trying to configure single sign-on

I'm following a Windows integration guide for Red Hat 7, to set up single sign-on , and hit the wall trying to add the workstation to active directory.

#kinit admin@AD
password:...
# net ads join -k
Failed to join domain: failed to connect to AD: Cannot read password

What is the issue ?

Smart card reader seems to work ok, with only issue:

 Couldn't verify Cert: Peer's Certificate issuer is not recognized.

kerberos looks ok.

SSSD fails with

Failed to read keytab [default]: No such file or directory.

I assume it fails because my workstation is not attached to AD

What I'm missing?