I just came across this blog entry from Martin.
Seems that on Vista the functionality for setting ACLs on URIs for HttpListener is now included in netsh (makes sense). Netsh allows to simply specify the account name and doesn’t force you to fluently speak SDDL anymore. woohoo.
netsh http add urlacl /url=http://+:8888/MyService /user=DOMAINuser
If you are running a “legacy operating system” or want to do it programmatically, have a look at the tool I wrote some time ago…