well, it turns out that it was a kerberos problem.
I noticed this message in the client :
The Kerberos client received a KRB_AP_ERR_MODIFIED error from the front-end-name$ server. The target name used was HTTP / skype01.domain.com. This indicates that the target server failed to decrypt the ticket provided by the client. This may occur when the target primary server name (SPN) is registered to a different account than the one used by the target service. Ensure that the target SPN is registered only on the account used by the server. This error can also occur if the target service account password differs from what is configured on the Kerberos Key Distribution Center for this target service. Ensure that the service on the server and Kerberos Key Distribution Center are both configured to use the same password. If the server name is not complete, and the target domain (DOMAIN.COM) differs from the client domain (DOMAIN.COM), check if there are server accounts with the same name in both domains, or use the full name to identify the server.
searching for this error, I found that there was a powershell command to test kerberos account assignment (Test-CsKerberosAccountAssignment).
It returned this error :
The Kerberos configuration on front-end.domain.com is invalid. The expected assigned account is domain.com\lynckerbacct. Ensure that the account has not expired, and the configured password on the machine matches the Active Directory password of the account.
I launched the command Set-CsKerberosAccountPassword -UserAccount domain.com\lynckerbacct and after that, no more error with Test-CsKerberosAccountAssignment and the Lync 2013 client was able to log on without problem.
Best Response confirmed by
lprotti (Occasional Contributor)