Author: Alex Schlecht 

For some functions you need to get the right privileges on a Windows NT machine. 
(e.g: To shut down or restart windows with ExitWindowsEx or to change the system 
time) 

Answer:

The following code provides a procedure to adjust the privileges. The 
AdjustTokenPrivileges() function enables or disables privileges in the specified 
access token. 
1   
2   // NT Defined Privileges from winnt.h
3   
4   const
5     SE_CREATE_TOKEN_NAME = 'SeCreateTokenPrivilege';
6     SE_ASSIGNPRIMARYTOKEN_NAME = 'SeAssignPrimaryTokenPrivilege';
7     SE_LOCK_MEMORY_NAME = 'SeLockMemoryPrivilege';
8     SE_INCREASE_QUOTA_NAME = 'SeIncreaseQuotaPrivilege';
9     SE_UNSOLICITED_INPUT_NAME = 'SeUnsolicitedInputPrivilege';
10    SE_MACHINE_ACCOUNT_NAME = 'SeMachineAccountPrivilege';
11    SE_TCB_NAME = 'SeTcbPrivilege';
12    SE_SECURITY_NAME = 'SeSecurityPrivilege';
13    SE_TAKE_OWNERSHIP_NAME = 'SeTakeOwnershipPrivilege';
14    SE_LOAD_DRIVER_NAME = 'SeLoadDriverPrivilege';
15    SE_SYSTEM_PROFILE_NAME = 'SeSystemProfilePrivilege';
16    SE_SYSTEMTIME_NAME = 'SeSystemtimePrivilege';
17    SE_PROF_SINGLE_PROCESS_NAME = 'SeProfileSingleProcessPrivilege';
18    SE_INC_BASE_PRIORITY_NAME = 'SeIncreaseBasePriorityPrivilege';
19    SE_CREATE_PAGEFILE_NAME = 'SeCreatePagefilePrivilege';
20    SE_CREATE_PERMANENT_NAME = 'SeCreatePermanentPrivilege';
21    SE_BACKUP_NAME = 'SeBackupPrivilege';
22    SE_RESTORE_NAME = 'SeRestorePrivilege';
23    SE_SHUTDOWN_NAME = 'SeShutdownPrivilege';
24    SE_DEBUG_NAME = 'SeDebugPrivilege';
25    SE_AUDIT_NAME = 'SeAuditPrivilege';
26    SE_SYSTEM_ENVIRONMENT_NAME = 'SeSystemEnvironmentPrivilege';
27    SE_CHANGE_NOTIFY_NAME = 'SeChangeNotifyPrivilege';
28    SE_REMOTE_SHUTDOWN_NAME = 'SeRemoteShutdownPrivilege';
29    SE_UNDOCK_NAME = 'SeUndockPrivilege';
30    SE_SYNC_AGENT_NAME = 'SeSyncAgentPrivilege';
31    SE_ENABLE_DELEGATION_NAME = 'SeEnableDelegationPrivilege';
32    SE_MANAGE_VOLUME_NAME = 'SeManageVolumePrivilege';
33  
34    // Enables or disables privileges depending on the bEnabled value
35  
36  function NTSetPrivilege(sPrivilege: string; bEnabled: Boolean): Boolean;
37  var
38    hToken: THandle;
39    TokenPriv: TOKEN_PRIVILEGES;
40    PrevTokenPriv: TOKEN_PRIVILEGES;
41    ReturnLength: Cardinal;
42  begin
43    Result := True;
44    // Only for Windows NT/2000/XP and later.
45    if not (Win32Platform = VER_PLATFORM_WIN32_NT) then
46      Exit;
47    Result := False;
48  
49    // obtain the processes token
50    if OpenProcessToken(GetCurrentProcess(),
51      TOKEN_ADJUST_PRIVILEGES or TOKEN_QUERY, hToken) then
52    begin
53      try
54        // Get the locally unique identifier (LUID) .
55        if LookupPrivilegeValue(nil, PChar(sPrivilege),
56          TokenPriv.Privileges[0].Luid) then
57        begin
58          TokenPriv.PrivilegeCount := 1; // one privilege to set
59  
60          case bEnabled of
61            True: TokenPriv.Privileges[0].Attributes := SE_PRIVILEGE_ENABLED;
62            False: TokenPriv.Privileges[0].Attributes := 0;
63          end;
64  
65          ReturnLength := 0; // replaces a var parameter
66          PrevTokenPriv := TokenPriv;
67  
68          // enable or disable the privilege
69  
70          AdjustTokenPrivileges(hToken, False, TokenPriv, SizeOf(PrevTokenPriv),
71            PrevTokenPriv, ReturnLength);
72        end;
73      finally
74        CloseHandle(hToken);
75      end;
76    end;
77    // test the return value of AdjustTokenPrivileges.
78    Result := GetLastError = ERROR_SUCCESS;
79    if not Result then
80      raise Exception.Create(SysErrorMessage(GetLastError));
81  end;