Multi-Domain Authentication for Windows Services

From: Jerry (Jerry_at_discussions.microsoft.com)
Date: 06/07/05

• Next message: Dominick Baier [DevelopMentor]: "Re: Multi-Domain Authentication for Windows Services"
• Previous message: Nicole Calinoiu: "Re: Set concurrent connections on share"
• Next in thread: Dominick Baier [DevelopMentor]: "Re: Multi-Domain Authentication for Windows Services"
• Reply: Dominick Baier [DevelopMentor]: "Re: Multi-Domain Authentication for Windows Services"
• Reply: Dominick Baier [DevelopMentor]: "Re: Multi-Domain Authentication for Windows Services"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Tue, 7 Jun 2005 10:54:01 -0700

I've written a Windows Service in .NET that performs Administrative tasks on
remote systems. The service runs under credentials that have domain admin
rights on the DEV domain.

A client (who does not have trusts established between domains) has
requested that I install my service in their environment with one catch : it
should perform its tasks across systems in 20 domains from the same central
server.

Aside from re-writing the code to allow 20 different services run
side-by-side on my server, does anyone have tips on how I could accomplish
this multi-domain approach without compromising security? I realize that it
would probably be relatively straightforward to launch new threads under
various credentials -- but that would require that I actually store 20
different usernames & passwords somewhere. I could encrypt the credentials
with DPAPI or AES, but I would prefer to leave credential management to
Windows, if at all possible.

---

• Next message: Dominick Baier [DevelopMentor]: "Re: Multi-Domain Authentication for Windows Services"
• Previous message: Nicole Calinoiu: "Re: Set concurrent connections on share"
• Next in thread: Dominick Baier [DevelopMentor]: "Re: Multi-Domain Authentication for Windows Services"
• Reply: Dominick Baier [DevelopMentor]: "Re: Multi-Domain Authentication for Windows Services"
• Reply: Dominick Baier [DevelopMentor]: "Re: Multi-Domain Authentication for Windows Services"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Windows Service connecting to Web Service ... The connection to the web service is HTTPS and it reads NTLM credentials into a CredentialCache from a configuration file. ... I have attempted to create a windows service to do the same, however, I continue to get a "Could not establish trust relationship with remote server" WebException. ... I have to keep the web service secure, (I have tried basic authentication also, since I'm already SSL, with the same results). ... (microsoft.public.dotnet.security) Windows Service Credentials VB.NET ... I created a Windows Service with the function of watch some folders, ... The problem it's that the central server it's not in the domain, ... In the end of this copy I lose the credentials. ... (microsoft.public.dotnet.languages.vb) Re: Windows Service Question ... that i wont know the credentials of another user because it will be run by ... service in place which that will pull the new version of the windows service ... > local system account and enter the credentials of the user you want your ... > information changes. ... (microsoft.public.dotnet.languages.vb) Service accessing mapped drive ... I have a service which is a Windows Service, but it is running under a User ... account - I enter my own credentials on installing. ... (microsoft.public.dotnet.languages.csharp)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > microsoft.public.dotnet.security  > 2005-06