SEPM 14.0 and above connected to a SQL database
the public server role requires the following securables under "servers":
View any database
Alter any login
These permissions will automatically be added after DB creation.
The "Alter any Login" securable is required to allow a password reset of the "REPORTER_DBNAME" account during a SEPM reconfigure from a SQL Authentication set-up to a Windows Authentication set-up.
It was necessary to add this access as SQL Server doesn't support to grant alter just one specified user to a role.