This is a direct result of Citrix not working on anything other than windows, and being pushed so heavily among corporate leadership. Citrix (last time i deployed is few years ago) required being deployed on winblows, then as a security measure presents certain windows desktop icons (and associated programs) to users based upon the citrix (can be assocaited with AD roles) role. Those users are presented with a windows style desktop, that contains access to the items they were granted by role or specifically. It started as a lazy version of app sec management, that became a problem to get out of. I am forced into a W11 (Work provided) laptop, but all I need is to connect to our vpn, to be part of our network, and open my ssh client (I use mobaxterm) to get to my servers. Which I am allowed to have a "management server" in. Justified by what if my laptop crashes... do we want to be out of everything I do, while we wait on a new laptop? So i get a VM I use for everything.