Would be an interesting experiment as it looks like IdM integrates with Kerberos. Might depend on whether or not the IdM LDAP schema requires any extensions and what it expects for cert managment (as in could you import the cert). If you decide to give it a go, let us know what luck you have with it.