Surely the defacto standard for desktop linux is ubuntu?
As true as this may be, I wish it wasn't. Because running a desktop is different from running a server.
Try convincing a dev that he can't just do this or install that in an enterprise environment, like he is used to on his vm or desktop.
I've seen too much stuff break or be incompliant with security policies: wrecking authentication methods, not understanding sudo, installing unnecessary packages (the tutorial said I needed to install iptables, nevermind that the distro is using UFW), installing out-of-date packages by pinning an already ancient java version, keeping up-to-date with patches/releases or just plain installing a DHCP server (OK, those are thrown off the network pretty quickly). And if you try to reason with them or explain why they shouldn't do this they get their manager involved just to get their way. And often a security exception is drafted and approved with a little help from said management.
Don't get me wrong, I don't mind working with someone who wants to do stuff right and I'll do everything to help him or her getting to a compliant install. But usually they'll just tell us off and only come to us after they built everything and won't budge because of the endless commitment / sunk cost fallacy.