How to Change the Password for the Active Directory Connector Service Account
The Active Directory Connector (ADC) requires a service account because a subset of the ADC technology is included with the Microsoft® Windows Server operating system. Exchange uses ForestPrep and DomainPrep to prepare the Active Directory forest and domains for installation of the server. Part of this preparation involves setting permissions for LocalSystem services to Active Directory. Because the ADC can be used without Microsoft Exchange 2000 Server or Exchange Server 2003 installed, a separate service account is used to achieve the same functionality.
It is recommended that you change the ADC service account password periodically.
Before You Begin
To change the ADC service account password, you must be logged on to an account that is a member of the Domain Administrators security group in the domain where the ADC service account resides.
Procedure
To change the password for the ADC service account
Change the password for the ADC service account using the Active Directory Users and Computers snap-in.
Wait a few minutes for the new password to replicate through Active Directory.
On each server running Active Directory Connector, in the Services Microsoft Management Console (MMC) snap-in, locate the Microsoft Active Directory Connector service. Change the logon password for the service account on the Log On tab of the Microsoft Active Directory Connector properties page.
If the ADC service account is being used on any connection agreements, use the Active Directory Connector MMC snap-in to locate any one of these agreements and re-type the password on the Connections tab. It is only necessary to change the password on one connection agreement because the password is stored in the LSA Global Secrets database.
Restart the ADC service, and monitor the event log to make sure that replication is occurring successfully.