Hi,
Using Windows Server 2008 / 2008R2 / 2012 server, you can physically install SQL Server 2008 / 2008R2 / 2012 on the system with the Domain Controller Role, however, it will not allow the groups to be created.
Windows will not allow a server to be promoted to a Domain Controller with SQL Server installed.
On Win 2008 the service SID is added to the security group and the resources are normalized using the service SID itself. *The Service SID is added as sysadmin, not MSSQLSERVER*.
On Win 2008 R2 and above,the service SID enquires the NT Service\Service Name to get the status of the account so that resources can be normalized using the service SID in all scenarios like Standalone, Cluster or DC.
Of course service SID is added as sysadmin for engine to access the resources.
You can read here how it works, the per-service SID is derived from the service name and is unique to that service. A service SID name for SQL Server service is like “NT Service\MSSQL$<InstanceName>”
The security group or service SID for SQL is managed by SQL itself, not the DC.
You can however, install SQL Server 2005 onto a 2008 / 2008R2 / 2012 Domain Controller.
Cheers
Leon