how can i give rights to some users to install software on member server without being power users?

For creating users;

Create an Organizational Unit (OU) in Active Directory User and Computers --> Assign the users or groups to the OU as desired --> Right-click the OU and choose Delegate Control --> select the desired check boxes --> Click Next, then Finish.

Those users will now be able to perform the tasks that you selected, such as creating users and computer accounts.

I completely misread your question but my answer still applies to creating computer accounts and joining machines to domains.

As far as installing patches and software on member servers, I believe that the user will have to have local administrative rights. Local admin rights will not allow users to perform domain-level tasks, only tasks on the member server that the user has been granted administrative control. The user could create local users on the member server, but they would not be domain-wide.

On the member server, right-click My Computer | Manage | Local Users and Groups | Right-Click Users | Select New User.
Once the user is created go to Groups | Administrators | Add | Type in the name of the user that was created | Click OK a couple of times and your are finished.

my biggest concern is that i want them to have rights to run updates and patches and install software on member servers only (not domain controllers)

Thank you Mad_Jasper.