Rotem,
I'm fairly certain that the managed computer needs to be a domain member, otherwise how could it authenticate the user attempting to remote control it? If you have a mixed environment, I think you'll need to use PCAnywhere security in addition to AD. It would probably be best to target the PCA configuration policies based on domain member or non-domain members, so there are 2 policies, one for each type of machine.