I'm running SQL Server 2008 R2 in a Windows 2008 Enterprise Hyper-V virtual. I've created a service account to run the SQL service. I've set up the SPN for service account correctly, i.e.
MSSQLsvc/<machine name>:1433 and with the FQDN
The service account has been granted "log on as service" and some other local policy privilages. The Force Protocol Encryption is set to NO. The VIA protocal is disabled.
When I set the SQL service to run as this domain service account with the SQL Configuration manager the service won't start and throws a bunch of errors which I'll post below. If I set the SQL service to run as Network Service, it works. If I use the Built-in "Administrators" for the domain it works.
From Application Event Log...
Initializing the FallBack certificate failed with error code: 1, state: 1, error number: -2146893802.
Unable to initialize SSL encryption because a valid certificate could not be found, and it is not possible to create a self-signed certificate.
Server name is 'SQ01'. This is an informational message only. No user action is required.
TDSSNIClient initialization failed with error 0x80092004, status code 0x80. Reason: Unable to initialize SSL support. Cannot find object or property.
TDSSNIClient initialization failed with error 0x80092004, status code 0x1. Reason: Initialization failed with an infrastructure error. Check for previous errors. Cannot find object or property.
Could not start the network library because of an internal error in the network library. To determine the cause, review the errors immediately preceding this one in the error log.
SQL Server could not spawn FRunCM thread. Check the SQL Server error log and the Windows event logs for information about possible related problems.
From System Event Log..
The LoadUserProfile call failed with the following error: Access is denied.
The SQL Server (MSSQLSERVER) service entered the stopped state.
The SQL Server (MSSQLSERVER) service terminated with service-specific error 2148081668 (0x80092004).