User objects cannot be created in the specified container



Hi,

I am using ActiveDirectoryProvider to authenticate users (AD). If I
point my provider to the root of AD every thing works fine.

If I point the provider to a CN which has a group of users under a
nested container under root I am getting the following error.

Root --> OU1--> OU12--> CN

My connection is pointing to the CN.


"User objects cannot be created in the specified container"

I tried reflect over the AD provider and found that the provider is
failing at the following method,

DirectoryAttribute objectClass =
response.Entries[0].Attributes["objectClass"];
if (!this.ContainerIsSuperiorOfUser(objectClass))
{
throw new
ProviderException(SR.GetString("ADMembership_Container_not_superior"));
}
Is there a problem with configuration of AD?

Thanks,
chand

.