Active Directory, create user just for adding computers to the domain

Solution 1:

Ordinarily, each and every Active Directory user can add up to 10 computer accounts to a domain, without the need to be a domain administrator; however, this behavior can be customized by domain policies, thus it might not be your case; and even if it was, you'd run into a problem as soon as the same user account needs to be used to add an 11th computer.

The proper way to go is to grant to this user account the special permission "Create Computer Objects" on the "Computers" container in Active Directory (where new computers are added by default), and/or on any other OU where new computers could be added (although is a bit more difficult to add them somewhere in the directory outside the default "Computers" container).

https://technet.microsoft.com/en-us/library/cc780195(v=ws.10).aspx

Solution 2:

Sure, create your account, don't join it to any groups and put it somewhere in AD where it won't get any rights assigned by group policy. By default authenticated users can join computers to the domain, if this has been changed, you'll need to make sure your account is granted the Add workstations to the domain right via group policy. This is in Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment. You can also do it by giving the account permissions on the OU where you want the computer placed. To do that grant the account the Create Computer objects permission on the OU you want it to use.