I am working on a project like yours now. And agree that nDepth is more complex then it needs to be, at first, it takes time to understand why things are setup they way they are. My biggest grip is not being able to use filters I create in monitor in nDepth and the other way around, PINA.
The LEM is only going to report on data that comes in via the logs thus is a user does not login nothing for the LEM to see. The way you find older accounts is via logs from other systems that are doing scans of AD and reporting on it. For example one of the Identity and Access Manager connectors can be setup to log this data which the LEM can act on. Also you could create a powershell script that runs on a schedule and reports to the event log, the LEM could then act on this data. If you are really creative might be able to do something with SNMP.
Tony