1. Proposed title of this feature request

>>  Support for containerize SSSD on OCP nodes
2. What is the nature and description of the request?

>> If SSSD authentication can be containerized, thus allowing it to be updated without pushing a new machineconfig or pausing mcp.

3. Why does the customer need this? (List the business requirements here)

>> 

Following are the two reasons that have been found so far which require updates to the SSSD configuration:

• Within the SSSD configuration for LDAP it needs to have the authenticating domain's certificate. The problem with this is that the domain certificate needs to be renewed every 2 years which requires an update to SSSD machineconfig.

• When there are changes that require the domain groups to be modified, this also requires the SSSD machineconfig to be changed.