Sorry if this turns into a discussion rather than a question. We currently have 600 PC's spread across 50 locations. Our main application is an electronic medical records system and it's really self contained. There was never a need to use any other application other than our in-house software. Recently, there has been an increased need for file and printer sharing and application sharing. I'm sharing everything out now using bat scipts (that obviously expose a username and password) and whenever I need to add printers, I find myself walking to each PC and adding them. On an annual basis, I'm finding myself traveling around the State of New York to update the PC's, one office at a time.
I know that AD will increase my security and concentrate things to my main location, but I can't just walk into my bosses office for a licensing quote for 600 PC's either. Also, because my group manages physicians offiices, there is a lot of turnover. Managing usernames and passwords to each PC be very difficult with our limited staff. We do currently have 3 Windows 2003 servers, none running AD. I've done some searching but it's difficult to get other professional advice on a webpage. Although comments on this subject do not necessarily answer a question, I will do my best to spread points out.