All of us in our office are running Windows 7 machines attached to an AD domain. If one of us attempts to use VNC or RDP to connect to another worker's machine it will not permit us to log in using our own credentials. However, I can RDP my work machine (through VPN) from home as I'm logging into my work machine using the same credentials I would be using if I were actually sitting at the machine. It would seem, therefore, that the machine is quite happy to allow RDP so long as it can compare the login credentials with my cached AD login on the machine but is not prepared to accept a colleague's login name and password - not accepting authentication from our AD system. Everything I've read so far re RDP on Windows 7 suggests adding the user to the machine's administrator group - which is strange as WinXP is quite happy to use AD authentication when RDPing/VNCing. It seems that the only way to RDP/VNC a Windows 7 machine is to have previously logged onto it as an admininstrator or have an administrator account that everyone knows the password for. Neither of those scenarios is practical, however, as soon we will be rolling out Windows 7 to in excess of 2000 machines and we will be expected to be able to RDP and VNC every single one of them. Does anyone know any setting/tweak that enables/forces Windows 7 to accept AD authentication for RDP/VNC connections? Thanks in advance.