This I a post about using a normal Ad user only member od Domain Users to Domain Join a Device doing OSD.
First create a user called CM_DJ:
Remember to set the:
“User cannot change password” and “Password never expires”
Now you are ready to Delegat control by using the Wizard in “Active Directory Users and Computers”
Start by creating a OU for your devices
Start the Delegate Control Wizard
Click Next
Click Add
Find the user you just created
Create a custom task to delegate
Select “only the following objects in the folder” – Computer objects
Select the properties as shown in the picture
Click finish
Now you can use the CM_DJ user to domain to your OU from MDT or SCCM
Mobile-First Cloud-First 