Thanks,
We talk about a single nesting level so it is likely a bug.
The true is that 'id -a' always shows a correct information so this is more like a nuisance rather than a bug affecting production.
Also sss_cache -g G does not help, but restarting sssd & delete cache does help.
Hard to replicate so just a FYI that is happens.