I use the following cfldap tag to search for a user for AD authentication and
return of values. I want to be able to search from the AD root rather than
from the users dn. we have a students dn and I want to include students in the
search. However, when I remove the cn=users fromt he START attribute, I get an
error which says the entry is wrong or I don't have perms to search. Can
someone suggest a solution? Thanks!!

<CFLDAP
SERVER="xxx.xxx.xxx.xxx"
NAME="lookupUser"
ACTION="QUERY"
START="cn=users,dc=towson,dc=edu"
filter="(samAccountName=#form.username#)"
SCOPE="subtree"
attributes="*"
USERNAME="#form.username#@towson.edu"
PASSWORD="#form.password#">

When I use START="dc=towson,dc=edu" or START="O=Towson University" I get the
following.

ERROR:
Message is: An error has occured while trying to execute query :[LDAP: error
code 1 - 000020D6: SvcErr: DSID-031006C5, problem 5012 (DIR_ERROR), data 0

Detail is: One or more of the required attributes may be missing/incorrect or
you do not have permissions to execute this operation on the server