You asked for anecdotes. I have an anecdote.
A while back, I was trying to set up a Sharepoint server that exposed users' personal pages to the Internet at large. We wanted to allow authenticated access, but not to require it; that is to say, normal users would have read-only access and additionally the ability to submit InfoPath form data to Sharepoint libraries created to receive the results. The users could thus post public information and create public surveys using Infopath web forms.
When I went to make access public, I ran into a few problems. The "unauthenticated users" option on the preferences page of the document library was greyed out, even when I was logged in with a super-admin account.
In the end, I had to do a little bit of URL hacking to make this work. I had to change "DOC" to "DOCLIST" in the URL I used to access the preferences page (not that exactly, but something like that) and then the "everyone" option became available. In other words, there was actually no official way to do what I was trying to do.
The whole thing left a really sour taste in my mouth about Sharepoint for Internet-facing sites. See also things like this. Sharepoint is really designed for Intranet use only. As an additional downside, it is much more resource-hungry than normal CMSen. A full Sharepoint install can, without a single user, choke a pretty powerful virtual machine. I can't comment on its scalability as I've never done a really large rollout, but I can say that the indexing service is pretty heavy on the CPU.
Seems to me that LDAP would be a better way to store information on users; if you're using Sharepoint, you've probably already got an AD infrastructure. AD stores user profile info in LDAP anyhow - what you see in "Active Directory Users and Computers" is just a glorified LDAP browser.