We have an environment in which 3 DBAs are currently creating upwards of 50 new SQL server IDs per day, leaving us cramped for time. The Help desk personnel here create the Network logins, and set the application security for our business apps, so we wanted to give them the ability to ceate SQL Login IDs as well. We tried adding them to the Security Admin role, but we get errors that I've traced down to a DBCC auditevent call that they do not have permission to. I can't find how to grant them this without making them part of the System Administrator group, which company security policy prohibits. Is there another way to grant them the ability to create SQL logins?