- SP-Install - domain account with admin local rights on each WFE also need SQL dbcreator and dbsecurity roles (used to login and install binaries, use this account for add new servers to the farm);
- SP-Farm - domain account no permissions, will be the account to run timer job and other key roles;
- SP-Web-App-Pool - Content Web app account - Domain account only;
- SP-Services - Install all services to use the same domain account, this can be seperate for each services but for easy of setup and mainentance use 1 account. Exception is the User Profiles service, setup seperately using Spence Harbors post as the user domain account needs unique security, and
- SP-Crawl - Used to crawl SP content.
7th account should be used for User Profiles called SP-Service-UP. This is a complex issue and needs full review don't try install this blindly hoping it will work.
References
Todd Klindt's Blog
Todd's netcast 49 about installation (specifically install accounts, user profile services and an SP2010 internet version enterprices edition licence bug).
Liam Cleary's list of SharePoint 2010 Service Accounts