- Login to IM with a user. If user does not exist at all. Create the user in IM
- User does exist in IM but does not include all the object classes from Directory.xml. You will need to fix user objects in user store.
The AD Auth user must exist in the IM user store with all the IM user store objectclasses.
IM can not manage two different types of users.
Run your valid query again in the IM userstore and AD user store. They must to exist on both.