diff --git a/src/main/python/aws_federation_proxy/provider/base_provider.py b/src/main/python/aws_federation_proxy/provider/base_provider.py
index 28cab0c..0bf1c8a 100644
--- a/src/main/python/aws_federation_proxy/provider/base_provider.py
+++ b/src/main/python/aws_federation_proxy/provider/base_provider.py
@@ -65,22 +65,26 @@ def get_accounts_and_roles(self):
         groups = self.get_group_list()
         accounts_and_roles = {}
         for group in groups:
-            match = re.search(self.regex, group)
-            if match:
-                account = match.group('account')
-                role = match.group('role')
-                reason = 'user is in group "%s" which matches regexp "%s"' % (
-                    group, self.regex)
-                self.logger.debug(
-                    'User "%s" may access account "%s", role "%s" because %s.',
-                    self.user, role, account, reason)
-                if account in accounts_and_roles:
-                    accounts_and_roles[account].add((role, reason))
-                else:
-                    accounts_and_roles[account] = set([(role, reason)])
-            else:
-                self.logger.debug('Group "%s" did not match regex "%s"',
-                                  group, self.regex)
+            try:
+				match = re.search(self.regex, group)
+				if match:
+					account = match.group('account')
+					role = match.group('role')
+					reason = 'user is in group "%s" which matches regexp "%s"' % (
+						group, self.regex)
+					self.logger.debug(
+						'User "%s" may access account "%s", role "%s" because %s.',
+						self.user, role, account, reason)
+					if account in accounts_and_roles:
+						accounts_and_roles[account].add((role, reason))
+					else:
+						accounts_and_roles[account] = set([(role, reason)])
+				else:
+					self.logger.debug('Group "%s" did not match regex "%s"',
+									  group, self.regex)
+            except Exception as exc:
+                logging.debug("Error base_provider.ProviderByGroups.get_accounts_and_roles.group: %r" % group)
+                pass
         return accounts_and_roles
 
 
diff --git a/src/main/python/aws_federation_proxy/provider/sssd_provider.py b/src/main/python/aws_federation_proxy/provider/sssd_provider.py
new file mode 100644
index 0000000..f06dc25
--- /dev/null
+++ b/src/main/python/aws_federation_proxy/provider/sssd_provider.py
@@ -0,0 +1,12 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+
+from aws_federation_proxy.provider import ProviderByGroups
+
+import pysss
+
+class Provider(ProviderByGroups):
+    """Uses the pysss module to retrieve group information from SSSD"""
+
+    def get_group_list(self):
+        return pysss.getgrouplist(self.user)