User objects cannot be created in the specified container


I am using ActiveDirectoryProvider to authenticate users (AD). If I
point my provider to the root of AD every thing works fine.

If I point the provider to a CN which has a group of users under a
nested container under root I am getting the following error.

Root --> OU1--> OU12--> CN

My connection is pointing to the CN.

"User objects cannot be created in the specified container"

I tried reflect over the AD provider and found that the provider is
failing at the following method,

DirectoryAttribute objectClass =
if (!this.ContainerIsSuperiorOfUser(objectClass))
throw new
Is there a problem with configuration of AD?