I'm trying to determine whether a user (the one running the script, with or without run as) has certain user rights policies applied. Since secedit /analyze refers only to the actual setting and ignores privilege propagation by group membership, it is useless in this case.
I'm referring to these privileges: SeTcbPrivilege SeIncreaseQuotaPrivilege
I don't know about SeTcbPrivilege, but look at this article abut how you can determine whether a user has the SeIncreaseQuotaPrivilege privilege. Basically it talks about how you can use Showpriv.exe from the Windows 2000 Server resource kit
Alternatively to scripting, you can get user rights report as well as many other security reports with Quest's reporter.
We use this tool in our company for security compliance reporting and discovery users privileges.