LDAP的英文全稱是Lightweight Directory Access Protocol，一般都簡稱為LDAP。它是基于X.500標準的，但是簡單多了并且可以根據需要定制。與X.500不同，LDAP支持TCP/IP，這對訪問Internet是必須的。LDAP的核心規范在RFC中都有定義，所有與LDAP相關的RFC都可以在LDAPman RFC網頁中找到。現在LDAP技術不僅發展得很快而且也是激動人心的。在企業范圍內實現LDAP可以讓運行在幾乎所有計算機平臺上的所有的應用程序從 LDAP目錄中獲取信息。LDAP目錄中可以存儲各種類型的數據：電子郵件地址、郵件路由信息、人力資源數據、公用密匙、聯系人列表，等等。通過把 LDAP目錄作為系統集成中的一個重要環節，可以簡化員工在企業內部查詢信息的步驟，甚至連主要的數據源都可以放在任何地方。

以下是對ldap中進行連接，人員的增刪改查的過程。希望對初學者有一定的幫助。

package net.risesoft.ldap;

import java.util.Enumeration;
import java.util.Hashtable;

import javax.naming.Context;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.BasicAttribute;
import javax.naming.directory.BasicAttributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.ModificationItem;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;

public class LdapTest {
 public static void main(String[] args) {
  String account = "admin";
  String password = "1";
  String root = "o=com"; // root

  Hashtable env = new Hashtable();
  env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
  env.put(Context.PROVIDER_URL, "ldap://localhost:389/" + root);
  env.put(Context.SECURITY_AUTHENTICATION, "simple");
  env.put(Context.SECURITY_PRINCIPAL, "cn=" + account + "," + root);
  env.put(Context.SECURITY_CREDENTIALS, password);

  DirContext ctx = null;
  try {
   // 鏈接ldap
   ctx = new InitialDirContext(env);
   System.out.println("ldap認證成功");

   // 3.添加節點
   String newUserName = "user2";
   BasicAttributes attrsbu = new BasicAttributes();
   BasicAttribute objclassSet = new BasicAttribute("objectclass");
   objclassSet.add("person");
   objclassSet.add("top");
   objclassSet.add("organizationalPerson");
   objclassSet.add("inetOrgPerson");
   attrsbu.put(objclassSet);
   attrsbu.put("sn",   newUserName);
   attrsbu.put("uid",   newUserName);
   ctx.createSubcontext("cn=" + newUserName, attrsbu);

   // 5.修改節點
   account = "user2";
   String newDisplayName = "newDisplayName";
   ModificationItem modificationItem[] = new ModificationItem[1];
   modificationItem[0] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute("displayName", newDisplayName));
   ctx.modifyAttributes("cn=" + account, modificationItem);

   // 查詢節點
   SearchControls constraints = new SearchControls();
   constraints.setSearchScope(SearchControls.SUBTREE_SCOPE);
   // constraints.setSearchScope(SearchControls.ONELEVEL_SCOPE);
   NamingEnumeration en = ctx.search("", "cn=user2", constraints); // 查詢所有用戶
   while (en != null && en.hasMoreElements()) {
    Object obj = en.nextElement();
    if (obj instanceof SearchResult) {
     SearchResult si = (SearchResult) obj;
     System.out.println("name:   " + si.getName());
     Attributes attrs = si.getAttributes();
     if (attrs == null) {
      System.out.println("No   attributes");
     } else {
      for (NamingEnumeration ae = attrs.getAll(); ae.hasMoreElements();) {
       Attribute attr = (Attribute) ae.next();
       String attrId = attr.getID();

       for (Enumeration vals = attr.getAll(); vals.hasMoreElements();) {
        System.out.print(attrId + ":   ");
        Object o = vals.nextElement();
        if (o instanceof byte[])
         System.out.println();// new
               // String((byte[])o)
        else
         System.out.println(o);
       }
      }
     }
    } else {
     System.out.println(obj);
    }
    System.out.println();
   }

   // 4.刪除節點
   account = "user2";
   ctx.destroySubcontext("cn=" + account);

  } catch (javax.naming.AuthenticationException e) {
   System.out.println("認證失敗");
  } catch (Exception e) {
   System.out.println("認證出錯：");
   e.printStackTrace();
  }

  if (ctx != null) {
   try {
    ctx.close();
   } catch (NamingException e) {
    // ignore
   }
  }
  System.exit(0);
 }
}