While I don't disagree with the gist of your idea (it can be cheaper in-house), I believe you're underestimating the ongoing support cost. At 10k users, it will become a part time support position to manage the solution, handle credential resets, write and update documentation, handle all client side problems, maintain ongoing ad / account integration and browser plugins, deal with any security certification required for services in your corp, comply with backup/data retention rules, etc.

You're saying $500/mth, but my response would be: this is half a full time IT support position and it needs a secondary + on-call cover.