As someone who's done AD integration for things as basic as Slackware Linux, I can safely say that I hate Mac integration. Yes, there's UNIX underneath, so it's possible to build an AD login (if you have expensive software or buy Mac servers to do that "golden triangle" junk with OpenDirectory, etc.). But the faffing just shows that they are actively avoiding any enterprise tools. They obviously just DO NOT want people managing Mac servers in a mixed environment.
DeployStudio is fabulous but mainly because it can be coaxed into pushing out Mac/Windows bootcamp images and people can choose what they want to use. Otherwise, everything appears to be a bodge. Locking down proxy settings is a faff without extra bolt-on tools. Keychain junk still appears if you do certain things and users can't avoid it. And mapping drives etc. - though there's nothing stopping you mapping an SMB share, it's again a faff and some things refuse to play ball with it like it's normal storage ("libraries" spring to mind).
Every time I have a dealing with Apple, I just realise that they absolutely do not care about enterprise or educational use of their machines. You bought you, you fix it. There are no decent tools, no integration, nothing. As said, if you have an entirely Apple setup, it's okay, but that's not the reality of most places except, possibly, Apple Inc. And they actively go out of their way to make things different, difficult and unsupported and they don't care that they do that.
I see no reason to support a manufacturer who behaves like that. And I'll be damned if I'm going to pay $100 a seat to a third-party on top of the Apple tax just to get some usable integration on the basics. I don't do that on Windows, I certainly am not going to do it for Apple.
This stuff isn't built for business, stop pretending it is. If someone wants it, tell them fine but it's unsupported and they are on their own. I'll look again if/when Apple bother to release some kind of enterprise-friendly tools themselves, but to my mind that will only happen when they are in their death knell anyway, so probably not even then.
The only people I see use Macs actually have stupendously low requirements and expectations of their machines. They buy it because it's flash, it's fancy, etc. and that they heard that music/graphics are done on Mac. You know what, I've not seen ANYTHING on Mac that's not possible with much less expense and the same or less effort on Windows. And stupid stuff abounds - you can't put the servers in a KVM arrangement because they sometimes require a Mac keyboard to even boot (think I'm joking? Wait until it crashes!). They can't even play ball with the simplest of USB sharing/switching devices.
I hate them. I hate them, I hate them, I hate them.
Sure I'll manage them, it's my job. But, I hate them. However, I will be going to my boss at the end of the year and showing him some stats from the managed network we have (which includes MDM and client software) - I want to see just how much they are used, how many programs are run on them, etc. And then I'm going to dual-boot them with Windows and keep stats on how many people use which OS. And then I'm going to recommend that we sell them off and just buy two rooms of PC's for every room of Macs we have.