Your Farm Admin account will always be a Managed Account (you can’t change that) so be extra careful when changing this accounts password (either manually or automatically).
With Share Point 2010 we now have the ability to allow Share Point to manage various service accounts thus foregoing the need to have IT administrators manually manage password changes.
This new feature is a great benefit to Share Point administrators and security conscious admins in general as it allows us to easily enforce our corporate security policies by changing these passwords on a schedule, and the administrators don’t even know what the password is so the likelihood of a compromise due to a disgruntled admin, though not eliminated, is somewhat reduced.
Once on the Manage Account screen you can configure the automatic password change settings: To perform the same tasks using Windows Power Shell we can use the to prompt for the password so that it is not hard coded anywhere): Once you have your Managed Accounts created you can begin to use them for things such as Service Instances and Service and Content Application Pools.
To associate a managed account with a specific Service Instance using Central Admin you can go to Security – Configure service accounts.
But the introduction of this new feature isn’t all good.
The complication comes from the fact that Share Point 2010 doesn’t implement this capability consistently.
To manage the crawl account for the Share Point Server Search Service (also known as the Enterprise Search Service) using Central Admin we simply need to navigate to the Search Administration page of the Service Application that we wish to modify and click the link for the Default content access account.
This will bring up the following screen: Note that by default this account will be set to be the same account you used for the Search Service Instance which is a Managed Account.
If you let the WPI Word Press install create a new IIS web site for you, it will create an application pool named after the web site, with the following settings: As far as IIS configuration, that’s it.
It keeps things simple, and adheres to default settings.
If you do not change this account and you have configured Share Point to manage the account password then your crawls will fail when the password changes.