I agry with you. Having global DTS variables is the best solution. Reading the registry sometimes might fail because of inadequate security permissions. Reading from ini files might have the same problem. Either way exposing unencrypted server's credentials is not something we want. From the other hand storing the needed credentials into a database table means that first you have to conenct to the server and then to the database and then retrieve the needed credentials.

The best way i can think of is to use the DTSRUN utility (dtsrunui.exe) and set the global variables of the DTS packages which change programatically the connections and credentials within the package, then use the encrypt button located at the advanced section, then get the encrypted string and paste it in a job. Afterwards you can schedule the job as you like. In this way NO credentials are visible to ANYONE.

Hope this helps

Dimitris

....