Add the user to the local administrations group OR delegate
specific services to that user perhaps with a GPO.

You can do this using the "System Services" part of a GPO.

If you open up GPO you can see under: Computer Configuration -> System
Services. These will all say "Not Defined" under both the Startup and
Permission columns. If the service on the target system isn't listed you
will have to edit the policy from the system where it is installed in order
to see it.

To grant a user the right to start and stop a particular service then you
must double click on it and define the Startup type. You can't delegate the
permissions without doing this (odd, I agree). If you click OK now, without
clicking on "Edit Security" you will now see that the setting reflected in
the Startup column while the Permission column will still say "Not Defined"

Go in again and click on "Edit Security". As you will see, one of the
permissions here is "Start, stop pause". This is how you do it.

Now a word of warning. When you click on "Edit Security" the entries here
*don't* reflect the current permission settings on that particular service.

For example using the "Security Configuration and Analysis" MMC snap-in I
can see that the following permissions are set on the "Application
Management" service:

Authenticated Users: Special
Administrators: Full Control
Users: Special
INTERACTIVE: Special

These permission include the ability for users logged on Interactively to
start the service.

If you open this same service under a GPO and click Edit Security then click
OK, without making any changes, these entries will *replace* the default
settings rendering users unable to install GPO assigned or published
applications.

So, to cut a long story short, make sure you include the default permissions
for built-in services in your policy in addition to the users whom you want
to grant the rights to.

HTH.

Cheers,
Jeremy