Sunny,
It sounds like you may need to update your Live AD lookup script for other protocols / products.
The message/file/machine you are monitoring needs to provide an attribute that is then submitted to AD to lookup additional information about that user. If the message does not provide information about the user (e.g., Telnet transmissions) or the information provided about the user does not exist in AD, then an automated lookup is not possible.
For example, in our environment we capture the email sender as input to the lookup for SMTP and the file owner as the input for LAN files (detected during a data at rest scan). Our lookup script defines what the input varilable is based on the type of incident.