Three: Redesign Your Application's Functionality for UAC Compatibility Use the information in this section once you have classified your application and determined whether it must be redesigned for UAC. Windows Vista Application Run-time Requirements A large component of redesigning your application for Windows Vista will be examining your application's user access model at its core. Requirements for all Windows Vista Applications Specify a requestedExecutionLevel For UAC to operate properly, the operating system has to be able to identify what code needs elevated privilege and what code does not. In Windows Vista, these changes require that applications be marked with information that allows the operating system to determine in what context the application should be launched. For example, standard user applications need to be marked to run as the invoker, and accessibility-enabled applications need to be identified by the system. Do not register components with Rundll32 Some applications use the Windows Rundll32 executables to run components. However, this method is not compliant with Windows Vista development requirements. Calling directly into Rundll32 results in UAC compatibility issues. When an application relies on the Rundll32 executables to perform its execution, Rundll32 calls the Application Information Service (AIS) on behalf of the application to initiate the UAC elevation prompt. As a result, the UAC elevation prompt has no knowledge of the original application and displays the application requesting elevation as Windows host process(Rundll32). Without a clear description and icon for the application requesting elevation, users have no way to identify the application and determine if it is safe to elevate it. If your application calls into Rundll32 to run components, use the following workflow to redesign the execution call. 1. Create a new separate executable file for your application. 2. In the new executable file, call the exported function in your DLL that you would have specified with Rundll32. You may need to LoadLibrary the DLL if it does not have a .lib. 3. In a resource file, create and add a new icon for the executable. This icon will be displayed in the User Account Control elevation prompt when the application requests elevation. 4. Provide a short, meaningful name for the executable. This name will be shown in the User Account Control elevation prompt when the application requests elevation. 5. Create and embed an application manifest file for the executable and mark it with the requested execution level of requireAdministrator. This process is detailed in the Create and Embed an Application Manifest with Your Application section. 6. Authenticode sign the new executable. This process is detailed in the Authenticode Sign Your Application section. Following the de-installation of an application, the user should be able to reinstall it without errors. Requirements for Standard User Applications Here is a summary of things to remember when designing applications that operate correctly under a standard user account. Developers should keep these requirements in mind during the design phase of their applications. Setup Never perform administrative actions (such as completing the setup process) on first run; it should be done as part of the initial setup process. Never write directly to the Windows directory or subdirectories. Use the correct methods for installing files such as fonts. If you need to automatically update your application, use a mechanism suitable for use by standard users, such as Windows Installer 4.0 User Account Control patching to accomplish the update. Saving State Do not write per-user information or user-writable information to Program Files or Program directories. Do not use hard-coded paths in the file system. Take advantage of the KnownFolders API and ShGetFolder to find where to write data. Run and Test Under a Standard User Account If you are writing a non-administrative application, such as an LOB application or a user application such as a game, you must always write application data to a location that the standard user has access to. The following are some of the recommended requirements. Write per-user data to the user profile: CSIDL_APPDATA. Write per-computer data to Users\All Users\Application Data: CSIDL_COMMON_APPDATA. The application cannot depend on any administrative APIs. For example, a program that expects to successfully call the SetTokenInformation() Windows function will fail under a standard user account. Be Fast User Switching (FUS) Aware Applications will more commonly be installed by a user other than the user who will run the application. For example, in the home, this means that a parent will install the application for the child. In the enterprise, a deployment system, such as SMS or Group Policy advertisement, will install the application using an administrator account. If the per-user settings do not exist at first run, rebuild them. Do not assume that the setup process took care of the settings. Requirements for Administrator Applications Use the HWND Property to be acknowledged as a Foreground Application Background applications will automatically prompt the user for elevation on the taskbar, rather than automatically going to the secure desktop for elevation. The elevation prompt will appear minimized on the taskbar and will blink to notify the user that an application has requested elevation. An example of a background elevation occurs when a user browses to a Web site and begins downloading an installation file. The user then goes to check e-mail while the installation downloads in the background. Once the download completes in the background and the install begins, the elevation is detected as a background task rather than a foreground task. This detection prevents the installation from abruptly stealing focus of the user's screen while the user is performing another task--reading e-mail. This behavior creates a better user experience for the elevation prompt. However, some foreground applications currently prompt as background applications on Windows Vista. This behavior is the result of an absent parent HWND. In order to ensure that Windows Vista acknowledges your application as a foreground application, you must pass a parent HWND with a ShellExecute, CreateElevatedComObject (COM), or managed code call. The UAC elevation mechanism uses the HWND as part of determining whether the elevation is a background or foreground elevation. If the application is determined to be a background application, the elevation is placed on the taskbar as a blinking button. The user must click on the button, as with any application requesting foreground access, before the elevation will continue. Not passing the HWND will result in this occurring even though the application might actually have foreground. The following code sample illustrates how to pass HWND with ShellExecute: BOOL RunAsAdmin( HWND hWnd, LPTSTR lpFile, LPTSTR lpParameters ) { SHELLEXECUTEINFO sei; ZeroMemory ( &sei, sizeof(sei) ); sei.cbSize = sizeof(SHELLEXECUTEINFOW); sei.hwnd = hWnd; sei.fMask = SEE_MASK_FLAG_DDEWAIT | SEE_MASK_FLAG_NO_UI; sei.lpVerb = _TEXT("runas"); sei.lpFile = lpFile; sei.lpParameters = lpParameters; sei.nShow = SW_SHOWNORMAL; if ( ! ShellExecuteEx ( &sei ) ) { printf( "Error: ShellExecuteEx failed 0x%x\n", GetLastError() ); return FALSE; } return TRUE; } The following code sample illustrates how to pass HWND with CreateElevatedComObject by using the elevation moniker. It assumes that you have already initialized COM on the current thread. More information about the elevation moniker is available in Step Four of this document. HRESULT CreateElevatedComObject(HWND hwnd, REFCLSID rclsid, REFIID riid, __out void ** ppv) { BIND_OPTS3 bo; WCHAR wszCLSID[50]; WCHAR wszMonikerName[300]; StringFromGUID2(rclsid, wszCLSID, sizeof(wszCLSID)/sizeof(wszCLSID[0])); HRESULT hr = StringCchPrintf(wszMonikerName, sizeof(wszMonikerName)/sizeof(wszMonikerName[0]), L"Elevation:Administrator!new:%s", wszCLSID); if (FAILED(hr)) return hr; memset(&bo, 0, sizeof(bo)); bo.cbStruct = sizeof(bo); bo.hwnd = hwnd; bo.dwClassContext = CLSCTX_LOCAL_SERVER; return CoGetObject(wszMonikerName, &bo, riid, ppv); } BIND_OPTS3 is new in Windows Vista. It is derived from BIND_OPTS2. It is defined as follows: typedef struct tagBIND_OPTS3 : tagBIND_OPTS2 { HWND hwnd; } BIND_OPTS3, * LPBIND_OPTS3; The only addition is an HWND field, hwnd. This handle represents a window that becomes the owner of the elevation UI when secure desktop prompting is enabled. The following code sample illustrates how to pass HWND in managed code to ensure that parent dialogs are aware of the HWND and its use. System.Diagnostics.Process newProcess = new System.Diagnostics.Process(); System.Diagnostics.ProcessStartInfo info = new System.Diagnostics.ProcessStartInfo(D:\SomeProgram.exe); info.UseShellExecute = true; info.ErrorDialog = true; info.ErrorDialogParentHandle = this.Handle; newProcess.StartInfo = info; newProcess.Start(); Do Not Prompt for Elevation in the User's Logon Path Applications that start when the user logs on and require elevation are now blocked in the logon path. Without blocking applications from prompting for elevation in the user's log on path, both standard users and administrators would have to respond to a User Account Control dialog box on every log on. Windows Vista notifies the user if an application has been blocked by placing an icon in the system tray. The user can then right-click this icon to run applications that were blocked from prompting for elevation as the user logged on. The user can manage which startup applications are disabled or removed from this list by double-clicking on the tray icon. A C++ code sample illustrating how to use Task Scheduler to perform the elevation for the user is available in the References section of this document. Do Not Use Runas to Launch an Elevated Process The Run as option from Windows XP and Windows Server 2003 has been replaced with Run as administrator on the context menu (available when you right-click an executable) in Windows Vista. When a standard user selects the Run as administrator option, the user is presented with a list of active administrators on the local computer. Standard users with higher privileges, such as members of the Backup Operators group, are also displayed. When an administrator selects the Run as administrator option, a User Account Control dialog box immediately prompts the user to continue before running the application. Users must use the runas command at the command prompt in order to run an application as another user. Important Be aware that runas does not provide the ability to launch an application with an elevated access token, regardless of whether it is a standard user with privileges like a Backup Operator or an administrator. The runas command grants the user the ability to launch an application with different credentials. The best method to use to launch an application with a different account is to perform the action programmatically by using a service and not rely on the user to run the component as a different user. If your program programmatically uses the runas command, ensure that it is not intended to launch an elevated process. If your application will require the user to run parts of the application with a different user account, ensure that the runas command with the command prompt option is exposed. The following table details the available parameters for the runas command. Runas parameters ParameterDescription/noprofileSpecifies that the user's profile should not be loaded. This enables the application to load more quickly, but can cause some applications to malfunction./profileSpecifies that the user's profile should be loaded. This is the default setting./envUse the current environment instead of the user's./netonlyUse this parameter if the credentials specified are for remote access only./savecredUse credentials previously saved by the user. This option is not available on Windows XP, Home Edition, and will be ignored./smartcardUse this parameter if the credentials to be provided are from a smart card./userThe user's user name. The user name should be provided in the form of USER\DOMAIN or USER@DOMAIN./showtrustlevelsDisplays the trustlevels that can be used as arguments for the /trustlevel parameter./trustlevelOne of the levels enumerated in /showtrustlevels.programCommand line for an executable. Examples: runas /noprofile /user:mymachine\Denise cmd Notes: Enter the user's password only when prompted. The /profile parameter is not compatible with the /netonly parameter. The /savecred parameter is not compatible with the /smartcard parameter. Requirements for Console Applications A console application presents its output on the console window and not with a separate user interface. If an application needs a full administrator access token to run, then that application needs to be launched from an elevated console window. You must do the following for console applications: 1. Mark that your application asInvoker: You can do this by authoring the manifest of your application in which you set RequestedExecutionLevel == asInvoker. This setup allows callers from non-elevated contexts to create your process, which allows them to proceed to step 2. 2. Provide an error message if application is run without a full administrator access token: If the application is launched in a non-elevated console, your application should give a brief message and exit. The recommended message is:  Access Denied. Administrator permissions are needed to use the selected options. Use an administrator command prompt to complete these tasks. The application should also return the error code ERROR_ELEVATION_REQUIRED upon failure to launch to facilitate scripting. Requirements for Scripts Scripts may be considered as a group of applications run in a predefined order and the results of one being channeled into other. In order to make your scripts UAC compliant, examine the logic of your scripts and add tests to make sure that before performing an action in the script, you (or the person running the script) has sufficient privileges to do that task. Requirements for Bulk Operations If a task performed by your application consists of actions on multiple objects, and some of them might require the user's administrative access token, then show the elevation prompt the first time it is needed. If the user approves the elevation, then perform the rest of the tasks. Otherwise, terminate the batch operation. This behavior would be consistent with the current multi-select/copy/delete operation. APIs that Help Identify an Administrator IsUserAnAdmin() GetTokenInformation() Registry/Handle Access Permissions that are Inherently Different between Administrators and Standard Users MAXIMUM_ALLOWED KEY_WRITE DELETE (when applied to registry keys) Other HKLM-like keywords (opened with MAXIMUM_ALLOWED on XP): SHELLKEY_HKLM_EXPLORER SHELLKEY_HKLM_SHELL Other APIs that Are Re-directed to HKLM Registry Values and Virtualization will Apply WritePrivateProfileString(,,, system.ini ); CheckSectionAccess( system.ini ,& ); Step Four: Redesign Your Application's User Interface for UAC Compatibility Use the guidelines in this section to develop your application's user interface for UAC compatibility. Closely adhering to these guidelines in your application's development will ensure that your application will have a consistent and predictable user experience in Windows Vista.  HYPERLINK \l "DSDOC_BKMK_UACImpact3bbc4962_40ae_40b5_8" \o "Impact of UAC on the Windows User Experience" Impact of UAC on the Windows User Experience  HYPERLINK \l "DSDOC_BKMK_UACGoals3bbc4962_40ae_40b5_8b" \o "Goals of the UAC User Experience" Goals of the UAC User Experience  HYPERLINK \l "DSDOC_BKMK_UACElevation3bbc4962_40ae_40b" \o "Elevation Prompt" Elevation Prompt  HYPERLINK \l "DSDOC_BKMK_UXFlow3bbc4962_40ae_40b5_8b70" \o "User experience process flow" User experience process flow  HYPERLINK \l "DSDOC_BKMK_ElevationEntry3bbc4962_40ae_4" \o "Elevation entry points" Elevation entry points  HYPERLINK \l "DSDOC_BKMK_UXImplementation3bbc4962_40ae" \o "User interface implementation" User interface implementation  HYPERLINK \l "DSDOC_BKMK_WhentoAddShield3bbc4962_40ae_" \o "When to add a shield icon to your application's user interface" When to add a shield icon to your application's user interface  HYPERLINK \l "DSDOC_BKMK_KeyAdminDecisions3bbc4962_40a" \o "Key decisions for administrator-only applications" Key decisions for administrator-only applications Important Simply refractoring your application's user interface will not fulfill the requirements for UAC compatibility. Your application's core functionality must comply with the Windows Vista standard user model requirements. These requirements were detailed in the previous step, Step Three: Redesign Your Application's Functionality for UAC Compatibility. Impact of UAC on the Windows User Experience The biggest and most immediate impact on the user experience will be felt by administrators. Administrator users will now need to provide permission to accomplish administrative tasks. Coupled with that, standard users will now gain the ability to ask administrators to give permission for certain administrative tasks within the currently logged in session. Goals of the UAC User Experience The overall goal for UAC user experience is to provide predictability in the user experience: For an administrator, this means that the user always know when he/she will need to give permission to run an elevated task. This is the act of requesting the user's own administrator access token so that he/she can make administrator-required changes. For standard users, this means that they will know when they: Will need to provide administrator approval (home and unmanaged environments) for administrative tasks OR When the cannot complete a task (managed environments where elevation is explicitly disallowed) and must contact the help desk Design Goals The following list comprises the UAC design goals. Eliminate Unnecessary Elevation Users should have to elevate only to perform tasks that require an administrator access token. All other tasks should be designed to eliminate the need for elevation. Pre-Windows Vista software often requires an administrator access token unnecessarily by writing to the HKLM or HKCR registry sections or to the Program Files or Windows system folders. Be Predictable Administrators need to know which tasks require elevation. If they cannot predict the need for elevation accurately, they are more likely to give consent for administrative tasks when they should not. Standard users need to know which tasks require an administrator to perform or cannot be performed at all in managed environments. Require Minimal Effort Tasks that require a higher privileged access token should be designed to require a single elevation. Tasks that require multiple elevations quickly become tedious. Revert to Standard User Once a task that requires a higher level of access token is complete, the program should revert to the standard user state. Elevation Prompt The elevation prompt is built upon an existing Windows user interface. The elevation prompt displays contextual information about the executable requesting elevation, and the context is different depending on whether the application is Authenticode signed or not. The elevation prompt is seen in two variations: the consent prompt and the credential prompt. Consent Prompt The consent prompt is displayed to administrators in Admin Approval Mode when they attempt to perform an administrative task. This is the default user experience for administrators in Admin Approval Mode and can be configured in the local Security Policy Manager snap-in (secpol.msc) and with Group Policy. The following figure is an example of a User Account Control consent prompt. User Account Control consent prompt  Credential Prompt The credential prompt is displayed to standard users when they attempt to perform an administrative task. This is the default user experience for standard users and can be configured in the local Security Policy Manager snap-in (secpol.msc) and with Group Policy. The following figure is an example of a User Account Control credential prompt. User Account Control credential prompt  Default Elevation Prompt Consent Policy for Windows Vista The following table outlines the default prompt style for each user account type in Windows Vista. Default elevation prompt behavior User Account TypeElevation Prompt SettingStandard userPrompt for credentialsAdministrator account in Admin Approval ModePrompt for consent User Experience Process Flow The UAC user experience process flow consists of three distinct components: 1. Elevation entry point (for example, a control or link that displays the UAC shield icon). 2. Elevation prompt (a request for consent or for administrator credentials). 3. Elevated process. The following example workflow summarizes how the preceding components are related: 1. An administrator in Admin Approval Mode logs on to a Windows Vista computer. 2. The user then decides to add another administrator user for the computer. 3. The user clicks Start, clicks Control Panel, and then clicks the link in the Security section entitled Allow a program through Windows Firewall, which is displayed inline with a shield icon. 4. A consent prompt appears requesting the user for approval. 5. The user clicks Continue and the elevated process is created. 6. In Windows Firewall Settings, the user modifies the Windows Firewall settings and then clicks OK, which terminates the elevated process. 7. The user continues to work on the computer as a standard user. Note Elevation entry points do not remember state (e.g. when navigating back from a shielded location or task), as well as the entry point will not remember that elevation has occurred. As a result, the user will need to re-elevate to enter the task/link/button again. Elevation Entry Points For entry points, the shield icon will be attached to certain controls (e.g. buttons, command links, hyperlinks) to indicate that the next immediate step requires elevation. Shield Icon The shield icon is the primary user interface decoration for a UAC elevation point. This icon signifies security related activities in Windows Vista and previous versions of Windows, and this relationship is continued in Windows Vista. The following figure is an example of the shield icon. Shield icon  The shield icon will play a critical part in all three components of the UAC user experience. When viewing the system with Windows Explorer, any application that is marked to request an administrator access token when it is launched will automatically be decorated with a shield glyph over its icon. This permits users to know which applications, when launched, will request elevation. Shield icon properties: Consistent appearance throughout the entire UAC user experience. Does not reflect any visual state (e.g. active, hover, disabled, etc.). Does not remember state. There are three consistent control styles that an entry point marked with a shield icon can take within the user experience: UAC button UAC hyperlink UAC command link These styles apply to all scenarios where these user interface elements can appear such as Wizards, Property Pages, Control Panel Framework, Explorers, etc. Each of the styles implies that an elevation prompt will immediately be displayed after the user clicks a UAC user interface control. A fourth UAC user interface entry point, the UAC icon overlay, is also discussed in this section. Whether an executable receives an icon overlay or not is not controlled by the application developer. Windows Vista overlays a shield icon on applications' icons for executables that have requestedExecutionLevel set to requireAdministrator. UAC Shield Button The UAC shield button should be used in any user interface button that, when pressed, will require the elevation prompt to prompt the user for approval or credentials. UAC shield buttons can be used as commit buttons (e.g. Next in a Wizard) or as a button to display an additional settings user interface (e.g. Change Settings in a property dialog). The UAC shield button consists of two user interface components: Shield icon Text label The UAC shield button is packaged in a manner so that developers can use it in the place of a normal button. The UAC button also supports rendering the shield icon on the left or right side of the text label. In addition, developers will have the option to hide/show the shield icon while the UAC button is displayed. The following screenshot is an example of a UAC shield button. UAC shield button  UAC Hyperlink The UAC hyperlink should be used in any user interface hyperlink that, when clicked, will require the elevation prompt to prompt the user for approval or credentials. A UAC hyperlink consists of the following components: Shield icon Hyperlink control The UAC hyperlink is not packaged with the shield icon for a developer to use. Developers will need to get the shield icon resource and render it next to the hyperlink. The following screenshot is an example of a UAC hyperlink. UAC hyperlink  UAC Command Link The UAC command link should be used in any user interface button that, when clicked, will require the elevation prompt to prompt the user for approval or credentials. UAC command links should only be used as commit buttons (e.g. Do this option in a dialog box). The UAC command link consists of the following components: Shield icon Standard command link components Link text Note text The UAC command link is packaged in a way where a developer can use a UAC command link in the place of a normal command link. The UAC command link supports rendering the shield icon on the left or right side of the command link. The following is an example of a UAC command link. UAC command link  Icon Overlays In Windows Vista, if an executable file requires elevation to launch, then the executable's icon should be stamped with a shield icon to indicate this fact. The executable's application manifest must mark requireAdministrator to designate the executable as requiring a full administrative access token. The shield icon overlay will also be automatically placed on executables that are deemed to require elevation as per the installer detection heuristics. For example, a file named setup.exe will automatically receive a shield icon overlay even if the executable does not have an embedded application manifest. The following figure is an example of a UAC icon overlay. UAC icon overlay  Note Guidance about how to create and embed an application manifest with an executable is provided in the Create and Embed an Application Manifest with Your Application section of this document. User Interface Implementation Shield Icon Implementation and APIs This section provides preliminary information on the icons and APIs available to developers as they migrate or implement new administrative application functionality. Shield icon implementation and APIs IconAPIShieldUser resource: IDI_SHIELDButtonButton_SetElevationRequired(hwndButton)Syslink / HyperlinkLayout IDI_SHIELD next to syslinkCommand linkLoad IDI_SHIELD and set as command link iconContext menuIcon support in DefCM for static commands How do I&  HYPERLINK \l "DSDOC_BKMK_ShieldUI3bbc4962_40ae_40b5_8b" \o "Add a shield icon to the user interface?" Add a shield icon to the user interface?  