I have SSSD auth semi-working on an Arch system.  When it's working, I can auth against Active Directory,  SSH logins work, GDM logins work, sudo works, id <user> returns full group information, getent seems to work as expected, polkit appears to work correctly inside og Gnome..everything seems great.  Untill approx ~10 - ~20 minutes passes, and then SSSD seems to stop authenticating.  id <username> returns only the ID, primary group, and a single other group membership, although correct for the information it does return.  getent passwd <username> seems to work.  getent group <groupname> returns all the users in the group, even though id doesn't list extended group information anymore.  Polkit and SSH stop working.  Even users not previously checked return information in the same shortened way -- uid, primary gid, and one extended gid.  GDM no longer allows logins.  The SSSD process seems to be running ok.  Stopping and restarting the SSSD service, and even rebooting doesn't change anything at this point.