So, I’m still working for IDMWorks, and I recently put out a three-part series on SSSD, how it works, and some things to consider if you decide to implement it.
Part 1 goes into what centralized authentication is
https://www.idmworks.com/centralized-authentication-in-linux-sssd-and-a-simpler-approach-to-sudoer-management-in-linux-part-1/
Part 2 talks about why SSSD is overtaking older solutions in the Linux Space:
https://www.idmworks.com/centralized-authentication-in-linux-sssd-and-a-simpler-approach-to-sudoer-management-in-linux-part-2/
Part 3 talks about the two real ways to deal with sudoer privileges in Linux when using SSSD:
https://www.idmworks.com/centralized-authentication-in-linux-sssd-and-a-simpler-approach-to-sudoer-management-in-linux-part-3/