I had someone ask me how to best update the AD RMS service account password. As we started mulling over it we realized that this is more than just a domain account that we change the password in the services mmc. Some of this information may be in the AD RMS configuration database, there is a web application pool account, and so on.
Poking around the AD RMS management console I found the “Change Service Account” wizard. Looking though this wizard it came across to me as what we use to change the account, but I wasn’t sure about updating the existing one.
Digging around my RMS lab and going through some resources I found the answer. The “Change Service Account” wizard is the answer. It updates all the needed items. I’ve written it up on the wiki so check it out!
AD RMS How To: Change the RMS Service Account Password
Any thoughts on why I get an error that says:
"You are currently logged on with a user account that does not have sufficient privileges to change the service account. ..."
When I try to change the service account as described in your article, despite the fact that I'm logged on as a user who is a member of the local AD RMS Enterprise Administrators group, the local Administrators group (both directly and as a member of Domain Admins) and is a sysadmin in SQL?