HYPERLINK \l "DSDOC_BKMK_ShieldButton3bbc4962_40ae_40b" \o "Add a shield icon to a button?" Add a shield icon to a button?  HYPERLINK \l "DSDOC_BKMK_WindowsInstaller3bbc4962_40ae" \o "Add a shield icon to a Windows Installer button?" Add a shield icon to a Windows Installer button?  HYPERLINK \l "DSDOC_BKMK_ShieldNextWizard3bbc4962_40ae" \o "Add a shield to a \"Next\" button control on a Wizard?" Add a shield to a "Next" button control on a Wizard?  HYPERLINK \l "DSDOC_BKMK_ShieldTaskDialog3bbc4962_40ae" \o "Add a shield icon to a task dialog button?" Add a shield icon to a task dialog button?  HYPERLINK \l "DSDOC_BKMK_ElevateModal3bbc4962_40ae_40b" \o "Elevate a modal dialog?" Elevate a modal dialog? Add a Shield Icon to the User Interface Add a small icon: #include <shellapi.h> SHSTOCKICONINFO sii; sii.cbSize = sizeof(sii); SHGetStockIconInfo(SIID_SHIELD, SHGSI_ICON | SHGSI_SMALLICON, &sii); hiconShield = sii.hIcon; Add a large icon: SHSTOCKICONINFO sii; sii.cbSize = sizeof(sii); SHGetStockIconInfo(SIID_SHIELD, SHGSI_ICON | SHGSI_LARGEICON, &sii); hiconShield = sii.hIcon; Add an icon of custom size: SHSTOCKICONINFO sii; sii.cbSize = sizeof(sii); SHGetStockIconInfo(SIID_SHIELD, SHGSI_ICONLOCATION, &sii); hiconShield = ExtractIconEx(sii. ...); Note Generally, you should not add the shield icon directly to your user interface. Using one of the proceeding methods of imbedding the shield icon in a control is recommended. Additionally, simply adding a shield icon in your user interface will not ensure UAC compatibility. You must also refractor the entirety of your application's user experience (add a requestedExecutionLevel, fix any standard user bugs, and ensure the user interface is user friendly and UAC compatible). Add a Shield Icon to a Button The standard button control (PUSHBUTTON, DEFPUSHBUTTON) has been enhanced to allow you to add an icon along with the displayed text, without requiring the BS_ICON or BS_BITMAP styles to be set. To display the shield icon, call the following macro (defined in commctrl.h): Button_SetElevationRequiredState(hwndButton, fRequired); Note hwndButton is the HWND of the button; fRequired determines whether to show (TRUE) or hide (FALSE) the UAC shield icon. Add a Shield Icon to a Windows Installer Button Windows Installer dialogs authored using the internal table support can add a shield to the last button of the user interface dialog sequence by setting the ElevationShield attribute on the control. Add a Shield Icon to a "Next" Button on a Wizard Important Displaying the UAC shield icon the "Next" button is only supported in AeroWizards (PSH_AEROWIZARD). To display the shield icon on the "Next" button for a specific page in an AeroWizard, use the following code: case WM_NOTIFY: if (reinterpret_cast(lParam)->code == PSN_SETACTIVE) { // Show next button // // Note new wParam flag -- when PSWIZBF_ELEVATIONREQUIRED flag // is specified, it indicates that the next page will require // elevation, so if the next button is being shown, show it as // a shield button. SendMessage(GetParent(hwndDlg), PSM_SETWIZBUTTONS, PSWIZBF_ELEVATIONREQUIRED, PSWIZBF_NEXT); // return 0 to accept the activation SetWindowLong(hwndDlg, DWLP_MSGRESULT, 0); } break; Add a Shield Icon to a Task Dialog Button Caution A task dialog button should never require a UAC shield icon. The press action on a task dialog button is expected to commit/cancel and dismiss the task dialog. It would be strange for such a button to then display the elevation prompt to the user. Elevate a Modal Dialog Use the elevation moniker to elevate the COM object representing the modal dialog. Tasks Move the dialog box into a COM object. Expose a ShowDialog() method. Use the API CreateElevatedComObject() to create the COM object and call ShowDialog(). This API will run an instance of the COM object as administrator after going through the elevation process. Note A version of this API that is more complicated to call is available. A simplified version will be available in a later version of Windows Vista. User Education and Assistance Guidelines When a user interface has been re-factored and put behind a button, ISVs should evaluate whether a change to the button name is warranted. Microsoft strongly advises against using Advanced as a button label for elevation tasks. Instead, use more descriptive and understandable labels like Change settings or a term that suggests what is behind the button. Guidelines for Administrator-only User Interface If an application will always be launched by an administrator, then you do not need to add additional shields within the application's user interface. This is because the application will be elevated and everything it does will be elevated and thus does not need further elevation. Note If you have links to other administrator user interface in your administrator-only user experience, the user interface will launch its target elevated. Therefore, you do not need to put any shields in an application that is solely administrative. When to Add the Shield Icon to Your Application's User Interface An Administrative Choice Application An Elevated Process or COM Object The initial application launches without requiring elevation. Those items in the user interface that would require an administrative access token are decorated with a shield icon as identification. This decoration indicates to the user that using that feature will require administrator approval. When the application detects that one of these buttons has been selected, it has the following two choices. The application launches a second program using ShellExeucute() to perform the administrative task. This second program would be marked with a requestedExecutionLevel of requireAdministrator, thus causing the user to be prompted for approval. This second program would be running with a full administrative access token and would be able to perform the desired task. OR The application launches a COM object using CreateElevatedComObject(). This API would launch the COM object with a full administrative access token following approval and this COM object would be able to perform the desired task. This method provides the richest user experience and is the preferred method of dealing with administrative functionality. The following list details requirements for an elevated process or COM object: The control panel should implement the shield decoration and its required architecture. The developer must determine where the shield should go on the user interface. The developer must do the architectural work to separate the business logic into a COM object from the user interface object. The developer must call into the UAC elevation process when the OnClick event for the shield icon is detected. The following list details benefits of properly designing an elevated process or COM object: This is the best overall user experience for both user types. The user interface will launch, viewable to everyone, and all UAC functionality on that user interface will be accessible to everyone. Only when an administrator task is required does the user attempt to elevate to complete the task. Doing this work now will make you fully UAC compliant moving forward. The user interface/COM separation is a good architectural practice. Clicking on a shield icon causes the application to launch either an elevated program or an elevated COM object to perform the task. Administrator-only Application In this instance, the applications initial launch requires administrator approval. This method is called "prompt before launch". Once launched, the application is running with a full administrative access token and can therefore perform the desired administrative tasks. This method is the least work for the developer. The applications manifest is marked with a requestedExecutionLevel of requireAdministrator. Important While this does require the least amount of work for the developer, please note that, just like other administrative applications in Windows Vista, administrators will have to elevate in order to use this application and that standard users will be unable to use the application. The following list details requirements for administrator-only applications: The application manifest should contain a requestedExecutionLevel marking set to requireAdministrator. The user is prompted for administrator approval prior to Windows launching the application with a full administrative access token. The following list details benefits of properly designing an administrator-only application: The operating system does not have to "guess" if your setup application is an administrative application. Standard users will automatically be given a hint that the operation is an administrative operation. For example, when you see the icon for an application marked requireAdministrator, the icon has a shield embedded in the icon. On Windows Vista, if you mark your application as requireAdministrator you know that, once it is launched, it will be running with a full administrator access token. Users must elevate to run the application (either as an administrator in Admin Approval mode or by using Run as administrator). Note Marking an application requireAdministrator does NOT silently elevate the application. The user will still have to give elevation consent to start the application. There is no way to mark an application in Windows Vista to silently elevate. The following list details points of consideration for designing an administrator-only application: This user experience means that all users will see an elevation prompt (either the credential prompt or the consent prompt) prior to the user interface even being visible. That also means no one is able to simply view the current settings until after authenticating with administrator credentials If you are marking requireAdministrator on a setup application, you should be aware that the user that is running the setup is different from the user that may user the application. Therefore, you should not modify HKEY_CURRENT_USER (HKCU) and other per-user settings, such as writing to the user profile, during your administrative setup. Important You must assume that the user running the administrative application is different from the normal user on the computer. Executables that require an administrator access token are marked with a shield icon overlay. Mixed Application A mixed application is one that can be run by usersall users of the system (standard users, administrators in Admin Approval Mode, and those in between like Backup Operators). This is also a "prompt before launch" application. The application will run with the invoker's access token and will launch normally for standard users (no elevation prompt).The program must then modify its behavior at run time to disable those features that would not be available to the user based on the administrative access token obtained. A mixed application does not have the ability to obtain additional administrative privileges once launched; therefore, it does not provide the flexibility of the elevated process or COM object method described previously. This is most useful for applications that require an access token above that of a standard user, but less than a full administrator. For example, the Microsoft Management Console (MMC) is marked highestAvailable. If a true standard user runs the MMC, MMC will launch as a standard user application without any elevation attempt or prompt. If the user is a "split token" user, such as an administrator in Admin Approval Mode or a Backup Operator, the operating system will prompt the user to get consent to launch MMC with the user's "highest" available privilege. In the case of a standard user who has Backup Operator privileges, after elevation, MMC will be launched with standard user + Backup Operator, but nothing more. If an administrator launches MMC, after elevation, MMC will be running as a full administrator application. The benefit of properly designing a mixed application is that the application is available to all users of the system, even though some functionality may be disabled. The following list details points of consideration for designing mixed applications: The developer must dynamically change the behavior of the application based on the administrative Windows privileges and user rights available from the user. The standard user is prevented from ever being able to act on the administrative-level functions on the user interface. There is no potential for prompt elevation once the program is running (the administrators must elevate before opening the user interface). Note There is one workaround for the previous bullet point. An administrator can launch an elevated command prompt on the standard user's computer and run the application from the command prompt. For example, right-click the command prompt, select Run as administrator, and then type "applicationname.exe" in the command prompt. The user experience is branched between the standard user and the administrator in Admin Approval Mode. Example Mixed Application: Backup Application The application could be launched by a member of the Backup Operators group. The program would then verify that the highest level of administrative Windows privileges and user rights available from the user is sufficient for the operation of the program. For more information about program launch behavior, see the Application Manifest Marking and Application Launch Behavior section of this document. Key Decisions for Designing Administrator-Only Applications Back-End Business Objects This section provides an overview of the three models a developer can choose when developing an administrative application that provides the best user experience. The Admin Broker model The Back-End Service model The Admin COM Object model Admin Broker Model In the Admin Broker model, the application is broken into two independent executables a standard user executable and an administrative executable. The developer, using an application manifest, marks the standard user program with a requestedExecutionLevel of asInvoker and marks the administrative program with a requestedExecutionLevel of requireAdministrator. A user will launch the standard user program first. When the user attempts to perform an operation that the standard user program knows requires a full administrator access token, it performs a ShellExecute() and launches the administrative program. The Windows ShellExecute() API looks at the manifest and requests approval from the user before running the application with the user's full administrative access token. The administrative program can then perform the administrative tasks. Note The administrative executable program may enable inter-process communication with a standard user executable using shared memory, local RPC, or named pipes. If the administrative program does enable communication with the standard user executable, the developer needs to use good security practice to validate all inputs from the lower privilege program. Note There is no communication channel between the two programs once the second program launches The following list details uses for the admin broker model: Wizards  When the Hardware Wizard realizes that the required driver is not installed on the computer or located in the enterprise's approved location, it needs an elevated application with the ability to move a driver into the computer store. Autorun.exe calling Setup.exe  The first time you put in a game CD, the required operation from autorun.exe is to set up the application. The second time you insert the CD, the default operation is to play the game. A benefit to using the admin broker model is that it is probably the easiest mechanism to implement for the developer. The following list details some drawbacks to using the Admin Broker Model: The transitions from application to application can be confusing to the user. It can be hard to keep the user apprised of why a new application is  popping up on the monitor. In addition, state is harder to pass between these two applications. For example, you would not use this to pass state between a standard user control panel (CPL) and its administrator counterpart simply to allow the same CPL to have administrative and non-administrative functionality. The standard user CPL would have to store its state somewhere. Often, there is a lot of replicated code when splitting the functionality between two programs. To implement the admin broker model, create two programs (one standard user and one administrative), mark them with the appropriate manifest requestedExecutionLevel, and launch the administrative program from the standard user program using ShellExecute(). The Back-End Service Model In the back-end service model, the application is again broken into two independent executablesa standard user executable that provides the user interface to the user and a back-end service running on the system. Microsoft Remote Procedure Call (RPC) is used to communicate between the two. The front-end application is marked with a requestedExecutionLevel of asInvoker and the back-end service is running as SYSTEM. Communication between the application and the back-end service is accomplished with RPC. One use for the back-end service model is to control programs that could impact the system, such as antivirus programs or anti-spyware). The front-end application provides the means by which the logged on user and control aspects of the service. A major benefit of using the back-end service model is that no elevation prompting is required. The following list details some drawbacks to using the back-end service model: The service needs to limit the types of activities the front-end application can tell it to do. For example, an antivirus service may allow a standard user to initiate a scan of the system, but not to disable real-time virus checking. Adding an unnecessary service to the system can impact the entire system. Ensure that your service is truly necessary for your Windows Vista implementation and that the service is properly architected. To implement the back-end service model, create a standard user front-end application and a back-end service. Install the service in the system during product installation time. The Admin COM Object Model This model is included here, but was discussed in detail previously in this document. The admin COM object model allows dynamic administrative elevation to perform specific operations from within an application or control panel. A major benefit for using the admin COM object model is that it presents the best user experience for the user. The following list details some drawbacks to using the admin COM object model: Requires the most work for the developer as each application feature has to be evaluated and tested for administrator functionality and that function has to be provided by a back-end COM object. User needs to provide elevation approval. The resulting "unit" of standard user application and Admin backend COM object is now "drivable" and is not protected by UIPI and other isolation mechanisms. To implement the admin COM object model, create a standard user front-end application and launch elevated back-end COM objects to perform administrative tasks. Step Five: Redesign Your Application's Installer The following best practices are for well-behaved application installations in a Windows Vista or UAC environment. This list is not comprehensive. For a more detailed explanation of the Logo Requirements for Windows Vista, including the UAC requirements, please see the Windows Vista Logo documentation and the in-depth version of the latest draft of the Windows Vista Logo guidelines document (HYPERLINK "http://go.microsoft.com/fwlink/?LinkId=71497"http://go.microsoft.com/fwlink/?LinkId=71497). Use these requirements while redesigning your application. 1. Use the Windows Installer 4.0 for your setup package. Many of the following requirements are already integrated into the Windows Installer engine. Using Windows Installer for your setup package will assist you with following Windows Vista installation requirements. 2. Use versioned files and do not downgrade files during installation. File versioning ensures that the final installation state is correct when setup is complete. Without file versions, some special handing will be needed to ensure that your installation works properly for many different installation scenarios. Also, when installing versioned files, do not downgrade versions, especially shared files. Downgrading versions may be good for your application, but it frequently causes issues with other applications. By declaring the correct versions of your files in your Windows Installer package, Windows Installer natively supports this feature. 3. Install applications and store per-user data in different locations. Applications should be installed in a folder under the Programs Files directory. To configure this, you can use the ProgramFilesFolder property in the Direcotry table of your Windows Installer package, Per-user configuration data should be stored in files either under the \Users\username\AppData directory or in registry keys under the HKCU root. User data, templates, and application-created files all have proper locations in the \Users\username subdirectory. Although this was not enforced in the past, since many users would run programs with a full administrator access token, applications that do not place information in the correct location are likely to fail. This is especially true when virtualization is turned off. 4. Use a consistent folder location when installing shared components. Shared components should be installed to the Common Files directory by using the CommonFilesFolder property in the Directory table of your Windows Installer package. Managing shared components can be problematic and should be avoided, if possible. A developer who does not install shared components consistently can end up with Component Object Model (COM) registration information pointing to older components. Windows Installer Merge Modules (MSM) is specifically designed to enable shared components to consistently install in the context of all packages that install the shared component. Other problems arise when modifications of shared components cause existing applications to fail. One way to address this issue is for applications to be built using Microsoft .NET or Win32versioned assemblies. 5. Perform setup rollback if an installation fails. Partially installed software can fail in strange and unexpected ways providing for a poor user experience. Windows Installer supports this rollback feature. 