NtPrivilegeCheck - NtDoc

Native API online documentation, based on the System Informer (formerly Process Hacker) phnt headers 
#ifndef _NTSEAPI_H

/**
 * The NtPrivilegeCheck routine determines whether a specified set of privileges are enabled in the access token of a client.
 *
 * \param ClientToken Handle to the access token of the client whose privileges are to be checked. The handle must have TOKEN_QUERY access.
 * \param RequiredPrivileges Pointer to a PRIVILEGE_SET structure that specifies the set of privileges to be checked. On input, this structure contains the privileges to check.
 * \param Result Pointer to a BOOLEAN variable that receives TRUE if all specified privileges are enabled, or FALSE otherwise.
 * \return NTSTATUS Successful or errant status.
 * \sa https://learn.microsoft.com/en-us/windows/win32/api/securitybaseapi/nf-securitybaseapi-privilegecheck
 */
NTSYSCALLAPI
NTSTATUS
NTAPI
NtPrivilegeCheck(
    _In_ HANDLE ClientToken,
    _Inout_ PPRIVILEGE_SET RequiredPrivileges,
    _Out_ PBOOLEAN Result
    );

#endif

View code on GitHub
#ifndef _NTZWAPI_H

NTSYSCALLAPI
NTSTATUS
NTAPI
ZwPrivilegeCheck(
    _In_ HANDLE ClientToken,
    _Inout_ PPRIVILEGE_SET RequiredPrivileges,
    _Out_ PBOOLEAN Result
    );

#endif

View code on GitHub

This function is documented in Windows Driver Kit.

Function NtPrivilegeCheck is used to check state of any privileges in Token Object. It's also described in Microsoft SDK as PrivilegeCheck.

TokenHandle

HANDLE to Token Object opened with TOKEN_QUERY access.

RequiredPrivileges

Pointer to PRIVILEGE_SET structure contains definitions of privileges to check.

Result

Result of call - pointer to BOOLEAN value containing TRUE is all asked privileges are enabled.

Documented by

See also

Edit description on GitHub