Discretionary Access Control List (DACL)

DACL, or Discretionary Access Control List, is an internal list attached to an object in Active Directory that specifies which users and groups can access the object and what kinds of operations they can perform.