Check for SeImpersonatePrivilege or SeAssignPrimaryTokenPrivilege if enabled through whoami /priv or whoami /all

Requirement

Exploit

Reference