How can I allow an ordinary user to add a computer to a domain

To allow an ordinary user, or group, to add a computer to a domain, you can use either of the following:

• Assign rights using the Default Domain Group policy.
• Delegate rights using Active Directory Users and Computers.

Assign rights using the Default Domain Group policy:

1. Open the Default Domain Group policy.

2. Navigate through Computer Configuration / Windows Settings / Security Settings / Local Policies / User Rights Assignment.

3. Expand User Rights Assignment.

4. Double-click Add workstations to Domain.

5. Check the Define these policy settings box.

6. Press the Add User or Group button.

7. Complete the dialog to add the user or group.

8. Press Apply and OK.

Delegate rights using Active Directory Users and Computers:

1. Open the Active Directory Users and Computers snap-in.

2. Right-click the container under which you want the computers added, and press Delegate Control.

3. Press Next.

4. Press Add.

5. After adding all the users and/or groups, press Next.

6. Select Create custom task to delegate and press Next.

7. Select Only the following objects in the folder, check Computer objects, check the Create selected objects in this folder box, and press Next.

8. Check the Create all child object box and press Next.

9. Press Finish.

http://www.windowsitpro.com/article/jsifaq/jsi-tip-8144-how-can-i-allow-an-ordinary-user-to-add-a-computer-to-a-domain-.aspx