If you looking to add the mobile profile to the account over VPN, I was able to do it by the following steps.
Connect to VPN
Join the machine to the domain
Enable Create mobile account at login (located under Directory Utility)
Use the below script to create a domain account for the user a. This will put the user account on the computer (leave the single quotes):
sudo /System/Library/CoreServices/ManagedClient.app/Contents/Resources/createmobileaccount -a $adminUsername -U $'adminPassword' -n $USERNAME b. This will cache the user's password so you can log in with them:
dscacheutil -q user -a name $USERNAME
I found the instructions in this article: https://www.jamf.com/jamf-nation/discussions/35250/how-to-offline-add-a-domain-user-to-a-mac
Resurrecting this thread. Has anyone found a way to get this to work? Ideally, I would like the AnyConnect VPN gui window to popup at the login screen on a Mac. Allowing the user the ability to establish a VPN connection before logging into the Mac. @c.kay referenced that we might be able to use a launch daemon to do this workflow, however, I have no experience with creating launch daemons. Thoughts?