quite a few places assume the ipa server is running on the same machine as ovirt and fail if that isn't the case.
place one: /usr/bin/ovirt-add-host should use ipa-addservice and ipa-getkeytab instead if kadmin.local
place two: /etc/httpd/conf.d/ovirt-server.conf references /etc/httpd/conf/ipa.keytab for the HTTP/$(hostname) service, which doesn't exist without local ipa server.
place three: /usr/sbin/ovirt-server-install assumes ovirtadmin user exists already in kerberos/ldap, which is only the case when using the appliance with local ipa.
place four: ovirt-server/src/host-browser/host-browser.rb This one is tricky, since background service will need IPA admin privileges in order to be able to create keytab for the new Node
also in host-browser.rb: Node keytabs are stored as /usr/share/ipa/html/<Node IP>-libvirt.tab
Joey, assigning to you since you posted related patch: https://www.redhat.com/archives/ovirt-devel/2009-May/msg00033.html
the following patches have been posted to ovirt-devel and are awaiting ack's [PATCH server] update ovirt-add-host to use ipa commands instead of kadmin.local [PATCH server] separate ipa common tasks freeipa::common and rename ipa_server_install to ipa_install [PATCH server] add server-side groundwork for remote freeipa server [PATCH server] update host-browser to use ipa commands rather than kadmin [PATCH server] last patch to implement remote freeipa