(though Linux does have non-stock application deployment packages available, like Puppet, that partially fill that last point).
You're kidding right? In addition to Puppet, which is a relative newcomer, there has been Satellite (http://www.redhat.com/products/enterprise-linux/satellite/) and Landscape (http://www.ubuntu.com/management/landscape-features) among others (Suse has one too). Where do you think the distros make their money? Now you may have meant there is no free application deployment and management software, but last time I checked Windows Server was definitely not free. If you need free, though, you can roll some scripts fairly easily, wrapping things like Kickstart with custom repositories (yum or apt) and services like Cobbler or Spacewalk (which Satellite is based off of), rsync, cron jobs, and ssh (for remote execution).
Linux AD-via-Samba quite simply doesn't even come close for the convenience of centralized GP maintenance,
I don't know what you are trying to say here. Why would you manage linux machines with a Samba domain? If you want the same functionality as AD on linux, FreeIPA is the most mature project, and it can integrate with AD via cross-realm trusts in the latest version. So you can manage a mixed Windows/Linux environment with the same core infrastructure. If instead you meant Samba as an AD domain controller for Windows, Samba4 is (mostly, 95%) a drop-in replacement for Windows Server. There are a few features missing, but you can provision and manage an AD domain via Samba with ease.