I have a MiniRedirector filesystem driver, with a kernel module and a multithreaded userspace daemon doing the real work. Which privileges listed in https://learn.microsoft.com/en-us/windows/win32/secauthz/privilege-constants must be enabled so each thread can impersonate the user which initiated a filesystem required (open, read, write etc)?