6. Do not install application shortcuts all over the users profile. While it may be tempting to add your application icon to every known exposure point in Windows, it often results in users feeling that they have lost control of their computer. Users are then forced to manually remove these shortcuts to return the computer to a desired look and feel. If the developer wants to add icons to the desktop, ask the user for permission during the installation. Windows Vista addresses discoverability of applications post install and the most recently used application list to avoid large Start menu traversing. 7. Avoid automatically launching background applications at user logon. Although it is possible to add programs to the startup group or Run key during installation, it adds overhead to the system. Over time, the performance of the users system can significantly degrade. If your application can benefit from a background task, allow it to be user-configurable. Also, adding a startup task via the HLKM run key may prevent a standard user account from modifying the behavior in the future. If the user wants an application to launch at login time, store the information in the run key of HKCU. 8. Follow clean removal logic. A user might remove an application not only to free up disk space, but also to return the computer to its state prior to the application being installed. The applications uninstall process should correctly and fully remove the application. Windows Installer defaults to the following rules: All non-shared application files and folders. Shared application files whose reference count (refcount) reaches zero. Registry entries, except for keys that might be shared by other programs. All shortcuts from the Start menu that the application created at the time of installation. User preferences may be considered user data and left behind, but an option to do a completely clean removal should be included. The uninstaller itself (if not using Windows Installer). Step Six: Create and Embed an Application Manifest with Your Application In Windows Vista, the correct way to mark your applications is to embed an application manifest within your program that tells the operating system what the application needs. In the Windows Vista release, there are provisions to allow non-manifested or unsigned code to run with a full administrative access token. Note In future releases, the ONLY way to run an application elevated will be to have a signed manifest that identifies the privilege level the application needs. Application Manifest Schema Application manifests are not new to the Windows Vista release. Manifests were used in Windows XP to help application developers identify such things as which versions of DLLs the application was tested with. Providing the execution level is an extension to that existing manifest schema. The Windows Vista application manifest has been enhanced with attributes that permit developers to mark their applications with a requested execution level. The following is the format for this.  Requested Execution Levels Possible Requested Execution Level Values ValueDescriptionCommentasInvokerThe application runs with the same access token as the parent process. Recommended for standard user applications. Do refractoring with internal elevation points as per the guidance provided in this document.highestAvailableThe application runs with the highest privileges the current user can obtain.Recommended for mixed-mode applications. Plan to refractor the application in future release.requireAdministratorThe application runs only for administrators and requires that the application be launched with the full access token of an administrator.Recommended for administrator only applications. Internal elevation points are not needed. The application is already running elevated. Note Hosting applications can become standard user or administrator-only applications only if they support that certain type of hosted application. For example, MMC.exe now only hosts administrative snap-ins, and Explorer.exe only hosts standard user code. System behavior Application MarkingVirtualize?UnmarkedYesasInvokerNorequireAdministratorNohighestAvailableNo Application Manifest Marking and Application Launch Behavior This section details the behavior of the elevation prompt depending on the parent process access token, the setting for the User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode policy and the User Account Control: Behavior of the elevation prompt for standard users policy, and the requested execution level marking for the application. Whether an application can run and which user rights and administrative Windows privileges it can obtain are dependent on the combination of the applications requested execution level in the application compatibility database and the administrative privileges available to the user account that launched the application. The following tables identify the possible run-time behavior based on such possible combinations. Application launch behavior for a member of the local Administrators group Parent Process Access TokenConsent Policy for Members of the Local Administrators GroupNone or asInvokerhighestAvailablerequireAdministratorStandard userNo promptApplication launches as a standard userApplication launches with a full administrative access token; no promptApplication launches with a full administrative access token; no promptStandard userPrompt for consentApplication launches as a standard userApplication launches with a full administrative access token; prompt for consentApplication launches with a full administrative access token; prompt for consentStandard userPrompt for credentialsApplication launches as a standard userApplication launches with a full administrative access token; prompt for credentialsApplication launches with a full administrative access token; prompt for credentialsAdministrator (UAC is disabled)NAApplication launches with a full administrative access token; no promptApplication launches with a full administrative access token; no promptApplication launches with a full administrative access token; no prompt Application launch behavior for a standard user account Parent Process Access TokenConsent Policy for Standard UsersasInvokerhighestAvailablerequireAdministratorStandard userNo promptApplication launches as a standard userApplication launches as a standard userApplication fails to launchStandard userPrompt for credentialsApplication launches as a standard userApplication launches as a standard userPrompt for administrator credentials before running applicationStandard user (UAC is disabled)NAApplication launches as a standard userApplication launches as a standard userApplication might launch but will fail later Application launch behavior for a standard user with additional privileges (E.G. Backup Operator) Parent Process Access TokenConsent Policy for Standard UsersasInvokerhighestAvailablerequireAdministratorStandard userNo PromptApplication launches as a standard userApplication launches as a standard user with additional privilegesApplication fails to launchStandard userPrompt for credentialsApplication launches as a standard userPrompt for credentials before running the applicationPrompt for administrator credentials before running applicationStandard user (UAC is disabled)NAApplication launches as a standard userApplication launches as a standard user with additional privilegesApplication might launch but will fail later uiAccess Values Possible uiAccess values ValueDescriptionFalseThe application does not need to drive input to the user interface of another window on the desktop. Applications that are not providing accessibility should set this flag to false. Applications that are required to drive input to other windows on the desktop (on-screen keyboard, for example) should set this value to true. TrueThe application is allowed to bypass user interface control levels to drive input to higher privilege windows on the desktop. This setting should only be used for user interface Assistive Technology applications. Important Applications with the uiAccess flag set to true must be Authenticode signed to start properly. In addition, the application must reside in a protected location in the file system. \Program Files\ and \windows\system32\ are currently the two allowable protected locations. How to Create an Embedded Manifest with Microsoft Visual Studio Visual Studio provides the capability to automatically embed an XML manifest file within the resource section of the Portable Executable (PE) image. This section addresses how to use Visual Studio to create a signed PE image containing a manifest. This manifest can therefore include the necessary requestedExecutionLevel attributes allowing the application to run with the desired privilege level on Windows Vista. When the program is launched, the manifest information will be extracted from the resource section of the PE and used by the operating system. It is not necessary to use the Visual Studio graphical user interface (GUI) to include a manifest. Once the necessary changes are in the source code, compiling and linking using command-line tools will also include the manifest in the resulting PE image. Manifest File To mark your application, first create a manifest file to use with the target application. This can be done using any text editor. The manifest file should have the same name as the target.exe with a .manifest extension. Example Executable: IsUserAdmin.exe Manifest:IsUserAdmin.exe.manifest Sample application manifest file: Description of your application  The parts of the manifest that need to be adjusted for your application are marked in bold. They include the following: The assembly identity The name The type The description The attributes in the requestedExecutionLevel Building Application Manifests within C/C++ Code with Visual Studio 2005 for Windows Vista Only Applications Important If your application is intended to run on both Windows Vista and Windows XP, you must follow the procedures detailed in the next section: Building and Embedding a Manifest with Microsoft Visual Studio 2005 for Windows XP and Windows Vista Applications. Next, you have to attach the manifest to the executable by adding a line in the resource file of the application (the .rc file) to have Microsoft Visual Studio embed your manifest within the resource section of the PE file. To accomplish this, place the manifest in the same directory as the source code for the project you are building, and edit the .rc file to include the following lines. #define MANIFEST_RESOURCE_ID 1 MANIFEST_RESOURCE_ID RT_MANIFEST "IsUserAdmin.exe.manifest" After rebuilding the application, the manifest should be embedded in the resource section of the executable. Building and Embedding a Manifest with Microsoft Visual Studio 2005 for Windows XP and Windows Vista Applications In Visual Studio 2005, the C/C++ integrated development environment (IDE) interface that permits the inclusion of additional manifest files in a target executable file does some processing on the XML, which inserts a duplicate xmlns tag. Because of this, the previously documented method on how to include a manifest in a Visual Studio 2005 C++ project cannot be used if the application should run on both Windows Vista and Windows XP. The following procedures are modified to include explicit version tags in the trustInfo section. A fix is planned for the mt.exe tool to address the problem where it generates the duplicate namespace declaration in the XML. Until a new version of mt.exe is available, you can avoid the problem of merging manifests by explicitly adding in version tags into the trustinfo section of the manifest. A sample manifest is shown below:  C or C++ Project The following procedure details how to create a manifest for a C or C++ project type in Visual Studio 2005. To create a manifest for a C or C++ project in Microsoft Visual Studio 2005 1. Open your project in Microsoft Visual Studio 2005 2. Under Project, select Properties. 3. In Properties, select Manifest Tool, and then select Input and Output. 4. Add in the name of your application manifest file under Additional manifest files. 5. Rebuild your application.Note The updated manifests that include explicit version tags will permit the application to run correctly on both Windows Vista and Windows XP. Managed Code (C#, J# and Visual Basic) Visual Studio does not currently embed a default manifest into managed code. For managed code, the developer would simply insert a default manifest into the target executable using mt.exe. The steps would be as follows: To insert a default manifest file into the target executable with mt.exe 1. Use a text editor, such as Windows Notepad, to create a default manifest file, temp.manifest. 2. Use mt.exe to insert the manifest. The command would be: mt.exe manifest temp.manifest outputresource:YourApp.exe;#1Adding the Application Manifest as a Step in Visual Studio Post-Build Adding the application manifest can be automated as a post-build step as well. This option is available for C/C++ and the two managed code languages of C# and J#. Note The IDE does not currently include a post-build option for a Visual Basic application. Place the following line as a post build task in Project Properties: mt.exe -manifest "$(ProjectDir)$(TargetName).exe.manifest" -updateresource:"$(TargetDir)$(TargetName).exe;#1" Step Seven: Test Your Application Test your redesigned or new application for application compatibility with the Standard User Analyzer. A procedure detailing this process was described earlier in this document in the Test Your Application for UAC Compatibility section. Use the following workflow to test your application. To test your application for final UAC compatibility 1. Test the application with the Standard User Analyzer tool. 2. Log on to a Windows Vista computer as an administrator in Admin Approval Mode and run your program. Ensure that you test all functionality and note the user experience. File any elevation or user interface bugs accordingly. 3. Log on to a Windows Vista computer as a standard user and run your program. Ensure that you test all functionality and note any differences or failures in the standard user experience in comparison to the administrator in Admin Approval Mode user experience. File any elevation and user experience bugs accordingly.Step Eight: Authenticode Sign Your Application The application now contains a manifest, which will be detected and the information parsed on application launch. The executable can, however, be tampered with. To prevent this, you should sign the application with an Authenticode signature. Note that Windows Vista will have the ability to prevent any unsigned application from launching with a full administrator access token. If you want your application to operate correctly in locked-down environments, while displaying a more user friendly user interface, it should be signed with an Authenticode signature. To sign the application, you can either generate a certificate from makecert.exe or obtain a code-signing key from one of the commercial certification authorities (CAs), such as VeriSign, Thawte, or a Microsoft CA. Note You will need a commercial certificate if you with your application to be trusted on the target computer of a customer installing your application. If you use the makecert.exe file to generate your signing key pair, be aware that it only generates a 1024-bit key. Authenticode signatures should be at least a 2048-bit key. The makecert.exe file should only be used for testing purposes. The following procedure details the high level requirements for using makecert.exe to generate your signing key pair. An example and makecert.exe parameters follow this procedure. To use makecert.exe to generate your signing key pair 1. Generate the certificate. 2. Sign the code. 3. Install the test certificate.Example Signing Procedure The following procedures are provided as examples and are not intended to be strictly followed. For example, replace the test certificate name with your certificate's name and ensure that you tailor the procedures map to your specific CA and development environment. Step 1: Generate the certificate makecert -r -pe -ss PrivateCertStore -n "CN=Contoso.com(Test)" ContosoTest.cer makecert.exe parameters ParameterDescription/rCreate self-signed certificate/peMakes the certificate's private key exportable to the signing machine./ss StoreNameThe certificate store name that will store the test certificate. Example: PrivateCertStore/n X500NameThe certificate subject's X500 name. Example: Contoso.com(Test)CertificateName.cerCertificate name. Example: ContosoTest.cer Step 2: Sign the Code Signtool sign /v /s PrivateCertStore /n Contoso.com(Test) /t http://timestamp.verisign.com/scripts/timestamp.dll file.exe Step 3: Install the Test Certificate To install the test certificate 1. Launch an elevated command window by right-clicking Command Prompt and selecting Run as administrator. 2. In Command Prompt, type mmc.exe and press Enter. 3. In the mmc, select File and then select Add/Remove Snap-in 4. In Add or Remove Snap-ins, select Certificates, click Add, and then click OK. 5. In the Certificates snap-in dialog box, select Computer account and click Next. 6. In Select Computer, select Local Computer, and then click OK. 7. In Add or Remove Snap-ins, click OK. 8. In the Certificates snap-in, and navigate to Trusted Root Certificate Authorities, right-click Certificates, select All Tasks, and then select Import 9. In the Certificate Import Wizard, import the test certificate, ContosoTest.cer.For more information about Authenticode signatures, see the MSDN Web site, for example: Frequently Asked Questions about Authenticode (HYPERLINK "http://go.microsoft.com/fwlink/?LinkId=71496"http://go.microsoft.com/fwlink/?LinkId=71496). Microsoft Authenticode Technology (HYPERLINK "http://go.microsoft.com/fwlink/?LinkId=71361"http://go.microsoft.com/fwlink/?LinkId=71361). Step Nine: Participate in the Windows Vista Logo Program Microsoft offers the Windows Vista Logo program to help customers identify systems and peripherals that meet a comprehensive baseline definition of platform features and quality goals to ensure a great computing experience for end users. Preliminary guidelines for the UAC requirements for obtaining a Windows Vista Logo are available at the Windows Vista Logo page (HYPERLINK "http://go.microsoft.com/fwlink/?LinkId=71497"http://go.microsoft.com/fwlink/?LinkId=71497). Deploying and Patching Applications for Standard Users Generally, enterprises will have to consider how they will install applications on their users workstations in an automated manner, thereby reducing administrative costs. There are fundamentally two parts to this problem--first, how these applications should be packaged for deployment and second, what technology should be used to deploy them. In the case of smaller enterprise environments, a robust, automated deployment mechanism may not be necessary. Assuming that the enterprise has already taken an inventory of the software that is run in its environment, the next step is to repackage these applications for deployment. Microsoft recommends the Windows Installer format because it has the unique ability to separate managing per-user settings from per-machine settings. This type of management generally is not possible with other packaging formats, especially deployment executables that are simply run by an account with more privileges, such as SYSTEM. The MSDN library (HYPERLINK "http://go.microsoft.com/fwlink/?LinkId=71498"http://go.microsoft.com/fwlink/?LinkId=71498) contains many articles on Windows Installer; one suggestion is the Roadmap to Windows Installer documentation (HYPERLINK "http://go.microsoft.com/fwlink/?LinkId=71499"http://go.microsoft.com/fwlink/?LinkId=71499). The Windows Installer format includes the ability to user control the installation of these applications through Group Policy (Microsoft IntelliMirror) and also through SMS. To enable Install on Demand with file extension or shortcuts, the following tables in the Windows Installerbased package must be populated with advertising data: shortcut, extension, icon, and Verb. It is recommended that you also populate class, MIME, ProgID, and TypeLib. More information about IntelliMirror and Install on Demand is available at MSDN (HYPERLINK "http://go.microsoft.com/fwlink/?LinkId=71492"http://go.microsoft.com/fwlink/?LinkId=71492). There are other installer technologies that allow applications to install per-user and support auto-update, such as ClickOnce. This means that the installer will not require administrator or higher privileges to install and that the user will always run the latest version as long as the computer is connected to the network. It also places some limits on an IT professional's ability to control the installation of these applications. ClickOnce (HYPERLINK "http://go.microsoft.com/fwlink/?LinkId=71500"http://go.microsoft.com/fwlink/?LinkId=71500g h )*+,HIJKõõq^õ%h6xCJKHOJQJaJmHnHu jqLh6xUmHnHujh6xUmHnHu6jKh6xh6x>*B*UaJmHnHphuh6xmHnHuhA :h6x0JmHnHu$jhA :h6x0JUmHnHu h6xh6xj3h6xU h6x0Jjh6xUh6xjh6xU$`vg i j k l z  #k  gd6xgd6xgd6xgd6xgd6x"zSdeDz.a _y6  5  4  3   !"#$@ABCXYZtuvwxyz{|񹫹‡k񹫹Z‡ jeNh6xUmHnHu6jMh6xh6x>*B*UaJmHnHphu%h6xCJKHOJQJaJmHnHu jkMh6xUmHnHujh6xUmHnHuh6xmHnHu$jhA :h6x0JUmHnHu6jLh6xh6x>*B*UaJmHnHphuhA :h6x0JmHnHu!123MNOPQRSTUqrúшúlú[шú jYPh6xUmHnHu6jOh6xh6x>*B*UaJmHnHphu%h6xCJKHOJQJaJmHnHu j_Oh6xUmHnHujh6xUmHnHuh6xmHnHuhA :h6x0JmHnHu$jhA :h6x0JUmHnHu6jNh6xh6x>*B*UaJmHnHphu rstABC]^_abcdefúшúlú[шú jMRh6xUmHnHu6jQh6xh6x>*B*UaJmHnHphu%h6xCJKHOJQJaJmHnHu jSQh6xUmHnHujh6xUmHnHuh6xmHnHuhA :h6x0JmHnHu$jhA :h6x0JUmHnHu6jPh6xh6x>*B*UaJmHnHphu BCD^_`bcdefgúшúlú[шú jATh6xUmHnHu6jSh6xh6x>*B*UaJmHnHphu%h6xCJKHOJQJaJmHnHu jGSh6xUmHnHujh6xUmHnHuh6xmHnHuhA :h6x0JmHnHu$jhA :h6x0JUmHnHu6jRh6xh6x>*B*UaJmHnHphu !"#=>?ABCDEFbcúшúlú[шú j5Vh6xUmHnHu6jUh6xh6x>*B*UaJmHnHphu%h6xCJKHOJQJaJmHnHu j;Uh6xUmHnHujh6xUmHnHuh6xmHnHuhA :h6x0JmHnHu$jhA :h6x0JUmHnHu6jTh6xh6x>*B*UaJmHnHphu cde 23úшúlú[шú j)Xh6xUmHnHu6jWh6xh6x>*B*UaJmHnHphu%h6xCJKHOJQJaJmHnHu j/Wh6xUmHnHujh6xUmHnHuh6xmHnHuhA :h6x0JmHnHu$jhA :h6x0JUmHnHu6jVh6xh6x>*B*UaJmHnHphu 345WXYstuwxyz{|úшúlú[шú jZh6xUmHnHu6jYh6xh6x>*B*UaJmHnHphu%h6xCJKHOJQJaJmHnHu j#Yh6xUmHnHujh6xUmHnHuh6xmHnHuhA :h6x0JmHnHu$jhA :h6x0JUmHnHu6jXh6xh6x>*B*UaJmHnHphu    '()+,-./0LMNOyz{úшúlú[шú j\h6xUmHnHu6j[h6xh6x>*B*UaJmHnHphu%h6xCJKHOJQJaJmHnHu j[h6xUmHnHujh6xUmHnHuh6xmHnHuhA :h6x0JmHnHu$jhA :h6x0JUmHnHu6jZh6xh6x>*B*UaJmHnHphu >?@Z[\^_`abcúшúlú[шú j^h6xUmHnHu6j]h6xh6x>*B*UaJmHnHphu%h6xCJKHOJQJaJmHnHu j ]h6xUmHnHujh6xUmHnHuh6xmHnHuhA :h6x0JmHnHu$jhA :h6x0JUmHnHu6j\h6xh6x>*B*UaJmHnHphu      )*úшúlú[шú j_h6xUmHnHu6j|_h6xh6x>*B*UaJmHnHphu%h6xCJKHOJQJaJmHnHu j^h6xUmHnHujh6xUmHnHuh6xmHnHuhA :h6x0JmHnHu$jhA :h6x0JUmHnHu6j^h6xh6x>*B*UaJmHnHphu *+,<=>XYZ\]^_`a}~úшúlú[шú jah6xUmHnHu6jpah6xh6x>*B*UaJmHnHphu%h6xCJKHOJQJaJmHnHu j`h6xUmHnHujh6xUmHnHuh6xmHnHuhA :h6x0JmHnHu$jhA :h6x0JUmHnHu6jv`h6xh6x>*B*UaJmHnHphu  2345VWXrstvwxyz{úшúlú[шú jch6xUmHnHu6jdch6xh6x>*B*UaJmHnHphu%h6xCJKHOJQJaJmHnHu jbh6xUmHnHujh6xUmHnHuh6xmHnHuhA :h6x0JmHnHu$jhA :h6x0JUmHnHu6jjbh6xh6x>*B*UaJmHnHphu  !"#VWXrstvwxyz{úшúlú[шú jeh6xUmHnHu6jXeh6xh6x>*B*UaJmHnHphu%h6xCJKHOJQJaJmHnHu jdh6xUmHnHujh6xUmHnHuh6xmHnHuhA :h6x0JmHnHu$jhA :h6x0JUmHnHu6j^dh6xh6x>*B*UaJmHnHphu yWR w!!\""f##h$$<%%%J&&/''"(( ))B**4  5  6  456PQRTUVWXYuvúшúlú[шú jgh6xUmHnHu6jLgh6xh6x>*B*UaJmHnHphu%h6xCJKHOJQJaJmHnHu jfh6xUmHnHujh6xUmHnHuh6xmHnHuhA :h6x0JmHnHu$jhA :h6x0JUmHnHu6jRfh6xh6x>*B*UaJmHnHphu vwx    / 0 1 K L M O P Q R S T p q úшúlú[шú jih6xUmHnHu6j@ih6xh6x>*B*UaJmHnHphu%h6xCJKHOJQJaJmHnHu jhh6xUmHnHujh6xUmHnHuh6xmHnHuhA :h6x0JmHnHu$jhA :h6x0JUmHnHu6jFhh6xh6x>*B*UaJmHnHphu q r s T!U!V!p!q!r!t!u!v!w!x!y!!!úшúlú[шú jkh6xUmHnHu6j4kh6xh6x>*B*UaJmHnHphu%h6xCJKHOJQJaJmHnHu jjh6xUmHnHujh6xUmHnHuh6xmHnHuhA :h6x0JmHnHu$jhA :h6x0JUmHnHu6j:jh6xh6x>*B*UaJmHnHphu !!!!!!!!!!!!!!!""""9":";"U"V"W"Y"Z"["\"]"^"z"{"úшúlú[шú jmh6xUmHnHu6j(mh6xh6x>*B*UaJmHnHphu%h6xCJKHOJQJaJmHnHu jlh6xUmHnHujh6xUmHnHuh6xmHnHuhA :h6x0JmHnHu$jhA :h6x0JUmHnHu6j.lh6xh6x>*B*UaJmHnHphu {"|"}"""""""""""""""""C#D#E#_#`#a#c#d#e#f#g#h###úшúlú[шú joh6xUmHnHu6joh6xh6x>*B*UaJmHnHphu%h6xCJKHOJQJaJmHnHu jnh6xUmHnHujh6xUmHnHuh6xmHnHuhA :h6x0JmHnHu$jhA :h6x0JUmHnHu6j"nh6xh6x>*B*UaJmHnHphu ###################E$F$G$a$b$c$e$f$g$h$i$j$$$úшúlú[шú jqh6xUmHnHu6jqh6xh6x>*B*UaJmHnHphu%h6xCJKHOJQJaJmHnHu jph6xUmHnHujh6xUmHnHuh6xmHnHuhA :h6x0JmHnHu$jhA :h6x0JUmHnHu6jph6xh6x>*B*UaJmHnHphu $$$$$$$$$$$$$$$$$$$%%%5%6%7%9%:%;%<%=%>%Z%[%úшúlú[шú jsh6xUmHnHu6jsh6xh6x>*B*UaJmHnHphu%h6xCJKHOJQJaJmHnHu jrh6xUmHnHujh6xUmHnHuh6xmHnHuhA :h6x0JmHnHu$jhA :h6x0JUmHnHu6j rh6xh6x>*B*UaJmHnHphu [%\%]%m%n%o%%%%%%%%%%%%%%%%%%%%%%%%%%&&úшúlú[шú juuh6xUmHnHu6jth6xh6x>*B*UaJmHnHphu%h6xCJKHOJQJaJmHnHu j{th6xUmHnHujh6xUmHnHuh6xmHnHuhA :h6x0JmHnHu$jhA :h6x0JUmHnHu6jsh6xh6x>*B*UaJmHnHphu &&&'&(&)&C&D&E&G&H&I&J&K&L&h&i&j&k&&&&&&&&&&&&&&&úшúlú[шú jiwh6xUmHnHu6jvh6xh6x>*B*UaJmHnHphu%h6xCJKHOJQJaJmHnHu jovh6xUmHnHujh6xUmHnHuh6xmHnHuhA :h6x0JmHnHu$jhA :h6x0JUmHnHu6juh6xh6x>*B*UaJmHnHphu &&& ' ''(')'*','-'.'