Deployment check-in for a specific group would still consume a license. The purpose of the limit would be to prevent 100% license consumption due to abuse. If I set the limit to 500 of 1000 and do not see any abuse I will continue to increase the limit. If I see that abuse is taking place I will somehow have to prevent it and then delete the bogus registrations.
If I recall correctly a deleted agent takes 30 days before the license again becomes available. If 100% of licenses are consumed due to abuse and I need to add some legit registrations, I think this would get ugly.
I think the approval process would be best. This would put me in control of who consumes a license and provide a medium to reject bogus registrations before our database is updated with inventory data, etc.