https://dba.stackexchange.com/questions/127162/how-to-run-sql-services-on-nt-service-mssqlserver-account-if-it-is-running-earli

https://blog.sqlauthority.com/2017/07/12/sql-server-unable-start-sql-service-account-removed-local-administrators-group/

One of my clients wanted to secure their SQL Server. One of the rules was that wanted to avoid running SQL Server service with an account which is part of local “Administrators” group. They wanted to provide the minimal permissions needed for the SQL server service account for SQL Server to function.

Below are the respective articles for each version that outline the permissions assigned to the service accounts:

Configure Windows Service Accounts and Permissions (SQL Server 2016 and later)
https://docs.microsoft.com/en-us/sql/database-engine/configure-windows/configure-windows-service-accounts-and-permissions

Configure Windows Service Accounts and Permissions (SQL Server 2014)
https://msdn.microsoft.com/en-US/library/ms143504(SQL.120).aspx#Windows

Configure Windows Service Accounts and Permissions (SQL Server 2012)
https://msdn.microsoft.com/en-US/library/ms143504(SQL.110).aspx#Windows

Setting Up Windows Service Accounts (SQL Server 2008 R2)
http://msdn.microsoft.com/en-us/library/ms143504(v=sql.105).aspx#Review_NT_rights

Setting Up Windows Service Accounts (SQL Server 2008)
http://msdn.microsoft.com/en-us/library/ms143504(v=sql.100).aspx#Review_NT_rights

Setting Up Windows Service Accounts (SQL Server 2005)
http://msdn.microsoft.com/en-us/library/ms143504(v=sql.90).aspx#Review_NT_rights

When I spoke to my client, they already removed service account from the Administrators group. As per article, we have permissions in security policy, but still we were not able to start SQL Service. By looking further into the Event Viewer, under Application Log we see the error :

“initerrlog: Could not open error log file ”. Operating system error = 3(The system cannot find the path specified.)”.

SQL SERVER – Event 17058 – initerrlog: Could not Open Error Log File

If we provide incorrect path, we generally see below message.

initerrlog: Could not open error log file ‘C:\BadPath\Errorlog.txt’. Operating system error = 3(The system cannot find the path specified.).”

Notice the blank path in an error message.  Later, we used one of my favorite tools called as Process Monitor and ran the tool to look for registry read activity. We knew that the service was queried for the for the start-up parameters which are saved in the registry and we wanted to check how it does it. We saw we were getting Access Denied for the Account: Americas\SAPPROD_SQLSvc on the registry hive:

HKLM\SOFTWARE\Microsoft\Microsoft SQL Server\MSSQL13.MSSQLSERVER\MSSQLServer\Parameters

Seeing that, we went to the registry hive and checked if the service account had permission and found that the user did not have permission, we also saw that the there was a group, SQLServerMSSQLUser$MPNA01$MSSQLSERVER

WORKAORUND/SOLUTION

We were able to fix the issue by adding Service Account Americas\SAPPROD_SQLSvc to the group SQLServerMSSQLUser$MPNA01$MSSQLSERVER

Reference: Pinal Dave (https://blog.sqlauthority.com)

https://docs.microsoft.com/en-us/previous-versions/sql/sql-server-2008-r2/ms143504(v=sql.105)

https://support.plesk.com/hc/en-us/articles/115002175809-How-to-change-the-default-MSSQL-directory-for-database-files-

Question
The default directory for storing database files of MS SQL is changed in SQL Management Studio > Database Settings > Database default locations to D:\MSSQL\DATA .
However, new database files are being created and stored in %plesk_dir%\Databases\MSSQL\MSSQLXXX.MSSQLSERVER\MSSQL\DATAanyway.
How to change the default directory for MS SQL?
How to move SQL databases to other disk drive?
Answer
By default, the location for new databases in SQL is defined by the location of the  master.mdf database file, this database is to be moved to the desired path (e.g, D:\MSSQL\DATA) and SQL server is to be reconfigured accordingly:

• Connect to the server via RDP;
• Open SQL Server Configuration Manager.
• Expand Services;
• Click SQL Server;
• In the results pane, right-click the named instance of SQL Server, and then click Stop. 
• A red box on the icon next to the server name and on the toolbar indicates that the server stopped successfully;

• Move master.mdf and mastlog.ldf files from %plesk_dir%\Databases\MSSQL\MSSQLXXX.MSSQLSERVERXXX\MSSQL\DATA to D:\MSSQL\DATA.Note: XXX should be replaced by the actual path, it depends on the version of the MS SQL server;

• Set Full Control permissions for the MS SQL service account, for an example NT Service\MSSQL$MSSQLSERVERXXXX, to the new DATA directory. Detailed steps are described here.

• In SQL Server Configuration Manager > right-click SQL Server > Properties > Advanced > Startup Parameters specify new paths for the master database:-dD:\MSSQL\DATA\master.mdf;

-eC:\Program Files (x86)\Parallels\Plesk\Databases\MSSQL\MSSQLXXX.MSSQLSERVERXXX\MSSQL\Log\ERRORLOG;

-lD:\MSSQL\DATA\mastlog.ldf

• Start MS SQL Server service by right-clicking on the corresponding SQL Server > Start.

CREATE TABLE #sp_who2 (SPID INT,Status VARCHAR(255),
      Login  VARCHAR(255),HostName  VARCHAR(255), 
      BlkBy  VARCHAR(255),DBName  VARCHAR(255), 
      Command VARCHAR(255),CPUTime INT, 
      DiskIO INT,LastBatch VARCHAR(255), 
      ProgramName VARCHAR(255),SPID2 INT, 
      REQUESTID INT) 
INSERT INTO #sp_who2 EXEC sp_who2
SELECT      * 
FROM        #sp_who2
— Add any filtering of the results here :
WHERE       DBName <> ‘master’
— Add any sorting of the results here :
ORDER BY    DBName ASC
 
DROP TABLE #sp_who2

Source: https://www.sqlmatters.com/Articles/sp_who2%20-%20filtering%20and%20sorting%20the%20results.aspx