/'0'1'M'N'O'P'''''''''''''''úшúlú[шú j]yh6xUmHnHu6jxh6xh6x>*B*UaJmHnHphu%h6xCJKHOJQJaJmHnHu jcxh6xUmHnHujh6xUmHnHuh6xmHnHuhA :h6x0JmHnHu$jhA :h6x0JUmHnHu6jwh6xh6x>*B*UaJmHnHphu ''''(((((( (!("(#($(@(A(B(C(((((((((((((((úшúlú[шú jQ{h6xUmHnHu6jzh6xh6x>*B*UaJmHnHphu%h6xCJKHOJQJaJmHnHu jWzh6xUmHnHujh6xUmHnHuh6xmHnHuhA :h6x0JmHnHu$jhA :h6x0JUmHnHu6jyh6xh6x>*B*UaJmHnHphu (((((())) ) ) ) )))+),)-).)n)o)p))))))))))))úшúlú[шú jE}h6xUmHnHu6j|h6xh6x>*B*UaJmHnHphu%h6xCJKHOJQJaJmHnHu jK|h6xUmHnHujh6xUmHnHuh6xmHnHuhA :h6x0JmHnHu$jhA :h6x0JUmHnHu6j{h6xh6x>*B*UaJmHnHphu )))* *!*;*<*=*?*@*A*B*C*D*`*a*b*c*************++úшúlú[шú j9h6xUmHnHu6j~h6xh6x>*B*UaJmHnHphu%h6xCJKHOJQJaJmHnHu j?~h6xUmHnHujh6xUmHnHuh6xmHnHuhA :h6x0JmHnHu$jhA :h6x0JUmHnHu6j}h6xh6x>*B*UaJmHnHphu +++:+;+<+V+W+X+Z+[+\+]+^+_+{+|+}+~+++++++++++++++úшúlú[шú j-h6xUmHnHu6jh6xh6x>*B*UaJmHnHphu%h6xCJKHOJQJaJmHnHu j3h6xUmHnHujh6xUmHnHuh6xmHnHuhA :h6x0JmHnHu$jhA :h6x0JUmHnHu6jh6xh6x>*B*UaJmHnHphu *]++,,,"---q..L///]001g118223l334m445}54  6  5  +++ , , ,%,&,',),*,+,,,-,.,J,K,L,M,,,,,,,,,,,,,,,úшúlú[шú j!h6xUmHnHu6jh6xh6x>*B*UaJmHnHphu%h6xCJKHOJQJaJmHnHu j'h6xUmHnHujh6xUmHnHuh6xmHnHuhA :h6x0JmHnHu$jhA :h6x0JUmHnHu6jh6xh6x>*B*UaJmHnHphu ,,,,------ -!-"-#-$-@-A-B-C-a-b-c-}-~----------úшúlú[шú jh6xUmHnHu6jh6xh6x>*B*UaJmHnHphu%h6xCJKHOJQJaJmHnHu jh6xUmHnHujh6xUmHnHuh6xmHnHuhA :h6x0JmHnHu$jhA :h6x0JUmHnHu6jh6xh6x>*B*UaJmHnHphu ---------------. . . .N.O.P.j.k.l.n.o.p.q.r.s...úшúlú[шú j h6xUmHnHu6jh6xh6x>*B*UaJmHnHphu%h6xCJKHOJQJaJmHnHu jh6xUmHnHujh6xUmHnHuh6xmHnHuhA :h6x0JmHnHu$jhA :h6x0JUmHnHu6jh6xh6x>*B*UaJmHnHphu ............... / / / /)/*/+/E/F/G/I/J/K/L/M/N/j/k/úшúlú[шú jh6xUmHnHu6jh6xh6x>*B*UaJmHnHphu%h6xCJKHOJQJaJmHnHu jh6xUmHnHujh6xUmHnHuh6xmHnHuhA :h6x0JmHnHu$jhA :h6x0JUmHnHu6jh6xh6x>*B*UaJmHnHphu k/l/m/////////////////////////////00úшúlú[шú jh6xUmHnHu6jth6xh6x>*B*UaJmHnHphu%h6xCJKHOJQJaJmHnHu jh6xUmHnHujh6xUmHnHuh6xmHnHuhA :h6x0JmHnHu$jhA :h6x0JUmHnHu6jzh6xh6x>*B*UaJmHnHphu 000:0;0<0V0W0X0Z0[0\0]0^0_0{0|0}0~000000000000000úшúlú[шú jh6xUmHnHu6jhh6xh6x>*B*UaJmHnHphu%h6xCJKHOJQJaJmHnHu jh6xUmHnHujh6xUmHnHuh6xmHnHuhA :h6x0JmHnHu$jhA :h6x0JUmHnHu6jnh6xh6x>*B*UaJmHnHphu 000000111111111718191:1D1E1F1`1a1b1d1e1f1g1h1i111úшúlú[шú jَh6xUmHnHu6j\h6xh6x>*B*UaJmHnHphu%h6xCJKHOJQJaJmHnHu jߍh6xUmHnHujh6xUmHnHuh6xmHnHuhA :h6x0JmHnHu$jhA :h6x0JUmHnHu6jbh6xh6x>*B*UaJmHnHphu 1111111111111112 2 2 22221222325262728292:2V2W2úшúlú[шú j͐h6xUmHnHu6jPh6xh6x>*B*UaJmHnHphu%h6xCJKHOJQJaJmHnHu jӏh6xUmHnHujh6xUmHnHuh6xmHnHuhA :h6x0JmHnHu$jhA :h6x0JUmHnHu6jVh6xh6x>*B*UaJmHnHphu W2X2Y2222222222222222222233333333 3<3=3úшúlú[шú jh6xUmHnHu6jDh6xh6x>*B*UaJmHnHphu%h6xCJKHOJQJaJmHnHu jǑh6xUmHnHujh6xUmHnHuh6xmHnHuhA :h6x0JmHnHu$jhA :h6x0JUmHnHu6jJh6xh6x>*B*UaJmHnHphu =3>3?3I3J3K3e3f3g3i3j3k3l3m3n3333333333333333333úшúlú[шú jh6xUmHnHu6j8h6xh6x>*B*UaJmHnHphu%h6xCJKHOJQJaJmHnHu jh6xUmHnHujh6xUmHnHuh6xmHnHuhA :h6x0JmHnHu$jhA :h6x0JUmHnHu6j>h6xh6x>*B*UaJmHnHphu 33333344444444444546474J4K4L4f4g4h4j4k4l4m4n4o444úшúlú[шú jh6xUmHnHu6j,h6xh6x>*B*UaJmHnHphu%h6xCJKHOJQJaJmHnHu jh6xUmHnHujh6xUmHnHuh6xmHnHuhA :h6x0JmHnHu$jhA :h6x0JUmHnHu6j2h6xh6x>*B*UaJmHnHphu 44444444444444444444445555555558595úшúlú[шú jh6xUmHnHu6j h6xh6x>*B*UaJmHnHphu%h6xCJKHOJQJaJmHnHu jh6xUmHnHujh6xUmHnHuh6xmHnHuhA :h6x0JmHnHu$jhA :h6x0JUmHnHu6j&h6xh6x>*B*UaJmHnHphu 95:5;5Z5[5\5v5w5x5z5{5|5}5~55555555555555555566úшúlú[шú jh6xUmHnHu6jh6xh6x>*B*UaJmHnHphu%h6xCJKHOJQJaJmHnHu jh6xUmHnHujh6xUmHnHuh6xmHnHuhA :h6x0JmHnHu$jhA :h6x0JUmHnHu6jh6xh6x>*B*UaJmHnHphu }55;6667769<:;=?NALBfB_DDEFCF & F ^`gd6x- & F hh^h`gd6xgd6x) & F hh^h`gd6xgd6xgd6x5  6  6666664656668696:6;6<6=6Y6Z6[6\6v6w6x6666666668úшúlú[шSOh6xjh6xU jh6xUmHnHu6jh6xh6x>*B*UaJmHnHphu%h6xCJKHOJQJaJmHnHu jh6xUmHnHujh6xUmHnHuh6xmHnHuhA :h6x0JmHnHu$jhA :h6x0JUmHnHu6jh6xh6x>*B*UaJmHnHphu8888888869:9<999999<:@:B:;;;J;L;;;;<<<= ====>n3jh6xh6xB*UaJmHnHphu3jhh6xh6xB*UaJmHnHphu3jh6xh6xB*UaJmHnHphuh6xh6x0JmHnHu3jh6xh6xB*UaJmHnHphu h6x0J<jh6x0J<Uh6xOJQJ#>>>>>???N@P@R@@@NARATAAAABBDDNNQQccee%f&fffGpٻٻʁyqkkc[jh6xUj;h6xU h6x0JJjh6xUjh6xU h6x0JD3j4h6xh6xB*UaJmHnHphu3jh6xh6xB*UaJmHnHphu h6x0J<h6xOJQJh6xh6x0JmHnHujh6x0J<U3jΟh6xh6xB*UaJmHnHphu#CFFFG.HtIJHLNNkOQQQjSU5UUUW'XYYYYgd6xgd6x&gd6xgd6xgd6x- & F hh^h`gd6x & F ^`gd6xYIZh^^/azacc=eKe%f,fffNgxghijjkkmopGpgd6x&gd6xgd6xgd6xgd6xgd6xGpUpjpkpppQ>>$Ifgd6xl kd$$Ifl44    0FL  L    t0    644 Vaf4pyt3:$$Ifgd3:l Gpjpqq-sPs{{~~NRcdn78deֈ׈.2 DHlpq h6x0Jjyh6xUjh6xU h6x0Jjh6xU h6x0JJj%h6xUj{h6xUh6xOJQJjmh6xUh6xh3:h6x5CJaJ>ppppnn$Ifgd6xl ~kd$$Ifl4    0FLL t0    644 Vaf4yt3:ppppnn$Ifgd6xl ~kdO$$Ifl4    0FLL t0    644 Vaf4yt3:ppppq#qnnnn$Ifgd6xl ~kd$$Ifl4    0FLL t0    644 Vaf4yt3:#q$q-q2qnn$Ifgd6xl ~kd$$Ifl4    0FLL t0    644 Vaf4yt3:2q3q4qqqqq|wr^^$$Ifgd3:l gd6xgd6xgd6x~kd$$Ifl4    0FLL t0    644 Vaf4yt3:qqrreRR$Ifgd6xl kd$$Ifl44    0FL  L    t0    644 Vaf4pyt3:rr*r7rnn$Ifgd6xl ~kdݵ$$Ifl4    0FLL t0    644 Vaf4yt3:7r8rYr`rnn$Ifgd6xl ~kdw$$Ifl4    0FLL t0    644 Vaf4yt3:`rarorrrnnn$Ifgd6xl ~kd$$Ifl4    0FLL t0    644 Vaf4yt3:rrrs-s;sPs|wr^^$$Ifgd3:l gd6xgd6xgd6x~kd$$Ifl4    0FLL t0    644 Vaf4yt3:PsQshsuseRR$Ifgd6xl kdE$$Ifl44    0FL  L    t0    644 Vaf4pyt3:usvsssnn$Ifgd6xl ~kdk$$Ifl4    0FLL t0    644 Vaf4yt3:ssssnn$Ifgd6xl ~kd$$Ifl4    0FLL t0    644 Vaf4yt3:sssssnnn$Ifgd6xl ~kd$$Ifl4    0FLL t0    644 Vaf4yt3:ssttnn$Ifgd6xl ~kd9$$Ifl4    0FLL t0    644 Vaf4yt3:tttYtttBueu1vKvxx{|wrmrhrwrwrgd6xgd6xgd6xgd6xgd6x~kdӻ$$Ifl4    0FLL t0    644 Vaf4yt3: {{<}a}x}}}~Ncjh# ,gd6x) & F hh^h`gd6xgd6x&gd6xgd6xԏ.Dl~fqgd6xgd6x&gd6xgd6x) & F hh^h`gd6xgd6x@DNRPTűƱ':vz48Ƹʸ04~^bvz=>jk󥟥 h6x0Jjh6xUj,h6xUj*h6xU h6x0JJj&h6xUjlh6xUj^h6xUjh6xUh6xOJQJjh6xUh6xjh6xU>@NPZ gd6x) & F hh^h`gd6xgd6x&gd6xgd6xgd6xű̱] 6v4Ƹ0~) & F hh^h`gd6xgd6xgd6x&gd6xgd6xgd6xgd6xgd6xgd6x^v24r<~.j* & F ^`gd6x- & F hh^h`gd6xgd6xgd6x) & F hh^h`gd6x&gd6xgd6x48rv<@~.2jn"fj>Brv 2467op6: $lp j=Yh6xUji2h6xUj.h6xUh6xOJQJ h6x0Jh6xjh6xUQjf>r2@.@\p&gd6xgd6x- & F hh^h`gd6x* & F ^`gd6x(9Pc`  !Qz Y] - & F hh^h`gd6xgd6xgd6xgd6xgd6xgd6xgd6x&gd6x z&< >D6 ) & F hh^h`gd6xgd6xgd6x&gd6xgd6xgd6xgd6x- & F hh^h`gd6xl'o":'=% (tgd6x&gd6xgd6x) & F hh^h`gd6xgd6x RS:>     ! WX!"˱ҦˌҦ3j_h6xh6xB*UaJmHnHphuh6x0JmHnHu3j^h6xh6xB*UaJmHnHphu h6x0J<jh6x0J<Uh6xOJQJ h6x0Jjh6xUj\h6xUh6x/tTt\~h !p""gd6x&gd6xgd6xgd6x- & F hh^h`gd6xgd6xgd6xFGHrswx  CDEZ[_`éÏu[3j'ch6xh6xB*UaJmHnHphu3jtbh6xh6xB*UaJmHnHphu3jah6xh6xB*UaJmHnHphu3jah6xh6xB*UaJmHnHphu h6x0J<h6xh6x0JmHnHujh6x0J<U3j[`h6xh6xB*UaJmHnHphu#LMNp"q"###+#7#H#^#k######9$?$O$W$_$s$%5%|((éʡʡʡʡʓʋʅʅʅʅʅʅʅʅʅʅ}h6xOJQJ h6x0JJjNgh6xUj@eh6xU h6x0Jjh6xU3jdh6xh6xB*UaJmHnHphu h6x0J<h6xh6x0JmHnHujh6x0J<U3jch6xh6xB*UaJmHnHphu1"#a#0$$%%% &''|()+,}}}) & F hh^h`gd6xgd6xgd6xgd6x<kd!l$$Iflh" t64ahyt3:"- & F hh$If^h`gd3:l ((\)^)`))))))++ ++++++w,x,y,,,(.,.//&1*122778899::>>>?BB$C(CCCRRļļļļļļļļĀļļļļļļļjnh6xU3jmh6xh6xB*UaJmHnHphu3j,mh6xh6xB*UaJmHnHphuh6xOJQJh6xh6x0JmHnHu3jylh6xh6xB*UaJmHnHphu h6x0J<jh6x0J<U2,,-(./&12.33%567899:<a<=u=>?@T@@gd6x&gd6xgd6x) & F hh^h`gd6xgd6xgd6x@GA$CC.DeDDDEFFFOGGG+HIILM]MNN- & F hh^h`gd6xgd6xgd6xgd6xgd6x) & F hh^h`gd6xgd6xNnObPPAQmQRRSTHVbV6W!XLXUYtZ[X\{\]W^^^) & F hh^h`gd6xgd6xgd6xgd6x- & F hh^h`gd6xRSSTTbVfV6W:WZZtZxZ["[srzrrrLs`sGt[ttt7u8u0x5xxxxx}}}}z~~~ۀЈԈ։ډdhJN`df> h6x0J<jh6x0J<U h6x0Jh3:h6x5CJaJjxth6xU h6x0JJh6xOJQJh6xD^4bcee f f)fOfPffffg8g`gggggghh+h-h$Ifgd6xl gd6x-h.h/hDiiiiiii=jjjjkzzzzzzzzzzz$Ifgd6xl gd6xgd6xhkd>$Ifgd6xl kdv$$Ifl44    0kFL  L    t0    644 Vaf4pyt3:$$Ifgd3:l yyyynn$Ifgd6xl ~kdw$$Ifl4    0kFLL t0    644 Vaf4yt3:yyyznn$Ifgd6xl ~kdFx$$Ifl4    0kFLL t0    644 Vaf4yt3:zz!zmznn$Ifgd6xl ~kdx$$Ifl4    0kFLL t0    644 Vaf4yt3:mznzxzznn$Ifgd6xl ~kdzy$$Ifl4    0kFLL t0    644 Vaf4yt3:zz{M{nn$Ifgd6xl ~kdz$$Ifl4    0kFLL t0    644 Vaf4yt3:M{N{T{{nn$Ifgd6xl ~kdz$$Ifl4    0kFLL t0    644 Vaf4yt3:{{{<|nn$Ifgd6xl ~kdH{$$Ifl4    0kFLL t0    644 Vaf4yt3:<|>|V||nn$Ifgd6xl ~kd{$$Ifl4    0kFLL t0    644 Vaf4yt3:||| }nn$Ifgd6xl ~kd||$$Ifl4    0kFLL t0    644 Vaf4yt3: }}}$}|}}}z~\|wwwccc^wgd6x) & F hh^h`gd6xgd6xgd6x~kd}$$Ifl4    0kFLL t0    644 Vaf4yt3: ؀koZЈ։dB) & F hh^h`gd6xgd6x* & F ^`gd6x- & F hh^h`gd6xgd6xJ.`zx^`(;~R* & F ^`gd6xgd6x&gd6xgd6xgd6xgd6x) & F hh^h`gd6x>@BdfhRTVvxz~8:<tvx|~*ٻٻٻmٻ3jh6xh6xB*UaJmHnHphu3jh6xh6xB*UaJmHnHphu3jc~h6xh6xB*UaJmHnHphu h6x0J<h6xOJQJh6xh6x0JmHnHujh6x0J<U3j}h6xh6xB*UaJmHnHphu *,.Z\^bd "\^`dfbdfΗЗҗ~RVǧٻٻٻmejHh6xU3jh6xh6xB*UaJmHnHphu3jh6xh6xB*UaJmHnHphu3j/h6xh6xB*UaJmHnHphu h6x0J<h6xOJQJh6xh6x0JmHnHujh6x0J<U3j|h6xh6xB*UaJmHnHphu'R-:mKb #Vǧɧʧܧ4[gd6xgd6xgd6xgd6xgd6xgd6xgd6x* & F ^`gd6xǧȧ[\Hެ5]߭,npۮܮJNdh#   bf|st78:jh6xUj=hd Ujh6xUjh6xUh6xOJQJjyh6xUjsuh6xU h6x0JJh3:h6x5CJaJjh6xUh6xjVh6xU>[]^/H$$Ifgd3:l gd6xgd6xgd6xgd6xgd6xHIWneRR$Ifgd6xl kds$$Ifl44    0FL  L    t0    644 Vaf4pyt3:nonn$Ifgd6xl ~kd?t$$Ifl4    0FLL t0    644 Vaf4yt3:Ϊwūګ.~ˬ|wr^^^r^^- & F hh^h`gd6xgd6xgd6xgd6x~kdt$$Ifl4    0FLL t0    644 Vaf4yt3: ˬ̭ ۮNr) & F hh^h`gd6xgd6xgd6xgd6xgd6xgd6xgd6x&gd6xgd6x- & F hh^h`gd6xPJdx˹ݹ;|6YbDgd6xgd6xgd6xgd6xgd6x) & F hh^h`gd6x(0kb|/bsuv&79:) & F hh^h`gd6xgd6xgd6xgd6xgd6xgd6x:; >BDhjlpr.02nprvxXZ\Ƭ͡Ƈ͡m͡3jh6xh6xB*UaJmHnHphu3j$h6xh6xB*UaJmHnHphuh6x0JmHnHu3jqh6xh6xB*UaJmHnHphu h6x0J<jh6x0J<Uh6xOJQJh3:h6x5CJaJ h6x0Jh6xjh6xU!:AA $$Ifgd3:l gd6xgd6xgd6xgd6x&gd6xgd6x 9eRR$Ifgd6xl kdI$$Ifl44    0SFL  L    t0    644 Vaf4pyt3:9:Ainn$Ifgd6xl ~kdo$$Ifl4    0SFLL t0    644 Vaf4yt3:ij~nn$Ifgd6xl ~kd $$Ifl4    0SFLL t0    644 Vaf4yt3:nn$Ifgd6xl ~kd$$Ifl4    0SFLL t0    644 Vaf4yt3:&nn$Ifgd6xl ~kd=$$Ifl4    0SFLL t0    644 Vaf4yt3:&(*>lr"XB|wcccccc^gd6x) & F hh^h`gd6xgd6xgd6x~kd$$Ifl4    0SFLL t0    644 Vaf4yt3:  "&(TVX\^ >@#> Uٻٻʁʁʁyskcjh6xUjh6xU h6x0JjPh6xU h6x0J3jh6xh6xB*UaJmHnHphu3j=h6xh6xB*UaJmHnHphu h6x0J<h6xOJQJh6xh6x0JmHnHujh6x0J<U3jh6xh6xB*UaJmHnHphu# e!zgd6xhkd$$IfH     t0    644 Hayt3:$Ifgd6xl gd6x !"#?Tnzzzz$Ifgd6xl gd6xgd6xhkd2$$IfH     t0    644 Hayt3:&~~~~gd6xgd6x&gd6xgd6xgd6xhkd$$IfH      t0    644 Hayt3:5!h;c)$Ifgd6xl &gd6x)*+U_YpRB ~~jjj~) & F hh^h`gd6xgd6x&gd6xgd6xgd6xgd6xhkd$$IfH     t0    644 Hayt3: UVRV 48dhZ^>Bpt<@HLnoh|>j0h6xUj"h6xUjxh6xU h6x0Jjjh6xUj h6xU h6x0JJj h6xUh6xOJQJh6xjAh6xUB 4e}4 dZ) & F hh^h`gd6xgd6xgd6xgd6xgd6x&gd6xgd6x> p<H,     &gd6xgd6xgd6xgd6x) & F hh^h`gd6x nu#Q>t&`   F!gd6xgd6xgd6x&gd6xgd6x) & F hh^h`gd6xgd6x>r&*  F!J!2#6#&&d'h'**H0L0"2&266&8*8~88;<<<t<u<<<<==4>{@@CC GJJLLNN`NdNNNOOHPLPNQRQhSiSVVYYj+h6xUh3:h6x5CJaJj.$h6xU h6x0Jjh6xUj h6xUjh6xUh6xOJQJh6x h6x0JGF!2#t$$6%d')*c,~,|.r//H0"2344556&8~89::gd6xgd6xgd6x) & F hh^h`gd6x:<<=x@CGG;JLM`NNOHPNQQ+RhSoS T(TIUgd6x&gd6xgd6xgd6x* & F ^`gd6x- & F hh^h`gd6xgd6xIU V%V]VuVvVwVVVVVzup\\$$Ifgd3:l gd6xgd6xgd6xhkd'$$IfH     t0    644 Hayt3:$Ifgd6xl gd6x VVVV3 $Ifgd6xl kdg($$Ifl44    F FL  L L    t0    6    44 Vaf4pyt3:$$Ifgd3:l V)WWWWXqX[kd)$$Ifl4    F FLLL t0    6    44 Vaf4yt3:$Ifgd6xl qXrXXYYn[[[$Ifgd6xl kdu*$$Ifl4    F FLLL t0    6    44 Vaf4yt3:YYYYZZZZnid_ZFF$$Ifgd3:l gd6x&gd6xgd6xgd6xkd+$$Ifl4    F FLLL t0    6    44 Vaf4yt3:YZZ[5\E\\^X_Fccebfhhjj kk"k&k/kBkUlVlMpVpkqrqqqqqqqrrrrtt0t4tFtJt\t`tttuuxy%/8EWg݀ހtu\jPh6xUjLh6xUjGh6xUjDh6xUh6xOJQJ h6x0J_ h6x0JDj Bh6xU h6x0JJh3:h6x5CJaJh6xCZZZZeRR$Ifgd6xl kdo/$$Ifl44    0FL  L    t0    644 Vaf4pyt3:ZZZZnn$Ifgd6xl ~kd0$$Ifl4    0FLL t0    644 Vaf4yt3:ZZ[[nn$Ifgd6xl ~kd/1$$Ifl4    0FLL t0    644 Vaf4yt3:[[[[nn$Ifgd6xl ~kd1$$Ifl4    0FLL t0    644 Vaf4yt3:[[[Y[\|^^^ _2_C_|wrrmYYYY$$Ifgd3:l gd6xgd6xgd6xgd6x~kdc2$$Ifl4    0FLL t0    644 Vaf4yt3: C_X_$$Ifgd3:l X_Y_ kd2$$Ifl44    r6$ eFL  L L L L    t20    644 Vaf4p2yt3:Y_g_q___*`+`5kd4$$Ifl4    r6$ eFLLLLL t0    644 Vaf4yt3:$Ifgd6xl +`9`L`t``aa5kdo5$$Ifl4    r6$ eFLLLLL t0    644 Vaf4yt3:$Ifgd6xl a'a>afaabb5kd36$$Ifl4    r6$ eFLLLLL t0    644 Vaf4yt3:$Ifgd6xl b1b4b|bb c c5kd6$$Ifl4    r6$ eFLLLLL t0    644 Vaf4yt3:$Ifgd6xl  ccFcbccccc$$Ifgd3:l gd6xgd6xcc kd7$$Ifl44    r FL  L L L L    t20    644 Vaf4p2yt3:ccccd9d:d5kdi9$$Ifl4    r FLLLLL t0    644 Vaf4yt3:$Ifgd6xl :dHd_ddddd5kd-:$$Ifl4    r FLLLLL t0    644 Vaf4yt3:$Ifgd6xl dee;eceee5kd:$$Ifl4    r FLLLLL t0    644 Vaf4yt3:$Ifgd6xl eeef2f$$Ifl4    r FLLLLL t0    644 Vaf4yt3:$Ifgd6xl ggghVhhh5kd>$$Ifl4    r FLLLLL t0    644 Vaf4yt3:$Ifgd6xl hhhhhhhBkd?$$Ifl44    0VFL  L    t0    644 Vaf4pyt3:$$Ifgd3:l gd6xgd6xgd6xhhjjjjn~kd@$$Ifl4    0VFLL t0    644 Vaf4yt3:$Ifgd6xl jjjjlHlwoobpjp|wrmhchcgd6xgd6xgd6x&gd6xgd6xgd6x~kdoA$$Ifl4    0VFLL t0    644 Vaf4yt3: jppppqNqtqqqqr;rrrrrrrs!s4sCsOs$Ifgd6xl OsPsQss0tFt\tttuuvpxyyyyytoj&gd6xgd6xgd6x) & F hh^h`gd6xgd6xgd6xhkdD$$IfH     t0    644 Hayt3: pxxxxx:yy{}I}}}}~zuzzgd6xgd6xgd6xhkdF$$IfH    i t0    644 Hayt3:$Ifgd6xl ~`~~~~~~~~ xzupgd6xgd6xgd6xgd6xhkdCG$$IfH     t0    644 Hayt3:$Ifgd6xl i܀݀ptgd6xgd6xgd6x&gd6xgd6x<kdL$$Iflh" t64ahyt3:"- & F hh$If^h`gd3:l \%'نچ 6UVʓޓ *.?RYox”֔ #46\^jv•ΕוՖ֖;<b h6x0Jjh6xUjlh6xUh3:h6x5CJaJjQbh6xUj^h6xUj|Yh6xU h6x0JJjUh6xUh6x h6x0JD'نM0o"- & F hh$If^h`gd3:l gd6xgd6x&gd6xgd6xgd6xgd6x<kdzU$$Iflh" t64ahyt3:opӋF5 =Op"- & F hh$If^h`gd3:l gd6x&gd6xgd6xgd6xgd6x<kdO^$$Iflh" t64ahyt3: pq8hkd|g$$IfH     t0    644 Hayt3:$Ifgd6xl gd6xgd6xgd6x<kd$g$$Iflh" t64ahyt3: *67Gkd h$$Ifl44    0}FL  L    t0    644 Vaf4pyt3:$$Ifgd3:l gd6xgd6x7:YZ^n~kd1i$$Ifl4    0}FLL t0    644 Vaf4yt3:$Ifgd6xl nn$Ifgd6xl ~kdi$$Ifl4    0}FLL t0    644 Vaf4yt3:\nn$Ifgd6xl ~kdej$$Ifl4    0}FLL t0    644 Vaf4yt3:\]qnn$Ifgd6xl ~kdj$$Ifl4    0}FLL t0    644 Vaf4yt3:.|wd$Ifgd6xl gd6xgd6x~kdk$$Ifl4    0}FLL t0    644 Vaf4yt3:./0UvS8`fffffff"- & F hh$If^h`gd3:l gd6xgd6xgd6xhkd3l$$IfH    8 t0    644 Hayt3: `MN?̗ޙߛ1dzgd6xgd6xgd6xgd6x<kdq$$Iflh" t64ahyt3:"- & F hh$If^h`gd3:l bcȗɗtuڙۙ'(TUƞǞ,-EF~opգ֣z{""F#J###$$T%X%%%((((((((((¨ɝh6x0JmHnHu3juh6xh6xB*UaJmHnHphu h6x0J<jh6x0J<Uh6xOJQJ h6x0Jjqh6xUU h6x0Jh6xjh6xU>) deployment is a Microsoft .NET installation technology that automatically installs and configures a client-side application when a user clicks a manifest link, such as a manifest in a Web site, on a CD, or on a universal naming convention (UNC) path. By default, the application will copy itself to the Temporary Internet Files folder and run within a restricted environment. Note Even if your application has been signed with the IT strong name that gives it Full Trust, you still cannot do anything that requires administrator permissions, such as access certain parts of the file system and registry. ClickOnce applications however, are targeted as per-user applications, so this should not be a problem. ImportantClickOnce should not be used for deploying applications that perform administrative operations. Deploying to a Single Computer To deploy an application for a single computer, the administrator must publish the application on that computer. Deploying to all users in a Domain To advertise for all users in a domain, the administrator must publish the application through Group Policy deployment. Currently, only the Group Policybased software deployment component of the Windows Server 2003 operating systems and Windows 2000 Server operating system takes advantage of this functionality. Patching Applications as a Standard User with Windows Installer 4.0 Standard user account patching enables Windows Installer package authors to identify signed patches that can be applied by a future standard user. The following conditions must be met to enable standard user patching with Windows Installer 4.0: The application was installed on using Windows Installer 4.0. The application was originally installed per-machine. The MsiPatchCertificate table is present and populated in the original Window Installer package (.msi file). The patches are digitally signed by a certificate listed in the MsiPatchCertificate table. The patches can be validated against the digital signature. Standard user account patching has not been disabled by setting the MSIDISABLELUAPATCHING property or the DisableLUAPatching policy. Windows Installer 4.0 Standard User Uninstall Behavior The expected behavior for a Windows Installer 4.0 patch applied by a standard user is that it can also be removed by the standard user. Troubleshooting Common Issues The following sections detail common issues encountered with applications in Windows Vista. Common issues include:  HYPERLINK \l "DSDOC_BKMK_ActiveXInstallation3bbc4962_4" \o "ActiveX installation issues" ActiveX installation issues  HYPERLINK \l "DSDOC_BKMK_ActiveXDocuments3bbc4962_40ae" \o "ActiveX documents do not install" ActiveX documents do not install  HYPERLINK \l "DSDOC_BKMK_ApplicationRequired3bbc4962_4" \o "Application, framework, or add-in required" Application, framework, or add-in required  HYPERLINK \l "DSDOC_BKMK_AdministrativePermission3bbc4" \o "Administrative permission is required for installation/patching" Administrative permission is required for installation/patching  HYPERLINK \l "DSDOC_BKMK_PerUserApplicationSettings3bb" \o "Per-user application settings locations" Per-user application settings locations  HYPERLINK \l "DSDOC_BKMK_ApplicationDefaults3bbc4962_4" \o "Application defaults to saving in a protected directory" Application defaults to saving in a protected directory ActiveX Installation Issues ActiveX controls must be installed by an administrator. ActiveX controls are typically used in line of business applications to extend Web browser capabilities to create more flexible user interfaces or to elevate access to computer resources normally denied to applications running within the Web browser. ActiveX controls are typically installed by embedding a reference to the ActiveX control in a Web page. This will cause Microsoft Internet Explorer to download and install the control if it does not exist on the local computer. Typically, ActiveX controls downloaded in this way reside in the %HOMEPATH%\Local Settings\Temporary Internet Files directory, which is writable by standard users. However, to function within Internet Explorer, the controls must have multiple-registry entries, which are not possible for non-administrators. Resolution Removing the ActiveX control from the application almost always results in a loss of functionality. Therefore, this is not recommended for remediation unless the ActiveX control is providing some visual or functional enhancement that is not part of the site's core functionality. For example, a stock ticker on a non-stockrelated portal. In most cases, packaging the ActiveX control for installation by SMS or Group Policy is the correct solution. However, most of the controls will not be included in the base image, so Web sites must modify their pages to fail gracefully. This should comprise detecting the missing ActiveX control and redirecting to the Managed Desktop software request page. ActiveX Documents Do Not Install ActiveX documents are a deprecated technology from Microsoft Visual Basic 4 and Microsoft Visual Basic 5. They can be downloaded in a similar way as ActiveX controls. Resolution Since Visual Basic 4 and Visual Basic 5 are deprecated, Microsoft recommends that you replace the application. It should be possible to install the ActiveX document as part of a client installation; however, updates to the document will be restricted without redeployment through SMS or Group Policy. Application, Framework, or Add-in Required Many applications have dependencies on other software, which may not be installed by default, either because they are already available on the computer or because the other application does not provide distributable binaries for use by third parties. Under normal circumstances, the user would be directed to acquire and install the additional software. Under a managed desktop, installation is not possible. Examples include Adobe Acrobat, Microsoft Office, Office Web components, WinZip, and the IT Microsoft .NET security policy. Resolution Once the dependencies are identified, they can either be packaged with the base image or made available through on-demand SMS installation. The application might have to change how it notifies the end user of the missing software, directing the user to the SMS installation site instead of to the manufacturer. Administrative Permission is Required for Installation/Patching Since installation of a program requires adding files to Program Files, it will always require administrative permissions and, therefore, must be run as a user with elevated permissions. Note You can also "push" the patch with SMS or Group Policy in conjunction with the Add or Remove Programs (ARP) control panel. the user selects software to install and the system installer does the restthe user does not have to be an administrator. For initial installations, this can be dealt with by packaging the software for an installation agent to push out. However, some applications rely on frequent automatic updates that may not align well with a centrally managed application model. Applications that detect updates and attempt to patch themselves will be unable to do so as they will not have permission to modify files in the system directories. Resolution Package your application/patch for deployment by SMS. Applications can still detect that an upgrade is available (as long as they do it without requiring administrative permissions) and can redirect to the provisioning site. Question whether your application needs elevated computer permissions, such as file system, registry access, or COM interoperability. If not, then it might be possible to rewrite the application as a ClickOnce deployment package, which will run in the Microsoft .NET sandbox. Convert to a Web application without any client-side dependencies. Per-User Application Settings Locations For Windows Vista, the application settings that need to be changed at run time should be stored in one of the following locations: CSIDL_APPDATA CSIDL_LOCAL_APPDATA CSIDL_COMMON_APPDATA Documents saved by the user should be stored in CSIDL_MYDOCUMENTS. Note A user's Documents folder is no longer stored under Documents and Settings. In Windows Vista, a new root directory on the file system called Users now contains the profiles for users of the computer. Because these directories have changed, developers are encouraged to use CSIDLs to locate the path to specific well-known directories in a system-independent way. For more information, see the MSDN article on CSIDLs (HYPERLINK "http://go.microsoft.com/fwlink/?LinkId=71501"http://go.microsoft.com/fwlink/?LinkId=71501). An application needs write access to the file system. When running under a managed desktop, an application only has write permission to the following folders and their children. CSIDL_PROFILE CSIDL_COMMON_APPDATA Note Standard users cannot write to Users\Common. C:\Users\Common>cd "Application Data" C:\Users\Common\Application Data>echo File > File.txt C:\Users\Common\Application Data> Applications should not attempt to write to other locations, such as the following: C:\Windows. C:\Windows\System32. Program Files\{application}. C:\{application}. Note This will work if the user created the folder, which members of the Users group can do by default. An application is trying to specifically create C:\Users\Profiles\{user} is not allowed since the user can only create folders under C:\Users\{user}. The location chosen appears to be confused based on where Microsoft has stored the Documents folder on previous versions of the operating system. Application settings that need to be changed at run time should be stored in one of the following locations: CSIDL_APPDATA CSIDL_LOCAL_APPDATA CSIDL_COMMON_APPDATA Documents saved by the user should be stored in the CSIDL_MYDOCUMENTS folder. All paths should not be hard-coded but should use the Environment.GetFolderPath() function. Application Defaults to Saving in a Protected Directory Some applications allow users to save or export data to their local computer. Often, the dialog box defaults to places like C:\, to which standard users do not have write permissions. In addition, some applications do not respond well when the code to write the file fails because as a result of an access denied from the operating system. Resolution Assume that users can only write to their own profiles. For documents intentionally saved by users, initialize the dialog boxes to start at Documents (Environment.GetFolderPath(Environment.SpecialFolder.Personal). Remember that the Save dialog box will allow a user to browse to other locations than the user's profile, so the application should include logic to ensure that it fails gracefully if a user choose a different directory than those located in his/her profile. References This section includes a virtualization reference and a security settings reference. Virtualization Reference File virtualization Virtualize (%SYSTEMROOT%, %PROGRAMDATA%, %PROGRAMFILES%\(Subdirectories) Redirect to: %LOCALAPPDATA%\VirtualStore Excluded binary executables: .exe, .dll, .sys Registry Virtualization: Virtualize (HKLM\SOFTWARE) Redirect to: HKCU\Software\Classes\VirtualStore\MACHINE\SOFTWARE\<Application Registry Keys> Keys excluded from virtualization HKLM\Software\Classes HKLM\Software\Microsoft\Windows HKLM\Software\Microsoft\Windows NT Applicability Virtual stores do not roam Corresponding global objects would not roam Enabled only for interactive standard users Disabled for non-interactive processes Disabled for 64-bit executables Disabled for executables that request an execution level (requestedExecutionLevel) in their application manifest, the model for separation Disabled for kernel mode and impersonated callers Only administrator writeable registry keys and files are virtualized UAC Security Settings Reference This reference details the security settings available to administer UAC with Group Policy or the computer's local security policy. Note The procedures presented in this section are intended for administering unmanaged computers. To use Group Policy to administer the settings centrally in a managed environment, use Active Directory Users and Computers (dsa.msc) instead of local Security Policy Manager snap-in (secpol.msc). Configuring UAC Security Settings The following procedure details how to configure the UAC security settings with the Security Policy Manager. The procedure details the default user experience for an administrator in Admin Approval Mode. To view/set the UAC security settings with Security Policy Manager 1. Click the Start button, type secpol.msc into the search box, and then press Enter. 