Office 2016 is going to be trickyā¦ the newest versions of Office are typically poorly supported in WINE. If you can opt for 2013 or 2010, that would be easier. If you could run Office 365, that is another option. All within the MS family. If you are willing to step out of the MS family, then LibreOffice is the obvious recommendation for the traditional approach. Another possibility would be your own G suite, possibly colocated on your own hardware. Last I checked, that is an option.
Google Chrome is not an issue on pretty much any desktop Linux distribution that Iām aware of, but definitely is easy on Ubuntu, Fedora, CentOS, etc. as Google provides deb and rpm repositories natively.
AD integration is possible with SSSD. You have a few options - you can potentially integrate directly with your AD server, or you could set up FreeIPA to mirror parts of your AD forest. The advantage with FreeIPA is that it may offer you some knobs that direct AD doesnāt, like managing SSH keys in addition to, say, user smartcard keys. SSSD also handles Kerberos.
Encryption is totally possible with LUKS, should be easy to set up. This is a distro-agnostic approach, so long as the distro has the integration done - and all the ones you would be looking at do.
I unfortunately donāt know about GPOs, as I have not yet attempted to use them in my environment as our Linux workstation policy is still āin betaā and everyone who joins up sets themselves up, and weāre maintaining a wiki of everything we need to do to make it work. We are just starting to centralize, package our configs into debs/rpms, etc. and look into these sorts of concerns.
Anyway, that all boils down to: Ubuntu LTS, CentOS/SUSE/RHEL/Scientific Linux, or Fedora. Ultimately the reason to pick one over the other boils down to update style and frequency. If you have a technical user base, you might choose Fedora. If you have a completely non-technical user base, an EL family (i.e. aggressively stable) option. And if you have a blend, perhaps Ubuntu LTS.
Whatever your choice you will also want to run a caching proxy for packages / updates, and the strategy is different between deb- and rpm- based distros - but it can be done regardless of your choice.
When you ask for āleast amount of configuration,ā do you mean on your part or on the part of the potential end user for whom you are provisioning the workstation?