Has it been a while since you installed SharePoint and you read something that talks about the "Farm Account" but you can't find where this is defined in SharePoint?
It is really just the Database Access Account you specified during the initial psconfig (2nd step in the setup process) for the configuration database.
Because there is only one configuration database for a farm, the account you specify to access the db is used as the identity for the IIS Central Admin Application Pool. (this is not the account creating the db, that is done under the credentials who you are logged in as when running psconfig.exe)
This account doesn't need any special Windows privileges. So long as you have been logged in as a domain administrator when running setup, everything should work fine.
PSConfig will also create the following local security groups :
- WSS_ADMIN_WPG (Farm account, Account you are running psconfig under and Builtin\Administrators Group added)
- WSS_RESTRICTED_WPG (only the farm account is added)
- WSS_WPG
These groups are used to secure things on the files system and in the registry
The farm account will also be granted dbcreator and securityadmin SQL Server rights.
Note: some people think these are the rights required for SQL Server when running setup. It must be because SharePoint is often not "owned" by the IT department that they make it hard for a consultant to be able to run setup under a domain admin account. I just ask them if they would run the setup for an Exchange server without being logged in as a domain admin ;-). Fortunately, once setup is completed, you will probably never need to use a domain admin account again.
Anyway, I think understanding this help during setup and troubleshooting. You should never change IIS settings like the app pool identity manually because the central admin application uses timer jobs to keep all servers in the farm synchronised.
If you do want to change the Farm Account, do it from the Central Admin/Operations/Service accounts or from the stsadm command line utility. In either case you will need to do an IIS reset which is when you hold your breath and hope that you don't get the dreaded "Can't access the configuration Database" message.