Egh, Active Directory is just LDAP with Kerberos and some proprietary crap thrown on top to make in hard to interoperate with other OS's. The group policy tree is just a centralized registry management system. So, no you're wrong. It isn't as plug and play, but a LDAP setup with single sign on via kerberos and a puppet system to manage the config files (Linux does not use a registry) thrown together with a custom package repository (the SUS equivalent) and you're good to go.
However, where Microsoft wins out is that that isn't easy to roll out. MS has the marketing and the 5 clicks that lets a "manager / phb" install MS server and call themselves admins. The bottom 2/3rds of the Microsoft install base, at the server level, mostly don't know what they're doing and really don't understand the underlying tech of what AD is. Once you start rolling out large Fortune 500 style install bases you really do need to know your stuff and most admins at this level probably could do a Linux / UNIX / OS X setup of the same scale with a little work and reading. However, the end users / managers don't want this since they've been rather well indoctrinated by the MS marketing team.
Personally, I like to sum this up by stating that with MS it's very easy to turn the key and go from 0-40MPH, but to make it all the way to 60MPH it gets difficult and the hood of your car is welded shut. The Linux's and BSD's of the world make you learn how the engine works first, but once you've got it figured out you still make it to 60MPH before MS does.