2. At the User Account Control consent prompt, click Continue. 3. In Local Security Settings, expand Local Policies, and then click Security Options. 4. Right-click the security setting that you would like to change and select Properties. The following procedure details how to configure the UAC security settings with the Group Policy. The procedure details the default user experience for an administrator in Admin Approval Mode. To view/set the UAC security settings with the Group Policy Object Editor 1. Click the Start button, type gpedit.msc into the search box, and then press Enter. 2. At the User Account Control consent prompt, click Continue. 3. In Group Policy, expand User Configuration, and then expand Security Options. 4. Right-click the security setting that you would like to change and select Properties.UAC Security Settings The following table lists the configurable UAC security settings. These settings can be configured with the Security Policy Manager (secpol.msc) or managed centrally with Group Policy (gpedit.msc). UAC Security Settings Setting DescriptionDefault ValueUser Account Control: Admin Approval Mode for the built-in Administrator account.There are two possible settings: Enabled - The built-in Administrator will be run as an administrator in Admin Approval Mode. Disabled - The administrator runs with a full administrator access token. Disabled for new installations and for upgrades where the built-in Administrator is NOT the only local active administrator on the computer. The built-in Administrator account is disabled by default for installations and upgrades on domain-joined computers. Enabled for upgrades when Windows Vista determines that the built-in Administrator account is the only active local administrator on the computer. If Windows Vista determines this, the built-in Administrator account is also kept enabled following the upgrade. The built-in Administrator account is disabled by default for installations and upgrades on domain-joined computers.User Account Control: Behavior of the elevation prompt for administrators in Admin Approval ModeThere are three possible values for this setting: Elevate without prompting: Silently elevate. Prompt for credentials: Require users to enter their login password before continuing. Prompt for consent: Ask the user for approval before elevating. This is the default setting. This setting determines how the user is prompted prior to running a program with higher permissions. This policy is only in effect when UAC is enabled.Prompt for consentUser Account Control: Behavior of the elevation prompt for standard usersDetermines how the user is prompted prior to running a program with higher permissions. This policy is only in effect when UAC is enabled. The following are the available configuration options for this setting: Automatically deny elevation requests: Users will not be prompted when an application wants to perform an administrative task. The application will fail to launch and will present an access denied, or equivalent, error to the user. Prompt for credentials: Require users to enter their login password before continuing.Prompt for credentialsUser Account Control: Detect application installations and prompt for elevationThere are two possible values: Enabled - The user is prompted for consent or credentials when Windows Vista detects an installer. Disabled - Application installations will silently fail or fail in a non-deterministic manner.EnabledUser Account Control: Only elevate executables that are signed and validatedThere are two possible values: Enabled - Only signed executable files will run. This setting blocks unsigned applications from running. Disabled - Both signed and unsigned code will be run.DisabledUser Account Control: Only elevate UIAccess applications that are installed in secure locationsThere are two possible values: Enabled - The system will only give UIAccess privileges and user rights to executables that are launched from under %ProgramFiles% or %windir%. The ACLs on these directories ensure that the executable is not user-modifiable (which would otherwise allow elevation of privilege). UIAccess executables launched from other locations will launch without additional privileges (i.e. they will run "asInvoker"). Disabled - The location checks are not done, so all UIAccess applications will be launched with the user's full access token upon user approval.EnabledUser Account Control: Run all administrators in Admin Approval ModeThere are two possible values: Enabled - Both administrators and standard users will be prompted when attempting to perform administrative operations. The prompt style is dependent on policy. Disabled - UAC is essentially "turned off" and the AIS service is disabled from automatically starting.EnabledUser Account Control: Switch to the secure desktop when prompting for elevationThere are two possible values: Enabled - Displays the UAC elevation prompt on the secure desktop. The secure desktop can only received messages from Windows processes, which eliminates messages from malicious software. As a result, consent and credential prompts cannot be spoofed on the secure desktop. Disabled - The UAC elevation prompt is displayed on the user desktop.EnabledUser Account Control: Virtualize file and registry write failures to per-user locationsThere are two possible values: Enabled - Applications that lack an application compatibility database entry or a requested execution level marking in the application manifest are not UAC compliant. Environments that utilize software that is non-compliant should keep this setting enabled. Disabled - UAC compliant applications should not write to protected areas and cause write failures. As a result, environments that are only utilizing UAC compliant applications should disable this setting. Non-compliant applications that attempt to write to Program Files and %systemroot% will silently fail if this setting is disabled.Enabled Note For most situations, the Elevate without prompting option is NOT recommended. Elevating without prompting would permit applications running as a standard user to launch administrative applications without user consent and effectively bypass UAC. Task Scheduler Code Sample The following C++ code sample illustrates how to use Task Scheduler to perform the elevation for the user. As a result, the application can automatically elevate during logon by using an administrator's credentials and Windows Vista will not block the application. You must create an administrator user for your application during setup in order for this solution to work properly. //--------------------------------------------------------------------- // This file is part of the Microsoft .NET Framework SDK Code Samples. // // Copyright (C) Microsoft Corporation. All rights reserved. // 4S(!l!"F##$T%%q&&2'P'''(*>+,-gd6xgd6x) & F hh^h`gd6xgd6xgd6x&gd6x())))*** *****:+<+>+B+D+B,D,F,,,,,,--------s.ļļļnļ3jcxh6xh6xB*UaJmHnHphu3jwh6xh6xB*UaJmHnHphu3jvh6xh6xB*UaJmHnHphuh6xOJQJh6xh6x0JmHnHu3jJvh6xh6xB*UaJmHnHphu h6x0J<jh6x0J<U"s.t.u...[;\;>>??AACCCC D$DDDDEJEvEEFGGKGLGxGyGbHfHHHHHIIhIlIIIJJJJKKPKTKxKzKMMʺʺʺʺʺʺʲʬʬʬʤʤʺʺʖʺʺʺʺʺʺʺʎʬjDŽh6xUjh6xU h6x0Jjh6xU h6x0JJjs}h6xUh6xOJQJjyh6xUh6xh6x0JmHnHujh6x0J<U3jyh6xh6xB*UaJmHnHphu8-..2!2t34455679(9_::[;b;M===?A|BB&gd6xgd6xgd6xgd6xgd6x) & F hh^h`gd6xBCC DNDDD9FGbHHHHIhII JJJKPKxKK&L* & F ^`gd6x&gd6xgd6x) & F hh^h`gd6xgd6x&LNMM NLNzNOOPsQ~QWSbSSSSTTNUUUzVVV6WWgd6xgd6xgd6x) & F hh^h`gd6xgd6xMNN N$NLNPN RRfRjRTTTTTTUUUUzV~VVVVV6W:WWWWW2X6XXXXX$Y(Y>ZBZZZ?\@\V^W^^^^^^^^_%_-_5_L_U_c_t____```` aaZZ4[t[?\F\h]]V^^^/__"- & F hh$If^h`gd3:l gd6x&gd6xgd6xgd6xgd6x) & F hh^h`gd6xgd6x___``Caaa,b-bY<kd$$Iflh" t64ahyt3:gd6xgd6x<kd$$Iflh" t64ahyt3:"- & F hh$If^h`gd3:l a b*b cCcddddXe\e`gdgjj^jbjkknnooqq^rbr ttttbvfvyy{{||~~ĀPTX\†ºjh6xUh3:jh3:U heheUjh6xUh3:h6xOJQJh3:h6x5CJaJ h6x0JJh6xF-bCb cc c)c5cCc$$Ifgd3:l gd6xgd6xgd6xCcDcccG44$Ifgd6xl kdq$$Ifl44    F FL  L L    t0    6    44 Vaf4pyt3:cdXe`g+i,iiJ7$Ifgd6xl kdח$$Ifl4    F FLLL t0    6    44 Vaf4yt3:#)$ & F hh$If^h`gd3:l ii^jkkll#)$ & F hh$If^h`gd3:l $Ifgd6xl lllmoppn[[77[#)$ & F hh$If^h`gd3:l $Ifgd6xl kd$$Ifl4    F FLLL t0    6    44 Vaf4yt3:ppVqq^r s0sn[[77[#)$ & F hh$If^h`gd3:l $Ifgd6xl kd'$$Ifl4    F FLLL t0    6    44 Vaf4yt3:0s2ss ttPubun[[77[#)$ & F hh$If^h`gd3:l $Ifgd6xl kdϙ$$Ifl4    F FLLL t0    6    44 Vaf4yt3:budu$vbvyzzn[[77[#)$ & F hh$If^h`gd3:l $Ifgd6xl kdw$$Ifl4    F FLLL t0    6    44 Vaf4yt3:zzR{{|}}n[[77[#)$ & F hh$If^h`gd3:l $Ifgd6xl kd$$Ifl4    F FLLL t0    6    44 Vaf4yt3:}}\~~P`n[[77[#)$ & F hh$If^h`gd3:l $Ifgd6xl kdǛ$$Ifl4    F FLLL t0    6    44 Vaf4yt3:`bPXn[[77[#)$ & F hh$If^h`gd3:l $Ifgd6xl kdo$$Ifl4    F FLLL t0    6    44 Vaf4yt3:gnid_ZUB$Ifgd6xl gd6xgd6x&gd6xgd6xgd6xkd$$Ifl4    F FLLL t0    6    44 Vaf4yt3:gA˸ϸ\FȺڻ*>S$Ifgd6xl //This source code is intended only as a supplement to Microsoft //Development Tools and/or on-line documentation. See these other //materials for detailed information regarding Microsoft code samples. // //THIS CODE AND INFORMATION ARE PROVIDED AS IS WITHOUT WARRANTY OF ANY //KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE //IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS FOR A //PARTICULAR PURPOSE. //--------------------------------------------------------------------- /**************************************************************************** * Main.cpp - Sample application for Task Scheduler V2 COMAPI * Component: Task Scheduler * Copyright (c) 2002 - 2003, Microsoft Corporation * This sample creates a task to at the time registered to start the desired task. * ****************************************************************************/ #include "stdafx.h" #include #include #include #include #include //Include Task header files - Included in Windows Vista Beta-2 SDK from MSDN #include #include #include #include using namespace std; #define CLEANUP \ pRootFolder->Release();\ pTask->Release();\ CoUninitialize(); HRESULT CreateMyTask(LPCWSTR, wstring); void __cdecl wmain(int argc, wchar_t** argv) { wstring wstrExecutablePath; WCHAR taskName[20]; HRESULT result; if( argc < 2 ) { printf("\nUsage: LaunchApp yourapp.exe" ); return; } // Pick random number for task name srand((unsigned int) time(NULL)); wsprintf((LPWSTR)taskName, L"Launch %d", rand()); wstrExecutablePath = argv[1]; result = CreateMyTask(taskName, wstrExecutablePath); printf("\nReturn status:%d\n", result); } HRESULT CreateMyTask(LPCWSTR wszTaskName, wstring wstrExecutablePath) { // ------------------------------------------------------ // Initialize COM. TASK_STATE taskState; int i; HRESULT hr = CoInitializeEx(NULL, COINIT_MULTITHREADED); if( FAILED(hr) ) { printf("\nCoInitializeEx failed: %x", hr ); return 1; } // Set general COM security levels. hr = CoInitializeSecurity( NULL, -1, NULL, NULL, RPC_C_AUTHN_LEVEL_PKT_PRIVACY, RPC_C_IMP_LEVEL_IMPERSONATE, NULL, 0, NULL); if( FAILED(hr) ) { printf("\nCoInitializeSecurity failed: %x", hr ); CoUninitialize(); return 1; } // ------------------------------------------------------ // Create an instance of the Task Service. ITaskService *pService = NULL; hr = CreateElevatedComObject( CLSID_TaskScheduler, NULL, CLSCTX_INPROC_SERVER, IID_ITaskService, (void**)&pService ); if (FAILED(hr)) { printf("Failed to CoCreate an instance of the TaskService class: %x", hr); CoUninitialize(); return 1; } // Connect to the task service. hr = pService->Connect(_variant_t(), _variant_t(), _variant_t(), _variant_t()); if( FAILED(hr) ) { printf("ITaskService::Connect failed: %x", hr ); pService->Release(); CoUninitialize(); return 1; } // ------------------------------------------------------ // Get the pointer to the root task folder. This folder will hold the // new task that is registered. ITaskFolder *pRootFolder = NULL; hr = pService->GetFolder( _bstr_t( L"\\") , &pRootFolder ); if( FAILED(hr) ) { printf("Cannot get Root Folder pointer: %x", hr ); pService->Release(); CoUninitialize(); return 1; } // Check if the same task already exists. If the same task exists, remove it. hr = pRootFolder->DeleteTask( _bstr_t( wszTaskName), 0 ); // Create the task builder object to create the task. ITaskDefinition *pTask = NULL; hr = pService->NewTask( 0, &pTask ); pService->Release(); // COM clean up. Pointer is no longer used. if (FAILED(hr)) { printf("Failed to CoCreate an instance of the TaskService class: %x", hr); pRootFolder->Release(); CoUninitialize(); return 1; } // ------------------------------------------------------ // Get the trigger collection to insert the registration trigger. ITriggerCollection *pTriggerCollection = NULL; hr = pTask->get_Triggers( &pTriggerCollection ); if( FAILED(hr) ) { printf("\nCannot get trigger collection: %x", hr ); CLEANUP return 1; } // Add the registration trigger to the task. ITrigger *pTrigger = NULL; hr = pTriggerCollection->Create( TASK_TRIGGER_REGISTRATION, &pTrigger ); pTriggerCollection->Release(); // COM clean up. Pointer is no longer used. if( FAILED(hr) ) { printf("\nCannot add registration trigger to the Task %x", hr ); CLEANUP return 1; } pTrigger->Release(); // ------------------------------------------------------ // Add an Action to the task. IExecAction *pExecAction = NULL; IActionCollection *pActionCollection = NULL; // Get the task action collection pointer. hr = pTask->get_Actions( &pActionCollection ); if( FAILED(hr) ) { printf("\nCannot get Task collection pointer: %x", hr ); CLEANUP return 1; } // Create the action, specifying that it is an executable action. IAction *pAction = NULL; hr = pActionCollection->Create( TASK_ACTION_EXEC, &pAction ); pActionCollection->Release(); // COM clean up. Pointer is no longer used. if( FAILED(hr) ) { printf("\npActionCollection->Create failed: %x", hr ); CLEANUP return 1; } hr = pAction->QueryInterface( IID_IExecAction, (void**) &pExecAction ); pAction->Release(); if( FAILED(hr) ) { printf("\npAction->QueryInterface failed: %x", hr ); CLEANUP return 1; } // Set the path of the executable to the user supplied executable. hr = pExecAction->put_Path( _bstr_t( wstrExecutablePath.c_str() ) ); //hr = pExecAction->put_Path( (BSTR)wstrExecutablePath ); if( FAILED(hr) ) { printf("\nCannot set path of executable: %x", hr ); pExecAction->Release(); CLEANUP return 1; } hr = pExecAction->put_Arguments( _bstr_t( L"" ) ); // hr = pExecAction->put_Arguments( _bstr_t( L"ArgumentsToYourExecutable--HelpFileToOpen" ) ); if( FAILED(hr) ) { printf("\nCannot set arguments of executable: %x", hr ); pExecAction->Release(); CLEANUP return 1; } // ------------------------------------------------------ // Save the task in the root folder. IRegisteredTask *pRegisteredTask = NULL; hr = pRootFolder->RegisterTaskDefinition( _bstr_t( wszTaskName ), pTask, TASK_CREATE, _variant_t(_bstr_t( L"S-1-5-32-545")),//Well Known SID for \\Builtin\Users group _variant_t(), TASK_LOGON_GROUP, _variant_t(L""), &pRegisteredTask); if( FAILED(hr) ) { printf("\nError saving the Task : %x", hr ); CLEANUP return 1; } printf("\n Success! Task successfully registered. " ); for (i=0; i<100; i++)//give 10 seconds for the task to start { pRegisteredTask->get_State(&taskState); if (taskState == TASK_STATE_RUNNING) { printf("\nTask is running\n"); break; } Sleep(100); } if (i>= 100) printf("Task didn't start\n"); //Delete the task when done hr = pRootFolder->DeleteTask( _bstr_t( wszTaskName ), NULL); if( FAILED(hr) ) { printf("\nError deleting the Task : %x", hr ); CLEANUP return 1; } printf("\n Success! Task successfully deleted. " ); // Clean up. CLEANUP CoUninitialize(); return 0; }     PAGE  PAGE  PAGE 91 ɼݼ1Lfg۽<DFGk$Ifgd6xl ޾߾<=?ƿ޿8MS$Ifgd6xl EjxZ7d/5$Ifgd6xl 5>c (BTZ[ 0pm$Ifgd6xl 89 '9?HI7LR$Ifgd6xl Y06OP >qA^$Ifgd6xl ^ JZlrs/?QWX$9?{$Ifgd6xl `tzGqjy$Ifgd6xl '9?z'.0<>jk2BTZ[$Ifgd6xl [zxxxgdegd6xhkdi$$IfH    8 t0    644 Hayt3:$Ifgd6xl  h]hgd6x$$h]hgdp$h]hgds $&`#$gd}|%%h]hgdJ %&`#$gd6x     heheh3:h6xh0JmHnHu h6x0Jjh6x0JU gdegd6x6&P1:p6x/ =!p"p#p$p% 6&P1:p6x/ =!p"p#p$p% 9 0&P1:p6x/ =!p"p#p$p% 9 0&P1:p6x/ =!p"p#p$p% DdXzpZ  S 6ADocCoverTopb#/9ځ8rj Dn#/9ځ8rj PNG  IHDR(jZssBIT|.wPLTEU~tRNS@fbKGDH cmPPJCmp0712Om;IDATx1 Omo7`]IENDB`P1Dd V  C 2AWinVista_v_cR0@4$^L?&0Fz0@4$^L?&JFIFddDucky<Adobed       /  !1Aa"Qq2Rr#BbѲ3Scs$uჳ467CDt%E8!1AQqa"2BRbт3S ?JBAäcZ\ѼDBb5BduΎƒͤ.fiwUVR;k=--"^1'= {)Xwߌ՗e^6;j\w1>yIlV׶wQ mgx"p{O 'KVtwT.3-~! D8kA.Hk-/ٲlE~b-tXq FMW;'6Ocɛ|!_.ͼ+F<ѳFf{JV1JYUMte~`z>G̔3qwY|L}=ֱYW4ײ4j4\vΎSۋ 2{ٸ)] >Jc8\[u:}eyeͻ!;7W[J5yooK9X@@@@@@@@@@@@@@@@@@@@@@@@@@@AK|fmqjZ~W.g}2}ʹvLll͊׹W6a6dW6c,;ѹ7Wɴ۹L\`tnٶyy$XO,K+O*xͭ3ܱ=g].Fc6>q-s.7%MB"BBB/o-sO6GalWݒ^axky{{}FtfR*f&Y*̶Z&ڬwToF׻zc\g#oU^ۋ_ky۲`fvve.' r#1ԹO?ӧpkV-&y:xNc MfXƕWлX4ilW%gz^̪PusonymCZIjY[AyyfTZXDZ7E3*V_L,\ ^GֲvOs§t$sQFT@@@@@@@@@@@@@@@@@A]/aM>;GX\%m"#w~Q6^v6薶lصeV-{Yk3Sk*2U6U6d6\ن!FVfßyf]gѯ˳n#dho?&tyi.##kO9ܼ͡V9aثDhUs &*Y\*lЌiد#g_YSha,̉H]Mevh+Fۛ1u§IǦc9ڷ[, 7[2[bXld~Y&ri쇮v2ҭbܸfҗvŭykRD6-kYE,UM̲rls;SzBӊ뱜0Ӝ}<+_?roe1mm-.LܫFIU0'z ][+ieVM{eMqYQh} {th 0~ LUD8uMrD;8HXłdQ>WF*TL5f"\d_]޿}Į׳@zs_uаbxvZ0P-;mbR&Z-kuk۪B'ByoLmK{OjM-{㷱M=11 #j״EFCc K \qA^Ѹi[F&ߌQHmnзNBipfjlcC;vԆ¡" o776K"mLQ i+Sy9ӻwR]ݔv+Efe_Xbxp5y\,44y,o_5S/gӝ:KG -xh_m HSe}0QG{niA?D~a~~Yk}{ΗOlL\vq ;o'btnMc%5c (Pb|p;i曆s&L=aJb$wdfC\E<-oƜ-=fѦݵɢ2PӐ7UEZ-1ቭg.\ 36,&v2hڪad=7JB"+jۧ,slZ$n]:jUvC'žH g0 KlGN,V5W5)tUyޱi\S˶ND~n)>'pӥctgu7V]ZGkxXf}*SVx5ﭚ3_>٨5=ӫqu51ڰF|k$2+'g_ kYci|-vk?lkѷq4_aZy8[V losHloQwi܍Yddly6۸Zg(Yn/jdB\Yˈ]Ii-.儦X3le?hTC,/FBrޮIТ;pP]n&kLv5cRbq&azv^c/& EiX7lwb4V4lY#&0h_#Apu7Z!^[YxAq=ֽ*眫"ht=kObz'jҤ߹kٷIMIQhlVRpS0%<+YݮG{jFzmPޙKw`ԗfI]U*ϫaTqK }AYGÛTd^U >W/Eiԅ.PGŲ٧{``r}Ct6_z|2Iu%}_J[,+L߬Ek"~+)f1:Ml6x[~ū kf&4@+rT͉Q m' xZVl~o/]rš3%-x=bvfi>Vv1]1m>^ݥlV8.U5]m",wxOhtueep߰^?_&#~6wpWLl^t:{u=[%V/ruՇDsomWVoX%člnkm=`hw6=)ۯ2FrĒ26:G5*Q3={vWRܓ䏓j^n8Y7dAFUZ1JC*'ڥLVblͧIM[\Zt)¦jڭۮcI[Lv4 Ⱦ=R!rwH~4`0#6Z?4G_ޟ1_%WlE!-\:^"y6_:Mg>Pť/tX8xb64pv|IPi+A3O+cM"ro/!OϹoHv{iۭ21ƫ6"7&dF:2v":/woU^א^mvƆ4nhz] _Uh=?^- C{cy6h1roH%%m1q:KlVvXۍcCUVkwWV!5fdtXjFtXvyE*% >]kn0 +?}5)$opk Zk:v6Z4>WKA :]j̻<_-j_x:d돤n.8me`!4H^݋G2d;:>?8pg9xpj #|巿OHGOzu1WDLC(KYD,dVq "Y%YD,vt6ߴjWObݑξY+pnOnU:k!6ul`&/7Du67teˋ  yzN.IQP޲fqx^j%Ӎ%ɹU⏗\wЊ_:!UQWKYD3t <=3;aI-{d1q i| 0^aq.Ϭi S p69{uy"x^2O׎7d6.[<|svϣ n@@@@@@@@@@@@@@@@@@@@@@@@@@A,1Ǵ9x(5\րݼ[qq=hr|nImbdij׺S=jUF`0s|%yG3,GKa&>駴Y0W2OF<9c:/?rgV}Ol9n7%!; Wᱏjzv[7=º8~?ti'kRIy&ux<8Ys ۷F͏ӓ60`e4`]zR+4{[{kf! '&.{rT.c\pƒLMy|'I:;Ĉ~mH%:C<.=LeTj\PCl 0b`u9 i/\Z2h(s=X[Mg 빹`qI, cG:2x܌Fk o!kLHZ4a"(2P`v3!mkq 8f8M q؂+= VV(3W%<:_K_QJyPѶ Ҭn6?^׸u_wꀀ'k{kg<7#^R(ӰA\6+Ȭe;tV'ԡ}Z_1ﴸ呼D5ZM<;*yOL}ՖBh/F=m~7:%E~BԿt>j;`ʌ?Q0R3Rd5r(Ny3g zZsQ|gNm*L 5\F/T16vV`6A\U^&e/ 5gH3{8 KW+fq49؃ZcTԖCgyn.Gc\ZA=ȅTz.0809,10q"Rh%Wˌ\M1k\7<(5.jOo~ں2>Ʀ9c4:՛`?)y{cHi-TwRUm),ٛZ]%KgD6c|nDsY~t1<2W\FEϑxMxk܃sPsycuΈMaV' !(AatTɪ:}O {pNJmb {g!Y|?Q髬6M_e}+&|!w$xc vx^DΔjuGOp]n#~L n.s8 ׭zX3ZkEiL^r9Іnq5居;,.?_g:o'y$tgA!"w ꗥ1^ 7Y+3%1-䝞Z P NO,ܮK)GЉuҸ [375RF}B! ^tOH]KEngȧѩ="}>_My%~C}":%s99:K\R> Z(774VMqL\ImїS#C4ӟɂ鶷fc[䰒4Wvy0kR1d:j _hmqe-ebc0`yP[:CEkL6\f5zkXo"N&9elިqWMAq$VQ+vSQ(]O1Sm3ryaf.x;8\SyAXd؍3S\i~%մ2Q$<l;Cj?"!wQ k\-ռw!͆Hni!Raxۃ4c0Ru+eٌ Ĝ. p;hE|J'v&349 N~EK7+m4fr7?FZ z mjxah淛8670l/Zo>⃛KFssAUEFJ%|oFY$XLAn;o3|щd>B>)At0i#>G QqD¼k==BˋV;29򫇵 M'il'H%qO`v6y-#|)-L(W[ wXb;dD|T==BրhD5br?67,h=G7}L(ls?IC4m2[<./A3򓝑,晹%pȝ8_ a`0u+!re؋gVHZ;҂CK-<EoO #;J_$>4gf/,/6;WC>%;sY7]< /c fj5DyS '"Pu\CsI trCG4APyWzW&m;|l 4M~PGXtƌhc0 3M[g فWP­v<4J :/%'-丒o2kFjc>[z[YS B+mGH#G`h}W}/0e%kT"Zf+6i};-CBiڂ+EeZYWCy qVD\Kqۡv"ft˩zoX[4n FKM WL{i>fK{yl"Ǜ˽(li=2صSnnjD !䘳wڻt EvBvF =gi6E =_QQ~Rl7.ѿBL֘*`C[ vQ-[u;om_,No{u|-ƌN|/>~ℯ]Cp>S/tK+v>I W{{ڈycuiIEӲ'{͉1(]GJ?heCf{9Һ0epl4ych{&#Lhı٬ZYٵ3K)hֵОȘ` O>23nsx(D!&BUk0uT]D8-2W6%fxXXdNtƛ8ޞK]>n3G_}(JgpYo-o!W_[)K\mڈyF!1E^qkmF c N*ݨ4=FF`2\_M}wet-/.'z!6Cѝ`C1lcF(>f"YCW}Y@LG!+n Ё;9O4JeqiD)MY>0\).-xz6akZLlNR[<у%t'hμZh8t^\ZGmAD5~b!^lwu}{o.k)j]9r.!Q>jݲMu3K#c*]BxpD5=_Ag ^= yu^ e`pXE(xkDJQab8hs|F!p6z#hc\pj+TB^^W)9t<-45{(}/ӝ62.29Q,x/tO:6ihzau~uSfm0Ha8Jg j\%/CɐpI;0wݖWNicD\Z\CuvN^t+mUQgI[F1qnډ?F,492v9h 3Øj67}?o @&"v8yU}vUf#J6'k>Zm. ;wy ۜ&v#2˪2ݭ6x&[QAfkѣ0ތTN}/FtN|iNlXO!(<>q:w`7'yGBי]a,t=JóMD(,'I2Ycܦo%_.&fg<\Cm @t6CC  ҜG& as^>\rlݼahhXQh,X' --s]$M` psP4HouZ{]q}/m"^M7@qyt-3 ~QLH Pxo() zet%ͶȻ|roIhp>vl6<zW l;-!n>P0pTV l}(+cuǂʿ''{&Bi"|&;57 { %MǙV T 2k@F7^\3! mErwqi&:ct坾͋{"9ee/Y#Opn4Aգgd_Fm%l6VY63ZX^#ރNzS}\t\d0Lyg:k{gdqnw&0=\U/zKYōR{hMn\56X.-FL7BwȆ؃DdXzp`  S <ADocCoverBottomb>^O-9mI8F3n^O-9mI8PNG  IHDR(z8`PLTEǽ|||hhhMMM$)$tRNS%b cmPPJCmp0712Hs'IDATx^݇EQlv(R0NmⲌ*17^                                                                    xv^\t@g︮ѫ~:vu!|@9DZJ=^.k 8DP,.}D?o뵚{ A@`sY(;COzKI´2@X@tܡ!~!u\ @CKVٟRDvۊ|Sfcf5/n"A@;r46b6ijV|$vʜldU_|@$ jwĩwS⹠J7#@ļC?SHrBgŴO]'CyMLg/0A=MA@RQt(PnQLLh?3D@*kDҡ`6((ltFZPy  -%= 4=oqGN=/Blo}N "P^uT@Ű僿=bɃNp&y! rKq$<c>Jtkx@*P.' ?U_n1>cW:_b@_Rn)J jDWtFE@UJ(Qu(t36C~Xً-5N,l9jxvʹ+3HZފ *Dڡ--y٠|_zUGzjsKmwOV~@UVn뼁Jʡ:ųT1I0lS1{jSe\5:SO;sҾ2pƿ( rKl k^á`4}+OI%v~2?7r_c`[πd©R7g>Ցz`g2MvA8YL-_' 5L#f,A/V@+q W}PLh7~~H; 6?^e05z/9IМHO 2Φb/_.F~G!OB}XWwfzG^8u0Oջ/!h E,]DzלژK=M /ʹw">@cZ&o5kT0<ϙB>ǣ-D˶w]L`CN2^n~y0@ cBó/Fr)@^z,nXi}oJ)lx0p8]̣t(1^ӾNc|9r@%Dilo"|D=$B;QxK\"!;^" [ޕo@;i(qQl>>T#*kg.4؟(9 9G{!d4dp+k04i:|/V"+l8ʿdud\H?:5GnMf)b-c̔^^9yVPQd!S"!%Y] |~.Ôqȕ[$lp;iuRKYϲd'*snR%[cK//10Y$?~SicoI &0wH;mDD!?=g&2QHb<¦"2uԐ"Z@oȬ;9PʕrK"җ9 \,IGRYh?[0 E6VTrN@ %~$QH҂|/[)I\S0ӣck詗,!\>j؜Q-p;l/ѠaX$=.!yç#|^wxIx"اe]nIuni=QߢGަ="nR7`yDF$?^r";F"U@[:ĉB߶E[Rq1pΜIc1^έɉH(\Wɏ7ʑ&W6@>U@;.v.$y[8-D̹D3p}Q![E"V.$҈Oi @+xRܒƭbü\Y? T& B8J6QW *:UZMŵ!|~6}ʱ$ rKjʠӗc2PUg.Gl/8 iP..C iD(ܚ@` zƿ eDDivݗTe:מ)V2{1R~uF?ކ rKlD̖>J/-{VW(ı1U0'WnrsGqCx'Hs!4 rKlR# -5^ԕ$ A]{-jƾՋ#"-5 @t:|!QN_-b >PpϬ86 5U K5#G!2BGaԠPnI% bg݈Q?Pm3ǩTp˴G,KS@Gq@A]nۡ ٿ qX:>^)Fc0x^Ϸ'|1ܡ&rQ5*M#Z98 ܒ' vi(@P|H =__?gpB:8 ;\Cy![GDXE2]^ZnIx=gK/{Uƾ GWA' h  Ez`JUV\ o\0v(,.2Q՝:2oZЧD˹8nepn !מX@vُ e T~ៈJR\ Iդgl_E׾5  Ϲk6űrBB%=4@`u2c*ZKlU>'w1k0}^xa|aH,RgMT-Ԯ^ !|.4>h5Fho56d3DtBjZCiڄ9B3]!I۔6"KTbX "Pn592O%B9W.y+ D";I!]E>ϫՑ _ni mszj^aOhሁR ܊6 oSܡ xm߹-flw/j!3A<[<ȿm1M,%шrY!SȝrKo 7 rK$C\VX+4⹫8ʌx͇Zi{T$u5KqHtoOi3 *;$ĉ}ia&l,Ǔk4?R[pPlN+[ڢJO3EM>J8Q?[suEC:gz Ӡ\Y|>׫)?N0SE+4F)PdA˩TSLsC[k62w@>I`7* vP pc~Dzw}iI;mA@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@S;AjR{PIENDB`}DyK _Toc145915518}DyK _Toc145915518}DyK _Toc145915519}DyK _Toc145915519}DyK _Toc145915520}DyK _Toc145915520}DyK _Toc145915521}DyK _Toc145915521}DyK _Toc145915522}DyK _Toc145915522}DyK _Toc145915523}DyK _Toc145915523}DyK _Toc145915524}DyK _Toc145915524}DyK _Toc145915525}DyK _Toc145915525}DyK _Toc145915526}DyK _Toc145915526}DyK _Toc145915527}DyK _Toc145915527}DyK _Toc145915528}DyK _Toc145915528}DyK _Toc145915529}DyK _Toc145915529}DyK _Toc145915530}DyK _Toc145915530}DyK _Toc145915531}DyK _Toc145915531}DyK _Toc145915532}DyK _Toc145915532}DyK _Toc145915533}DyK _Toc145915533}DyK _Toc145915534}DyK _Toc145915534}DyK _Toc145915535}DyK _Toc145915535}DyK _Toc145915536}DyK _Toc145915536}DyK _Toc145915537}DyK _Toc145915537}DyK _Toc145915538}DyK _Toc145915538}DyK _Toc145915539}DyK _Toc145915539}DyK _Toc145915540}DyK _Toc145915540}DyK _Toc145915541}DyK _Toc145915541}DyK _Toc145915542}DyK _Toc145915542}DyK _Toc145915543}DyK _Toc145915543}DyK _Toc145915544}DyK _Toc145915544}DyK _Toc145915545}DyK _Toc145915545}DyK _Toc145915546}DyK _Toc145915546}DyK _Toc145915547}DyK _Toc145915547}DyK _Toc145915548}DyK _Toc145915548}DyK _Toc145915549}DyK _Toc145915549}DyK _Toc145915550}DyK _Toc145915550}DyK _Toc145915551}DyK _Toc145915551}DyK _Toc145915552}DyK _Toc145915552}DyK _Toc145915553}DyK _Toc145915553}DyK _Toc145915554}DyK _Toc145915554}DyK _Toc145915555}DyK _Toc145915555}DyK _Toc145915556}DyK _Toc145915556}DyK _Toc145915557}DyK _Toc145915557}DyK _Toc145915558}DyK _Toc145915558}DyK _Toc145915559}DyK _Toc145915559}DyK _Toc145915560}DyK _Toc145915560}DyK _Toc145915561}DyK _Toc145915561}DyK _Toc145915562}DyK _Toc145915562}DyK _Toc145915563}DyK _Toc145915563}DyK _Toc145915564}DyK _Toc145915564}DyK _Toc145915565}DyK _Toc145915565}DyK _Toc145915566}DyK _Toc145915566}DyK _Toc145915567}DyK _Toc145915567}DyK _Toc145915568}DyK _Toc145915568}DyK _Toc145915569}DyK _Toc145915569}DyK _Toc145915570}DyK _Toc145915570}DyK _Toc145915571}DyK _Toc145915571}DyK _Toc145915572}DyK _Toc145915572}DyK _Toc145915573}DyK _Toc145915573}DyK _Toc145915574}DyK _Toc145915574}DyK _Toc145915575}DyK _Toc145915575}DyK _Toc145915576}DyK _Toc145915576}DyK _Toc145915577}DyK _Toc145915577}DyK _Toc145915578}DyK _Toc145915578}DyK _Toc145915579}DyK _Toc145915579}DyK _Toc145915580}DyK _Toc145915580}DyK _Toc145915581}DyK _Toc145915581}DyK _Toc145915582}DyK _Toc145915582}DyK _Toc145915583}DyK _Toc145915583}DyK _Toc145915584}DyK _Toc145915584}DyK _Toc145915585}DyK _Toc145915585}DyK _Toc145915586}DyK _Toc145915586}DyK _Toc145915587}DyK _Toc145915587}DyK _Toc145915588}DyK _Toc145915588}DyK _Toc145915589}DyK _Toc145915589}DyK _Toc145915590}DyK _Toc145915590}DyK _Toc145915591}DyK _Toc145915591}DyK _Toc145915592}DyK _Toc145915592}DyK _Toc145915593}DyK _Toc145915593}DyK _Toc145915594}DyK _Toc145915594}DyK _Toc145915595}DyK _Toc145915595}DyK _Toc145915596}DyK _Toc145915596}DyK _Toc145915597}DyK _Toc145915597}DyK _Toc145915598}DyK _Toc145915598}DyK _Toc145915599}DyK _Toc145915599}DyK _Toc145915600}DyK _Toc145915600DyK )DSDOC_BKMK_WhyUAC3bbc4962_40ae_40b5_8b70DyK )DSDOC_BKMK_HowUACWorks3bbc4962_40ae_40b5DyK )DSDOC_BKMK_WillUACAffect3bbc4962_40ae_40DyK )DSDOC_BKMK_DesigningVistaApps3bbc4962_40DyK )DSDOC_BKMK_DeployingStandard3bbc4962_40aDyK )DSDOC_BKMK_NETAppInfo3bbc4962_40ae_40b5_DyK )DSDOC_BKMK_References3bbc4962_40ae_40b5_DdhL  C (Anote_ddb a:]dX!87g"+na:]dX!87gPNG  IHDRv2PLTEccd999Ŧ]]_~|inpr肀l۟;i]rŷ𗇵]ءD`ch̡dա˫nq6UUVٯqrjPdcVmTnդRpG}[.