Fordward

Either they haven't set it up right, i.e. Next, Next, Next, Finish, and they are just using a server admin account for everything, or they don't understand it enough themselves to give you access, without knowing what security impact that has on other customers, so they are scared to give you access, or it could just be a case of computer says no and they are being awkward.

If you are going to multi-tenant a SQL box then you should set up separate instances, unless its multi-tenant at the app level (i.e. a SaaS service) and the customer should never need access to the underlying DB.

Ask them the direct question.... Are we on our own our own SQL instance? If they say no start asking more difficult questions like "How do you secure and separate our data from other tenants?"

Are they ISO27001 accredited? If so they should have implemented RBAC and they shouldn't be using a generic admin account, otherwise they aren't compliant.