LDAP的英文全称是Lightweight Directory Access Protocol，一般都简称为LDAP。它是基于X.500标准的，但是简单多了并且可以根据需要定制。与X.500不同，LDAP支持TCP/IP，这对访问Internet是必须的。LDAP的核心规范在RFC中都有定义，所有与LDAP相关的RFC都可以在LDAPman RFC网页中找到。现在LDAP技术不仅发展得很快而且也是激动人心的。在企业范围内实现LDAP可以让运行在几乎所有计算机平台上的所有的应用程序从 LDAP目录中获取信息。LDAP目录中可以存储各种类型的数据：电子邮件地址、邮件路由信息、人力资源数据、公用密匙、联系人列表，等等。通过把 LDAP目录作为系统集成中的一个重要环节，可以简化员工在企业内部查询信息的步骤，甚至连主要的数据源都可以放在任何地方。

以下是对ldap中进行连接，人员的增删改查的过程。希望对初学者有一定的帮助。

package net.risesoft.ldap;

import java.util.Enumeration;
import java.util.Hashtable;

import javax.naming.Context;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.BasicAttribute;
import javax.naming.directory.BasicAttributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import javax.naming.directory.ModificationItem;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;

public class LdapTest {
 public static void main(String[] args) {
  String account = "admin";
  String password = "1";
  String root = "o=com"; // root

  Hashtable env = new Hashtable();
  env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
  env.put(Context.PROVIDER_URL, "ldap://localhost:389/" + root);
  env.put(Context.SECURITY_AUTHENTICATION, "simple");
  env.put(Context.SECURITY_PRINCIPAL, "cn=" + account + "," + root);
  env.put(Context.SECURITY_CREDENTIALS, password);

  DirContext ctx = null;
  try {
   // 链接ldap
   ctx = new InitialDirContext(env);
   System.out.println("ldap认证成功");

   // 3.添加节点
   String newUserName = "user2";
   BasicAttributes attrsbu = new BasicAttributes();
   BasicAttribute objclassSet = new BasicAttribute("objectclass");
   objclassSet.add("person");
   objclassSet.add("top");
   objclassSet.add("organizationalPerson");
   objclassSet.add("inetOrgPerson");
   attrsbu.put(objclassSet);
   attrsbu.put("sn",   newUserName);
   attrsbu.put("uid",   newUserName);
   ctx.createSubcontext("cn=" + newUserName, attrsbu);

   // 5.修改节点
   account = "user2";
   String newDisplayName = "newDisplayName";
   ModificationItem modificationItem[] = new ModificationItem[1];
   modificationItem[0] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE, new BasicAttribute("displayName", newDisplayName));
   ctx.modifyAttributes("cn=" + account, modificationItem);

   // 查询节点
   SearchControls constraints = new SearchControls();
   constraints.setSearchScope(SearchControls.SUBTREE_SCOPE);
   // constraints.setSearchScope(SearchControls.ONELEVEL_SCOPE);
   NamingEnumeration en = ctx.search("", "cn=user2", constraints); // 查询所有用户
   while (en != null && en.hasMoreElements()) {
    Object obj = en.nextElement();
    if (obj instanceof SearchResult) {
     SearchResult si = (SearchResult) obj;
     System.out.println("name:   " + si.getName());
     Attributes attrs = si.getAttributes();
     if (attrs == null) {
      System.out.println("No   attributes");
     } else {
      for (NamingEnumeration ae = attrs.getAll(); ae.hasMoreElements();) {
       Attribute attr = (Attribute) ae.next();
       String attrId = attr.getID();

       for (Enumeration vals = attr.getAll(); vals.hasMoreElements();) {
        System.out.print(attrId + ":   ");
        Object o = vals.nextElement();
        if (o instanceof byte[])
         System.out.println();// new
               // String((byte[])o)
        else
         System.out.println(o);
       }
      }
     }
    } else {
     System.out.println(obj);
    }
    System.out.println();
   }

   // 4.删除节点
   account = "user2";
   ctx.destroySubcontext("cn=" + account);

  } catch (javax.naming.AuthenticationException e) {
   System.out.println("认证失败");
  } catch (Exception e) {
   System.out.println("认证出错：");
   e.printStackTrace();
  }

  if (ctx != null) {
   try {
    ctx.close();
   } catch (NamingException e) {
    // ignore
   }
  }
  System.exit(0);
 }
}