Ӧݫ]]`}f  ݞv=ט"ܰ]yFpqظf;՝buW4mY/AtRNS0UbKGDH cmPPJCmp0712HsIDAT(ScpB(Ca'Akap`a-Ccd!SR^%  `ca-*70REv:PHDON&92;<,2 a{(mVP`D\8%M(>bIENDB`DdhL  C (Anote_ddb a:]dX!87g"եna:]dX!87gPNG  IHDRv2PLTEccd999Ŧ]]_~|inpr肀l۟;i]rŷ𗇵]ءD`ch̡dա˫nq6UUVٯqrjPdcVmTnդRpG}[.Ӧݫ]]`}f  ݞv=ט"ܰ]yFpqظf;՝buW4mY/AtRNS0UbKGDH cmPPJCmp0712HsIDAT(ScpB(Ca'Akap`a-Ccd!SR^%  `ca-*70REv:PHDON&92;<,2 a{(mVP`D\8%M(>bIENDB`DdhL  C (Anote_ddb a:]dX!87g"na:]dX!87gPNG  IHDRv2PLTEccd999Ŧ]]_~|inpr肀l۟;i]rŷ𗇵]ءD`ch̡dա˫nq6UUVٯqrjPdcVmTnդRpG}[.Ӧݫ]]`}f  ݞv=ט"ܰ]yFpqظf;՝buW4mY/AtRNS0UbKGDH cmPPJCmp0712HsIDAT(ScpB(Ca'Akap`a-Ccd!SR^%  `ca-*70REv:PHDON&92;<,2 a{(mVP`D\8%M(>bIENDB`DdhL  C (Anote_ddb a:]dX!87g")na:]dX!87gPNG  IHDRv2PLTEccd999Ŧ]]_~|inpr肀l۟;i]rŷ𗇵]ءD`ch̡dա˫nq6UUVٯqrjPdcVmTnդRpG}[.Ӧݫ]]`}f  ݞv=ט"ܰ]yFpqظf;՝buW4mY/AtRNS0UbKGDH cmPPJCmp0712HsIDAT(ScpB(Ca'Akap`a-Ccd!SR^%  `ca-*70REv:PHDON&92;<,2 a{(mVP`D\8%M(>bIENDB`$$$If!vh55#v#v:V l44  t0    65L/  / /  / / / 04 Vf4pyt3:$$If!vh55#v#v:V l4 t0    65L4 Vf4yt3:$$If!vh55#v#v:V l4 t0    65L4 Vf4yt3:$$If!vh55#v#v:V l4 t0    65L4 Vf4yt3:$$If!vh55#v#v:V l4 t0    65L4 Vf4yt3:$$If!vh55#v#v:V l4 t0    65L4 Vf4yt3:$$$If!vh5I5S#vI#vS:V l44  t0    65L/  / /  / / / 04 Vf4pyt3:$$If!vh5I5S#vI#vS:V l4 t0    65L4 Vf4yt3:$$If!vh5I5S#vI#vS:V l4 t0    65L4 Vf4yt3:$$If!vh5I5S#vI#vS:V l4 t0    65L4 Vf4yt3:$$If!vh5I5S#vI#vS:V l4 t0    65L4 Vf4yt3:$$$If!vh5I5S#vI#vS:V l44  t0    65L/  / /  / / / 04 Vf4pyt3:$$If!vh5I5S#vI#vS:V l4 t0    65L4 Vf4yt3:$$If!vh5I5S#vI#vS:V l4 t0    65L4 Vf4yt3:$$If!vh5I5S#vI#vS:V l4 t0    65L4 Vf4yt3:$$If!vh5I5S#vI#vS:V l4 t0    65L4 Vf4yt3:$$If!vh5I5S#vI#vS:V l4 t0    65L4 Vf4yt3:DdhV  C 2Aimportant_ddbdz35*vf Vx@n8z35*vf VxPNG  IHDR0PLTE1c)kƽscέƜ{kGEe tRNS="bKGDH cmPPJCmp0712OmtIDATc8@$Q9" 8CΜ`J1qdr R @@D="pH!z&230@8@QdJ8'`-J9ĐzjbIENDB`DdhL   C (Anote_ddb a:]dX!87g"na:]dX!87gPNG  IHDRv2PLTEccd999Ŧ]]_~|inpr肀l۟;i]rŷ𗇵]ءD`ch̡dա˫nq6UUVٯqrjPdcVmTnդRpG}[.Ӧݫ]]`}f  ݞv=ט"ܰ]yFpqظf;՝buW4mY/AtRNS0UbKGDH cmPPJCmp0712HsIDAT(ScpB(Ca'Akap`a-Ccd!SR^%  `ca-*70REv:PHDON&92;<,2 a{(mVP`D\8%M(>bIENDB`DdhL   C (Anote_dd b a:]dX!87g"ina:]dX!87gPNG  IHDRv2PLTEccd999Ŧ]]_~|inpr肀l۟;i]rŷ𗇵]ءD`ch̡dա˫nq6UUVٯqrjPdcVmTnդRpG}[.Ӧݫ]]`}f  ݞv=ט"ܰ]yFpqظf;՝buW4mY/AtRNS0UbKGDH cmPPJCmp0712HsIDAT(ScpB(Ca'Akap`a-Ccd!SR^%  `ca-*70REv:PHDON&92;<,2 a{(mVP`D\8%M(>bIENDB`DdhL   C (Anote_dd b a:]dX!87g"na:]dX!87gPNG  IHDRv2PLTEccd999Ŧ]]_~|inpr肀l۟;i]rŷ𗇵]ءD`ch̡dա˫nq6UUVٯqrjPdcVmTnդRpG}[.Ӧݫ]]`}f  ݞv=ט"ܰ]yFpqظf;՝buW4mY/AtRNS0UbKGDH cmPPJCmp0712HsIDAT(ScpB(Ca'Akap`a-Ccd!SR^%  `ca-*70REv:PHDON&92;<,2 a{(mVP`D\8%M(>bIENDB`DdhV   C 2Aimportant_dd bdz35*vf Vx@n8z35*vf VxPNG  IHDR0PLTE1c)kƽscέƜ{kGEe tRNS="bKGDH cmPPJCmp0712OmtIDATc8@$Q9" 8CΜ`J1qdr R @@D="pH!z&230@8@QdJ8'`-J9ĐzjbIENDB`'Dd9v   C RA:UAC_VirtualizationConceptual bU&`*V- u1&n)&`*V- uPNG  IHDR7q[PLTE $,4$$LP ,U 8$$$$$, ] i((,$$q((U,,40$0<<0((u008((}448,,000000<<<0@PP@@@DL L8LaaL PDD ULLePPP$Y 0YUUYDUD]uYY]u]YY]Yaaa@e Pi$$iHi8mmmm00YuaquUuqu}uuuyuL}y}aDD}}}}uPaHHq}i}YօiUU}aauqmiammy΍qΡUL@}}ơڥƪ8ƍʍڮή0ΑҲ,ֶ֑$慺򮲶޲Ⲳ޺ 涶򺺲궺 ƾơ¥ήβֺQX cmPPJCmp0712Hs"IDATx^ $E}LJDyЗK4Mls6 r=dp8p9 C["Bx@_2b#Ft~ynUOngwUUۘʓ^j&Lj>{ R37?izTulpսv/'gǦUllF{.)|nQgyЬz@9?݃"H_q;IP/m_gȞM!!;4 VMR.suQXi>GGG[1hSJZv3nQ}rncI5᛫ AMX6k9'ل:lw/=4Rۂ\\o6qꡈ(&l2Ϲ9P:һ> noȇ}nJ'\<l1S?',)W3߶N#^9D}˦UR_|ԎzDh9犛}B%vh}waH͗Z 2dr1pyO"Ӛ֬[9 N Flg*yq;rVln& Otx*VYgMen<5v3noY[ Cv6^L$񑥱:KP{agSj!FdPI&KeR%?3uB;Bܲ,QUUJIVv~.Lwgɝ&M;OQQ#7Nc8ngɍ{ָ&'%ЍG&8&S(?Fq qhy6KvGnB!UoT{Oܲq;̏C'\X:?@zR ^TƲ6 r1L[> c .:j*$icuH5"P"1̦Rj%fWj%W^ q$=Fl 919oHJVbLUn07(ä4PF?aѿ u)p1'rPS)\njj-zcw3f, 9\vJb+wu`9ɏE|Ą=:׳cCY RHUfL56 ,KuӋV6 uloya?zao|g^zta"ܳϼnyavG3o ދpm1l}yiz8nc=ͱ rvڱ.b׮TzTPl^~͖-;֥mrȅЉq[4 #7ُre=8FɎ*էyf?^ ۋ]: TlgVۍ/tl;woPlW zכ{)ڼ8ky d{>:?FZ1[m:&7Oq;7 68TVWJk*~z,uqպBɡִ#9ZW\m-{]yHNa֏?nI6njդeJVڵUnZAbٛ+N5mhݟveimJ3 B明pdVlrJƴfŭd4(n7Xθ47*G^kYVݷzzS#7WEƙ_~/Uܽ#!ˍ!s-#0e2 Ȧ[ r+G7^qUahErPk Rc}e1lo]q_ <#0?{Y7+/(AB%;-+) \M?VW܆йpd8LX=7n^v'#U1DG8i|bTOӛw׿y؞ c#C%tqөyl[#24 f(*6 N%<7 ELYX*s+{Αv:NvJȠ]oH֩88YQp_ ܬ9:n>˘ddi]@+D+i$,VEF+0-]ݝ_ۓII1o~ߎ]L'Bt?AxuP[z,LMBשJk:A 7jlA~aE7})o ~XoR(7mЕ Qv=]GOjӃϴ 0pW>6 ^~H=nxWn9Hddi7;-jKտ ,Y| {܀=67 LbfoP sjCqSi61rLK]nūAlo27pg-QuPnu5wplh·,U<-*PSyn_>iCS8[´,A[:f\ BH]Chzgr4c\ZKL˙k@g%qTak:m2bmQ Hs1҆*Ǎ rl.L?ё,ʭ(Me.B y2&T/ rdXY:;JqIU+YiƧ 幽c U*ip42;d (?hnile4nżkQ5U @I(58D?gU,>y \T PFL##/BEkJIjTP#Hn ;IT,7f҆5nS&Inj׸-IrTP<7Le uQrTL% ;fpTUTPr|bs}f*i_:X)4֙9i4a<飒uf*iyc~;Pq^JbkP'>7m0S9CBNĊn̝#4cp'DìߥOw 2uhgn.Gg7=LW_%p>>Y9g F`{#ƞ0AX@Aݳ1(0cϗԠa8M.ODzH*3cUKTtktçDReGoh~Q'9M~m6cw en_zn=_.7WB9#aTb[[0J@R=#TOo=n+[[0JMÓ}ojrv8vB5'y6tǯle'_bt_& E [o +v_j ۡ35*3筦0[ӟUH7V,~ca[& ~HPP ]8|Fh`g!YzÆo,EہZNQ>3.[\gi4zgX|/yjmٰm֫;:\AnI)a˭X\[aYs{ pfm _o/~>|n- Ԋ 7o7I`^nr׆^q}>pAjeny~WN &.j}[Q ,/^i-XjZnAQm]pCr xb `ek=),綥mb -_w\طby}t9[Gc}} dWx嫋+`{uyJ[:+KC6Uq]PjP.(u> /r,1=Rm)vm |nP+/ts#V}.mn}1(q^K*WpcNf .in̺>V>ɏX^E^%m 큁ԏ@nUU+[WvիߡN ikۻ+vq9k _ö|WEzũ@᪵x$1 -vq%.rbq);$1P%pCWΥp]͡.\u!^mk¾<ѻͽ a;Ͼk)p{" /7ަN'm5~o-ӣ~>f mGȂ1rF0=7  {wz"qB|p- nS w,7 H!7N7/99&Ivps+PƸ 7=&?_d¶mgoTOK;̶p-8nӷsxf@5^/qqJ|[@R=#TOo=n+bvJ3YZ Q{>Xs8:pQ˖-{]_lOgFNW 7bg˹"m.*ت?C3$|):gX*,kR^uXɰsAoG޵foQΔcu?4b? \`֬9妆[q;| >]2@uMu^?=ũɮg8vG:O]yF=ps?7;5۞V)*yd>x[ic;v`wBEf~˹8Au6c9 l@ug1ƭ~a' MԞ>}B ޏ`s}>GENBVKwJq{h}0#nyuDF 3S9ꛅ6Oo*RttC:\}:|".KOczn+3%Yo`6&ƠP2glfP֋aS.:93sR$7 B[ʙ(Nr3T93=:< a#PŔY=!Qlu*gZ:o+V:[[PHsV5T93ݵ%ԝ@e΍Y[ŹalkjC uH..(7W''M1U*7Xbs;Tzn^Z3 ˝9=l?nr3uzˡy5ұBhS:J$r ؑsc1RP8x)! #,5ne9,Y$i0i@g#nP&S΍QXotiFEN:HK]Wo9|ޘv㆙ђCD8ф#&K靬mǖxQ(LX!97$ntjܼlwل*prT?|8gy{K9pQvUoX bIo'aǍ#%^,%m2blS>\^n+7grN?=|aہP 1jˡ#a tL`U)Ć2_jOMnȂZ  7mf, q:B,V loo(1;MDyUpo8Ci˰E=Ē>֢"g㋩dPf7jvM`Y|E|LX<kX1jOIhOK Lei U+ʭ[p./jL3dӶ &lAmn >|1n-d%.g!nO&qjWdE:k'"{E=fۏ3pߑ^su"t`&zniUe|VTow'F>W&#s^lwȴ(q݇HC}kO/~cO aZ"7QRǺoȅN qD{o [hiDnj>:hf cIFd0٤UuE"S㖏By5oVmu%$[4Ni"B"t(m6`Si&|ՠ#vvUst'[dqcPNAh*QoY̍'ר7R& 9=nbfFs su[j(!oi|(n0p;'c\onk뿡Qd{kYZj1#kO>?P'v6u/$s)yne jݙl43I$55)K"̍`ǜR3Eto)"h~fnRԹGt9OU4CW1ϏƩ'jZq27)ܨwc'ȉG 熷)`rM08D rKIo<0bಓ^De nGF;.ЎE{Wjep碨Y='kDzGsomjE"@ލG<#[n.-]m#._Æyf}wm9wFdn=ϻ?Oi_RVv~*A>fpi65nm]B֞s*znX֥[zeC{1~)IENDB`DdhV  C 2Aimportant_dd bdz35*vf Vx@n8z35*vf VxPNG  IHDR0PLTE1c)kƽscέƜ{kGEe tRNS="bKGDH cmPPJCmp0712OmtIDATc8@$Q9" 8CΜ`J1qdr R @@D="pH!z&230@8@QdJ8'`-J9ĐzjbIENDB`DdhL  C (Anote_ddb a:]dX!87g"na:]dX!87gPNG  IHDRv2PLTEccd999Ŧ]]_~|inpr肀l۟;i]rŷ𗇵]ءD`ch̡dա˫nq6UUVٯqrjPdcVmTnդRpG}[.Ӧݫ]]`}f  ݞv=ט"ܰ]yFpqظf;՝buW4mY/AtRNS0UbKGDH cmPPJCmp0712HsIDAT(ScpB(Ca'Akap`a-Ccd!SR^%  `ca-*70REv:PHDON&92;<,2 a{(mVP`D\8%M(>bIENDB`DdhV  C 2Aimportant_ddbdz35*vf Vx@n8z35*vf VxPNG  IHDR0PLTE1c)kƽscέƜ{kGEe tRNS="bKGDH cmPPJCmp0712OmtIDATc8@$Q9" 8CΜ`J1qdr R @@D="pH!z&230@8@QdJ8'`-J9ĐzjbIENDB`,DdG l  C HA0UAC_VirtualizationViewsb+!k h+n+!k hPNG  IHDRIwPLTE$$$$0$0<4488<@<<<@0@P(@DH8La L@Lq$P,P U8PPPP,ULPi0Y(]eYUeD]uaYa8aaaam@eqaUPiyaP}eLHm y@uƉi@PqYu(}uuuay]y0Yyau0u}Pe8aa@iqi H$qʁPyYq8ډ}΍ay΍ΙHiҙuꍥ¡PqҁڥYΑƥaҪ}֪֙ή֙Νډ ޲qڡډޑ0궺<޺L™aʺqβ}Ή֕ڝޥޮ cmPPJCmp0712Hs(3IDATx^yWw Q-g㤍틹   5%pǽxA+Kz| .ɀ62,֥!(=\lϵlr1o}ߑF̼H]{$ͫw<M\r@;Ŝ+#J߉4썽ѿj8v@&0V!k,1r I%#$$"ɀ${<$'L@ jP$Ձ~dޛg9d>腿Z ` EcT&8"8eq8$20IȐx-( B-h IXA)[i$GEIiӼ; 9ߜ};5P Q%/)|N)) LQxS IkPfa*ed<I(Rx2 V9@aE`{vYJޫ(WC7=ieHPM) 1! dd$ Iø+xk~7lc\(4xa$YzЬM$apPc2iqhs4-`ۂ-H©h1$*h (A]@kD+UM9f5Pn6&$@(%SU TFx  (КΞ0ɻ&0 /xD+\Ye  ɴgU8OH%` 9UW GVS|{Fz).AxFjVf/h&ʦ3awgϘ 6}g3 My8Zc$ טx7ѻd<ݴTu=}HiەݩSb}pn>d. Ľ`*e>s؝ZS+kk*xq#ۯ NBB ⍣TjMV@e8X+j8Xih3{_c5^ON+/ۻzQ-2k:bϗzdh@*:‶s`ħ8XL]6+?ܽA'O ʘ..[d[I|4*Q]`$0Y˧k.g|CC|'9]ex=2QGIP)I M}|ٔ? #9놭7{U27*壁 `@ ^<̌E%i5Ͻ7N%y,*HBƜ:xKOAN+ @NM< ֝β}:E7q!2p$!i$ n6H­@$B$覹͛p G[)|y .=on$> $ &$Qǭ9Y>5K%Ni~l{݆[ dh{eVx7koj+[@Xw#ʆqҵxtw+X٘A ٘kCξ6mrj6nw 4mj:o99{q&`M6۷YlKNgUeams/YbFIFٻlbѥWXcZx=Zk[*0O@\UN@_vu?'=n-o+2Z{k+[ ks=>Qq4n-"C[nP:G#lH(UŽ/<6K}5jjTkݠ [&rl.qbshZۦهT^U_|8 /{|AuYYcYCkaAT䈻 kpE$Np!yӏArE<{BH7>-[e; * mr H4g!][S݉˳|+"pQ #5iWd".Qw?8>q ˵v"UP?_bt'51+wɒ߃{H~D^{wwo"12Xf۟HeIr,,I$zGr ey˵6WH©x! /rp$7tZ22=ub8s31 ܼ(H#|B^R%'yd!7HIb7XB+ϯ$K/YK!]i ۶mR~=N!]M-CI賉cROLck6k3h7ȑ>{ȑK_/\WM2[$ W)K[njr$2QIi%zJ+>; }M)j@ɑz@,{wY)&!^g\Ӡ;mwZIYpgvȱ8"v +lAF;A&J{U=RM^979I0ޒ:46ie6[k.ٕ80$e jU|Fpɫ~9˧cs }xk`)I[.;g*YAs_ 9w{u"NxT1` \k ئy%HWAEE`2+Z'Wlqߞc 6'W)x7"\87sQgH6%QxRIJRpaqO&A4(Fsa@2Q$~_^ 6 §sqd𓇧Ú\Z_(h xH@ EH`?L՚%x  S#4E\InKq(~ GyI4(Hžŏ0\E9&A#ФҌ(  Ya%^$Y]%J5|$lQj3`|SEI)IQ )Mɼ&Q{r&cHL=~;b!@F8*pGVmMkI4?w Ay!hLqR)PpJ4<ğf#1IW/IPMU4prVmcT8b8ysP^% J5>=ߏ]d o?o;e@faF-a+XCb;kTN{;Af: i:"?)€&ӴZ5bZ<& ;a62iy?N7\gS5-IW@5:Wjp" )/ZdJaiH;YVEDW&8IYH_j-7H"9 dN2ޗ7|vcxpSRjqXSA7\o#%5Hr`77*uzp'Z-1017e# 6HZ3푦f&=s H0=-dR]6iC(Mcc+;MHVp֊e򌟷=$8QFDȉI3P[Dhmez/j[hl$-9b#;;:;D $}= hPnٞ$E0POom%={[ hc,]kL7Z҇D_1~&·_TvO~m?X}$@_Oldrl3SEv 9I#?]f-eNI$f~s%n[%)=>~m4>j-e$9g%a8E$Oظ'b_6IBNrfqHvr$G?v3dch&I~H,'dl1%qvIy;g]%)nVI Se̱?Inq$9qWQ~ $-9$q`y+n(kQße$5[d)[^\m ۲m$\2;},"+^?}ѵ8y7t-g9e$߭J$&x:7snqN gKn[SF̞UMVb650gnP2MnΜzgyş<]Ua9u$[݊!gȲ}`$-=k$,f,4%˩#V i } ?|Cq<˅3*Ĵ:K3KHXk$MҁMqQ"UT0u$G\ YސN e͉M,}7NBV&M=Y:bXNbVv~׿1R ,u <1}!|3j3A7q.e!qL;{YnzZɼWRA[#[*^XkV*}o*gu3@;"˩0Ӕ +8 @ `} Tx^QuN`t!j`hꬫ>#+OLg֪H=MX+_t ٣R lNJ8,JNLd΃0y5HiTbH4񰦲%} N}ZhYUmDBp҅@8I~p(wOF +x +TS3kU$3^8 -֕/:5E`.r.\rN d=UI*X s͖}(- cEq Wivp 6EӅ@tfOU à:UT e+Kejiťr,7\L{oQH#ߠ IJ*4,n.%+$[]kM*j9s8/$V4`>HcKF@ ceR/&ɱyS(_E/I3$[,2Y"IT¼ +W!=R>hZ$d.U|_^7UYꞵI(_oO$n"[7𪙵I!>#DAYchnƛ+r$Ik _U|H~ FS16MI,jl`HN1Rk?q(TMOcK /`T"Q卆P̚oikSiܹ}kD&ER {.޻˰5y< *u/#7\SIq$8*2oQ~PybH|>^B,عuD2%I|UH2klsv? *GG|>,wF9 yxHfa5%fRIucyV )~8W?0R¨$@o3$aQaB[5}gPӤH7jHϹxH$}s#R5;綽4!K{  Wc㖉!9>S\>Ku͠9.Eɣp]!-*I8 ,eNd-RI=u?zW1A3.G6ۛA5fiY{THN suz$Ӡ"Ͽ,5ITMW@KWH6 0;$'"I{:Yi{' A]KfR$얄a8"\VM%DaT<%`+k"9nqHE]5ZЀzj HT| IBNއ=W ҶÓ݌&LH#"YzILXOFIJ'!N^9i=scL$jdɟհh#xtNy<ėguF@ ~=@ɓMz8-?5C4bH.H:2Kհt1M-NH^"o۷J9Ijgk$[E2HfC~?c_ $gAdvyG~"?G$>奌(t T$6ͬ9$X!Id9gANHƒ!?pHvf[[dO$Z<`|e>,NMyBD$)@$e 8!j&/.b$ҟm7c}_zY$n.TI1$ˌM,h1ԙL2W/&Ӷ{:G2Y*?4%Α&CNSBSi|8 M2anLg,隍ui'E-ʯergIBH!ɴRm$aT`R3qPO$ 䗞A,4U*D ,Y$|5IGVPSWV T 2f$q5IPD!8J-@ b&3)O h"y,GqtkQPJTG5@<8ʓ̣|_ꖁz"|Q͢X`^SX*ZjqgI2 & :[X#P;Fk`˜q'^*@EG. (qebIl$ֻ,IMP_:f*ʀZ*d:$AC z3qhyIm $q3Ы]Il,`\Udz^hX89h @՛I]!4iyoWTrtq$!SB ʧMbIZY8J#j "h"tmAȨ`(P@ f ?a5^ (_ swψ=~ߣ{&WkɮrL2B59^m8C_EJ0AI(MRȻ&Ӗ[`O\mnC/FW$8di՛٥`Cqx2W43a-} HyPBوgI.#ˤf׋obeʗ)I>Y 9&Iه$1Ň$|pg.SIrڽ-m^E}&O햑eܳۦ'I2ѲՠFW$ ud9%Y1[V]?27&Mt}$Y1Irw$I#%ri+֦Cn֦6)Ici :EUleKUL^H{O:m7KBUH\ 6.u NmT)fϱ;ȏ9^Ԩj*?Ll[ĎB%1Ac" 6ԦaIRuQf|d!/Z,RcMc+5.[pѮu >wHDdP\Ru1kņ͏ל߰vR:o_ܠV4OI$a㎚ӣ Ra£HauCܻAW4qP>Mh"1=ƔZC%˿2"L Rd!a=5ZnLꤤzc7H6$RJtK3:Y$AF9I.-Jr"r7k_7B#xQ)I2m}= vm5W&J/+<1dn?-knuL2mKKwoɘT׎1*Z IU(+ voR'J}Ixb[ ׸.]3)e䩕jnؠdW#OF(દR+הVR햓ՔڛTJ*W;>f"IENDB`DdhL  C (Anote_ddb a:]dX!87g"='na:]dX!87gPNG  IHDRv2PLTEccd999Ŧ]]_~|inpr肀l۟;i]rŷ𗇵]ءD`ch̡dա˫nq6UUVٯqrjPdcVmTnդRpG}[.Ӧݫ]]`}f  ݞv=ט"ܰ]yFpqظf;՝buW4mY/AtRNS0UbKGDH cmPPJCmp0712HsIDAT(ScpB(Ca'Akap`a-Ccd!SR^%  `ca-*70REv:PHDON&92;<,2 a{(mVP`D\8%M(>bIENDB`DdhV  C 2Aimportant_ddbdz35*vf Vx@*n8z35*vf VxPNG  IHDR0PLTE1c)kƽscέƜ{kGEe tRNS="bKGDH cmPPJCmp0712OmtIDATc8@$Q9" 8CΜ`J1qdr R @@D="pH!z&230@8@QdJ8'`-J9ĐzjbIENDB`DdhV  C 2Aimportant_ddbdz35*vf Vx@,n8z35*vf VxPNG  IHDR0PLTE1c)kƽscέƜ{kGEe tRNS="bKGDH cmPPJCmp0712OmtIDATc8@$Q9" 8CΜ`J1qdr R @@D="pH!z&230@8@QdJ8'`-J9ĐzjbIENDB`DdhL  C (Anote_ddb a:]dX!87g"/na:]dX!87gPNG  IHDRv2PLTEccd999Ŧ]]_~|inpr肀l۟;i]rŷ𗇵]ءD`ch̡dա˫nq6UUVٯqrjPdcVmTnդRpG}[.Ӧݫ]]`}f  ݞv=ט"ܰ]yFpqظf;՝buW4mY/AtRNS0UbKGDH cmPPJCmp0712HsIDAT(ScpB(Ca'Akap`a-Ccd!SR^%  `ca-*70REv:PHDON&92;<,2 a{(mVP`D\8%M(>bIENDB`&DdT$d  C @A(UAC_ISVArchitectureb&5R9%2n%5R9PNG  IHDRPlf PLTE,($0,0440(480 4888 < << @@@@@<4H<(@DDDDDHHHH HP .%RK`L B,hmHRT  `#Mܙsg9g{s' Nyc1;/ ?P/" ⢘'U-CqJ>R0Bإvh"&WI*%@w֡POx@9+sKK3(<"P.IQQetKB UI@ 5WP-]ڲ o8@ Yrh eQ!JKՋPg3 Y>q]YnUPIKty#"UzV7|2%#PdّB (2HrvPL9;RhH@oI7n,}we#,úBk ˡW X3#_8E幎$<:0zjP*}Ѭ J ﺁ]P 酋JFPd=ʁb\7DM-AUT m(uCP~bpr0Zpa J,HAIʨgw5\<]dQ.O̓P yM_(?>9]Sd\ {_$%$"!@Nw)b\72ξ1̄j (Y@,P%DL~Y2RZU.q~RE4R@PU MUҨQ]7X$jkZ!,_ohTWXp%(?G##(9+P*\7,2@K@1` J@ cIDC@@ELOR(u,CuvŸΚuW:ijB9Њ PSԩP!/u Y ,yc9e{uCjtNJ/mA՟WB5L%ct<2(iȾ F+%[ $3usCY_7@/['m:>j7]~c&@y&"6a&M{c!_z(p2Gi)M x"P()⻙r˚Wg{{TU2tJSiޙgW_NSBnUFՁ3x-@5=7z[-@|>0]>_反|>,w!ϗ{|Ԑχ>_hM|X@@cox|ϗ_(|>(?zThY0L9Aݾ}mtC-PyB g{%EAD$;RZ6\K= K=q+ݥ]mbZzh 4N!9"3`G*l&2MvorbA"ORv(PhB1* (۷LwER@F9ړP )EP)XLu@u{l3Rhm@Eͥи(Beh_%bl 5(%jN@Q{Z-jξ P(,g"QZ@B٩y} "`T0C'P걇L[9μ-?@kU@kVHCI %V`O@ _wUvoOPY62hK{ǥ?P=X=Џ~4#KMhW5D$Py^N-sV|衆VjM-GlhBPE{+TlhLٛ-|`SlhICK)@U17"_&-n:S< 4֔?ziQg?{_:lTw hΑ@]mN|衿q`@stk$M}y{ HzSCN cHҍK}K۔"Z;h<}rMZS |\Y4Գ 5#͌DDHú~SE3zT<٘fQ>6(TOI. ^]"K~alVgLsK(v.M4j܏d=0iUJƫl$WO: StVh8&ᯟ~Zy!0 І$2ʯA7],Z;b1B7DU6 ɳ& į?_`ȂWN+D %[>E$[$]͗,߸pys/zf,I{ Tu hRTdH@q,(aRgХbVh56_] W-uleu|3te΂rinDŽP$C `K@|L--@1!>DŽP$C `K@|L--@1!>Ǥ2=֛G? h^{כ{˰',(LOLΑ)s.Oc$4ZE7].3WגDZ~?W~>$l'rP\4%)#ʻмEuqf*j1U+fc:R\ӳ c/bjb|!<_E$kKA\Y? *JC˛UtN OGz 7hŊ5aBb")H]qhrK)(aBԙn ('. ִsi xv&勼_'PkZ $/pT> hR\6Ћ]O.Qx 'I%h-@ZSA P 4oɱRs./"{զLU<؆BEI._<"$ (tdxV2td=@xP;cEM&j#Hٝ/T?ZyKꋸ$T[q5pJq5: (}OPLkF"+Qd< Qd<4yZ hj@c}@Xh{aA[X!5=EUy]pi@嫪_]}r@c)1 BgP~r39| h>4hO@ͨLJtRZ0z?a;d%:ti3 Um&jtkZ90 t9R߻WJ@N'RHAZBk͠ƟI%6eRm#S*4_?9,@f(oTpmKT-g*fOm&B؊@ tEǞG4e 4#L 7 ˑrբMso'_75tлvy~[tSѴeiW-NG71STܔKul JƧKQ1~|͟YZEw%-g5XӖw+g2сjN u^kJ*NQ(r$0Qn\^H36 qyW{@jQ+;!M)(nTZE8?qN>V<o驧(5{a--3걿}R=LO3K)qJP ]ujt*x;|grLJ\e(%Ca+DehDU/ĵ?G(/ J3rfR#$}S.L%:+3'dB%erlgAOdƹ~=pdP&ڡD@&RK.Cn5YAI)3)*"@|sjM 塈%H4~0D9R D|>ح&޿Vz6sh^Ht,;Vv"uyT ;נ$g&PД;Y?sZPրW(CsQѤ7D6ZЌ'jFqR-(U-#ރ',Rˋlj̛,)ԥP!7+#|]^u~]D uD@ F5˪39J %Fش9X,7ʓg~mk%]C RO'- V`vB@Ud[^O)jE P (P (P (P (P (P (P ( yYOK0V.n*t6?Y4!~uH|TP˸Tʖ]~IU:u2Лl.ReFvK 6`C<0bUlL@yYP/\Ulgb\z Աp݇ v6vۼI!P ؋彩+7"VhNliuyPP .k\&;n +,h)=r%=C-6V5@G -ʽba*eK3yy>+<3 (2VJ@/tgJ".p ) ! C\~X#f ѦL=r)J! BÆz&@mOÆm1~d) 4\4pgpKh5-]"B&0h@/ !K bzha1\wpKؕkJL{~ yKmʮh& 5ZA#1->FL\&]yU?.[pLp %̴̠BcU/ Ϯ6H" J RaP8+e @Oǁ>_P-V6|PFO c |~ Z8k¤2t< &hЉaS8n V> p*5Z2'fj0M]<<tӻ-8CW(~Y3ww\8v3U6 .8wuФplҥK%ԥK/I _~,{֜=zv@/?q(󤕏otۺᕋw' J!={h_ml`2 6n{i=`*hʝ0 vSϾr}4YZk<+`b^|~K^|e#;+>&`sࢥ+@Y;>q (H=مekEhe(Q{<;iλ|G@yO@="BPO`E ajJ8>FJx$R#@@X(E&)"@ΎLCAA W6@IŔ?)"+~ɣ3=@(Pc|[)T"eZ.^ C5KA L4N5N0a!T!~JIPdّBс>@em*sс}'"|sn—P\r ;YBؑ Q~ֹKPH'>rl (H %Q("PS<exC=͒B!}'{YKBP @@`_kBQJmyP. ʦ."dD@@l(TzjG+Ȭ@u^3}D٨@yTΎVFhg@@ cQB_t ת@'9ү| ,7 "`T0C -PT)n b2CZxt (ĒM 9'_/L̪.W-\9ߤ./Z=ӏAq5tDt5X00j-](؆%HR-vϦ}# |BSӻx1Yhhe j>f0fUh<{VzTl^"/C^*'$@#^Z@n)y];ϸ.8#Z˂z*6>œt(B tp|'?,+ V>ȇP#LJS"g[9%ݻ:'8Ty;?|I VIENDB`DdhL  C (Anote_ddb a:]dX!87g"Yna:]dX!87gPNG  IHDRv2PLTEccd999Ŧ]]_~|inpr肀l۟;i]rŷ𗇵]ءD`ch̡dա˫nq6UUVٯqrjPdcVmTnդRpG}[.Ӧݫ]]`}f  ݞv=ט"ܰ]yFpqظf;՝buW4mY/AtRNS0UbKGDH cmPPJCmp0712HsIDAT(ScpB(Ca'Akap`a-Ccd!SR^%  `ca-*70REv:PHDON&92;<,2 a{(mVP`D\8%M(>bIENDB`DdhV  C 2Aimportant_ddbdz35*vf Vx@+]n8z35*vf VxPNG  IHDR0PLTE1c)kƽscέƜ{kGEe tRNS="bKGDH cmPPJCmp0712OmtIDATc8@$Q9" 8CΜ`J1qdr R @@D="pH!z&230@8@QdJ8'`-J9ĐzjbIENDB`DyK )DSDOC_BKMK_TestAppCompat3bbc4962_40ae_40DyK )DSDOC_BKMK_ClassifyApp3bbc4962_40ae_40b5DyK )DSDOC_BKMK_RedesignFunctionality3bbc4962DyK )DSDOC_BKMK_RedesignUI3bbc4962_40ae_40b5_DyK )DSDOC_BKMK_RedesignInstaller3bbc4962_40aDyK )DSDOC_BKMK_EmbedManifest3bbc4962_40ae_40DyK )DSDOC_BKMK_TestApp3bbc4962_40ae_40b5_8b7DyK )DSDOC_BKMK_SignApp3bbc4962_40ae_40b5_8b7DyK )DSDOC_BKMK_ChooseLogo3bbc4962_40ae_40b5_DdhV  C 2Aimportant_ddbdz35*vf Vx@en8z35*vf VxPNG  IHDR0PLTE1c)kƽscέƜ{kGEe tRNS="bKGDH cmPPJCmp0712OmtIDATc8@$Q9" 8CΜ`J1qdr R @@D="pH!z&230@8@QdJ8'`-J9ĐzjbIENDB`DdhV  C 2A procedure_ddb)a F}coR~gna F}coR~PNG  IHDRv2PLTEŌK8׍#ǥbڡʩLJ>xu9^ԓ̎E߼ee1ʎIA!zg ҵ͒N>^!޲9}ćBA2ɧff ZA ZbKGDH cmPPJCmp0712HsIDAT(S Ă ԁX.̅Ɓ]h (qSU.3no; /\F]įdž~;f<3VDZ]VL^]ؘ ZT5|6эIENDB`V$$If!vh5#v:V l t65"4 ahyt3:DyK )DSDOC_BKMK_ApplicationRunStandard3bbc496DyK )DSDOC_BKMK_FixedNoAdminToken3bbc4962_40aDyK )DSDOC_BKMK_AdminSectionsCut3bbc4962_40aeDdhL  C (Anote_ddb a:]dX!87g"nna:]dX!87gPNG  IHDRv2PLTEccd999Ŧ]]_~|inpr肀l۟;i]rŷ𗇵]ءD`ch̡dա˫nq6UUVٯqrjPdcVmTnդRpG}[.Ӧݫ]]`}f  ݞv=ט"ܰ]yFpqظf;՝buW4mY/AtRNS0UbKGDH cmPPJCmp0712HsIDAT(ScpB(Ca'Akap`a-Ccd!SR^%  `ca-*70REv:PHDON&92;<,2 a{(mVP`D\8%M(>bIENDB`$$If!vh5#v:V H t0    6544 Hyt3:$$If!vh5#v:V H t0    6544 Hyt3:$$If!vh5#v:V H t0    6544 Hyt3:$$If!vh5#v:V H t0    6544 Hyt3:DdhV  C 2Aimportant_ddbdz35*vf Vx@tn8z35*vf VxPNG  IHDR0PLTE1c)kƽscέƜ{kGEe tRNS="bKGDH cmPPJCmp0712OmtIDATc8@$Q9" 8CΜ`J1qdr R @@D="pH!z&230@8@QdJ8'`-J9ĐzjbIENDB`$$$If!vh55#v#v:V l44  t0    65L/  / /  / / / 04 Vf4pyt3:$$If!vh55#v#v:V l4 t0    65L4 Vf4yt3:$$If!vh55#v#v:V l4 t0    65L4 Vf4yt3:$$If!vh55#v#v:V l4 t0    65L4 Vf4yt3:$$If!vh55#v#v:V l4 t0    65L4 Vf4yt3:$$If!vh55#v#v:V l4 t0    65L4 Vf4yt3:$$If!vh55#v#v:V l4 t0    65L4 Vf4yt3:$$If!vh55#v#v:V l4 t0    65L4 Vf4yt3:$$If!vh55#v#v:V l4 t0    65L4 Vf4yt3:$$If!vh55#v#v:V l4 t0    65L4 Vf4yt3:$$If!vh55#v#v:V l4 t0    65L4 Vf4yt3:DyK )DSDOC_BKMK_UACImpact3bbc4962_40ae_40b5_8DyK )DSDOC_BKMK_UACGoals3bbc4962_40ae_40b5_8bDyK )DSDOC_BKMK_UACElevation3bbc4962_40ae_40bDyK )DSDOC_BKMK_UXFlow3bbc4962_40ae_40b5_8b70DyK )DSDOC_BKMK_ElevationEntry3bbc4962_40ae_4DyK )DSDOC_BKMK_UXImplementation3bbc4962_40aeDyK )DSDOC_BKMK_WhentoAddShield3bbc4962_40ae_DyK )DSDOC_BKMK_KeyAdminDecisions3bbc4962_40aDdhV  C 2Aimportant_ddbdz35*vf Vx@n8z35*vf VxPNG  IHDR0PLTE1c)kƽscέƜ{kGEe tRNS="bKGDH cmPPJCmp0712OmtIDATc8@$Q9" 8CΜ`J1qdr R @@D="pH!z&230@8@QdJ8'`-J9ĐzjbIENDB`C\Dd\  C 8A  ConsentPromptB2R[FI~\9%Do[Fg[FI~\9%DJFIF``C    $.' ",#(7),01444'9=82<.342C  2!!22222222222222222222222222222222222222222222222222" }!1AQa"q2#BR$3br %&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz w!1AQaq"2B #3Rbr $4%&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz ?؍aaԵ#Gv:@ʈ6h$XcATrgDOCJQsqֱ72It;Yš#ʴ9d~HtE`"V m Q[X#ؖ五~HtE`"yUV08(w g{_j9c9܏AQ ?G *GG,{4~HtE`"yTytrǰsKGAQ ?G *xn-,R9Ax!ʍyAgzג4`+9UU{.QG,ok]CAQ ?G *QM,6@֝ Kcۅ?.iw+}O>?>HtE^򪼗ǨAdUɣyTc=9>?`"i?]W<9c9ܣ ?G (@}#{ʣʣ=]?`"i?]W<9c9ܣ ?G (@}#{ʣʣ=]?`"i?]W<9c9ܣ ?G (@}#{ʣʣ=]?`"i?]W<9c9ܣ ?G (@}#{ʣʣ=]?`"i?]W<9c9ܣ ?G (@}#{ʣʣ=]?`"i?]W<9c9ܣ ?G (@}#{ʣʣ=]?`"i?]W<9c9ܣ ?G (@}#{ʣʣ=]?`"i?]W<9c9ܣ ?G (@}#{ʣʣ=]?`"i?]W<9c9ܣ ?G (@}#Z)o{5; h+qUT~69!2yM4ݮV]f0yGpjXp@WgRVe'+_̷ ?G (@}#f[[KW)x؍9H8 ڭgx&dhEQZm},5h_OS esm=FdA JUp݌hvx3QR3N%3iֿ%* bg[;{vM䣪g:uk@q79qec0qkpNzcNN{uwcus.,\dFra20ztKơqou ܆műj8CԚ? _/-A@_*Z:/KҼ#q?fP3m j&l%uɭH-$aǭdɯZc5Stf iaX<6Э?fl krTtF|?i[_l:{ ? _kyv]3RMEݼV2η7v?i1ݜFO6 b ɸvK[?<8k77MɯŸ}rX//f T!n ) yP*iVt#MavpgCB_%Tx7Mɯ‡Jl_Z{߭˃@yl# [n)(gQ㎜ +1Mgo D @+y1t jɯ—7M*R[!njkf^M).j3Msl Bն`^so{K_ oN`8bɟY3PI;2[}ogw <& ?gaGb>Kytyuɟ—p?L{9v)w;..oY3Q 4& =)w;..oY3Rɟ—`.q 0& ?faG}bs???g>KtyuɟYC3Q .o (#& ?daG$4G\O,@idcG$4G\W,@h??v]]qg8OL4rH>Kytyu ɏƗ8OL4dYK]ҴˍcRg. @U,I=סsŲbdD@ar^w0zuOϧŝָs,d˒;3rcS2}oLӦf%@~IbH䏟@a1\vl彊6P*븀 !r@׭jޡymsUjψZb(PXw3Rg6x\+_:];H4RJ0 YA<17^;R՞Y݉67NU#\)JP+M Ο%\׳"5wa$8Q9P:A*Yy)0&2J!ḿH#Z{)eJ+oE%ɷOMp#I3. V5? \>.oVo{5w&R)Mǚֿs.=J+nZ%[˖W# c9 =Kq^{3}e.,||Qh']+N@ts5QF H  ,t KQ{xc,ryo4+c8%Q^+mՍ՛ZSZD"L= U'6ʏn"Ft yK=ϱKZY-̪$4S$.FyZDžkT[Ӆ&w\6н9F:u"ݶ4SUۛ[岕cnݳ#)݌#ԣF Ȟ]G$㯧\Oory%{XKZxgWGH2q4[5hֶkoXSz 8zpbutQ ,ƁQ'۩njW;pgi0sKG2PVxsU[.exe f? kޭVY:yRU߁ٙ4,2Α48jd ֖ 64b6S$gq_|pSzZ۟G{m4sb;)Y'@$~wRyG*Zw>}QH!l`R#1|*O˞ݪ\ܥFouc ؋İ*Z)Bhʸ(vv#o !sU̞!I]<}S , 3'=[G4lUц RM=KVP($ZZJZZ(UC| *!?cЅ"#$P~QwI?1h:O՟A^:_ ȟZ脯|UJ:|?q̹֗)G]`-CL-nG\>$OZ7-~' s~=6%=_@E"#g?> 42#SN[|CtEX^JT"xg`=Z˛.f/#V'y~P㎩V+4#44FSQ'fm c91x=WNM' j>_k/t}v?x^ܑockoo;1׶z@Q9V/{)f2C#2j⼊~:ihSTfCѾ`C\M()$t&&w&ѥ.-%%,Y3y-ʕbH[PMwifa\X9n8mpT{_ב_XŶaw[/ {Q783k)>ڪ[im1wr$#.pzݏNI^J߹6ګ%qmr0Mn8t֩x~Qq aT OQ<]jW{@*(  ny|W^].GkǨ|r2XKЮ%vm!qOӵ=q,cH&0oE*!J<э̯JBoi˛yyc~Pps=+CqA?Iڣ}#!A8=8J W6qIa6i`R*ˢvv^#,H[hN{oyI(>+-tmn"]6;"J@tbX[K5 qӼ.&yO,^յuK&]9g6+4 LkJ6K~d5vkmVҢ.H`hn1;pE,WD7iac/&Hf!HfBpIJz)i{5}zXL>%h`(N$!OLSuikRk~FcXYC8bP21%MrԴ?o.k{xRI6>ô c?z/}mcOD1\ZMo$!e ' Rju.Liz[ɬGjxhdRȻ m* O{ 8ݴg?ZhPINjhHu59N-y!@A,sڹJZE߷NEHn'VƳI_w5}/$}+앬 %l~7Agos c={SҮ>Hdv2!x)HQErbOn/m+5mC}z+;gҚ)/,ٍʰ85r_j72\}Q8hT:Қ1hP*)_;?R*:MыE/&Ţ?V}z2?m?BV(GVQ~MJ*m:q\N*7ίcE?gL#+ Y?cG(KWG֫wtg$e/(KWQG֫w:F_Q1l^U/"SI?G_v>WS<L_%)G_r>WS<L?%(!SI(^}N,OR0lL?%+ Ya/G)/KWGjP_ŞK K’$ez}fpYa/K O4QT?g“$e?`/^EY>Cy?)O?KQ SQT?g•$e`?^EX>CyG)_?OQ [T?g–$:_R?νZ>S}J,R?ΏR?νZ>S}J,S?ΏS?νV>S}J,S?ΏS??νV=N*L$:?L$:J(;Ԩ/+5QM{$::(;Ԩ/,7Q7QR<GOGOR>Cyo)gK w'רG>Cyw)gG)g^EާpY;I¯￶ϳ8gqi3 yO\SU}* UŞ;xŶ?߇F--]!ыE^.\POq6iʙ(:_SĚmyl>שM#K1NF0w*!m$Z˰LZ(ZfVI2i>vMDZN5f1.6b6P30ÜgJww7c].Kl9BKGCr'༸7\wq0K 3v8!dE[ϖU* gӏ)w7o} q U@[n;rElŠi!?My YK*ڹIJ$lD|SȌ<! Kr9Nb7hf}A}JbC! l$d(ʜՏxPO=!7o+ZHQvϗqc&#KYC Xx_I[ lW%eiMb  8f:wV`і㷿p."V`(`2H2xoX4ēO+{lH]O8/%L7-w)2DA\f$tԖRUgFm pxw_^u.])"{[͌ɏn6vA8>ju Fdc"EF{ 9POZO.DG40HK7<27=řt{3><mرw}yhv|[#*Y֡{;l_VY_oqFA>g޼l^xY4a46|zǛt#d*ǖp23/ඓ-иomjV[y!/AcsWm|Sw>RI%lFNJm"<'Zrx{Li N4'#4eJ6w 2@qRaM׿tխtoLJ'uKRpF#%q;ߋnuidx9]HA(=s#'o;̶!xdJEGbh@%]J&OVO{ zp(_&Z($((((((((((((*C uZ)F>jV^1DuA!+#£( !+;+2ªjz}U2c;$TMZNL[_QgbIQ-S@nni?4 Bs]My$OO̜¦2yǨ _BGN˸ΒYna)1HO\Ή '_YLB~nf=rz((v]3ڕ 5 pJU$gqǭa)<ڭ/":%#&L3ysir[e5X#\A*FbC"F(db?(q >%ҖdI]0HcM<7R2fj+/ZOpܨn%;L1AZMKsbby@Lļd8>l\Mߏ K; {1z}wy fO0)Rs I!uoeͬ"H.B̲FB'6اm.W+Mzz&g2[EԮNQLnrcnO@9`GDyZ:,X )n7 4XV6hMͦd|cK ѾBy^vgoķa~dpI"8$;SnH dRWۢ[_ӗSM;̕lRF  ،FV 9Ϗ1$7WMw2B_nF۟訬ilyC >RI_V6X9Re#8VS~e}ve$7VP] rVrZʌmة%OǡoJ=ye4j}OSm&.T}+nqwm:Xx#8 r=5dn$: oJW_UqQEjp{]N|[vW83YjXtmZ( ZP:@A=b+E|7Oۿjpqud~,M?kfd$ɻm!qRqښiZ/p$w.X l Cw\n?PWk5,g6y``ɗ\c>gjխخb0U[!dpLg#ܠYԙTC/?0!XvSClJR[]Lskrou 6E8M9Tmsx @9WP[A^k(dݦyQKaf(߼~_x|E\[\GtGј, aK'WoFk8ǗtQKMm^2Ax=13ED71y^=BL{4eC\y>$>[g>{ǽa]|CѬ-JtCzgqA9b8)uke, ~q֏ʃ©n,^:JoF1V~Ƣ4˛;[Y=7(9^ؔ9F{ɥ̭]Mgi Ddccw9ً~W}N{{~NcoNxc{ˍM#`{켍$Ef0n޼ijZq,7;-$4~rJr9"-/B'F}4wv b1mcTB./U#գ0n}Y{"5ωlSO{9Z+mfԘIlgnj}ECNynԉ1PeTg#Id: %="Iؖb'v:` T)o.I=AV/ݲJ8##+JKC=7,趦u22G+G/3V#״iZcլGr I<{Ѳw~_f7-QEOu wEEdAB~ K1__NUu-8]Cy<l'"-S}CbZVkf4Dt; ^^u?`O贪|1* (5 Cj1L;ʲ:ճE&VeBr%(;3/hۛLxK?\vźw̶b558t-{hztT>&?MBImg}E(`G^ik *NNJTϞaEU~c.JEXP!C23cj^T;|)$Bw3sk9Y=uq}lmeo㼂 ed@ W`;՟UI b|2OK`]tS MsG⹺zR Qvô-x]pA$1Sh󫳶{5Rm.KX.|Õ`3Kȕ&m߇/ZW[w丽;(>J vy jkV7ڎcx-%,.4F ^AZ)}Ռ }{m~9a͂"C<6qDitl$%ߎ 覤c ru[aMkKK֞Ga*Mg c8ަ5h[N{wi 6qy^wMo[^1mM pǛT*cQ-8;Ro sk{x|;39'# ;cQE븴9°iwIo$3u+#0HO[M]:Onw`#N7u(RJ\{ÚrӭYMPo#2IE# ?Zgm̯uC2lex s]}s2otcе+Ŭ\2Is[ ?C4iN8Dʗ/\%HG?JŐ:WQO1oQRHQEQEQEQEQEQEQEQEQET7?soST7?soMn'>.7?߇F-}ק0kGI?`O^; ]?ߓ55>~Odj_s?G?ߓ4~~O*?ߓ4s?@~O_s?G?ߓ4~~O*?ߓ4s?@~O_s?G?ߓ4~~O*?ߓ4s?@~O_s?G?ߓ4~~O*?ߓ4s?@~O_s?G?ߓ4~~O*?ߓ4s?@~O_s?G?ߓ4~~O*?ߓ4s?@~O_o?ʫs?Q\gW>{UwI?1h}Cb[Wz~Dt; ]q>; ]MO%cd!FK1Vӵs4uO~Ӫyu,RN)$wݰTk&Oz 0@N23dgr0NFJe FAj,FGdEw)֪kYim1K)77mAcrI; +4VD^$ӗIPn!Ѥh]ofHJ'N0y`^=֩n5+Tm1AKxPNN9v,͚+6\wg5e~L xa-oĦLPۜ㞸`.QEQEQEQEQEQEQEQEQEQEQEQvyQi%RUJdGB_.&j}PFA /;GB_Ni ].4I, ΪF6F\rU"9mdE{"(bYY1e`ɠvfB_j㵋u e/KjQ(BŲaʀ[q Y.hnmnm`Gb u/vji6<[_v#V\j)j,cIKE4pۺ#vN0>kw!(., #@`pぞ1/#Vտ!e/k;.ӼIo4goYLKd9JL)5bHL7"?:o),| G 8ɬ_WUtei3!`8 $@2HC^t7)"{; ; V\qqvc;]yٝ>7m_;3M{gVWp.}vEs9ݷqmwtiߥPuVӌ3;1UY $dd `Usu7Fr^xgOMsvն3%狟ftdݷ;~\q7mg[c9]MV֣! ؍@|Tݍ坜67v4pLt oո!8NTO"DsΟlr/˝&lg+K>ɻnw"ٜn8rG[1G9/}px<+RHՆ>;[_2jr<<8r2sknTThIs>K>ɻnw"ٜn8rsΟlr/˝&lg+v+hQrT?1{M2?]jbSouP2XcO F$kZ=p*<2uo`.޲s99w7={KT$U=]kmSwI?1h}CbU_uaׯ莓?'xV!+'?'xV!+ĸ|L̻ͤN%#@F9zCҭ5謢du#==W[ 4[HN`β5*iJn6EA9f }=:֙6Kdt=\Hɂ%YʜANյ;<Ɣ)Uߴ0#֛hz0}(&ԍ- (*utPZם$x:iMj[5y%\2l`>ޛ6ZvmfU9tnFMm{*&OQEH(((((((((( DWI8j/7޴-|:6(쌹ᔂ*{otV#tw_oh%F9mdVR13 e&{5o&gt*%G80y5ck{_|]smɠZelXA;sjIt+yfssr#^ Sna$F5ck{_|];>Xω&䗋FB/mnJ9یszK* /Q{Ynx|';pT~t rˎo ]}>g_{No֗-m?n.o %Y @}y&t&oX3acQEdjoX3acQEoX3acQEoX3acQEoX3acQEoX3acQEoX3acQEoX3acQEoX3acQEoX3acQEoX3acQEoX3acQEoX3acQEoX3acQEoX3acQEoX3acQEoX3acQEoX3acQEoX3acQEoX3acQEoX3acQEoX3acQEoX3acQEoX3acQEoX3acQEoX3oK}ПOKQǴMn'?>.7?߇F-}ק0kGI?`OW?`OTb\>&fǨJ#ӊ 3`,"yS|I.O^Z[HѦAzRүfo:a9Uc[_ilHJ..%UVZQ 6vrF^ Z,vi*A=E$29V+HdURTd%C)$dkM zeB\qi+ʲ,!;pNں cFZOqq2<,F 'FB3!ctq=/^k4Gp%"-G'h0'd2W_4|Zam}X,Fvjyj+-fY:ȴh R 3Y=IRL$~9hwOel6it-nHqӎ9[HmFZ.iڌ#.(ʃS>O>zvgxo-q]1u6ct(yGo;zu V]w*n6#sY'IiݳEoM9H—I:sۓO\}6Xoq6K&ˋ߳.|W y(9KOhAx5h$Ux2P\N g~0\cNWNFɲImQ$|d*  Q<5tFaۋcou0i 09_ 2i5-4ĸAs1F\-oXдx"ZI̱o$N$_iGPV] w8R8B]$0?*_Nc>kvkwN~YR Krs1Vl|5ucserrM O1kcy'w1io?xU幸f.oA@ʻ|ZZD\!h{Ybq' S>)4 &ӝ6$9÷אԵ8f/o1"R1AL}?BdOu "n K'RG$gjGbs3MHnb0v"=K=ԶiKѥV C(`:g0)֘i3M+$`y&]PpC`ihDӷZ= K-yFqF)wr5&i~f{tN3T鸌f-BTKm嶂5ɍx.ێXH z ymOuiyY8Kr&QÀ n֓[cv*xsv֟j^L_=A Fn}B 5?%z?Mpf8KI_3apY]*29ȪFM:5FeƛX7~RZy|}F_$7V&SqraҥޓI|rjgnn# iQiNs ,p8ⒷI'o궷mk[ȑe VU:{ɢXXb6rBBW5kJ,5;nmWv<(31fFVssQs};bZ_փl"֑ignU~wU*7iA/;H*k6*87GJglIuo%; 8 0V}k.? ]&M2UKXdkFP;Ϙ #ҍ}zk#5ܡb $jCb_0-`-ap!rT3wn$O$bҶ}M[yُ3ΜtgAj7άA2:5/8HaA[UA${Z5>8o9Zy-$.FGȬiZ 4Wܶg4 X d|HMN FKű74F Q}ρ Ν>w&nʫ 6RycZ-ᶽ.g\nFI<0m[4;t#Tw/T{KT-<}CbG&ŢYz<3"wij3wm>Fh8"VzJR!b)N}IEsk?_Sy]tW7?^5}^A]tW7?^5}^A]tW7?^5}^A]tW7?^5}^A]tW7?^5}^A]tW7?^5}^A]tW7?^5}^A]tW7?^5}^A]tW7?^5}^A]tW7?^5}^A]tW7?^5}^A]tW7?^5}^A]tW7?^5}^A]tW7?^5}^A]tW7?^5}^A]tW7?^5}^A]tW7?^5}^A]tW7?^5}^A]tW7?^5}^A]tW7?^5}^A]tW7?^5}^A]tW7?^5}^A]tW7?^5}^A]tW7?^5}^A]t{KUiפ:ARPeаLOK+}CbQ|Z)>j |G E!YO ,}D|EVPQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEـDd2j  C FA .UAC_CredentialPromptB2Rlepeɬ [pFlepeɬ [pJFIF``C    $.' ",#(7),01444'9=82<.342C  2!!22222222222222222222222222222222222222222222222222" }!1AQa"q2#BR$3br %&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz w!1AQaq"2B #3Rbr $4%&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz ?tA\[s \sHUXR@#'CATrgDOCJSo.Ⲛ)]&0k7>S]lYJWvd`"i?]RZww{m{I9 J+0^UW,{.i?]G4.UP5K]X܋mzwK꧜cG,{4 ?G (@}#{ʣʣ=]?`"i?]W ` .i?]G4.`SQe#GX1֫j&QMtW*vquQG,ok4.AU*Kx}q';ilqӅ=}(`ri?]G4.UU(;kW2G$@@BG ?G (@}#{ʣʣ=]?`"i?]W<9c9ܣ ?G (@}#{ʣʣ=]?`"i?]W<9c9ܣ ?G (@}#{ʣʣ=]?`"i?]W<9c9ܣ ?G (@}#{ʣʣ=]?`"i?]W<9c9ܣ ?G (@}#{ʣʣ=]?