How to let non-admins manage selected domain groups' membership?

Solution 1:

You can specify the managedBy attribute, and check the box for "Manager can update membership list". (This grants write permission for the Member attribute.)

The person(s) who need to edit the group may be able to do it with the DSQuery widget, for which you can create the following shortcut:

rundll32 dsquery,OpenQueryWindow

They can search for the group as with AD Users and Computers, then edit the properties, and Add members.

It may be possible to do this with Outlook (if the group is mail-enabled), but that can be more fragile if you have a multiple domain environment.

Solution 2:

In Windows 10, (as well as Windows 8, I believe), you can open File Explorer, select Network from the left navigation pane, select the Network Tab that appears in the ribbon at the top of the window, then choose the Search Active Directory option. A user should then be able to search for an AD group that it has permissions to update and add/remove members.