Under MS-SQL Srv version 7, I have created a security officer account for the helpdesk person who is to manage user logins.

I have the account in the Security Administrator server group, and it appears just fine to be able to add and drop users.

However when they go to change the user's password (in enterprise manager) it prompts them for the previous one.

I want them to be able to reset the users password without knowing the previous setting.

I know the SA account can do this, but I don't want the security user to have full sa access.

Any ideas of what to do here?