As you might know the SSO role will allow management of server login ids but will not allow management of database users that requires 'dbo' role. What is a best way to define a server id that has System Security Officer (SSO) role with ability to manage database users?