You need to know what the following accounts in DCS are used for:UMCADMIN and DCSADMIN
UMCADMIN – This is an account similar to SCSP_OPS, but this one is used by the Tomcat Application Server for communication with the DCSC_UMC Database. This account cannot be used to logon to UMC Console.
The password is stored in SQL Server and in server.xml file on the DCS Management Server at the following location:- <DCS Install Dir>:\Program Files (x86)\Symantec\Data Center Security Server\Server\tomcat\conf\server.xml
Password change must be done in SQL Server and in server.xml file both.
You can expire this account only in SQL Server
After integration with AD you can create a Domain User called DOMAIN\UMCADMIN, but it will be a differnet account to the account used by DCS Manager in order to connect to DCSC_UMC Database.
DCSADMIN - This account is used for UMC logon.
When you log on to the UMC web portal for the first time after deploying UMC, you must use the default user ID dcsadmin and the password that you specified while installing Management Server and UMC. When you assign the UMC Administrator role to an Active Directory user or group, UMC disables the default user ID dcsadmin for web log on.
There is no account expiration functionality available in SDCS Manager. The account expiration is set only on SQL Server level, so the SDCS Manager is not aware of it. The expired account will get locked in SQL Server and you will not be able to logon to SDCS Manager Console. No warning about account expiration will be displayed in SDCS Manager. The SQL Server is also not displaying any warning. If this happens after XX days, then the DBA will need to logon to SQL Server and unlock the account.
Please find below the Microsoft KB articles describing password expiration settings on SQL Server: