In the application event logs, I see this error:
The SharePoint Health Analyzer detected a condition requiring your attention. Accounts used by application pools or service identities are in the local machine Administrators group.
Using highly-privileged accounts as application pool or as service identities poses a security risk to the farm, and could allow malicious code to execute. The following services are currently running as accounts in the machine Administrators group:
SharePoint - 80 (Application Pool)
SharePoint Central Administration v4 (Application Pool)
However, when looking at the drop down list box for services and web applications on the Credential Management page in Central Administration, I don't see some of these that are listed above in the log. I like to change the accounts that the services are using.
Drop down list box has these listed:
Service application Pool - Security Token Service Application Pool
Service Application Pool - SharePoint Web Services Default
Service Application Pool - SharePoint Web Services System
Web Application Pool – MySites
Web Application Pool - SharePoint - 80
Windows Service - Claims to Windows Token Service
Windows Service - Document Conversion Launcher Services
Windows Service - Document Conversion Load Balancer Service
Windows Service - Microsoft SharePoint Foundation Sandbox Code Service
Windows Service - SharePoint Foundation Help Search
Windows Service - SharePoint Server Search
Windows Service - User Profile Synchronization Service
Windows Service - Web Analytics Data Process Service
For the ones I don’t know, which services reported in event log above, would match what services are listed in the drop down list box?
SharePoint Central Administration v4 (Application Pool) = ??
SPTimerV4(Windows Service) = ??
OSearch14(Windows Service) = Windows Service - SharePoint Server Search ( I think)