LDAP lookups on OneFS 9

I have a Dell Isilon which I am trying to get SMB shares working on. I have AD and RedHat IdM LDAP. AD is not set to return UID or GID, instead we use IdM for that.

If I add AD as the authentication provider on the zone, and use the ISI AUTH USERS VIEW command, it returns data, albeit the UID and GID are wrong (by design)

If I remove AD and use LDAP for authentication on the zone, ISI AUTH USERS VIEW returns "User not found".

If I then run LDAPSEARCH from the CLI with the same BIND and account and password setup in the Isilon, it returns good data with the correct UID and GID from the Red Hat IdM. That makes me believe the LDAP settings are correct!

If I then add AD so both AD and LDAP are authentication providers on the Zone, ISI AUTH returns information but again its the wrong GID and UID, so I'm confident the IdM LDAP provider isnt working.

If I remove AD and leave LDAP, and run ISI_AUTH_EXPERT, it says the LDAP connection as working, but it also shows AD is working also. Even though I removed it from the Zone. If I then repeate ISI_AUTH_EXPERT several times, the AD provider is shown in the results above the LDAP provider, and sometimes below. This is despite only having LDAP as the provider for the System zone.

How do I diagnose what is going on? Are there any logs that I can look at to see what the Isilon is doing when I try to run ISI AUTH USERS VIEW