[SSSD-users] SSSD-AD GPO integration | general question

Hello, I was using previously sssd to authenticate my user using id_provider = LDAP and it works great. Now that my samba 4 DC is configured and that the GPO can finally be used, I reconfigured sssd with realmd to be able to use sssd-ad to centralize the authentification for some services via the GPO. SSSD was configured automatically by realm as expected and the server is registrer in the appropriate OU as define in /etc/realmd.conf in my DC. I can also successfully retrieve my users/group info with getent and id. Following the example presented here https://fedorahosted.org/sssd/wiki/DesignDocs/ActiveDirectoryGPOIntegration, I notice that when I try to authenticate a user with SSH I can see errors relative to the retrieve of the GPO http://pastebin.com/6wzXUrCr Here is my sssd,confconfiguration: [sssd] config_file_version = 2 services = nss, pam domains = hq.mydc.com [nss] # Ensure that certain users are not authenticated from network accounts filter_users = root,lightdm,nslcd,dnsmasq,dbus,avahi,avahi-autoipd,backup,beagleindex,bin,daemon,games,gdm,gnats,haldaemon,hplip,irc,ivman,klog,libuuid,list,lp,mail,man,messagebus,mysql,news,ntp,openldap,polkituser,proxy,pulse,puppet,saned,sshd,sync,sys,syslog,uucp,vde2-net,www-data filter_groups = root [pam] [domain/hq.mydc.com] <----------------------- this part was generated automatically debug_level = 9 ad_domain = hq.mydc.com krb5_realm = HQ.mydc.COM realmd_tags = manages-system joined-with-samba cache_credentials = True id_provider = ad krb5_store_password_if_offline = True default_shell = /bin/bash ldap_id_mapping = True use_fully_qualified_names = True fallback_homedir = /home/%d/%u access_provider = ad Does sssd need to mount/access to the sysvol folder somehow ? Did I missed something in the configuration of sssd ? Looking forward for some help ,thanks by advance.