Seth,
I tested it with just the local DB and that worked. The VPE is basically a Logon page, AD Auth object, followed by the Session Variable, then the LocalDB. It appears in the APM session logs that the field3 from the Logon Page (4 digit pin) is not changing from the session.logon.last.token to session.logon.last.password. I get the session variable 'session.logon.page.errorcode' set to '1000'. I think the issue is in the Session Variable object. Funny that just yesterday, I had to use this but set the username and password from here. The username I had to use text and the password was a return {xxxxxx}.
thanks, Kyle