Actually, our software runs on several networked computers and our users, which are all local (defined in /etc), are duplicated on each computer.
This is not ideal and we would rather like to have all users managed by IPA in a central place (dedicated computer as the IPA server) with our software running in IPA clients. Therefore, our software won't be able to check users' credentials using the local /etc/shadow file anymore.