Document required delegated AD rights for user joining computer to domain

The documentation does not state what delegated rights must be granted to the specified username that is used to join the computer to the domain (including the creation of the computer object in the specified OU, establishing machine password, etc).

Please document what rights must be delegated to the username used to join the domain. The project should assume that the user will not have full domain admin rights in the AD domain.

The rights required for net join (realm join --membership-software=samba) seem to be less than the rights required for adcli join (realm join --membership-software=adcli).

Also filed the following bugzilla report: https://bugzilla.redhat.com/show_bug.cgi?id=1852080