How does Retain get the user list from Exchange.
Retain will do an LDAP lookup with the ApplicationImpersonation user in Active Directory on the first available user object and read its properties. It is looking for the homeMDB property and its value. If autodiscover finds the autodiscover server but cannot find the user's mailbox, login to Active Directory as the impersonation account using an LDAP browser and see if you can read the user's properties, especially the homeMDB value.
CN=Mailbox Database 0766879867, CN=Databases, CN=Exchange Administrative Group (FYDIBOHF23SPDLT), CN=Administrative Groups, CN=gwava, CN=Microsoft Exchange, CN=Services, CN=Configuration, DC=ad, DC=gwava, DC=net
From there Retain will query the homeMDBBL property which has the full user list available to the ApplicationImpersonal user.