Discovery has been made that these standard installation settings are being overwritten by the global domain policy....
•Act as Part of the Operating System SeTcbPrivilege
•Bypass Traverse Checking SeChangeNotify
•Lock Pages In Memory SeLockMemory
•Log on as a Batch Job SeBatchLogonRight
•Log on as a Service SeServiceLogonRight
•Replace a Process Level Token SeAssignPrimaryTokenPrivilege
My personal opinion would be to reapply them, however I would be interested to know what other DBA's would recommend if this was discovered this within your own environment?
Kind Regards