Symantec Endpoint Encryption DC&RS Service accounts/Server Credentials
Ok, I know mostly from testing and a little from documentation that the Device Control and Removable Storage server credentials SHOULD be a domain admin account but suppose I didn't want that account to have privileges that high and only have local admin to the server machine running the Symantec software. Also suppose that I want all of my AD service account passwords changed every 90 days for security reasons and I need to change the password of the service account running the RS and DC servers. How could I effectively change the password so that the DC server and manager console will still work. I have been trying to find a workaround for this but have not come up with a solid solution yet. I have tried to change the server credentials temporarily to my AD credentials in DC and RS config wizard and then change the password for the original service account, then change it back to this service account in DC but it never works. Where is the service account credentials stored that was used to install the server? Is it in the database and cannot be changed? If there is no way to accomplish this then I guess I will have to deal with it but I do need to have the password changed on this account every 90 days as set by our security policy. Also I know how to change it everywhere in the RS config wizard, but is there anything else that I have to do after that? Would I have to re-deploy a new copy of the framework package to all client machines? I know I can't be the only one out there with these kinds of questions so would some one please help.
On another note, I do suggest that Symantec change their documentation to include that not all functions will work if the server credentials are not domain admin and also list all of those functions. I know that the documentation says that having domain admin privileges are recommended and that it is vital to the operation of the server but that information was not enough for me and it would take but one small paragraph to explain the information.