Not true - the user account used for SQL Services does not (and should not, in any high security installation) have local admin rights, much less domain admin rights.

The user account does need permissions to a variety of directories for SQL Server files (sometimes it's easier to use

icacls * /reset /t

to reset security on entire subdirectory trees).

There are some Group Policy permissions that are required or recommended; the set I use includes some for proxy users:

gpedit.msc

Computer Configuration

Windows Settings

Security Settings

Local Policies

User Rights Assignments

Act as part of the operating system

Adjust memory quotas for a process

Bypass traverse checking -- proxy user use, I think

Lock pages in memory -- a subject of some debate

Log on as a service

Perform volume maintenance tasks -- required for instant file initialization

Replace a process level token -- proxy user use, I think