`"i?]W<9c9ܣ ?G (@}#{ʣʣ=]?`"i?]W<9c9ܣ ?G (@}#{ʣʣ=]?`"i?]W<9c9ܣ ?G (@}#{ʣʣ=]?`"i?]W<9c9ܣ ?G (@}#{ʣʣ=]?`"i?]U'SbUI^1c'߳Nmou-cgvE'd }Fy+mQRr`"i?]PhԵ{{͈Ӕ{qK m}{i FF U>aAN5J\RV=3ՃEҧ쬢튳l1άBUFrq TeGTo)H?)T+WO72Y]uVuvH:ֆo hrFǦaJ?ja])[­HO m"Ynn/~%E |w A?+dd`_^[[h&6\*+!. 3 P& _Z5U}Z]=li:ET=Wr@;k_׶̒d%f'lXds~?jaG-1@_)}?֩.>_HK hbGӳb#}*9QjRw̆K-Чt[C=T?k/M:}?X*/}]f[P5EA۳xsֈ|"sTkbZO7ʝW? _k{O֩ =î<CO 0r2|F*>^38uׄ|hPOcnFXG3Z5Rɯ—o>Nֿďyi_IKvǺy`!XXW4} R&k_"(s):c)-@o(? ?%`xogw <& ?gaU_X<gaK 8& = ϗG\7,@(??]ϗG\7,@)faK˰}bs??g>KytyuɟYc3QXKv^]]qc WL4r.c +&?_Xc_14eaj7BG{R#f?i+SBmW@YvUs+S`X~.72$l^8Af0n5=S9:>~ 1}h|Qf~uUzaׯ ȟY脯{UJJ0pc~%.ZeƱEakΗqFڠ*$k9K]jw1]r"@ }?{/n;gt:gab\92te9L1>i3Euk?$$rGϠ0?;Q6rwouk(fu@9 wֵRPŹ*UVg-1b[(,;Jr}_h^鳇$-o.m'h綇+288듎s..u}  D$d@ŔzEjuo}y#Eld@Z9qrEifɭיX?L=Iv)+B-]0j"(̖Y&DUsqStTy-!L*,`$:,fmUTh۷ճO_|qډfhJ9*Hn<:]Ò]QZNTDKf')Xvޞx,-imn䍥A PpX&wh w?g>M-lK]Vr۱;rzGoZ4 BIVyZI! x[i`.d.ItFe-j>,Z\vAviA]қyj66O<1쉂#$hUNx玴s c4RִImU|O9 ⼏I5#xa`ys$ Î9=SKY$2kNڕ8v Hs XpB`QY 1u6…H`1Oa8ZԓzLmy/&9W )\hZZ8fG9WK#=)s'n[:.<9FOn#cynZ>}& !QQf) b~\K=ƩN ՇZ*ZĦd *QIc F%['pv>+A@t-BygE$0Nb<SA-ADt? ^ ^?`Ou߄~/sIIխ/w%Sїƺb[܇m&[yG܏ƹ1]7|I .#KanZ=p;=y.NJzmIrKzEF5|A1iQ;PdFܜ=koRkrD9r{/_n73]Kus+K<^GnO;+S>w=\V9,4hG{+ dSk)K9[ c9HFD匜c'h`?++_Fn7c\S,lOoBdd(KK٭釶Kkzuޞ-f. "42p@'xy"l1YTSPIXQsoMh3fqugD^(:1 y5 "GQԬ 0]܈<,>cٞ;f*}JV:u[}FPoukew6 ZaaDpv8TKuTK}5mkGxa!fB㜃áR{:iͪ9-]w8+W#Ms}>XIRl~kF*2yXn< B(T`U(.BSsT"Phy8ٴ<<ǣ/s躭Ʀ}"#IPA ^ qZ_+;֟l]A/$34"``85C?ugĬA8fC{q Ŭrmip#j,HSu$zZ]Dn{o2?1~%3^vĺu15Rrq\٭Vo6? 23Mj\kVr\M4rg c?{J)E7V%Tj_sMZvVwnE#$#{QNK, 򄶷vI ) B 8$a_׭]mc44+Y,uwG^5XϧijA-_Da5Ք ZB [7KK٠OʼnUʹRĮUf0mj D1k4iRBB qt->Eky[GK3麍VϧBUXιiso{m啻hsBd3adj5+/u+' ~8U(ue= (ť)_;?R*:MыE/&Ţ?V}z2?m?BV(GVQ~MJ*m:q\N*7ίcE?gL#+ Y?cG(KWG֫wtg$e/(KWQG֫w:F_Q1l^U/"SI?G_v>WS<L_%)G_r>WS<L?%(!SI(^}N,OR0lL?%+ Ya/G)/KWGjP_ŞK K’$ez}fpYa/K O4QT?g“$e?`/^EY>Cy?)O?KQ SQT?g•$e`?^EX>CyG)_?OQ [T?g–$:_R?νZ>S}J,R?ΏR?νZ>S}J,S?ΏS?νV>S}J,S?ΏS??νV=N*L$:?L$:J(;Ԩ/+5QM{$::(;Ԩ/,7Q7QR<GOGOR>Cyo)gK w'רG>Cyw)gG)g^EާpY;I¯￶ϳ8gqi3 yO\SU}* UŞ;xŶ?߇F--]!ыE^.\POq6iʙ(*%եVxs.8sΨK*B[' cU}7Fpi^[e TssW4{[WԼLu味WE١oڼٌv|UKoO})JKEe2e%ـ!H΋.=NamFeer;@P8s1xcH՛S gIJ0:[b傂ryk_`~_օ#şڧ@be[xӚ/K8|Ckckgmqcg,]]2M.#Ury y\3[wt]+PK;iRx}Բ,HTFb€8.|1^^\]]E=5ԯG]2#Zi+iJOkkm<4d`9<*狼EuiNlmjm=kq$SvAF1: @[Ьj Nl]7xU qۊ74VݭD[Sđŋ0e`;ۀqF1Uu{)>[y~/\jLt[æ bYlUĤ't=GXnti+<@*7zіu u/.0GS$ך~+CĐ\32)%W23 %}mj%c"3wW]Kk O!8bX.$p ==Ju),E4׾=:QO"` Z>X:CyO:1Cp7=n.IOxܓp<b0s#'<-?k;Kb&7USKgM&[,Ivk*adw08S6@QEQEQEQEQEQEQEQEQEQEQEQE yO\T yO\S[y!tF- 5Z+ZۯO՘^: P_Q`_diQEaUn5=>_*1Lq&W'y-ޯ3P$(Ow)74 BۚGl!?ƹM'٧sNw|[SIԙvzμc寡#eWgIm{kxַ0 ʧgD۬@!?7Rg3={MRQEVo 꺕Mii,񬀕,Xgdz/ͽ 6-f189hu=FH|mGolKG3v߈ek-ͽGp^GdB.[:0EցWV4w7jѲyChp:+O^#/>ln/X!̿h #mF'^x4֟hY s8.`~os@V,,mEjq3ŒM#cb#EPvSMYEݼQZ[K3p˸l-GL@_u4S"9IbuxC+)`yS Š(((((((()*)*kq='1wƑ7(*Y#<!o"c%w5^; ^DբaEVF\yH%$^*/1!6<}k(WSçYa*bS<*'#AWo>ilyC >RI_V6X9Re#8VS~e}ve$7VP] rVrZʌmة%OǡoJ=ye4j}OSm&.T}+nqwm:Xx#8 r=5dn$: oJW_UqQEjp57cA47eywlޥs=3X7MRA{"="FIUc#S[ޥ}K/v3 `j>;?-)L &MIE'5{e\k]Mb^[%+.\2TG6.|(O,kOhL@`KY1"-Rܦ >XeVf@~nNA*HimWK EBeLF~anGO7ioȘ_ַ0w:{{,1[KɏrNw!p9+PHvAl/帷3C鞴o֟o^ j{sms hKL &!WZOrK s&ؾYO@z?y3FյKk$ӦI>ڞkLA3w[ WGsޒ5peԎ0S}:m K?CcCJMnúOq#(N9?ᡳR2L-4 伏б>Z5R[{?K3}d _>1(ᵴ}CWmDeA|;v1X84.gkfFvofn,- 89 pq\߈<={MwwWZBizD$ܨU>\}o$mv VV*JRIV=y8t:iV![srdjK2 `K+~Csx8݇Qڶhj̨NTfy^msi sG1>xN^Ƽ}ҾmNsԽQ^iI-Hk"cAQ)V8X(.SMdY%6 p OrnU;>qa*[Bw,^[Hwc9yzm}_˨[Ǩ{2 KeRT܅ﵫ^{}KE];.Ҙt%WrN)+~BZZ՝_ sy{a-oo,H<.$3 Wa$<-9Rfm2QO$3Z5)YrN1ߣ_}w?}2Pk缺LK,llv#m8%Tx]*2V =LgS(@ u)[K| ~N3jǥʱј$Ƥ8Uמ$S[9tSvcižQL2 \QU}ok6֚en`kGVI#n)dBC4rT xz ưw[諦K ?g.TKs!CHIOLo/o_EPEPEPEPEPEPEPEPEPEPPǔͿMPǔͿ5ǎ|]oZ($P~V^0_'N?BWםxgD*D%z-MO%a\uz~;ĺVp2EjU*Jh:z]P]&uWtyБb3\uѯF]k][Ė\\"q]J’N<@kSiw+l.6WpV,AUfѮ /oncᐥdmPO .X1NgH+mBnJդ~Yv sB \ߗ }`R^˧jPZ}[i1wc,c! qOV-3hw)-t.g`~u( ~K ldg6rE+-!ad $ |c4qI-x2LDa#vr:Q/ ukmBLr"mRpsMm=E5ܟ.UPbhRE|1sq/Ơ]]p/ ,G (+ZK]GPq<-lNOm1F4v;o>⏇e2ۭ $F X<NFwQh~5KKOil|`3_u898_[zc%Y14$VF#nc>MBnK -Ʉ.^=B@=_WO(i^9Okn[R(Y* ŊAxxNM^Fd`ۘVO0KdtFQmABnkwśY_vCak+ +KU%e&fs0?[H5GMԮ䷴[4+$,K02O`pp۟iv#eYhVXX0( y)񚧪VZuZidVgylX^Wi֮f"[D1"Qql{R[_owoEm.=#PefF%q->v‘`o :m) FU&7ڬm;dgQTXj6j ڔf0m۵َ ==ǁ滔=oqj[6D8>Nկ/jyKmjW1D!38RMk,oĆh $ q[%^H%~ b_X4+W@.vnRF0܅[s'C%׊wKc `C2XDj1\ݥ䷉z:nEER(!a-:aM]Bi-&Xağ3 T =WpvyS]Ku )y](A$TeWPOϞg1!P߼#8uͽOBSYȲ[]@W̉+J`AO~ x\K[K$-,rKrO̤(8'$sV5>gxԊ){aٷ jτ-oi/gⶉc&2!P 88ci$AZ&Gj)2b#4d% I-rO?޿O_ĵk{CoD(r@ spjzh՚HL: | xu6oG,R-Պpـ y#$gB4)ӭiDaCAO$ٙjO7/@ (#q`Cknm纊+D˸2OLd`r3Z}~oi%y/Gvnޒ LEPEPEPPǔͿMPǔͿ5ǎ|]oZ($P~V^0_'N?BWםxgD*D%z-MO%aE%y(@QQ(G%y(@QQ(G%y(@QQ(G%y(@QQ(G%y(@QQ(G%y(@QQ(G%y(@QQ(G%y(@QQ(G%y(@QQ(G%y(@QQ(G%y(@QQ(G%y(@QQ(J!DHB}CyS6U5CyS6T{9wI?1h}Cb[Wz~Dt; ^^u?`O5>U{Lǹf;N +I;+(2aBJ胫4j:{˺y3˙?]cf7v[uf?ʘuAQ4tV !'F?SKyf΋..ږ|˧|ɝq A:gu= ֟*hQTƏ%/4(~Jz_Gޗʃ]U?%/_K_hA.*ޗ4rbO_K_hW9PsKr4y+9عESW<ƎT\+Jz_G*iv.QTƏ%/4(~Jz_Gޗʃ]U?%/_K_hA.*ޗ4rbO_K_hW9PsKr4y+9عESW<ƎT\+Jz_G*iv.QTƏ%/4(~Jz_Gޗʃ]U?%/_K_hA.*ޗԶOt)x&ŢMыEm_u ?xgD*D%z-y׆N?BWb\>&ZZU?/j!U>m(@(m~uN Rո9mlT O*¿N$?݉+7M4N׹.V~+J`6j:y$p_iYrl7.XdY' kRIo-%;|1ź;W}Fږ|Ub.%M ZhTfںթ!@hPHw֥E R)#ZM&eR)ERll滒T6[gB pPˋt790?AiܹuOiXq7^e u0)sScK sun尞;u`Nfdjm3JᮞX P ~$ukW}4^,gFyw'88]<1i^+1i1~i:u'a+䙣7JTGLrY9$i-OGזK\sVoEo3Ďv܅ ±jV TyEF0iT/$9`њnh `њnh `њnh `њnh `њnh ~?kAZPǔͿMPǔͿBx&ŢMыEm_u ?xgD*D%z-y׆N?BWb\>&V>bqժsj!U>! O~m'U=hb0m3"vq/jҿ<m-~6юNq:;܏gRnjK(PpTg01Mxٹ'((D[dE8b 5SFΏ\< %Bp y5oz5ٷ-6&W}^2^*jMι- ݘ#;|lykuWQ.TJ?h''@b)z}PI8oƠ䈤xjO&ἒXW9Kh2!<*y5~3r_ WGV,;N=ni aFK@RHka\o_m L1qqk c99?Ih:6$rjEFIJAQj_ݿԿ.>mlm0bWdyr㊎GүglxS4+l@<}}Yi|!$ÚD ^2rNdܚ}i6]$X)n-n-Av>FҬc;=2-ٞPD0@ : Ue#Eg}Yw Fy}3FӬe[ZlW P8TsxkK;|5i$%i{U@ K[>@ K[,NtL,bvmĬzd-GSJP|Ktz֓ԿԿabucq$qyK9:5- aqgdZB0\>;ԿԿ.Ϣ7ZlzmƗe5xk%KB016ooE ETu5/mhu5/mhk_Rv_Rvyњu5/mhu5/mhk_Rv_Rvyњu5/mh:ϡjJw@A)'X54sFjgK#t*FA3EFi4XfsFh`3M;4f3EvigAZ5-YVَ;CyS6U5CyS6Ux&ŢMыEm_u ?xgD*D%z-y׆N?BWb\>&R>"qպy/L>!Lά[s3y- {[Dm 2p#>szȇUmdqg ۿ\dTbu`伎UI4[<&h򲆐?9$p 䂧º_[xr[&laSxp 30F:T<Vu[}=έx-޺2.obc,a :c 뜊)yԨcns%Ppmt/ 3>H>v*[6VWдb$R#m e)=:ֹ[+.m:% 0f243aQI񏖻TvV)gGtlÑ8m^RBT&76#I܅~ld/`EgB^ ? iH0wHpG?-ύ͏WSt;;PxCY?PGWAk҈-Nk:=Kkhq |$+wӽEk &{di^i1'gJmT.r%z=sqǧ8F5̑|͌9* ps:oGs%[-hdxWI\BAk,Jee :AE7([xHv}A?&bI8!Wq}'`—/rm]$ y byn.4 ](PI&Jt7ZU`iJmܠ1ATAETMC ^ƌ*J+ח~ (k 젴dv5g3 C-n<?Mj3/zQi>fI V&D(<"8UΘI n\B*yEֻNXC}&q_ʬto i8|xrx'Z@ !PB |q<{tK}??iBQ,!ҠqBU1)ߝǘeO&)n4\>6 X`+СYYW?#Pui/=GCM{Y?MeV (y4!_,܏&h?#Pui/=H_]`TV K >>?#r?=yy%K[x 1h ڣ.joh,܏&2&ϱhMY?MeҺ >957g4}GEY!?#r?.ϱhMY?Met}sFjoh,܏&Ceog5f 673dS6\&o?ʦo?ʲ[$P~QwI?1h?Va^:O ȝZ脯E:UJZ KŠ(FK,p^WTAf8 b$%bX]E:c.[Gua \DmhT0( bq{_&kFA ?_Pbq{_&5H1w ?o! {k6 2#_0VḊ" MƝIua4v4: 2@o0z;.-, +Q@Š((((((((((((((((((()*)*kq=$P~QwI?1h?Va^:O ȝZ脯E:UJZ KŠ(Lo1(7G>9C ]vSx\Z1EjEQEc kf ch?ڃ['֏-x5'ɓ?ت[39z>;ҊARԚGy{bO#|o#^_jڅMWWHPHݍp(Z_`6ޓ]Am}YZ\C)>PNO'U--丹8`K,QGRI <εk/5{ 8cEr78%OY=mmY g)8<v˷&y%v֝{p ay`GX pҮ`!5|3.N^9MEf;5>[Tp%49!AM 'o&VYPILEEPEPEPEPEPEPEPEPEPEPPǔͿMPǔͿ5ǎ|]oZ($P~V^0_'N?BWםxgD*D%z-MO%aEVF9kR}msŸ'Z/NgOOE>kEQEcDs-9Rbț>Erk9?? 5>8zGҖtǛ\]F.G1أj8's9rV@/bjPiPY?T0O% C (Z^?KH,Z!WL9Q}Uv^'}CN 2CC CIyu#𮆊:[: GQ í_^Z,R؈^lAʆ'+4Z5Brf6 mq/WנQCWF-G5{ C{iR7oD!d0GX|0k6LÚVuݼ^ .cO,V\9WQN"m>.u;K_`1\C.G2*Y*? xoW|vond !pFQIv*܆("b,q(ڠv,-wGGq  {Kh$P6SЕ4PĴVGr~+}m##Z8\` -#՟حУH>K:ț>Eszr+ɬd[msvҮaa "JDppA OsDB iۖ.sU'T}ڎQEdtQ@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@CyS6U5CyS6T{9wI?1h}Cb[Wz~Dt; ^^u?`O5>QY`mL閧YʘtC,W cYʜ4Q,Wh O#N$c S(((((((((((((((((((()*)*kq=$P~QwI?1h?Va^:O ȝZ脮Qz¸ ȝZ脮ڦ2ڢojտZԳ[?GڢoV,/VQ[?U ?jտ}/VUj(ڢojտZ[?GڢoV,/VQ[?U ?jտ}/VUj(ڢojտZ[?GڢoV,/VQ[?U ?jտ}/VUj(ڢojտZ[?GڢoV,/VQ[?U ?jտ}/VUj(ڢojտZ[?GڢoV,/VQ[?U ?jտ}/VUj(ڢojտZ[?GڢoV,/VQ[?U ?jտ}/VUj(ڢojտZ[?Q]\s[&6t}*:=p*kq=)$P~QwI?1h?Va^:O ȝZ脮ڸ ȝZ脮ڦ2 dud&=I)=E~o6d5YRuEoܸE>WVx8b\jxW,vz5汰<F~Y#R0YF=TRzަ&upV} #_~a-VZky-SRLlqG[^{ﴍ:h%"Bd 6o&)U~I O]^[Gkk,B)u6Xʬ% ێ:(9Լ_&LKSx6BRI$YUMtzWgΕ5q)G{It2,@_(((((((((((piֺ5E"F+V8Rkzcc"K[Rm)5Tse,+6ʏEt/U7(?_r*+6ʨ nm2 A:ǃԾ!z69rZȰ8;`5ͦ7^L[ x^m!Y$d[#pzj6ܿN=rQvnԵ%9Vп\7{ceeNuUăYNYgwA?7uj/}Z/пG"aQOx}^/<8 pcE';Wj~dԲY_k yw &4Ci7ϵCuVo*fŮ^m?MJXoПGMQ'OT O7%s"EDFHDdP'(`uwY44=X4; Qlɰۜt=}*&@OKTttF5!=;]S_FiEsmRDR hž@8!=GMTsizO>E j]{xUG$GW oMm4簆tu/fbCdVa~U|zVN]b?^jvƶf‰c,^P~@ CZ_ +/5ѴfP˥iH"0J_M6 UX[TloE՝L=f X 2H0H UW?_ndCǴBǔ]oZ($P~V^0_'N?BWm\ON?BWmSSpNѤo: nݬHW\GLd6v}myP' ?nQYl̬CLn`0??f]4lJ\b7|E^k9<)}vɈKIl< `p $7~aZ=Zۢ0LbF%g ˖-X9ZAS\*O2WHS@*((((((((((((V:~}1+FN+得Z|kf9?I?ڒ7S7 (_܎OROG º(_=$nojI@O+iC܎OROG º(_=ݼ]K-Gq5ǔ]oZ($P~V^0_'N?BWm\ON?BWmSSpy[|AdTN eq 'V'MSL<3m:GmKajҴWQ\Rq]izjzmI0, FqRIǩhԺhʣbƞ(kKIv)dMdR+pY\$:hgm#3)VHs99X9q5z6NmP40`X$o;K|AdinpzG&F,5#.o"Fms¨[/FO[{Xngȟs46uױ%ޟkp!D,*P쏛ҡ,ZE.z[!t/AQizi`ZxU SNKU`$zsJOj iע+?\hZDT!ruGijrjq։"{D82GaPGg-NI.̶ cs=it;k_OsĿd{{:}Mm -N F$m|T5p!$LƎ 6F"$.4:%K YX@I r9PI tk+W6/m Zcv8?*ק57Ömڍsb>['xv:uiqoRkGE,p{`=6M54m9l$mj"f㒘<qUtqn [FbdJReW)_>okIŰ<7-bS1KiA>Xi`, 0\ +mF+v`T&Iopx]etM<}$ TL8u0ϡ>KBv艧 ݭsjn9Ě;]?tbX꺍mV1_ekQDdw8 =A`] ]ۍ>X x-Q?0 n@䌆4tæEZG*mVy#f1*8("IHll@ |=o_á/E%lyj61`0#\>p6dhZ8Ԏ4~q:yߌu?&8~kEAy+ p2: _/?9+Էj6E?KڲZui;hj1<)a|7m|7.zp=O-J)ȺM[p-Y8O^VOyKx{:YS^[ Ȧ;A <(Z׾'{e}*Gg,SC e! qccEgnPGUp8t{+WlmA+E"3b AMZm.#㽆VPW$-*hI)UqAqga$PI $ji(_-d_x{DٚG>3$l}=յhyUKyMoW8ʁ)j 4}RWw/fd.!0hUc^Am-KQkvZt <>`~`U]I{=.3 #ln$ >\03֒B6s$ b2:ս08 xD֍-ih\A>>p֭ēPmUlYQ̻i3! VҹM/4Fp5 CӞ;Y2QQN^i#FGSqhZ< xV1EKtx99=s_=.r%Mj[ZM]P Hd;< |YIӅݤG3&X wN1ɧKvI%;m=^% Af'G/]U/`wm}Mo3R@KO*`o>m=^% Af'G/]Ua=4}z㦼K@KO*^5/?=ÿ{o:h}Mx/]Utj_T{]߷_to/^5/??z? Կ$>o5_tj_T~IQ}v3~m=G:kĿz? Կ$3R ;gz㦏_t׉~IQ Af'GAwm}Mo3R@KO*`o>m=^% Af'G/]Ua=4}z㦼K@KO*^5/?=ÿ{o:h}Mx/]Utj_T{]߷_to/^5/??z? Կ$>o5_tj_T~IQ}v3~m=G:kĿz? Կ$3R ;gz㦏_t׉~IQ Af'GAwm}Mo3R@KO*`o>m=^% Af'G/]Ua=4}z㦼K@KO*^5/?=ÿ{o:h}Mx/]Utj_T{]߷_to/^5/??z? Կ$>o5_tj_T~IQ}v3~m=G:kĿz? Կ$3R ;gz㦏_t׉~IQ Af'GAwm}M2kwEY2J>S^+ Af'G/]U ÿm]?mыEp~7—ZUSJ'8lTWzad$$$If!vh55#v#v:V l44  t0    65L/  / /  / / / 04 Vf4pyt3:$$If!vh55#v#v:V l4 t0    65L4 Vf4yt3:$$If!vh55#v#v:V l4 t0    65L4 Vf4yt3:DdhL   C (Anote_ddb a:]dX!87g"una:]dX!87gPNG  IHDRv2PLTEccd999Ŧ]]_~|inpr肀l۟;i]rŷ𗇵]ءD`ch̡dա˫nq6UUVٯqrjPdcVmTnդRpG}[.Ӧݫ]]`}f  ݞv=ט"ܰ]yFpqظf;՝buW4mY/AtRNS0UbKGDH cmPPJCmp0712HsIDAT(ScpB(Ca'Akap`a-Ccd!SR^%  `ca-*70REv:PHDON&92;<,2 a{(mVP`D\8%M(>bIENDB`~ Ddfl ! C HA 0UAC_ISV_ShieldIconImage b f5u8Phayn f5u8PhPNG  IHDR<:{]PLTEO X{S[]{ c!d)(-m04 :x=(<$F)F;E}LL3UIUP/\}gX\ Z]YJX9^D`kcsef}dZcb>iijbqmeRoallXlKplqqt.r]{yyl}xd{ruZ~bȂjuC܇jtD"_}xx`t|ņ,˛Ǔ12 2))92 2@9Gqq?~ϠCBQZlQu·ՆFe،ԛތiDzp2νԤݏŘ|ƥļȃ[έͲJDzєi՜֦}ѯA׫Ҙ * D9]QbZqltsۅߵۼQ¿kҶ3,PF]QiZnbyoxf}y㍌㗖䤣組䵵–伶ދnzvy픃ﯤVsűɾk 0L%;ITat)$bKGDH cmPPJCmp0712HsIDATHKmTUp9創 Ѐ^+mF hScPՀ؛%NYf*e/A)XHޚk]fwg7s~;. 96e5cf21H/]K/V)u0止G5%HD[by]&ʢU;\ K+/{M{y=0q t..*,IdAQJ+wKt±0<hS-o&`xs40"97c:kAvq?&3ա~1$&u˴^zeV|6d8S}1JPLhZ]~}!Ա#cy%1 ??oZ^Pwy8AHy~><0pcFY1's< Ym\N-t=:>19y. 08tn\AW '&7]vcE<zz{cx|}q  ɍ v?:66vC4 prW9؏vVMR‚f}V :G {@Nb‚i8<2< Z KVt0>/ 59@ IW fkv &&𠠠'bKGDH cmPPJCmp0712HsIDATXGc8DǏ'Vr0qǏ ['zvb+ȡ)ޓף ȡNR۷=?~P8@G";tC{ȄS ڷ *94`zK"7 &94ow.+O;n&;e]}DžA2yӁZn6ġaƇxՋiza֓D1QZ~Ej~0Yb̅ա>>dfVСw3[z[n>Dz BW\~jon+WeXI3]2AFPRAբ DT\t+cR ªb.Pf,2Xy07Ah4n }9b Ӏ % pF!)KaӇPas=[vO1ܡ@wBw(/@(y$Ca:83;s woR;`d#Q{e@qQ`a"6}p=` FB AC,WTeD^` r n*0(M ?@!aRXcfcnbu`{%c{!byAc{Kjgccjo:Yф[3f9iAwCzj̊M`t҈`gۋkEpKyWH^pۙrޝySTUȡwƀ]fW]hƣωՏw̴fĴҶȿm`oĞxɦɵm»mӴA̽{^ZҬƀˍ:@GB{yسܹҕk^濙áЍإ+:3`Lt<ǥjϫ^U̵`߸+BOF𡡡ebKGDH cmPPJCmp0712Hs IDATx^TS#I!ݺiuQuPP)@<!#qt3T[#$tF݈en~9䮥;=^ PnL:sN&@ b)D5j@M!B4|f6A bmk]D%R,b\PdLc߰|@[~tȰ+[ wnFggsuJ21vԯ`0X' 38'ȍӅj".ՁeY;Ǻ!("|#TQ&2W,jF LsgŒ*R .~2qD 0~Gж؄1FP™VРR`ĝQQO=9T"ahy\2a~4$0 t0> '- 0m/|"9m|/H`8BG{&2Iґ'`?sގ'&')͡LS׀iBm!{IL{zMd>! C5L Ib`ɎQ]\\|p1EPh0Rn?kMnF;$]`TUe z;,&nshhPAb ;DɄP$(и?LN.AŐ:0 T688dx(MοX* >G:42^b@(E7NWV ;LQ,k Z-5 Tqʩym!{ج; Pt-,<å1fUrZ$cG V{ 8}J )|zjo.E?@$eN4D15ࢋ<2Rk Kڂ8h> A^B JF`@FD0lV` &S.:7'}aFZ[0TRR^bf #Ua)"fP;Z\u@p'b*~ov1o0j U:]+m3Ϩ+ CQe&C ĠSGF 1&\KN"CeeeƮ#}61+I L++F UOoO0rZ-?F }N[Ma/9|iO+:XPՊs1 ݻ_)G0\R8~qDʡ ΄t|\?{k[nϯ[q=ŐE/Cj^ eyezC!:";8\O80/|Q `zۍ qd5J$kVo0 4H/rI$l~1E2GcDm;$bpm}׬e0֯tZhN;YYGvwE2@LAj ԰#oh# 5F:fI1'chtwWT7CP(ͅ)}vμ95Z}&_Z0F߿+16IR*vR }"ɶ<=YU݀8wG3^c2`K ЂR[7$/0p1~Dž+`G JsBqvPl!vG- פp h5F6I[ c̈́kkf+c@';S,I]1jQ S)DSx+і "IENDB`g>Dd j $ C FA.UAC_ISV_UACCommandLink#R=V~Be,>ʫ=F}=V~Be,>ʫJFIF``C    $.' ",#(7),01444'9=82<.342C  2!!22222222222222222222222222222222222222222222222222x" }!1AQa"q2#BR$3br %&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz w!1AQaq"2B #3Rbr $4%&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz ?߰ӭ%?ifTYuUV( @d'4.ΉZ蔨5]AtEo&8ٸnžN8A$9Nrm ?G (@}#I56*1x ngݝ槼k8W-w7@maMisK4.ATai%18$xrk=&ٮ.T/#%@F8ap}r4.AU**Xiw(O>?>HtE^`r4.AS+ta,$#(/#I Tz~[Oku%wRAOCG,;_i?]G4.'9k\ID0N[tO_J|;B Cʒ@8zXiw*O>?>HtE^`r4.AU**Xiw(O>?>HtE^`r4.AU**Xiw(O>?>HtE^`r4.AU**Xiw(O>?>HtE^`r4.AU**Xiw(O>?>HtE^`r4.AU**Xiw(O>?>HtE^`r4.AU**Xiw(O>?>HtE^`r4.AU**Xiw(O>?>HtE@-mB-.GKs)eԉkRAi>X#9+n8>:Ԕm:~ei?]G4. Ws[I$^r,qL%Ddр<C[;\\.\*GE1zЫRr嶾xZwy%υඳOh$+Z7#kVIŲfǙ.R۶ o*ˎ t>?9ף osMN 7_..?d꽬;k osG@^kk osG@^kk osG@^kk osG@^kk osG@^kk osG@^kk osG@^kk osG@^kk osG@^kk osG@^kk osG@^kk osG@^k;SSo8ym8ʬhj5׿eV嘈d;c\!_% o\&  ?'F>R-*8RQuI/;fI+,ouM0^? ]q>? ]MO&QEU:71SzW<N7jjȏ[4AEPEfO=RlΝeAk%,Fs9Z."fOG=z@h(((o?~v=:M/짛euM*00=q@訮."vHdv8P2N-[Eq nT2dhJ*Y=쎪#cyUDN<{UT>"G`CB!{z{е65袊((6p7rh-I#}>EPEPEPEPEPEPEPEPEPxD]weMxD]weM_G-gD*D%vxgD*D%v>CaX;K$\2#gBeTzӹ5ĥ!i )Mwui3\rO I\6G0kYRf$?J}sw`-Bo텑95ꗳEupy8?J:Mif/.]W<:YrR%ft,OFw:w)b º͆g+ôd Hk?E5i.Qn e#v)+x4oXix^HRPob~'4ƙ[՚l59KU6I.$, r2Ҹ?h$ H%<7Go9ϒ#2F֭ˠii|ۭo?1_sb{_$}W%&" pc^_1Xv>MVլ1>p^mcIK 5\lß^º>t7 S̰tY0 lHO֓~%%~LRY%||e;x.qJ__#߈nYLkkusk^vI3ؒ7F#K\jWV:;A%HXapBs\g5=VѴQ-V >[.쑞s֖š5ȵū5^Deq%$||e%x <>[hLLeSz7 խ_1WÍfD [ dq]V[@!"8P05wΆ7jgy{`s׶q:qCտ-suiWM ec2n2jR $IxVxin,^G 6?'ӊj5/++Vڜ>D""1 d l f{WB"Fd-Ԣbnؤn@WGcNskžsMh0z?ksu+L%&SoFz`33/AbSyftV|mqy:{R?ZhmuSiznc(?FqRP"_35̋gl-k;md \IC줜H|-Mha<ԩ a%`JM :;Yc;#v*ʁԎGK]빇+PŪ]nu";nH㜌tT˯>&X6O,1e%Kme=X By +C sTsy-̶L fn$Xfq RN/x\Ӽ1w2A fauM22v }`4_WZg\E `͒ h8^kԬ9]E"XVl>!LW32M7Lܜ ǎWODy3׼W]O}/Zۭ}Zco,v9GW^' ;9XdYN̤pʖq՟ iS}A`9O"Eu*E$vX#7=*V%^}]|0o1cݵ[#Ns-o#5_ţx\Zd]&QFTr2Rw&jWoɔI@8 *+u5j]LNk~1<{gfOt/ Yf$mєb^C-0\<*7бD1Q?/A/vttQEQEQEQEQEQEyE_K5A4WE}G/ԹoiJ<0?m?BWgQSቬ7aLBƎaO42/9a{ hÌAڗGȏtB>mJ֢ ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( ( (8A4R׌ 9o~ |>i .?Bm?BW[Q?Cvko%ĩ1!y$($w*'jRy^Y[~p]/QG[IlW~n~8ZL>ql߷f_9N?֮sl}B=bMbug)za󍏴XfدFc2/qs|cEPXfدFc2/qs|c#-ٶ+ѿn7X̿{r\8o@#-ٶ+ѿn7X̿{r\8Hi6moۍ3/W96>Pi6moۍ3/W96>=bMbug)za󍏶B=bMbug)za󍏴XfدFc2/qs|cEPXfدFc2/qs|c#-ٶ+ѿn7X̿{r\8o@#-ٶ+ѿn7X̿{r\8Hi6moۍ3/W96>Pi6moۍ3/W96>=bMbug)za󍏶B=bMbug)za󍏴XfدFc2/qs|cEPXfدFc2/qs|c#-ٶ+ѿn7X̿{r\8o@#-ٶ+ѿn7X̿{r\8Hi6moۍ3/W96>Pi6moۍ3/W96>=bMbug)za󍏶B=bMbug)za󍏴XfدFc2/qs|cEPXfدFc2/qs|c#-ٶ+ѿn7X̿{r\8o@#-ٶ+ѿn7X̿{r\8Hi6moۍ3/W96>Pi6moۍ3/W96>=bMbug)za󍏶B=bMbug)za󍏴XfدFc2/qs|cEPXfدFc2/qs|c#-ٶ+ѿn7X̿{r\8o@#-ٶ+ѿn7X̿{r\8doHwƈ4N%\:/U`-dοy6Z^v8:\>0袊.h:Z֟Jd~sSIi>XFP|qSib5UE4HעOֳm, ;ئ_.3q:Dq'j覞[t>$^! /!n|vǾαXz2LČjHPNGdk ] HG$:)Q~O۷vɟUm[ -nﴻP 6B-H#cVܪnoNQKȶRF͎g:!x}TIvݐmP[Gq2jY~bX=uZ.Y$ioʼn?sQZvoG &gm}8J(Kx%07 gYvcFuNbBvx\goW; KE߉cJD( s$c7fv% D /w 2Hbkg.m}s7l^PxS,{-zsR鯮JI˸ppr64Z 7C[~mfaIg'85f>Mz\!Pr4]bw?ZGET((((((((((*2g_Xf-/;wgv.qKB3Ggm ~q38ό (8: ?);m[URߢK>-dZ ȝZ脮ڔբaT5<RZۅ<ޘLyzż9p!F1#F8e ڲ4$ho-߻;o_g~?ֶ1 lM=Kz7ytch*=Kz7ytci&m&ލefqkc0~\閗wW[#lV,2pHQɣIt~~aZL&16ho-߻;o_g~?ֶ1 lMvBMMgm:a1G~oF}238LcbmEPG~oF}238Lcbm$ߺ[ѿvvL{0lc؛@/T$ߺ[ѿvvL{0lc؛I4{i7oݝ/3?[6& [P;74/9^=Е {C&m&ލefqkc0IIt~~aZL&16]DHXEDPUFT$ߺ[ѿvvL{0lc؛I4{i7oݝ/3?[6& U 4{i7oݝ/3?[6&MMgm:a1BMMgm:a1G~oF}238LcbmEPG~oF}238Lcbm$ߺ[ѿvvL{0lc؛@/T$ߺ[ѿvvL{0lc؛I4{i7oݝ/3?[6& U 4{i7oݝ/3?[6&MMgm:a1BMMgm:a1G~oF}238LcbmEPG~oF}238Lcbm$ߺ[ѿvvL{0lc؛@/T$ߺ[ѿvvL{0lc؛I4{i7oݝ/3?[6& U 4{i7oݝ/3?[6&MMgm:a1BMMgm:a1G~oF}238LcbmEPG~oF}238Lcbm$ߺ[ѿvvL{0lc؛@/dοy6Z^v8:\>0=Kz7ytcm,ⶖI-'Q$|$\GEP'(~ϐcESx+z][UJUJj|1. (5 )UNqj2#YOBU[H(Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@Q@}uA4QuA4WE}G-gD*D%vgD*D%v>CaEVF9⩅` ͺ<Z"Z֣! `؎:Cd##b `z5C AնdqIΝ= nɭ^#kCJA̗ol~sPU<]Xx x#lns*1=OZa-HcDP=r,/%PhHaQt4{ H5O_}ĦQv-(O=#;gۿ=QYד[n0,vB vVnZ zky"Eաї`ޥrϮ*;j̲nSpN?vey<{[rOigayxK9F.UnѲɛ#o;5:K GO jvm$f4=-lqLbc(yz\]e{{Wk+m4B }0Aƽ Xdr(8&==Py'n$vN1cؾ+-*H'ӧy#WyUPvycIX{|ʹnur 9m9NkF2KIΒ82/ ~U,r xMY jRcC2= ;Bח_:K_M/Wݲˑ9o#T*tI]8Fa. wx{JWcGog5~z[D~wZL7 \{:Q!;]V=rUSj9B)*z̿U#^I ӯc #P@sGbJ?cș87 4- PMmDk[ HUT#o`IQn=MMC\K+䰂L2@$` mHNu$,IFr e1]麝e2C,UǡZ3_nt%fM+ b[zѦҭt+&ٗBU|=YlE- xp3~m)^w6_Ǯ{[ ԶVt7*F*T ۏL {"+'Úd>w HIyP;0jVQH((>x(x+3"wij|3"wij M!0+#P(((((((((((((((8m 82> V8OIEQEQEQEQEQE7]E7]EtW~9|R߆N?BWm\ON?BWmQSቤ>&QEdjQEQEQEQEQEQEQEQEQEQEQEQEQEQEQEAyrv7LBpdA7.IDn ѹ }w Ƚפ(e91[IA)4ޞKOяKO֟ѫԼI.mOmk%q43" $F/="@4e/7]7]`;tŲ@3$k5YFf [c:ry#_ڋh$K#nN}koyvyx[̋2;?ʶ֞X+WWMMEjeYJ757uGCEW!}uA4QuA4WE}G-gD*D%vgD*D%v_h{G} ݉(}++3KJ*?A=h{G} ,蒊hG B0$D?Q?Т.(}( J*?A=h{G} ,蒊hG B0$D?Q?Т.(}( J*?A=h{G} ,蒊hG B0$D?Q?Т.(}( J*?A=h{G} ,蒊hG B0$D?Q?Т.ڼ/qKyTw%H{_iZ*+pAWc?Уh[S,\ZZ+5QKsk[V( <ܜEgei?[ 'QEA??#/Igei?Š(yAO?#/IQG}}_ AO=-F_(QdW??ox324G-F_(n A { ?ox324E{w[ 'Q { (۾>gei?[ 'QEA??#/Igei?Š(yAO?#/IQG}}_ AO=-F_(QdW??ox324G-F_(n A { ?ox324E{w[ 'Q { (۾>gei?[ 'QEA??#/Igei?Š(yAO?#/IQG}}_#')xWU$kY#M*p3(G=)Pm?Dde6j % C FA.UAC_ISV_UACIconOverlay$b=f< =$)-Y`#lnf< =$)-Y`#lPNG  IHDRKj{;.sRGBgAMA a cHRMz&u0`:pQ<~IDATx^ TSW=әNәNmֺjqm ʎBWUTQY YA-$M50 5Ǔ~o7=z4}=_耏Ǜ痔d^YYY555Jq"|AmmmJJJ3p2+##\.W,+Y鄍wލJMMgg/XkکeƮ]ޞuՍ \v!+;+#5551!!&&sii@ 3[[[ssscccEE]zE"I TW mת bdefRԸ8 p&YUU/? *(hooj^>|1cH A546ruؔ<&3ƕAC;;GƊ!$''GGGcAMMM#݉!dPkNX‚ :FCl6߈#""IXteeezZZTT$==[['!|0==UGGGۀDq£TA'9b1_^м##1s:lB9uu,2x\,$>> ?S\WW/T5 [bpu`}X_<W!Ln j̤P8}ͥK4T/HrԄ`bvU$zуV zWT\^UUë6SP]˭-TrtzVrj:9r+"?)4/2^ƍٹoOX^^ prr'IܜB݉MX[]QR\<`Q,6]Z\^ͩnml ż&qE0"5BK&  -))0цxNDˠ "HVVVxœօ B2ɴȨ[!7BΜ=8ǓYcd#̄HKKҒT pqqiNzD8hiXX6ҥKO777|2 l]RRUS(7 :DEi9qdJPM''/]z50&&:3#j]T['(8^0q : ?TWW'199˗!4{{{wwӧO޽r89SaNNMBB2#NU^U ;ZZ:{EG=kell| ???n .!l-ZڵkO֮yA܎ <=BBBLV^>d))j6675u =C/"Qee1ã\\ܡ.;:@]BZ!7!eAPy& 3g@3a{v}jK۾}{TT4D]MueM% r$c $Ж[g>x &Qe,],M-.yxa AZ,w;I+m'nU;ei w}Q@4喁m'v1B Z`Ow-#FZK%)oaQQ,.w5Tu&}Mctwڭ5a3_a_<oIɠDJ!EWz.oQF6ʕ+W^OXRNr]:zfN?o#$,C 8OK$#A?joPI/8$@CA%$$ʃ:Œl׫lQ͎߭?Ӓuy˖fjfop :r;D&:ADv4ʕ+n}! ړ~_;u ypU5|Ss]qņ֞r" WdJ$ C.)mh𽓙}o?pƮ{q %U sr)L Q9ܚln6+)m)e2o]s|`Uzݭ\0R122jjn{, QaeeĜ\7VFq+ҪhiE*+-k*4l;USeۆK`̥/r8¿?;iL˿ᾷ|N*F-NWf3%%-em"Qa@$5;cν~dݡC,wWɁ&-&m[54o]#Z?kwr'yݻ9?.:Lgg}bD&km{%Cʳ+[bvIK [T])wv2+?p袛>dm[e+klaHIOa-qfLhzOߞs_]?\6eNj]?Zh7yΩc[io -R!Evu}}}WMU7GFpdhKۧ$ϋ2a}دH&w5;9W`#bռSaP7yK׿Z5uf,q¤Y|oS (P.B+N/!ѵt#@r6K]Z"2l޾s}Dzz}=냹NSz\;k%s:'?d#Ha"U. ¤$!9L1e\h ȇ1_jTTq\962'}I3S$\BU_ 3l5#> [/xN?MYgS QkC鄒09 IL@ cStu:A 4oMwNkyǵ_oʁO _%j q}r#D $jћgy3"nr7L;sύgE9E;c#\#WFa[GT{_̫/5ª&GI9/#R$ f>N]f&KXd?K/fvTȩ:ifDp@HT5zx|B ]#Ҋ̎_ 6in2+/;.5cl]B1tD'zm@7|MgeQ3H%軣\TJ7QSҊt!>詙S\}1q~t4 Hj6+ѨJo$VeL7 @$FWcFp0nY#'CD)y|}ʧ:qӴbffƫ^S'_HT#w%͢XZV"GyS2F1JtoGvOҫ5#$ۧ&+xk懣vF!H4@҈dUNB Co Դ[)6iygJl٬<`sJTA {ZKSOFu%MmRd032hL&{45cSJ4m6wi87 J!p)dP2/Bf0x &2V،dzM8G7x-qd%?bT2$K'qOXL|GyP|K'-u 1>[zqc^oT8#ΐ%`R <,Q }蒒_|vq# d#HG kzf{2%tEME#(mRS0/P%#nCc^.$?/S{ zrpr >SWW>/d8ZR湅 ׷نH-3;!!o3HC& E ׈ђҊd-}JGJzI _Ge{ЫקX+d'VW/t#N('̍ǼxnT$R˕˵ұR&ib ,Ɗ%u߸>wf+́ux6,}۠lֈjKOidJs>C ]RJ抷[P\ԐyJ FQ)_X^Ikz)-6L X§xM- _pܷ\|-.n WdRkNwJyk—9)T ib֤:ߠCQ['w#*c 2tH0Cs繧SIBI%ȋV2 D!Q*^}$Bi_<ƒJ/2^X a}BeC+L5G#N^6N+]/J:3~Wҧ2'_c^IE8͈*Qa  ɄJ $NCV&dRr|ׄ+efz-jРYQIENDB`DdhL & C (Anote_dd%b a:]dX!87g"na:]dX!87gPNG  IHDRv2PLTEccd999Ŧ]]_~|inpr肀l۟;i]rŷ𗇵]ءD`ch̡dա˫nq6UUVٯqrjPdcVmTnդRpG}[.Ӧݫ]]`}f  ݞv=ט"ܰ]yFpqظf;՝buW4mY/AtRNS0UbKGDH cmPPJCmp0712HsIDAT(ScpB(Ca'Akap`a-Ccd!SR^%  `ca-*70REv:PHDON&92;<,2 a{(mVP`D\8%M(>bIENDB`$$$If!vh55#v#v:V l44  t0    65L/  / /  / / / 04 Vf4pyt3:$$If!vh55#v#v:V l4 t0    65L4 Vf4yt3:$$If!vh55#v#v:V l4 t0    65L4 Vf4yt3:$$If!vh55#v#v:V l4 t0    65L4 Vf4yt3:$$If!vh55#v#v:V l4 t0    65L4 Vf4yt3:$$If!vh55#v#v:V l4 t0    65L4 Vf4yt3:DyK )DSDOC_BKMK_ShieldUI3bbc4962_40ae_40b5_8bDyK )DSDOC_BKMK_ShieldButton3bbc4962_40ae_40bDyK )DSDOC_BKMK_WindowsInstaller3bbc4962_40aeDyK )DSDOC_BKMK_ShieldNextWizard3bbc4962_40aeDyK )DSDOC_BKMK_ShieldTaskDialog3bbc4962_40aeDyK )DSDOC_BKMK_ElevateModal3bbc4962_40ae_40b$$If!vh5#v:V H t0    6544 Hyt3:$$If!vh5#v:V H t0    6544 Hyt3:$$If!vh5Q#vQ:V H t0    6544 Hyt3:DdhL ' C (Anote_dd&b a:]dX!87g"na:]dX!87gPNG  IHDRv2PLTEccd999Ŧ]]_~|inpr肀l۟;i]rŷ𗇵]ءD`ch̡dա˫nq6UUVٯqrjPdcVmTnդRpG}[.Ӧݫ]]`}f  ݞv=ט"ܰ]yFpqظf;՝buW4mY/AtRNS0UbKGDH cmPPJCmp0712HsIDAT(ScpB(Ca'Akap`a-Ccd!SR^%  `ca-*70REv:PHDON&92;<,2 a{(mVP`D\8%M(>bIENDB`DdhL ( C (Anote_dd'b a:]dX!87g">na:]dX!87gPNG  IHDRv2PLTEccd999Ŧ]]_~|inpr肀l۟;i]rŷ𗇵]ءD`ch̡dա˫nq6UUVٯqrjPdcVmTnդRpG}[.Ӧݫ]]`}f  ݞv=ט"ܰ]yFpqظf;՝buW4mY/AtRNS0UbKGDH cmPPJCmp0712HsIDAT(ScpB(Ca'Akap`a-Ccd!SR^%  `ca-*70REv:PHDON&92;<,2 a{(mVP`D\8%M(>bIENDB`DdhV ) C 2Aimportant_dd(bdz35*vf Vx@n8z35*vf VxPNG  IHDR0PLTE1c)kƽscέƜ{kGEe tRNS="bKGDH cmPPJCmp0712OmtIDATc8@$Q9" 8CΜ`J1qdr R @@D="pH!z&230@8@QdJ8'`-J9ĐzjbIENDB`$$If!vh5#v:V H t0    6544 Hyt3:DdhR * C .Acaution_dd)b/`Ӎ%PSVٰ n`Ӎ%PSVٰ PNG  IHDRv2PLTEnnnMBA'4vww;% 1g*((fcby%V @ B3J M? >W*WB#ZQQPa90u#: GJJw%>1:566,)\\\}i^aa\ .TAtRNS0UbKGDH cmPPJCmp0712HsIDAT(Su0 Cq j+P8,zگ&7 Pspl4B A LOqa=Z6e''@tʼn4$VwK-.Wj` nBzGOJ>oc9>;.9HrЃxLk82@$ĀOZY6IENDB`DdhL + C (Anote_dd*b a:]dX!87g"Z na:]dX!87gPNG  IHDRv2PLTEccd999Ŧ]]_~|inpr肀l۟;i]rŷ𗇵]ءD`ch̡dա˫nq6UUVٯqrjPdcVmTnդRpG}[.Ӧݫ]]`}f  ݞv=ט"ܰ]yFpqظf;՝buW4mY/AtRNS0UbKGDH cmPPJCmp0712HsIDAT(ScpB(Ca'Akap`a-Ccd!SR^%  `ca-*70REv:PHDON&92;<,2 a{(mVP`D\8%M(>bIENDB`DdhL , C (Anote_dd+b a:]dX!87g"na:]dX!87gPNG  IHDRv2PLTEccd999Ŧ]]_~|inpr肀l۟;i]rŷ𗇵]ءD`ch̡dա˫nq6UUVٯqrjPdcVmTnդRpG}[.Ӧݫ]]`}f  ݞv=ט"ܰ]yFpqظf;՝buW4mY/AtRNS0UbKGDH cmPPJCmp0712HsIDAT(ScpB(Ca'Akap`a-Ccd!SR^%  `ca-*70REv:PHDON&92;<,2 a{(mVP`D\8%M(>bIENDB`DdhV - C 2Aimportant_dd,bdz35*vf Vx@n8z35*vf VxPNG  IHDR0PLTE1c)kƽscέƜ{kGEe tRNS="bKGDH cmPPJCmp0712OmtIDATc8@$Q9" 8CΜ`J1qdr R @@D="pH!z&230@8@QdJ8'`-J9ĐzjbIENDB`DdhL . C (Anote_dd-b a:]dX!87g"na:]dX!87gPNG  IHDRv2PLTEccd999Ŧ]]_~|inpr肀l۟;i]rŷ𗇵]ءD`ch̡dա˫nq6UUVٯqrjPdcVmTnդRpG}[.Ӧݫ]]`}f  ݞv=ט"ܰ]yFpqظf;՝buW4mY/AtRNS0UbKGDH cmPPJCmp0712HsIDAT(ScpB(Ca'Akap`a-Ccd!SR^%  `ca-*70REv:PHDON&92;<,2 a{(mVP`D\8%M(>bIENDB`DdhV / C 2Aimportant_dd.bdz35*vf Vx@fn8z35*vf VxPNG  IHDR0PLTE1c)kƽscέƜ{kGEe tRNS="bKGDH cmPPJCmp0712OmtIDATc8@$Q9" 8CΜ`J1qdr R @@D="pH!z&230@8@QdJ8'`-J9ĐzjbIENDB`DdhL 0 C (Anote_dd/b a:]dX!87g"tna:]dX!87gPNG  IHDRv2PLTEccd999Ŧ]]_~|inpr肀l۟;i]rŷ𗇵]ءD`ch̡dա˫nq6UUVٯqrjPdcVmTnդRpG}[.Ӧݫ]]`}f  ݞv=ט"ܰ]yFpqظf;՝buW4mY/AtRNS0UbKGDH cmPPJCmp0712HsIDAT(ScpB(Ca'Akap`a-Ccd!SR^%  `ca-*70REv:PHDON&92;<,2 a{(mVP`D\8%M(>bIENDB`DdhL 1 C (Anote_dd0b a:]dX!87g"na:]dX!87gPNG  IHDRv2PLTEccd999Ŧ]]_~|inpr肀l۟;i]rŷ𗇵]ءD`ch̡dա˫nq6UUVٯqrjPdcVmTnդRpG}[.Ӧݫ]]`}f  ݞv=ט"ܰ]yFpqظf;՝buW4mY/AtRNS0UbKGDH cmPPJCmp0712HsIDAT(ScpB(Ca'Akap`a-Ccd!SR^%  `ca-*70REv:PHDON&92;<,2 a{(mVP`D\8%M(>bIENDB`DdhL 2 C (Anote_dd1b a:]dX!87g" na:]dX!87gPNG  IHDRv2PLTEccd999Ŧ]]_~|inpr肀l۟;i]rŷ𗇵]ءD`ch̡dա˫nq6UUVٯqrjPdcVmTnդRpG}[.Ӧݫ]]`}f  ݞv=ט"ܰ]yFpqظf;՝buW4mY/AtRNS0UbKGDH cmPPJCmp0712HsIDAT(ScpB(Ca'Akap`a-Ccd!SR^%  `ca-*70REv:PHDON&92;<,2 a{(mVP`D\8%M(>bIENDB`DdhL 3 C (Anote_dd2b a:]dX!87g"r$na:]dX!87gPNG  IHDRv2PLTEccd999Ŧ]]_~|inpr肀l۟;i]rŷ𗇵]ءD`ch̡dա˫nq6UUVٯqrjPdcVmTnդRpG}[.Ӧݫ]]`}f  ݞv=ט"ܰ]yFpqظf;՝buW4mY/AtRNS0UbKGDH cmPPJCmp0712HsIDAT(ScpB(Ca'Akap`a-Ccd!SR^%  `ca-*70REv:PHDON&92;<,2 a{(mVP`D\8%M(>bIENDB`$$If!vh51#v1:V H t0    6544 Hyt3:d$$If!vh5V 5 5B #vV #v #vB :V l44  t0    65L/  /  / /  /  / / / 04 Vf4pyt3:$$If!vh5V 5 5B #vV #v #vB :V l4 t0    65L4 Vf4yt3:$$If!vh5V 5 5B #vV #v #vB :V l4 t0    65L4 Vf4yt3:$$If!vh5V 5 5B #vV #v #vB :V l4 t0    65L4 Vf4yt3:DdhL 4 C (Anote_dd3b a:]dX!87g" ,na:]dX!87gPNG  IHDRv2PLTEccd999Ŧ]]_~|inpr肀l۟;i]rŷ𗇵]ءD`ch̡dա˫nq6UUVٯqrjPdcVmTnդRpG}[.Ӧݫ]]`}f  ݞv=ט"ܰ]yFpqظf;՝buW4mY/AtRNS0UbKGDH cmPPJCmp0712HsIDAT(ScpB(Ca'Akap`a-Ccd!SR^%  `ca-*70REv:PHDON&92;<,2 a{(mVP`D\8%M(>bIENDB`$$$If!vh5 5#v #v:V l44  t0    65L/  / /  / / / 04 Vf4pyt3:$$If!vh5 5#v #v:V l4 t0    65L4 Vf4yt3:$$If!vh5 5#v #v:V l4 t0    65L4 Vf4yt3:$$If!vh5 5#v #v:V l4 t0    65L4 Vf4yt3:$$If!vh5 5#v #v:V l4 t0    65L4 Vf4yt3:$$If!vh55555#v#v#v#v#v:V l44  t20    65L/  /  / /  /  / / / 04 Vf4p2yt3:$$If!vh55555#v#v#v#v#v:V l4 t0    65L4 Vf4yt3:$$If!vh55555#v#v#v#v#v:V l4 t0    65L4 Vf4yt3:$$If!vh55555#v#v#v#v#v:V l4 t0    65L4 Vf4yt3:$$If!vh55555#v#v#v#v#v:V l4 t0    65L4 Vf4yt3:$$If!vh5555*5u#v#v#v#v*#vu:V l44  t20    65L/  /  / /  /  / / / 04 Vf4p2yt3:$$If!vh5555*5u#v#v#v#v*#vu:V l4 t0    65L4 Vf4yt3:$$If!vh5555*5u#v#v#v#v*#vu:V l4 t0    65L4 Vf4yt3:$$If!vh5555*5u#v#v#v#v*#vu:V l4 t0    65L4 Vf4yt3:$$If!vh5555*5u#v#v#v#v*#vu:V l44  t20    65L/  /  / /  /  / / / 04 Vf4p2yt3:$$If!vh5555*5u#v#v#v#v*#vu:V l4 t0    65L4 Vf4yt3:$$If!vh5555*5u#v#v#v#v*#vu:V l4 t0    65L4 Vf4yt3:$$If!vh5555*5u#v#v#v#v*#vu:V l4 t0    65L4 Vf4yt3:$$$If!vh55#v#v:V l44  t0    65L/  / /  / / / 04 Vf4pyt3:$$If!vh55#v#v:V l4 t0    65L4 Vf4yt3:$$If!vh55#v#v:V l4 t0    65L4 Vf4yt3:DdhV 5 C 2Aimportant_dd4bdz35*vf Vx@MBn8z35*vf VxPNG  IHDR0PLTE1c)kƽscέƜ{kGEe tRNS="bKGDH cmPPJCmp0712OmtIDATc8@$Q9" 8CΜ`J1qdr R @@D="pH!z&230@8@QdJ8'`-J9ĐzjbIENDB`$$If!vh5#v:V H t0    6544 Hyt3:DdhV 6 C 2Aimportant_dd5bdz35*vf Vx@Dn8z35*vf VxPNG  IHDR0PLTE1c)kƽscέƜ{kGEe tRNS="bKGDH cmPPJCmp0712OmtIDATc8@$Q9" 8CΜ`J1qdr R @@D="pH!z&230@8@QdJ8'`-J9ĐzjbIENDB`$$If!vh5#v:V H t0    6544 Hyt3:$$If!vh5#v:V H t0    6544 Hyt3:DdhV 7 C 2A procedure_dd6b)a F}coR~Hna F}coR~PNG  IHDRv2PLTEŌK8׍#ǥbڡʩLJ>xu9^ԓ̎E߼ee1ʎIA!zg ҵ͒N>^!޲9}ćBA2ɧff ZA ZbKGDH cmPPJCmp0712HsIDAT(S Ă ԁX.̅Ɓ]h (qSU.3no; /\F]įdž~;f<3VDZ]VL^]ؘ ZT5|6эIENDB`V$$If!vh5#v:V l t65"4 ahyt3:DdhL 8 C (Anote_dd7b a:]dX!87g"AMna:]dX!87gPNG  IHDRv2PLTEccd999Ŧ]]_~|inpr肀l۟;i]rŷ𗇵]ءD`ch̡dա˫nq6UUVٯqrjPdcVmTnդRpG}[.Ӧݫ]]`}f  ݞv=ט"ܰ]yFpqظf;՝buW4mY/AtRNS0UbKGDH cmPPJCmp0712HsIDAT(ScpB(Ca'Akap`a-Ccd!SR^%  `ca-*70REv:PHDON&92;<,2 a{(mVP`D\8%M(>bIENDB`DdhV 9 C 2A procedure_dd8b)a F}coR~Pna F}coR~PNG  IHDRv2PLTEŌK8׍#ǥbڡʩLJ>xu9^ԓ̎E߼ee1ʎIA!zg ҵ͒N>^!޲9}ćBA2ɧff ZA ZbKGDH cmPPJCmp0712HsIDAT(S Ă ԁX.̅Ɓ]h (qSU.3no; /\F]įdž~;f<3VDZ]VL^]ؘ ZT5|6эIENDB`V$$If!vh5#v:V l t65"4 ahyt3:DdhL : C (Anote_dd9b a:]dX!87g"Vna:]dX!87gPNG  IHDRv2PLTEccd999Ŧ]]_~|inpr肀l۟;i]rŷ𗇵]ءD`ch̡dա˫nq6UUVٯqrjPdcVmTnդRpG}[.Ӧݫ]]`}f  ݞv=ט"ܰ]yFpqظf;՝buW4mY/AtRNS0UbKGDH cmPPJCmp0712HsIDAT(ScpB(Ca'Akap`a-Ccd!SR^%  `ca-*70REv:PHDON&92;<,2 a{(mVP`D\8%M(>bIENDB`DdhV ; C 2A procedure_dd:b)a F}coR~Yna F}coR~PNG  IHDRv2PLTEŌK8׍#ǥbڡʩLJ>xu9^ԓ̎E߼ee1ʎIA!zg ҵ͒N>^!޲9}ćBA2ɧff ZA ZbKGDH cmPPJCmp0712HsIDAT(S Ă ԁX.̅Ɓ]h (qSU.3no; /\F]įdž~;f<3VDZ]VL^]ؘ ZT5|6эIENDB`V$$If!vh5#v:V l t65"4 ahyt3:DdhL < C (Anote_dd;b a:]dX!87g"^na:]dX!87gPNG  IHDRv2PLTEccd999Ŧ]]_~|inpr肀l۟;i]rŷ𗇵]ءD`ch̡dա˫nq6UUVٯqrjPdcVmTnդRpG}[.