I was struggling recently with how to get cfldap to work against Active Directory and eventualy found the solution so I thought I would post it here for anyone that has any issues, and hopefully you wont spend so much time tearing your hair out like me!
The code is below, change the params to the values on your systems and you are off. You dont really need to know how AD is set up with your organisation, as cfldap sets up the search on a subtree basis, i.e. search start level and all levels below it.
Be careful with dcStart, if your domain is domain.com set it to be DC=domain,DC=com