Control Compliance Suite (CCS)

You need to change the password every 30-90 days, and you would like to know how to change the password without impacting CCS.  

NOTE: This method requires that you are NOT going to be using a new user, and you know the Passphrase that was set when CCS was installed.

On the CCS Application server:

1. First, make sure that the password has already been changed in Active Directory.
2. To update CCS of the new password, go to the Program Files (x86)\Symantec\CCS\Reporting and Analytics\Application Server folder and run the Symantec.CSM.ConfigureServiceAccount utility (right click and 'Run As Administrator').
3. At the 'Welcome to Service Account Configuration Wizard' screen, click 'Next' to continue.
4. At the 'Select option and specify ADAM details' screen, select the 'Change service account' bullet point, and then in the 'Directory server host' field, type in the name of the Directory server.
   
   
5. At the 'Select the services to change' screen, select the Services that you would like to update the password. NOTE: You are not changing the user account, so when the warning pops up just click 'yes' as the user account you are currently using should have all necessary permissions in ADAM.
   
   
6. For each service you selected, make sure you enter in the SAME User that you are currently using in the Domain\User format with the new password.  Each service will have its own window to update the password.
   
   
7. Next, enter in the Passphrase that was set when CCS was installed.  Then click Next.                      
   
   
8. On the 'Specify SQL Database connection details' enter the appropriate information for the SQL database. If it is the same for the Reporting database, make sure you check at the bottom.  Then click Next.   NOTE: If you are using a Named Instance, leave the port field blank.
   
   
9. At the next screen, select Finish when prompted.  A popup window will appear once the changes are successfully made.  It also reminds you to go into each of the services with that user account and change the password and then restart the service. 
   
   
10. In the Services on this server, stop the Symantec Application Server Service, the Symantec Directory Support Service, and the Symantec Encryption Management Service (in that order), and then right click on the service and select 'Properties' and then select the 'Log On' tab at the top and change the password to the new password.  Do this for each service that uses the user that has the new password.
    
    
11. Once the password has been changed to the new password, restart the CCS services in the following order: Symantec Encryption Management Service, then the Symantec Directory Support Service, then finally the Symantec Application Server Service.

Additional information:

If during the configuration you receive a pop-up error that the account requires SYSADMIN, just ignore the error and continue.  SYSADMIN level permission is not required.