Ӧݫ]]`}f  ݞv=ט"ܰ]yFpqظf;՝buW4mY/AtRNS0UbKGDH cmPPJCmp0712HsIDAT(ScpB(Ca'Akap`a-Ccd!SR^%  `ca-*70REv:PHDON&92;<,2 a{(mVP`D\8%M(>bIENDB`DdhV = C 2A procedure_dd<b)a F}coR~bna F}coR~PNG  IHDRv2PLTEŌK8׍#ǥbڡʩLJ>xu9^ԓ̎E߼ee1ʎIA!zg ҵ͒N>^!޲9}ćBA2ɧff ZA ZbKGDH cmPPJCmp0712HsIDAT(S Ă ԁX.̅Ɓ]h (qSU.3no; /\F]įdž~;f<3VDZ]VL^]ؘ ZT5|6эIENDB`V$$If!vh5#v:V l t65"4 ahyt3:$$If!vh5#v:V H t0    6544 Hyt3:$$$If!vh55#v#v:V l44  t0    65L/  / /  / / / 04 Vf4pyt3:$$If!vh55#v#v:V l4 t0    65L4 Vf4yt3:$$If!vh55#v#v:V l4 t0    65L4 Vf4yt3:$$If!vh55#v#v:V l4 t0    65L4 Vf4yt3:$$If!vh55#v#v:V l4 t0    65L4 Vf4yt3:$$If!vh55#v#v:V l4 t0    65L4 Vf4yt3:$$If!vh5#v:V H t0    6544 Hyt3:DdhV > C 2A procedure_dd=b)a F}coR~mna F}coR~PNG  IHDRv2PLTEŌK8׍#ǥbڡʩLJ>xu9^ԓ̎E߼ee1ʎIA!zg ҵ͒N>^!޲9}ćBA2ɧff ZA ZbKGDH cmPPJCmp0712HsIDAT(S Ă ԁX.̅Ɓ]h (qSU.3no; /\F]įdž~;f<3VDZ]VL^]ؘ ZT5|6эIENDB`V$$If!vh5#v:V l t65"4 ahyt3:DdhL ? C (Anote_dd>b a:]dX!87g"1rna:]dX!87gPNG  IHDRv2PLTEccd999Ŧ]]_~|inpr肀l۟;i]rŷ𗇵]ءD`ch̡dա˫nq6UUVٯqrjPdcVmTnդRpG}[.Ӧݫ]]`}f  ݞv=ט"ܰ]yFpqظf;՝buW4mY/AtRNS0UbKGDH cmPPJCmp0712HsIDAT(ScpB(Ca'Akap`a-Ccd!SR^%  `ca-*70REv:PHDON&92;<,2 a{(mVP`D\8%M(>bIENDB`DyK )DSDOC_BKMK_ActiveXInstallation3bbc4962_4DyK )DSDOC_BKMK_ActiveXDocuments3bbc4962_40aeDyK )DSDOC_BKMK_ApplicationRequired3bbc4962_4DyK )DSDOC_BKMK_AdministrativePermission3bbc4DyK )DSDOC_BKMK_PerUserApplicationSettings3bbDyK )DSDOC_BKMK_ApplicationDefaults3bbc4962_4DdhL @ C (Anote_dd?b a:]dX!87g" zna:]dX!87gPNG  IHDRv2PLTEccd999Ŧ]]_~|inpr肀l۟;i]rŷ𗇵]ءD`ch̡dա˫nq6UUVٯqrjPdcVmTnդRpG}[.Ӧݫ]]`}f  ݞv=ט"ܰ]yFpqظf;՝buW4mY/AtRNS0UbKGDH cmPPJCmp0712HsIDAT(ScpB(Ca'Akap`a-Ccd!SR^%  `ca-*70REv:PHDON&92;<,2 a{(mVP`D\8%M(>bIENDB`DdhL A C (Anote_dd@b a:]dX!87g"}na:]dX!87gPNG  IHDRv2PLTEccd999Ŧ]]_~|inpr肀l۟;i]rŷ𗇵]ءD`ch̡dա˫nq6UUVٯqrjPdcVmTnդRpG}[.Ӧݫ]]`}f  ݞv=ט"ܰ]yFpqظf;՝buW4mY/AtRNS0UbKGDH cmPPJCmp0712HsIDAT(ScpB(Ca'Akap`a-Ccd!SR^%  `ca-*70REv:PHDON&92;<,2 a{(mVP`D\8%M(>bIENDB`DdhL B C (Anote_ddAb a:]dX!87g"ana:]dX!87gPNG  IHDRv2PLTEccd999Ŧ]]_~|inpr肀l۟;i]rŷ𗇵]ءD`ch̡dա˫nq6UUVٯqrjPdcVmTnդRpG}[.Ӧݫ]]`}f  ݞv=ט"ܰ]yFpqظf;՝buW4mY/AtRNS0UbKGDH cmPPJCmp0712HsIDAT(ScpB(Ca'Akap`a-Ccd!SR^%  `ca-*70REv:PHDON&92;<,2 a{(mVP`D\8%M(>bIENDB`DdhL C C (Anote_ddBb a:]dX!87g" na:]dX!87gPNG  IHDRv2PLTEccd999Ŧ]]_~|inpr肀l۟;i]rŷ𗇵]ءD`ch̡dա˫nq6UUVٯqrjPdcVmTnդRpG}[.Ӧݫ]]`}f  ݞv=ט"ܰ]yFpqظf;՝buW4mY/AtRNS0UbKGDH cmPPJCmp0712HsIDAT(ScpB(Ca'Akap`a-Ccd!SR^%  `ca-*70REv:PHDON&92;<,2 a{(mVP`D\8%M(>bIENDB`DdhL D C (Anote_ddCb a:]dX!87g"na:]dX!87gPNG  IHDRv2PLTEccd999Ŧ]]_~|inpr肀l۟;i]rŷ𗇵]ءD`ch̡dա˫nq6UUVٯqrjPdcVmTnդRpG}[.Ӧݫ]]`}f  ݞv=ט"ܰ]yFpqظf;՝buW4mY/AtRNS0UbKGDH cmPPJCmp0712HsIDAT(ScpB(Ca'Akap`a-Ccd!SR^%  `ca-*70REv:PHDON&92;<,2 a{(mVP`D\8%M(>bIENDB`DdhV E C 2A procedure_ddDb)a F}coR~_na F}coR~PNG  IHDRv2PLTEŌK8׍#ǥbڡʩLJ>xu9^ԓ̎E߼ee1ʎIA!zg ҵ͒N>^!޲9}ćBA2ɧff ZA ZbKGDH cmPPJCmp0712HsIDAT(S Ă ԁX.̅Ɓ]h (qSU.3no; /\F]įdž~;f<3VDZ]VL^]ؘ ZT5|6эIENDB`V$$If!vh5#v:V l t65"4 ahyt3:DdhV F C 2A procedure_ddEb)a F}coR~na F}coR~PNG  IHDRv2PLTEŌK8׍#ǥbڡʩLJ>xu9^ԓ̎E߼ee1ʎIA!zg ҵ͒N>^!޲9}ćBA2ɧff ZA ZbKGDH cmPPJCmp0712HsIDAT(S Ă ԁX.̅Ɓ]h (qSU.3no; /\F]įdž~;f<3VDZ]VL^]ؘ ZT5|6эIENDB`V$$If!vh5#v:V l t65"4 ahyt3:d$$If!vh5` 5 52 #v` #v #v2 :V l44  t0    65L/  /  / /  /  / / / 04 Vf4pyt3:$$If!vh5` 5 52 #v` #v #v2 :V l4 t0    65L4 Vf4yt3:$$If!vh5` 5 52 #v` #v #v2 :V l4 t0    65L4 Vf4yt3:$$If!vh5` 5 52 #v` #v #v2 :V l4 t0    65L4 Vf4yt3:$$If!vh5` 5 52 #v` #v #v2 :V l4 t0    65L4 Vf4yt3:$$If!vh5` 5 52 #v` #v #v2 :V l4 t0    65L4 Vf4yt3:$$If!vh5` 5 52 #v` #v #v2 :V l4 t0    65L4 Vf4yt3:$$If!vh5` 5 52 #v` #v #v2 :V l4 t0    65L4 Vf4yt3:$$If!vh5` 5 52 #v` #v #v2 :V l4 t0    65L4 Vf4yt3:$$If!vh5` 5 52 #v` #v #v2 :V l4 t0    65L4 Vf4yt3:DdhL G C (Anote_ddFb a:]dX!87g"na:]dX!87gPNG  IHDRv2PLTEccd999Ŧ]]_~|inpr肀l۟;i]rŷ𗇵]ءD`ch̡dա˫nq6UUVٯqrjPdcVmTnդRpG}[.Ӧݫ]]`}f  ݞv=ט"ܰ]yFpqظf;՝buW4mY/AtRNS0UbKGDH cmPPJCmp0712HsIDAT(ScpB(Ca'Akap`a-Ccd!SR^%  `ca-*70REv:PHDON&92;<,2 a{(mVP`D\8%M(>bIENDB`$$If!vh5#v:V H t0    6544 Hyt3:Z 2 0@P`p2( 0@P`p 0@P`p 0@P`p 0@P`p 0@P`p 0@P`p8XV_HmH nH sH tH ``` 6x Normal,Text,td<<KHOJQJ_HmH sH tH |`| 6x Heading 1,h1!$x&d@&P'5CJ(KHOJQJ_HaJ(mH sH tH X@X 6x Heading 2,h2h<&d@&PCJ$aJ$X@X 6x Heading 3,h3h<&d@&PCJaJ^@^ 6x Heading 4,h4$dh<&d@&PCJaJ8@18 6x Heading 5,h5@&@@@ 6x Heading 6,h6 x@&5FF 6x Heading 7,h7@& B*aJphDD 6x Heading 8,h8@& B*]phF F 6x Heading 9,h9 @& B*^JphDA`D 6xDefault Paragraph FontVi@V  Table Normal :V 44 la (k (6xNo List @O|@ 6x Figure,figd B*ph^o^6xCode,c $d$+CJKHOJQJ_HaJmHnHsH tH uH1"H 6xLabel in List 2,l2 ^F"F 6xText in List 2,t2 ^<O|< 6xLabel,l$d5B 6x8Footnote Text,ft,Used by Word for text of Help footnotes B*phJO RJ 6xNumbered List 2,nl2  & FVbV6xSyntax,s-DM B*KHmHnHphu&q 6x<Footnote Reference,fr,Used by Word for Help footnote symbols B*H*phdOd6xCode Embedded,ce+>*B*CJEHOJQJaJmHnHphuNON 6xLabel Embedded,le5CJOJQJaJLL 6x Link Text,lt>*B*CJOJQJaJph~O~6x Link ID,lidP<>*B*CJOJQJaJehfHmHnHphq rsH uROR 6xTable Spacing,tsdPPCJaJNON 6xAlert Label,al$dx56xConditional Marker,cmM<B*CJOJQJaJehfHmHnHphq rsH uN"N 6xFigure in List 2,fig2 ^H1H 6xLabel in List 1,l1 h^hFF 6xText in List 1,t1 !h^hV"V 6xAlert Label in List 1,al1 "h^hNN 6xFigure in List 1,fig1 #h^h0 @QB0 6xFooter,f$5R`RR 6xHeader,h %$a$5OJQJ_HmH sH tH FObF 6x Alert Text,at&hh]h^hTarT 6xAlert Text in List 1,at1 '^TaT 6xAlert Text in List 2,at2 (8^8JOaJ 6xBulleted List 1,bl1 ) & FJOaJ 6xBulleted List 2,bl2 * & F`` 6xDefined Term,dt+$d$x] 5CJaJRYR 6x Document Map,-DM OJQJ^JJO J 6xNumbered List 1,nl1 - & F\O\ 6xProcedure Table,pt:V.4 ah.OJQJPP 6x Underline,u">*B*CJOJQJaJphwhT!T 6xIndex Heading,ih 0d@& B*CJphX X 6x Index 1,idx11Ld$^`L B*CJphO# 6xCode Section,csI:V20    44 H2d$CJOJQJaJH@H 6x TOC 1,toc13E^`EH@H 6x TOC 2,toc24vE^v`EH@H 6x TOC 3,toc351E^1`EH@H 6x TOC 4,toc46E^`E< r< 6x Index 2,idx2 7^< < 6x Index 3,idx3 8^88 6xBold,b5CJOJQJaJ6xMultilanguage Marker Auto,mmaJB*CJOJQJaJehfHmHnHphq rsH uTT 6xBold Italic,bi56B*CJOJQJaJph6x(Multilanguage Marker Explicit Begin,mmeb<B*mHnHphuhh6x&Multilanguage Marker Explicit End,mmee=bb 6xCode Reference in List 1,cref1> B*ph' 6x8Comment Reference,cr,Used by Word to flag author queriesaJ 6x7Comment Text,ct,Used by Word for text of author queries@DD 6xItalic,i6B*CJOJQJaJph`"` 6xCode Reference in List 2,cref2 B^R1R 6x Subscript,sub>*B*CJH*OJQJaJphVOAV 6xSuperscript,sup>*B*CJH*OJQJaJphOcS 6xTable with Header,twhq:VEjj4    AEf<$d$<<4$UDVDWDXDYD[$\$]^`56CJOJQJaJOc 6xTable without Header,tblF:VF40    4 Vf4Fd<<OJQJq6xCode Entity Reference,cerJB*CJOJQJaJehfHmHnHphq rsH u@j@ 6xComment SubjectH5\HH 6x Balloon TextICJOJQJ^JaJBOB 6xUI,ui5>*B*CJOJQJaJph6xParameter Reference,prM>*B*CJOJQJaJehfHmHnHphq rsH u6xLanguage Keyword,lkJB*CJOJQJaJehfHmHnHphq rsH uhh 6x Token,tok>>*B*CJOJQJaJehfHphq rdrd6x$Code Entity Reference Qualified,cerq>*ZZ6xCode Reference,crefOB*KHmHnHphu@@ 6xLegacy Link Text,lltXX 6xDefined Term in List 1,dt1 Qh^hX"X 6xDefined Term in List 2,dt2 R^ZZ 6xTable Spacing in List 1,ts1 Sh^hZ1"Z 6xTable Spacing in List 2,ts2 T^pSp 6xProcedure Table in List 1,pt1 :VUaUd$<<bcb 6xProcedure Table in List 2,pt2 :VVa8VSs 6x Table with Header in List 1,twh1:VWahjj4    jg    jg    jg    jg    @W$f<$d$<<4$UDVDWDXDYD[$\$]^`f<$d$<<4$UDVDWDXDYD[$\$]^`f<d$<<4$UDVDWDXDYD[$\$]^`a$f<d$<<4$UDVDWDXDYD[$\$]^`a$f<d$<<4$UDVDWDXDYD[$\$]^`a$656CJOJQJaJ56CJOJQJaJ> s> 6x Table with Header in List 2,twh2:VXajj4    jg    jg    jg    jg    jg    jg    jg    jg    jg    jg    jg    jg    jg    Xf<$d$<<4$UDVDWDXDYD[$\$]^`f<$d$<<4$UDVDWDXDYD[$\$]^`f<d$<<4$UDVDWDXDYD[$\$]^`a$f<d$<<4$UDVDWDXDYD[$\$]^`a$f<d$<<4$UDVDWDXDYD[$\$]^`a$f<d$<<4$UDVDWDXDYD[$\$]^`a$f<d$<<4$UDVDWDXDYD[$\$]^`a$f<d$<<4$UDVDWDXDYD[$\$]^`a$f<d$<<4$UDVDWDXDYD[$\$]^`a$f<d$<<4$UDVDWDXDYD[$\$]^`a$f<d$<<4$UDVDWDXDYD[$\$]^`a$Q56CJOJQJaJ56CJOJQJaJ56CJOJQJaJncn 6x#Table without Header in List 1,tbl1 :VYahYnn 6x#Table without Header in List 2,tbl2 :VZaZ~~ 6xFigure Embedded,fige>>*B*CJOJQJaJehfHphq rrr6xConditional Block,cb\-DM <B*^JmHnHphuZZ6xConditional Block in List 1,cb1]bb6xConditional Block in List 2,cb2 ^^O6xCode Featured Element,cfeP5B*CJOJQJ\^JaJehfHmHnHphq ruXX 6xSamples Button Marker,sbm` B*ph^r^6x#Code Entity Reference Specific,cersxr!x6x.Code Entity Reference Qualified Specific,cerqs>*\#3\ 6xCode Section in List 1,cs1 :Vcahc\#C\ 6xCode Section in List 2,cs2 :Vdad@nQ@6xArticle / Sectione FDTbD 6x Block Textfx]^2Br2 6x Body Textgx<P< 6x Body Text 2 hdx>Q> 6x Body Text 3ixCJaJPMqP 6xBody Text First Indent j`HCH 6xBody Text Indentkhx^hTNT 6xBody Text First Indent 2 l`RRR 6xBody Text Indent 2mhdx^hTST 6xBody Text Indent 3nhx^hCJaJ2?2 6xClosing o^$L$ 6xDatep<[< 6xE-mail Signatureq.X!. 6xEmphasis6]d$2d 6xEnvelope Address!s@ &+D/^@ CJaJ:%B: 6xEnvelope ReturntFVQF 6xFollowedHyperlink >*B* ph0_a0 6x HTML Acronym:`r: 6x HTML Addressw6]0a0 6x HTML Cite6]:b: 6x HTML CodeCJOJQJaJ<c< 6xHTML Definition6]BdB 6x HTML KeyboardCJOJQJaJFeF 6xHTML Preformatted|OJQJ6f6 6x HTML SampleOJQJFgF 6xHTML TypewriterCJOJQJaJ8h8 6x HTML Variable6].(. 6x Line Number4/4 6xListh^h`82"8 6xList 2^`8328 6xList 38^8`84B8 6xList 4^`85R8 6xList 5^`:0@b: 6x List Bullet & F>6r> 6x List Bullet 2 & F>7> 6x List Bullet 3 & F>8> 6x List Bullet 4 & F>9> 6x List Bullet 5 & F BDB 6x List Continuehx^hFEF 6xList Continue 2x^FFF 6xList Continue 38x^8FGF 6xList Continue 4x^FHF 6xList Continue 5x^:1@ : 6x List Number & F >: > 6x List Number 2 & F >;" > 6x List Number 3 & F ><2 > 6x List Number 4 & F >=B > 6x List Number 5 & FIR 6xMessage Headerg8$d%d&d'd-DM NOPQ^8`CJaJD^b D 6x Normal (Web)CJOJQJaJ>r > 6x Normal Indent ^4O4 6x Note Heading8Z 8 6x Plain TextOJQJ0K0 6x Salutation6@ 6 6x Signature ^*W * 6xStrong5\  6xTable 3D effects 1m:Vj#j#j#j#j.j.j.j. d<<55\5B* \`J phB* `J phD D 6xTable 3D effects 2:Vj.@j#j9jj 4d<<5\5\  6xTable 3D effects 3:Vj.@j j j#j9jj44d<<:B*`Jph B*`Jph5\5\pr p 6xTable Classic 1:V0  j#j#j#jj d<<9B*`Jph6]5\56\]s  6xTable Classic 2#:V0  j% j#j0 jjj%  d<<:5\B*`JphB* `J ph5\bt# b 6xTable Classic 3:V0    jj0  j0  d<<QB* ph5B*\`JphB* `J ph56B*\]`Jphu3  6xTable Classic 4:V0  jj0 j0 jj d<<X5\B* `J ph56B*\]`JphB* `J ph5\`vC ` 6xTable Colorful 1:V0    j% j% jj%  d<<<B*ph56\]56\]56\]bwS b 6xTable Colorful 2:V0 j% jj0  j d<<@56\]56B*\]`Jph56\]Bxc B 6xTable Colorful 3:V0j;$ j0 j%  d<<5B*\`Jphys  6xTable Columns 1 :V0    j j jjjj#jj4d<<l5\B*`Jph B*`Jph5\5\5\5\5\5\z  6xTable Columns 2:Vj j jjjj% jj4d<<5\B*`Jph B*`Jph5\5B*\`Jph5\B*`Jph5\5\{  6xTable Columns 3:V0j j jjj#j% j4d<<h5\B*`Jph B*`Jph5\5\5\B*`Jph5\ |  6xTable Columns 4:Vj j jjj% 4d<<LB*`Jph B*`Jph5\5\B*`Jphn} n 6xTable Columns 5:V0    j jjj#j#4d<<VB*`Jph B*`Jph5\5\5\56\]> > 6xTable Contemporary:V0j%@ j% j% 4d<<<@B*`JphB*`Jph5B*\`Jph 6x Table Elegant_:V0j d<<;B*`Jphx x 6x Table Grid7:V0d<<~ 6x Table Grid 1z:V0jj d<<6]6], , 6x Table Grid 2:V0jjj#j d<<,5\5\5\5\  6x Table Grid 3:V0  jjj0  d<<5\5\L# L 6x Table Grid 4:V0  jj0 j0  d<<B5B*\`Jph5B*\`JphB*`Jph3  6x Table Grid 5:V0    jjj# j d<<5\5\2C 2 6x Table Grid 6:V0    jj#j#j d<<(5\B*`Jph5\XS X 6x Table Grid 7:V0    jjj#j# j d<<25\5\5\5\5\.c . 6x Table Grid 8:V0jjj%  d<<H5B*\`Jph5B*\`Jph5B*\`Jphs  6x Table List 1:V0  j%@ jj#j0 j4d<<M@B*`JphB*`Jph56B* \]`J ph5\~ ~ 6x Table List 2:V0 j%@ jj#j0 j4d<<G@B*`JphB*`Jph5B*\`Jph5\   6x Table List 3:V0  j# j# j d<<05B* \`J ph6B* ]`J ph 6x Table List 4w:V0    j0   d<<5B*\`Jph 6x Table List 5:V0jj#  d<<5\5\  6x Table List 6:V0j%@ j# j#  4d<<5\5\  6x Table List 7:V0  j%@ j% jjj# j0  4d<<>@B*`Jph5\5\5\5\  6x Table List 8:V0j%@ j% jjj#j0 4d<<D@B*`Jph5\5\5\56\] 6xTable Professionall:V0j%  d<<5B*\`Jpho 6xTable Simple 1:V0  j#j# d<<p  6xTable Simple 2:Vj#j# j#j# j#j#d<<O5\5\5B*\`Jph5\5\5\q# 6xTable Simple 3l:V0    j%  d<<5B*\`Jph~3 ~ 6xTable Subtle 1 :Vj0@ j# j# j0  j. jj4d<<5\5\~C ~ 6xTable Subtle 2:V0j0  j0  j# j# jjd<<5\5\zS z 6x Table Theme7:V0d<<c 6x Table Web 1h:V03j d<<B*`Jphs 6x Table Web 2h:V03j d<<B*`Jph 6x Table Web 3h:V03j d<<B*`Jph>J > 6xSubtitle $@&a$CJaJF> F 6xTitle$@&a$5CJ KH\aJ n n 6x System,sysA5>*B*CJOJQJaJehfHphq rl l 6xUser Input Localizable,uil5>*B*CJOJQJaJph 6x$Unmanaged Code Entity Reference,ucerM>*B*CJOJQJaJehfHmHnHphq rsH uj j 6xUser Input Non-localizable,uinl5CJOJQJaJTO T 6xPlaceholder,ph6>*B*CJOJQJaJphb b 6xMath,m>>*B*CJOJQJaJehfHphq rl l 6x New Term,nt>>*B*CJOJQJaJehfHphq rd" d 6xBulleted Dynamic Link in List 1 B*phd2 d 6xBulleted Dynamic Link in List 2 B*phPB P 6xBulleted Dynamic Link B*phdQ d 6xHeading 6 Char,h6 Char5KHOJQJ_HmH sH tH Za Z 6xLabel Char,l Char5KHOJQJ_HmH sH tH Db q D 6xHeading 5 Char,h5 Charl/ l 6xHeading 1 Char,h1 Char'5CJ(KHOJQJ_HaJ(mH sH tH Pb P 6xLabel in List 1 Char,l1 CharH H 6xStrikethrough,strike7V V 6xTable Footnote,tf(PP^`(\ \ 6xTable Footnote in List 1,tf1 @^@\ \ 6xTable Footnote in List 2,tf2 ^t t 6xDynamic Link,dl>>*B*CJOJQJaJehfHphq r 6xDynamic Link Table,dltD:V0 B*CJOJQJaJphhh 6x!Figure Image Map Placeholder,fimp B*phff 6xPrint Division Number,pdnd B*phd"d 6xPrint Division Title,pdtd B*phV2V 6xPrint MS Corp,pmsd B*phZBZ 6xRevision History,rhd B*phXQX 6xSV;B*CJOJQJaJehfHphq rFU@aF 6x Hyperlink>*B*CJOJQJaJphhrh 6xCopyright,copy* [p H@@@@@@@d`x6CJVV 6xAlert Label in List 2,al2 ^dOd 6xProcedure Title,prt$hd^h`5^^ 6xText Indented,ti$ [p H@@@@@@@h^hd/d6xCode Char,c Char+CJKHOJQJ_HaJmHnHsH tH uFF6xCode in List 2,c2 ^TT 6xList Bullet CharKHOJQJ_HmH sH tH \\ *6x"Bulleted List 2 Char,bl2 Char CharFF6xCode in List 1,c1 h^hHH 6x TOC 5,toc5E^`EdSd 6x Procedure:V04 ljj4    j Af<$d$<<4$UDVDWDXDYD[$\$]^`456CJOJQJaJ56OJ$QJ$phF)@!F 6xPage Number,pnCJOJQJphl3l 6xProcedure in List 1:Vahjj4    j j Af<$d$<<4$UDVDWDXDYD[$\$]^`M56CJOJQJaJ56OJ$QJ$ph56OJ$QJ$ph3C 6xProcedure in List 2:Vajj4    j j j Af<$d$<<4$UDVDWDXDYD[$\$]^`f56CJOJQJaJ56OJ$QJ$ph56OJ$QJ$ph56OJ$QJ$phRORR 6xPage Header,pgh$da$5NObN 6xPage Footer,pgf$da$TrT 6x Page Num,pgn$d]a$5pp 6xNumbered List Indexer,nlx%<>*B*CJH*OJQJS*aJphXX 6xProcedure Title in List 1,prt1HH 6x TOC 6,toc6cE^c`E`` 6xProcedure Title in List 2,prt2 ^|| 6xDefinition Table,dtbl:V4 ad$]CJOJQJaJ66 6xTOC 9E^`E66 6xTOC 7fE^f`E66 6xTOC 80E^0`Ehh 6x Definition Table in List 1,dtbl1 :Va#hh 6x Definition Table in List 2,dtbl2 :VaBB 6x Definition,d@& B*phL!2L 6xDefinition in List 1,dl1L1BL 6xDefinition in List 2,dl2PK![Content_Types].xmlj0Eжr(΢Iw},-j4 wP-t#bΙ{UTU^hd}㨫)*1P' ^W0)T9<l#$yi};~@(Hu* Dנz/0ǰ $ X3aZ,D0j~3߶b~i>3\`?/[G\!-Rk.sԻ..a濭?PK!֧6 _rels/.relsj0 }Q%v/C/}(h"O = C?hv=Ʌ%[xp{۵_Pѣ<1H0ORBdJE4b$q_6LR7`0̞O,En7Lib/SeеPK!kytheme/theme/themeManager.xml M @}w7c(EbˮCAǠҟ7՛K Y, e.|,H,lxɴIsQ}#Ր ֵ+!,^$j=GW)E+& 8PK! ˣVtheme/theme/theme1.xmlYMoE#F{oc'GuرHF[xw;jf7q7J\ʯ AxgfnHFPA}Hϼ3z~/TqcAV.C, i]H}b舅WϿ):zOG= rfm$,zg>">ϫ> s^|gO^|=o<.G4&$hk9Egl$ Z*Uo0˲%n*=a$Vhގb9rQm4 iAN)f^㽈8f2((}B*K .Du1 ɈjZLڢ1eV3ۉMr"+00~Dxp\%rcV *#3q} !a"e՜[-$}cU}b)ݯys^Dn^ ;IT~ D1 ϐ;8> n1iQ T\U; Qc[G@/~\QYo+oT [$qqзs74%P徣\?O'Yv@z`7fCPƆj i6։`z9)k.ANa]PfCR.`g+ekת` tڛd"S$#,Gr&IyC)Q+hkko,I*k.ޛd)EtkG%㵛M8x88K,!_ [6E6۹cnƽjȖyK&krzQJ +VV5+ njdB|ULvaD>fTʧa1= ץ TՄah:KYo ΎcF8[ݢy'[ `Viq We?sE'pS p+0PJ#l w@],d_a|jHPXT$Z2wzvY,d*`Lcr@Hs`K d4`p}:hMN靏mfpa?7bU|-:_,Y+@Ya)hgm&sUxY,{ Q =H _&:{~hȌBP֗Z< 3#f'|཮?^o:xc;[nFI~11?l{{M2%MH%a:4`5PK! ѐ'theme/theme/_rels/themeManager.xml.relsM 0wooӺ&݈Э5 6?$Q ,.aic21h:qm@RN;d`o7gK(M&$R(.1r'JЊT8V"AȻHu}|$b{P8g/]QAsم(#L[PK-![Content_Types].xmlPK-!֧6 +_rels/.relsPK-!kytheme/theme/themeManager.xmlPK-! ˣVtheme/theme/theme1.xmlPK-! ѐ' theme/theme/_rels/themeManager.xml.relsPK] l .  8 p  $&(**************88:::=rc3*vq !{"#$[%&&'()++,-.k/001W2=3349568>Gp (R>*ǧ:U>Y\b(s.MaRUVWXYZ[\]^_`acdefghijklmnoprstuvwxyz{|}~ FGKNx*}5CFYGpppp#q2qqr7r`rrPsusssst{j t",@N^-hkjlnxyyzmzzM{{<|| }R[Hnˬ:9i&!)  F!:IUVVqXYZZZ[[C_X_Y_+`ab ccc:ddebfcfgghhjjpOspx~op7\.`-B&LW_-bCccilp0sbuz}`g5^[STbq    EHIJLMOPQRSTUVWXYZ[mnopqrstuvwy ) * J    " B Y u w x z 2 N P Q S s B^abdC_bce">ABDd4Xtwxz (+,.Nz?[^_a  +=Y\]_4Wsvwy"Wsvwy5QTUWw0LOPRrUqtuw:VYZ\|D`cdfFbefh69:<\n(DGHJj ),-/O   " B ! ! ! !-!o!!!!!! "<"?"@"B"b""""""#;#W#Z#[#]#}####### $&$)$*$,$L$$$$$$$%%% %"%B%b%~%%%%%%%%%% &O&k&n&o&q&&&&&&& '*'F'I'J'L'l''''''''''''(;(W(Z([(](}(((((((())))9)E)a)d)e)g))))))) **2*5*6*8*X********++++>+J+f+i+j+l+++++++++,,,,6,K,g,j,k,m,,,,,,,,,----:-[-w-z-{-}-------..5.8.9.;.[.w...../0.0T0000:1\112F22213333`444uuvTxxxJw۪д 6wݵ<u&S OTCH z7< wAsIdJJJJKKnKKKKKLZLqLuLLLLvMMM,N^Nyqyyyyz!zzzz@{u{y{{||m||Y T  -"f""&& '''')7*d*(,a,,U666647U7Y7777u888"9J9N999cNNNX X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%X%̕XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX  *14=!!!t  ,r$)ܐ;h~a@ 0(  B S  ?H0(  =z _Toc145915518 _Toc145915519(DSDOC_BKMK_WhyUAC3bbc4962_40ae_40b5_8b70 _Toc145915520 _Toc145915521 _Toc145915522 _Toc145915523 _Toc145915524 _Toc145915525 _Toc145915526 _Toc145915527 _Toc145915528 _Toc145915529 _Toc145915530(DSDOC_BKMK_HowUACWorks3bbc4962_40ae_40b5 _Toc145915531 _Toc145915532 _Toc145915533 _Toc145915534 _Toc145915535 _Toc145915536 _Toc145915537 _Toc145915538 _Toc145915539 _Toc145915540 _Toc145915541 _Toc145915542(DSDOC_BKMK_WillUACAffect3bbc4962_40ae_40 _Toc145915543 _Toc145915544 _Toc145915545 _Toc145915546 _Toc145915547 _Toc145915548(DSDOC_BKMK_DesigningVistaApps3bbc4962_40 _Toc145915549(DSDOC_BKMK_TestAppCompat3bbc4962_40ae_40 _Toc145915550(DSDOC_BKMK_ClassifyApp3bbc4962_40ae_40b5 _Toc145915551(DSDOC_BKMK_ApplicationRunStandard3bbc496(DSDOC_BKMK_FixedNoAdminToken3bbc4962_40a(DSDOC_BKMK_AdminSectionsCut3bbc4962_40ae _Toc145915552 _Toc145915553 _Toc145915554(DSDOC_BKMK_RedesignFunctionality3bbc4962 _Toc145915555 _Toc145915556(DSDOC_BKMK_RedesignUI3bbc4962_40ae_40b5_ _Toc145915557(DSDOC_BKMK_UACImpact3bbc4962_40ae_40b5_8 _Toc145915558(DSDOC_BKMK_UACGoals3bbc4962_40ae_40b5_8b _Toc145915559(DSDOC_BKMK_UACElevation3bbc4962_40ae_40b _Toc145915560(DSDOC_BKMK_UXFlow3bbc4962_40ae_40b5_8b70 _Toc145915561(DSDOC_BKMK_ElevationEntry3bbc4962_40ae_4 _Toc145915562(DSDOC_BKMK_UXImplementation3bbc4962_40ae(DSDOC_BKMK_ShieldUI3bbc4962_40ae_40b5_8b(DSDOC_BKMK_ShieldButton3bbc4962_40ae_40b(DSDOC_BKMK_WindowsInstaller3bbc4962_40ae(DSDOC_BKMK_ShieldNextWizard3bbc4962_40ae(DSDOC_BKMK_ShieldTaskDialog3bbc4962_40ae(DSDOC_BKMK_ElevateModal3bbc4962_40ae_40b _Toc145915563(DSDOC_BKMK_WhentoAddShield3bbc4962_40ae_ _Toc145915564(DSDOC_BKMK_KeyAdminDecisions3bbc4962_40a _Toc145915565(DSDOC_BKMK_RedesignInstaller3bbc4962_40a _Toc145915566(DSDOC_BKMK_EmbedManifest3bbc4962_40ae_40 _Toc145915567 _Toc145915568 _Toc145915569 _Toc145915570 _Toc145915571(DSDOC_BKMK_TestApp3bbc4962_40ae_40b5_8b7 _Toc145915572(DSDOC_BKMK_SignApp3bbc4962_40ae_40b5_8b7 _Toc145915573 _Toc145915574(DSDOC_BKMK_ChooseLogo3bbc4962_40ae_40b5_ _Toc145915575(DSDOC_BKMK_DeployingStandard3bbc4962_40a _Toc145915576 _Toc145915577 _Toc145915578 _Toc145915579 _Toc145915580(DSDOC_BKMK_NETAppInfo3bbc4962_40ae_40b5_ _Toc145915581(DSDOC_BKMK_ActiveXInstallation3bbc4962_4 _Toc145915582 _Toc145915583(DSDOC_BKMK_ActiveXDocuments3bbc4962_40ae _Toc145915584 _Toc145915585(DSDOC_BKMK_ApplicationRequired3bbc4962_4 _Toc145915586 _Toc145915587(DSDOC_BKMK_AdministrativePermission3bbc4 _Toc145915588 _Toc145915589(DSDOC_BKMK_PerUserApplicationSettings3bb _Toc145915590(DSDOC_BKMK_ApplicationDefaults3bbc4962_4 _Toc145915591 _Toc145915592(DSDOC_BKMK_References3bbc4962_40ae_40b5_ _Toc145915593 _Toc145915594 _Toc145915595 _Toc145915596 _Toc145915597 _Toc145915598 _Toc145915599 _Toc145915600.55GgHJLLQSZg^fggghgkvxy5DEJ}KH[ K    HHOO^QdQyXX^^ccvv|~G,1*NS).*  ""/U01555: :i=.@6@@0B;BpDEEFIKKSSUcWmWWWXY[W]bw    "!$#&%'()*+,.-/1032547698;:=<>?@ABCEDGFIHKJLMNOQPSRTVUXWYZ[\^]`_acbdfegihjlknmopqrstuvwxy.55GHJPLLNQ0T.Z^ggghizkIvxyCXJf~Y +<K    HHOOdQ~QXX^^ccvw|~G1l7eSo.WC  ""/w016555 ::s=6@N@A;BZBzDEEPIKKS*TUmWmWWWXY[x]1bw   Y x 2 Q BbCc"BXx ,z?_ =]WwWw5U0PUu:ZDdFf:n(H - !o!! "@""";#[### $*$$$% %b%%%%O&o&&&*'J''''';([(((()E)e)))*6****+J+j++++,K,k,,,,-[-{---.9.w..:s:tNt'xBxCxMxPxWx~xxxx#:Ɂ 2;P_eo   M"122}3nHuHJJ&L/LLLTTeeeeՂ<>ة۩̷M[ɺ+νot3ZIS@B )+    ae@ESU"$L`S;Y;==;>>>>>FFFFFF5H:H=HWHkH~HQQRRS"SY[_[a_g_aajavagggggggyy {qt˓Γ!lpޖؚۚAD$'')  33333333333333333333333333333333333333333333333333333333333333333333333333333333333333  Y x 2 Q BbCc"BXx ,z?_ =]WwWw5U0PUu:ZDdFf:n(H - !o!! "@""";#[### $*$$$% %b%%%%O&o&&&*'J''''';([(((()E)e)))*6****+J+j++++,K,k,,,,-[-{---.9.w..YsZs    |戄}~X uP0b~g tƶH;K#  "7t|@-(> p=E8)EqGjj8Lk p`J *tq(r-wW|t|@-^`.^`.88^8`.^`. ^`OJQJo( ^`OJQJo( 88^8`OJQJo( ^`OJQJo(hh^h`. hh^h`OJQJo( p^`hH Article . p^`hH Section . P^`PhH() `p`^``phH() P^`PhH) P^`PhH) ^`hH) P^`PhH. 0p0^0`phH. hh^h`hH) ^`hH) 88^8`hH) ^`hH() ^`hH() pp^p`hH()   ^ `hH. @ @ ^@ `hH.   ^ `hH.h^`CJKHOJQJhH.h ^`hH.h pLp^p`LhH.h @ @ ^@ `hH.h ^`hH.h L^`LhH.h ^`hH.h ^`hH.h PLP^P`LhH. h^h`hH. P^`PhH.. p^`hH... x@ ^`xhH.... ^`hH .....  X^ `XhH ......  ^ `hH.......  8^`8hH........  `P^``hH.........hh^h`OJQJo(hHhh^h`OJQJo(hH^`OJQJ^Jo(hHopp^p`OJQJo(hH@ @ ^@ `OJQJo(hH^`OJQJ^Jo(hHo^`OJQJo(hH^`OJQJo(hH^`OJQJ^Jo(hHoPP^P`OJQJo(hH ^`o(hH.^`OJQJo(hH hh^h`o(hH.h ^`hH.h ^`hH.h pLp^p`LhH.h @ @ ^@ `hH.h ^`hH.h L^`LhH.h ^`hH.h ^`hH.h PLP^P`LhH.p=Etqp8Lk~}|(>wW|"7EqG8                   @5XG #4y'w7vCe*f^ 1 J e^ I 9 \ d s~ &5s0Nce}6Lk .7Aua?FW6\PqJ&A3 # /XGe "}".#pJ#% %r%=&uf&z&LJ'X'E5(ES*~-+;C+x+),y-9 .y:.QT2JpK~wKL)LDO PPTPW%QRKRKRS1S=%T1U KU~U#VEV\VK'X%Y(Y#Z[*ZKZy\tZ]s]i}] A_q_~_Gb#b(b-bc}c9 dLdVd]d#vd|eXfgvg hOh7h7!j(pjHkskxklrAmQqmnihoEY2 gEB\kw ~kUR_8m[yp[nvJ%Nu}~uTkSIq7?Id7 8Lb{/Im _'EY\Tr?Qz3`5?T_l+=\h/4fKpHMTA|3:Xtz:IP[Ko5!Y5lLa?Xs NcU 'DAM!W 9]*exn|g` cVYyL+R#8Xm M?<DnUc~> 2T)7@[6Ub'0:CpL~#Q:aj 'H)_awew}|I_?x6K?pQH|/HQ}t]e00[<IDQ%C<bPTb# Ww{4,GeQG )d<3IBMPTrXem4ao g@/01234pqrsiiiiiii ??AAAAA 3333333333333333 DDD=D>D?DADBDFDGDHDIDJDKDLDMDNQRSggghgilm{o{pqrxyz{|ְֱֵֶַ֛֪֚֜֝֟֠֡֩֫֯  ,234S6S7S8S9QIQJQKQLQMQOQPQQ S TWXYZ[cdeegehjklmnopqrstuv zX@X8X:X<X>X@X@X~XXX@XXXXX4@XXXP@XXXXx@XXX@XX@XXXXX@XXX@XX@XX@XXX@XX@XXX$@X(X*XX@X.X0X2Xh@X6X8X:Xx@X>X@XBX@XRXTXVX@XZX@X|X~X@XX@XXXXXXXXX0@XXX@@XXXp@XX|@XX@XX@XXXXX@XX@XX@XXXXXXX@XXXX@XXX@XXX(@XXX8@X X"XH@X&XP@X*XX@X0X2Xh@X6X8Xt@XNXPX@XtX@X8@X"X$XL@X(X*X,X\@X>X@XBXDX@XHXJX@XNX@XTXVXXXZX@XdXfX@XjX@XnXpXrXtXvXxXzX|X~XXXX @Xp @UnknownG*Ax Times New Roman5Symbol3. *Cx Arial?= *Cx Courier New5. *[`)Tahoma7. [ @Verdana;WingdingsA BCambria Math"1Hhhoܩfoܩf8fbc6[Tbc6[T!ppd4dB 2qP?6x2!xx7E:\dsBuildRoot\wsitpro\1033\SupportFiles\global.doc.dot\         e       Oh+'0U  $,4global.doc.dot1Microsoft Office Word@@8y@Z(T@Z(T[bc6GTVT$m O*!* d- !d-!*A d(TdddYYYZZZ***GGG```!!!***౱{{{RRR:::pppFFF[[[BBBggg yyyVVV ||| BBB ((('''iii]]]MMMXXXMMM [[[uuu999qqq 555"""888  ^^^WWWvvvHHH::ې:۶f:f:۶f:۶ff:::f۶ې۶۶:::f::f:۶::۶f:f:fېf::ېfې::۶ffې:ff::ېfې:f۶f:f:ff:f۶f:ې:۶:fې۶۶:fې:fff::ې::ې::ې::ې:fې:::f::::fې:f:::۶f۶:::ې::::f:::۶f:۶f:۶f::fff:::f:::::f::۶f:f:f:ې::f:::f:ې:::f:::۶f۶::ېf:fff:f:۶fېf:::ې:f:f۶ffې::ېf:ېfېf:f۶f۶:ffffې:f۶f:ې:f۶f۶:fېf:f:fff۶ې:ffېfې:f۶ffffېff::ې:f۶ff:fې:fېf:f:f۶f::::ff۶f:fffې:f:::ې:ffېffې۶:ffffېf::fې::ې:fې::ېf۶f:۶f:::۶f:fff۶:::۶f:۶f:۶f:::ff:::::::۶f::۶:f::۶:ff:f::۶:::::f::۶:۶f۶:۶ff::۶f۶:::۶f:::ې::::۶ff:f:fffې:f۶ffې:fېf::ff::ېf:ffffېfې:fې:fېf۶ff:fېfffېf۶ffې:f۶ffffې:fff:۶ې۶::fffېf:::۶ffې:f::۶f::fffې::ې۶f:::ېf:fې:ېff:fې::fffې::::f:f:fېf۶f:ff:f۶f::ېf:::ې:f::ې::ې::ې::ې::ې:۶::f:ې::::::::::۶f::ff::::f:::۶f:::f:ff::۶f۶۶f:f:::::f::::ff::::۶::::۶ff:::f::f۶f:f:۶f:::۶f:۶f:f::::::۶۶f:fffېf۶f::::۶f::ې۶fېf۶f::ې::ېfffېfff:f::fې:ff:fېf:f:ffff:ffffې۶:ffffېf::ffېffffې:ff:f::fېff:f:ffې۶fې::fffې::ېfff۶f:ff:f:ffې:fff۶fې:f۶f:fې:ffې:::::ېf۶f::fffې:f::ې::ې::ې::ې::ې:fې:fېې:f:f|f:{:۶f:::۶f۶:fff:::۶f:::ې::ې::::۶f:f::ff:::::::f:fې:f:::f:f:fff:۶:::۶ff::۶ې۶f:::::ې::fff::ff:f:f۶f۶:fې۶:X۶f:ffې::ېf۶f::ېfېf:fېf:fې:ff:f۶ff:::۶f:ffېff:f:::ې۶f:f۶f::ې::۶f::ff:f۶fې:ff:f۶ff۶ې۶۶:ې:fې::ې:f:ffې۶ېff:f:ff:f۶ff:::ې۶f۶f:fff::fff:f۶ff۶ې۶::fېf:f:::ff:fې:f:f::ې:fې::۶ff:fffffffffffffff::ff::f::fffff::f:::ېfې::fېff۶f:f::f:۶f:۶ffff:۶f۶۶f:۶f۶::f:ې::ff::ff:f::::::f::::::f:::۶ff:f:ff:ffې:f۶ffff:ffېf::۶f::ې:fff۶f:f:۶ff:f:fffېffffې:fېېېff:f::ېff:f:fې:fېff:ffې::ې۶::::ff:۶f:ې::f::f۶f:f۶:::۶f۶f۶f:::ې::f:::ېff:fې:fff:::۶f:ffې::ې:f::fffې::ېfېf::::::f::ېfff::::::۶f:ff::::::::f::۶ff۶f::ېf:fې:fې:::::::fې:::::ېfېf:ffff:f::fې:ff:fېff:f::ې:fېf:f:ff:ېff:ې::ff:ې::::f:f:ې:ff:fې۶f:fې::fېf:f::ffېfې::f:f:f:fېfې:::::f:f:ffff:f::fې:ff:fېf:fff:::ff::ېff:f:::fff:f::::f:۶f:::fېf:fff::f:fې:f:f:f:fff:::f:f:f:fې:::fېf:f::::f:f:ې:f::f::ې:fېfff::::fې::ې::ې:f:f::ې:f:f:f:ې::f:::fff:f:ې::fې::ې:f:۶f:f:::::ې:f:fې:f:f:fې::ې:fېf:f::::fff:f:ff::۶ff:fې::fې:f:fff::f:ې:fېff:fې:fېf:fې::fې:f:f:f:f:fې۶f:ff:f:f:fېf:fې::f:f:ې:fff::::ffff:fې:f:ff:::ff:::f:fff:::fff::::f::ې:::fې:fff:ff:fېf:ې:f:f:fې:ffff:::f:ې:f:f:ې:ff::ff:ff:fې:fې:f:ېf::ې:::fې:ff:f:fff::ې::f::ffff:fې:f:f:::f:f:f:ff::ffff::f:f:fې:fې:fې:fې:۶f:f:f:f:f::ېf:f:f:ff:ff::ې:ff::ې:::::ېf:ې:f:f:fff:::f::ې:f:f:ې::::fې:::f::ېf:ې:fېf:f::::f:f:ې:f:::f:ff:::f:f:f:fې:۶ff:fې::f::fff:::ېf:f:ff:f:ff::f:fff:fېfې::fېfې::f:f:fې:f:f:۶ff:fې::f:f:ff:::fff:f::::ff۶ff:fې::fېfې::fېf:f::::fff:f:f:ېfff::f:fې:f:ېf::ې:ې:ff:ff:fېf:۶::fې::fې:ffې::f:f:fې:f::ff:f:f:fff::ېff::ې:f:f:ې:fffff:f:f::f:ff:fې:ېf::ې:ff:fff::::fېf:fff::::f:ff:fېff::ېf:fff:::fff::::f::ې::::ې:ې:fې::f:fېf::ff::f:f:f:۶f:f:f򬪬ςӇEEF 88;$$' bbcŞLMMTQT|{}GFGB@GUT[xx{sruTTVIIIQPQ+*, mlmCAHqoqDBFrqsȞnmo悁MMN888!QPQ'')  <?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~      !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~      !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz|}~      !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~      !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~      !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~      !0Root Entry FT2Data {1TableLWordDocumentSummaryInformation(VDocumentSummaryInformation8\?CompObjy  F'Microsoft Office Word 97-2003 Document MSWordDocWord.Document.89q