I've written a Windows Service in .NET that performs Administrative tasks on remote systems. The service runs under credentials that have domain admin rights on the DEV domain. A client (who does not have trusts established between domains) has requested that I install my service in their environment with one catch : it should perform its tasks across systems in 20 domains from the same central server. Aside from re-writing the code to allow 20 different services run side-by-side on my server, does anyone have tips on how I could accomplish this multi-domain approach without compromising security? I realize that it would probably be relatively straightforward to launch new threads under various credentials -- but that would require that I actually store 20 different usernames & passwords somewhere. I could encrypt the credentials with DPAPI or AES, but I would prefer to leave credential management to Windows, if at all possible.
