You can do that with AAA override. We do this so we can quarantine users using the same ssid. I think AAA override requires a RADIUS sever, but you might be able to configure it with the WLC user database. I've never done that. I've always used a radius server. Our radius server runs a script that determines which vlan/interface to place clients into.
Are you looking to do this for load balancing, or do segregate clients for special purposes? Because if you want to load balance, you can always to AP groups.
I have one building that has 1600 users and I wanted to use multiple vlans just to know where my users were coming from. Does that make sense? What is best practice here...one vlan for the whole building?
I'm not sure about best practicies, but we split up the network based on the number of clients. Each of our controllers gets a /21 (a bit large, but we're nat'ing everything and the WLCs have good broadcast supression). We have two controllers (i.e. one WiSM) per quadrant. We're getting close to the limit in or reshalls. We used to have a /20 for all of our wireless devices, but that got a bit problematic. In your case, using ap groups with a different interfaces would probably work well. I'd stick with sizing your vlans to whatever you're comfortable with. Assign as many vlans/interfaces to AP Groups as necessary. In our case, I feel that 2000 clients is about the max I want for a vlan. So we will grow by adding more /21 vlans. I wouldn't use a separate vlan for small buildings. I'd clump those together. It'd would be more work to maintain the ap groups list.
FWIW, we use WCS and search for the clients mac address or username to find out where they are. We group our APs by quadrant to make user reported outages easier to trend, i.e. "the north west quadrant is having dhcp issues".
Building 1 = vlan 10 (1600 clients)
Building 2 = vlan 20 (900 clients)
Everyone else = vlan 30 (~600 spread across 10 buildings)