Rodrigo,
We only have the single sssd.conf, and it's - afaik - created by the process of joining the domain.
To the best of my knowledge this is how it is meant to be managed.
Other notes:
- I kept my sssd.conf in a git repo'd ansible playbook until I realised that the sssd.conf was being built on the fly, then I stopped. It hasn't caused any issues.
- I have kept one copy in the repo for DR
- I did have a couple of other copies - where I had set log levels higher or had a dev network set up. Dev network see 1, higher log levels are only on two machines for debug purposes
ie - you can, but it's not really necessary for my systems.
If you install SSSD first, and then join the network, I'm not 100% sure what happens to your sssd.conf.
Cheers
L.