Abrennan,
Let me be sure I'm answering this right:
You want an access point to terminate on one controller, but you want the user traffic to terminate on a different controller? The second controller being the one that actually is connected to the Physical VLANs that those users need to be on?
Here's what you can do:
Create a non-routable VLAN on controller #1. Let's call it VLAN 1000. Make sure it does not exist on any trunks on that controller. Create a layer 2 GRE tunnel between controller #1 and #2 and assign that Arbitrary VLAN to the GRE tunnel on controller one:
Controller 1:
config t
interface tunnel 100
tunnel source <management ip of controller 1>
tunnel destination <management ip address of controller 2>
trusted
tunnel mode gre 0
no shut
tunnel VLAN 1000
Controller 2
Config t
interface tunnel 100
tunnel source <management ip address of controller #2>
tunnel destination <management ip address of controller#1>
trusted
tunnel mode gre 0
no shut
tunnel VLAN <Vlan number that those users should end up on on controller #2>
Run the WLAN/LAN Wizard on Controller #1 and create a WLAN for those special users and assign it to VLAN 1000.
This is more of a deterministic construct than IP mobility.
Last TIP: If the two controllers this GRE tunnel will be on are master-local and have an ipsec tunnel between them, make sure that you execute a "tunnel mtu 1100" command on each tunnel interface so that the GRE tunnel will fit into the ipsec tunnel without issue.