We are using the Anyconnect client 3.0.5080. I installed just the AnyConnect client and the Start Before Logon so I had the option to connect before logging in to the network before logon for users that had issues with their passwords.
I downloaded the Anyconnect Profile Editor and used the VPN module to create a Profile.xml and store it in "C:\ProgramData\Cisco\Cisco AnyConnect Secure Mobility Client\Profile" and now I am able to get the "Switch User" prompt and use that to get AnyConnect to make a VPN connection first, however I still have to then logon to Windows and the Domain.
Is there a way like there was for the built in PPTP client in Windows so when I connect with the AnyConnect it just uses those credentials and logs me into Windows (AD)?
Here is the Profile.xml
<?xml version="1.0" encoding="UTF-8"?>
<AnyConnectProfile xmlns="
http://schemas.xmlsoap.org/encoding/
" xmlns:xsi="
http://www.w3.org/2001/XMLSchema-instance
" xsi:schemaLocation="
http://schemas.xmlsoap.org/encoding/
AnyConnectProfile.xsd">
<ClientInitialization>
<UseStartBeforeLogon UserControllable="true">true</UseStartBeforeLogon>
<AutomaticCertSelection UserControllable="true">true</AutomaticCertSelection>
<ShowPreConnectMessage>false</ShowPreConnectMessage>
<CertificateStore>All</CertificateStore>
<CertificateStoreOverride>false</CertificateStoreOverride>
<ProxySettings>Native</ProxySettings>
<AllowLocalProxyConnections>false</AllowLocalProxyConnections>
<AuthenticationTimeout>12</AuthenticationTimeout>
<AutoConnectOnStart UserControllable="true">false</AutoConnectOnStart>
<MinimizeOnConnect UserControllable="true">true</MinimizeOnConnect>
<LocalLanAccess UserControllable="true">false</LocalLanAccess>
<ClearSmartcardPin UserControllable="true">true</ClearSmartcardPin>
<AutoReconnect UserControllable="false">true
<AutoReconnectBehavior UserControllable="false">DisconnectOnSuspend</AutoReconnectBehavior>
</AutoReconnect>
<AutoUpdate UserControllable="false">true</AutoUpdate>
<RSASecurIDIntegration UserControllable="false">Automatic</RSASecurIDIntegration>
<WindowsLogonEnforcement>SingleLocalLogon</WindowsLogonEnforcement>
<WindowsVPNEstablishment>LocalUsersOnly</WindowsVPNEstablishment>
<AutomaticVPNPolicy>false</AutomaticVPNPolicy>
<PPPExclusion UserControllable="false">Automatic
<PPPExclusionServerIP UserControllable="false"></PPPExclusionServerIP>
</PPPExclusion>
<EnableScripting UserControllable="false">false</EnableScripting>
<EnableAutomaticServerSelection UserControllable="true">false
<AutoServerSelectionImprovement></AutoServerSelectionImprovement>
<AutoServerSelectionSuspendTime></AutoServerSelectionSuspendTime>
</EnableAutomaticServerSelection>
<RetainVpnOnLogoff>false
</RetainVpnOnLogoff>
</ClientInitialization>
</AnyConnectProfile>