I can't test your specific scenario, as we deliberately removed Domain Admin accounts from having any access to our vSphere environment for hardened security.
There's a couple of things, firstly you have to enable AD accounts to have SSH access in the first place, which William Lam covers in his blog posts here. However i can't determine if that will allow you to run the cmsso util or not, or whether that requires the SSO Administrator account. Best way is to try it.
https://williamlam.com/2017/10/enabling-shell-access-for-active-directory-users-via-ssh-to-vcenter-s...
When you say you don't have the SSO Administrator password, is that because it has been lost, or you just don't have access to it? If you've lost the password, but you can still login as root, you can reset the SSO administrator password via the guide shown below
https://kb.vmware.com/s/article/2146224
HTH
_____________________________________________
If this post helps you, please leave Kudo | or mark this reply as an answer
