You can't use client VPN to authenticate from the login screen. The Microsoft Client doesn't allow VPN connections that use PAP to authenticate to do this, and PAP is the only option available to us. What you *might* be able to do is use the command line rasdial.exe to initiate the VPN and run that from a provisioning script (right after creating the VPN might be a good time). You could use a hardcoded username/password used only for doing the AD join.
... View more
