How to provide privileges to ipa-user to enroll a host in ipa-server

Issue

How do I provide access to user id so that it can enroll a new host in ipa server?
Below privileges have been provided but still it is giving error message of insufficient permission when enrolling a host.

add dns entries
add hosts
add krbprincipalname to a host
add user to default group
add users
change a user password
enroll a host
manage host keytab
manage service keytab
modify group membership
modify hosts
read dns entries
remove dns entries
unlock user accounts
update dns entries
write dns configuration

Environment

Red Hat Enterprise Linux 6
Red Hat Enterprise Linux 7
IPA 3
IPA 4

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

New to Red Hat?

Learn more about Red Hat subscriptions

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.

Log in to Your Red Hat Account

Red Hat Account

Customer Portal

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

JBoss Development and Management

JBoss Integration and Automation

Mobile

Services

Tools

Red Hat Product Security Center

Security Updates

Resources

Customer Portal Community

Customer Events

Stories