The Issues Caused by TS_AWARE (Concerning Shadow Keys)

I have recently published the shadow key companion which compiles all currently known information about shadow key in a single article. An important piece of information is the flag TS_AWARE for executables causing Windows not to produce shadow keys in install mode. Unfortunately, there is a downside to this flag that may well affect installation scripts.

System Tools are flagged TS_AWARE

When looking at shadow keys on Windows Server 2012 RC, I noticed that many tools provided by Windows are flagged TS_AWARE. This includes the following:

Consequently, using those tools – either 32 bit or 64 bit – does not produce shadow keys.

The Issues Caused by TS_AWARE

If you are using any of the system tools flagged TS_AWARE, you will not be able to produce shadow keys. Any automated installation scripts cannot rely on shadow keys unless the process is not flagged TS_AWARE.

This is again a very strong argument against shadow keys. Apart from the issues caused by the architecture of shadow keys, you cannot rely on them being created as expected.



I have updated the shadow key companion accordingly.

Feedback is always welcome! If you'd like to get in touch with me concerning the contents of this article, please use Twitter.