using CF Server 5 - Win2K Adv Server - Exchange 2000

trying to add a record to active directory via web form.
error isSA is unwilling to perform
my code:
CFldap
SERVER="ip address of server"
PORT="3268"
USERNAME="#username#"
PASSWORD="#password#"
ACTION="add"
ATTRIBUTES="user=#form.user#;sAMAccountName=#form.user#"
DN="DC=#thisdomain#,DC=com"

i've tried different variations on this code. this is where i left off 3 months ago and now am back at it.
subquestion is what is the absolute minimum info AD needs to allow addition of record?
if you have the answer or suggestion, please do it step by step. thanks