Yes, the user cannot belong to the domain admin group, but this is going back 4 years, I had a user name to log on to the server with admin rights on the server, I could add a user, I could set up software deployment etc. But if there was any need to do anything related to AD then I had to log on as the domain admin.
The default login for a Windows server is admin and this is usually the domain admin, there was another user some time ago with a similar issue he overcome the problem by adding ntlm auth = yes to extra options in SMC/CIFS on the OMV server. This is like enabling SMB1