DB-User = "root" ... In Server Admin there seems to be no obvious way of creating a specific user.
Use the command line to create the database, and to then set up the users and passwords and access rights in the newly-created database, or (if you're fond of the GUI interfaces) install and use the Sequel Pro tool. The command line stuff is the same for all MySQL databases.
DB-Password = "root" .. I suppose that will match the root password I established in Server Admin Mysql settings... but shouldn't it be unique to wordpress?
DB_Host = "127.0.0.1" ..... should that actually be set to the domain name of the server?
That's IP-speak for "me" or "self" or (more correctly) localhost. It is correct.
I don't know off-hand if Wordpress creates the database (does the Wordpress documentation really omit that?) but I'd suspect it does not. That you'll have to use the command line or Sequel Pro to create the database.
Content management systems (CMS) have a history of security issues, so alway ensure you have current backups kept off the box, and get on whatever security notifications are available from Wordpress so that you're immediately notified of new releases and updates. That's your path to try to keep the riff-raff off your server, and the backups are your path back if (when?) your CMS gets breached. For MySQL backups, you'll be using mysqldump for that; to get a restorable copy of your database transferred off the box, and can be restored. (Here is an example of a periodic mysqldump backup procedure.)
There are many layers to your onion here ;-)
Do *not* connect as the mysql-root user. That's ignoring a deliberate permissions model.
"Just connect as root" for "easing" mysql setup(s) is just as heinous as "just do everything as root" - what is most simple is often far from best and even bad practice.
Create a dedicated user and configure wordpress to use it.
I have just such a setup working on 10.6.8 server.
Wordpress can - for example - be a subdirectory of your site.