A business unit has requested a new SAP 'Business Objects' service account to achieve 'Integration of BI 4.x with Active Directory and SSO in Distributed Environments'. The instructions for how to do this are contained in SAP KBA 262970. Within this guidance is the instruction to assign the service account the permission to 'act as part of the operating system'. According to the guidance this is a more specific setting than making the service account a member of the Administrators group (as recommended in an older blog). Is this correct?