The Discretionary Access Control List (DACL) is controlled by the owner of an object and specifies the access particular users or groups can have to that object. With RegDACL you can manage DACLs of Registry keys. If you need to manage DACLs of files or directories on an NTFS volume, you can use CACLS, which comes with NT, or the NT resource kit utility XCACLS which provides some extended functionality.
There is also a Windows 2000 version of the regDACL utility available.
RegDACL for Windows NT and W2K has one tremendous advantage, its commandline nature allows for automation. RegDACL for Windows NT also has one tremendous disadvantage - it does not work with NT running SP4. This is not a defect in RegDACL but a bug in SP4. Calling GetSecurityInfo() to retrieve a copy of the security descriptor for a registry key handle fails under SP4. See GetSecurityInfo Fails on SP4 with 87:ERROR_INVALID_PARAMETER. This is not a widely known bug in SP4 but a critical bug if you need to automate the setting of registry DACLs.