In the Windows / Active Directory world what is a privilege, and how does that differ from permissions?

Concerning Active Directory, a privilege is "what you can do" such as impersonate a client after authentication or concerning Windows itself Change the system time.

A permission is an access control applied to objects such as the file system, registry, and Active Directory objects like groups and users. The Access Control Lists grant users and/or groups the ability perform various operations on the object. For example, an object such as a Folder has an Access Control List for users to Read the contents of the folder, but not to Edit or Delete.

To show the difference between the two: A Folder may have the permission denying Admins Read and Write access to the folder, leaving Admins unable to access the Folder. However, since Admins have the user right (privilege) Take ownership of files or other objects, the Admin can simply take ownership of the Folder, then change the Folder's ACL to give Administrators Read and Write permissions of the Folder.

A privilege (or user right) governs what you can do (logon interactively, logon remotely, etc.).

A permission governs what you can access (files, folders, objects, etc.).

These are the privileges. You already know what permissions are.

If you think about it , there isn't a distinct line between them tho. "Allow log on locally" is a privilege , but, when you add a user there, you're just giving them permission to log on to that computer. Again, you can say that permissions are given on resources, but, "computer" is also a resource in my example above.

Instead of trying to understand what they are called, you should learn the list of privileges from the web page I linked above. That is the whole list and that will help you solve your problems.