Over the last week, I’ve seen two discussions where the securityadmin server role was suggested.
The scenario is typically that we don’t want to make this person a sysadmin, but we want this to manage logins and stuff like that.
But Tibor explains why you should watch out—my rule of thumb is to treat
securityadmin as just as important as
sysadmin. It’s not the same, but someone with
securityadmin can do a lot of damage to a server.