First, think about whether you need this dump
To break (even if a little) the policy of "we save on everything except Gelik Gender" you need time and patience:
First: we breed bureaucracy, fix all user problems, computer replacements, the number of trips to users per week per person, we especially note security problems - how long it took to clean the computer of manager Vasya from the virus that he picked up, what risks may arise if manager Petya opens a letter from "uncle Mnglui" from South Africa.
How long was the warehouse computer idle while you removed pornography from the computer of the storekeeper Innokenty.
How many liters of tea were drunk while talking with the accountant Tanya, while they showed how to print on a new printer , etc.
This, in fact, is the work of the head of the IT department, but at the same time - the money of the business, because it is the business that pays you your salary (for which you hold on for some reason)
Second: self-education. I would not advise you, unlike other respondents, on shitty computers (they won’t buy a server) to raise such key infrastructure things as a domain controller (be it on Linux or windows) or any central server in general - however, their rise, configuration and, Subsequently, the repair will add both experience and value to you professionally and give you a chance to leave this house of pain later.
As quick solutions:
- put a remote control agent on each machine - it will help to run less between them
- standardize the software and how to install it (let it be at least cmd scripts, don't care - as long as you don't sit and wait for the next wizard window with the "NEXT" button while it blunts something there
- in general, figure out how to minimize all the running around to engage in self-education and improve the situation qualitatively, not quantitatively

as I understand it ... in my situation, only a rake and pain

...
ps I thought I was writing a comment!!! .. but ..
in general, what can I say - start learning how to build domains under Linux controllers ...
pss at least raise the price of your qualification, and there will be a chance to get out of this hell ;)) )

I can recommend LanHelper: little, little, but there are opportunities in it.
Advanced Security Level/Advanced Security Net Level look, it may be useful to switch Windows settings.
And RDTabs for multi-window RDP, here.

www.manageengine.com/products/desktop-central/inde ...

The only thing that is done more or less well in AD is the centralized administration of user accounts. Everything else is done in such a way that it would not be better. I am writing this as a ~6500 windows PC network admin without a domain. The network, however, is not a typical office one - live users do not work on most computers, but specific software functions 24/7. Therefore, there is no problem with storing and maintaining the current user base.
Everything is driven through Powershell Remoting. Statistics on computers are collected daily and reduced to a single database. WSUS is also deployed to centralize updates. KES is also deployed, with its own group policy counterpart, but other people rule it.
At first we tried to monitor and steer through Zabbix - Powershell turned out to be more convenient for us.
You can try Ansible, but it drives Windows machines again through Powershell Remoting.
In short, start learning Powershell (if not already), a good start would be to write a script for remote activation on all Powershell Remoting wards via PSExec :)

PowerShell + WinRM. The main end-to-end authorization and authentication through ntlm.
Also Windows Admin Center (transport - WinRM)

Savings on seeds ... There is money for 500 PCs, but not for a domain controller? You explain to the authorities that in order to support all this, you need to hire more people. And what is cheaper? Every month to pay a specialist (maybe not even one) who will do monkey work and run around all PCs or automate, put up servers for ad, sccm, and so on?
puppet works more or less normally on Windows, but it's a pain to set up and troubleshoot. Especially if the software list is large. You will encounter such artifacts that you never dreamed of. In my experience. On the other hand, with the knowledge of puppet, you can go to the office, where they most likely pay more.