Hi Jon,

Thanks for the quick reply. I agree it's pretty clear that the LK user needs CRUD and some kind of higher permissions for upgrades and CLR install. My point is that for some time the LabKey recommendation to clients, at least unofficial (though pretty commonplace), has been to give that user sysadmin permission. While effective, this is sort of the lazy answer. As a client, I am asking whether a) you have internally generated anything more specific than your reply, or b) asking that you consider adding better and more specific guidelines to your SQLServer install documentation. SQLServer permissions are not trivial and some kind of reference to generate a best-practice user would be valuable. Many institutions are taking security much more seriously, and it would be useful if LK made it easier to narrow those permissions.

Thanks,
Ben