Considering everything is stored as data in the machine locally this seems to be like a Windows restriction.

No, the domain account information is merely cached on the machine. Even if you find a way to make any changes to the cache, they will not propagate from your machine to the rest of the domain – and definitely not to the domain controllers themselves. So all you get is local admin access, nothing more.

Note that merely being logged in to a user account locally is not enough to be recognized as that user by other domain servers/machines. The account's credentials (password) also have to match those known by the domain controller.

Is there is a way to bypass this? Since both hardware and local admin access there is to the machine, how can someone recover the DOMAIN admin password

It's possible to abuse the "offline login" (cached domain credentials) feature. When domain users log in, their password hash is cached along with the usual information, so that the same user will still be able to log in even if network access is unavailable. IIRC, the offline hashes are stored for two weeks, and can be extracted and cracked.

If you really need to log in locally to a domain account, the hashes can be temporarily replaced with something known. See this thread: https://security.stackexchange.com/questions/182986/replacing-cached-domain-credentials-in-security-hive. However, as already mentioned – after doing so, you will still be limited to local machine access.

can someone recover the DOMAIN admin password?

Answer : No, unless you use illegal hacking methods.

The password is not kept on the local computer as plain-text but as a hash, so you will need to enter a string that has exactly the same hash value. The hash-function used is aimed at minimizing such possible collisions, so don't even try.

The password is tested on the server, not locally, so you cannot run locally a product to brute-force the password, unless you pass through the domain server.

allow a local admin to make changes to a DOMAIN user

If you know the domain-user password, you can use the runas command for running a program under the domain user's credentials. You can then use the syntax of:

runas /netonly /user:domain\username command

The net localgroup administrators command will work to add the domain user to the local Administrators group, although you will still need the password to login. This command should only be run when the computer is connected to the network.

Note that you may do the same using Computer Management: Click Groups, right-click Administrators, click Add to Group, click Add, and in the Select Users dialog box, enter Domain\User.