Hi James,
I believe using relations and permissions should be a better route. Each subsite has a user group. So you may modify the registration code... or maybe it already works now.
But the basic principle is to add a user with a relationship with the subsite group. I do this via a DB api membership_rel__new(group_id, user_id). Then set the permissions properly if need setup the context_ids. I believe the RC1 openacs 4.5 now has working admin pages in /admin/groups so you may want to try that route first before doing the DB api that I have suggested.
Related threads:
https://openacs.org/bboard/q-and-a-fetch-msg.tcl?msg_id=0004UZ
https://openacs.org/bboard/q-and-a-fetch-msg.tcl?msg_id=0004tX&topic_id=OpenACS&topic=11