You will not need to provide non-employees with credentials. You will only provide them with a URL and after following it users will be signed in automatically.
The dedicated account whose credentials will be used for logging in will have permissions only to create new user account in a certain OU. For details check step 8 of the following tutorial: http://www.adaxes.com/tutorials_Delegat ... eUsers.htm.
You can define the OU in which new users will be created in the Home Page action configuration and anonymous users will not need to select the OU manually. For details check step 3 of the following tutorial: http://www.adaxes.com/tutorials_WebInte ... #createnew.
As a solution not to provide anonymous users with credentials even in the URL, you can use Adaxes Authentication service. However, this approach will require additional programming.