So... title says most of it.
VPN clients are connecting using Cisco VPN Client 5.X and are leasing DHCP addresses; they are receiving the proper DNS server, WINS server, and IP config... though not a proper gateway... but that's not needed anyways.
When I try to join a domain I get the DNS error about not finding a domain controller.
Any ideas? Has this to do with the split tunnel (i.e. it's using the local DNS server info instead of the VPN DNS server info? NSLOOKUP gives strange results about non-existant domain and default servers not being available.