Your approach may be the best.
No, you can not have two login pages for a single application. That is configured at the application level. If you can somehow identify the users by either a start page (maybe a link to your app from an internal website), IP address (specific or a range if your have a segmented network) or some other means, then you could determine what login page they will see.
Also, you could use the same login page for the functionality by just change the text the user sees as needed.
If you expect people to bookmark the page, you might consider dropping a cookie that identifies them for future visits. You could set a precedence that there always need to be a cookie identifying the user's department in order for the login page to show the login. If the login page doesn't find a cookie, it could first prompt the user to select their department. Then your set the cookie and show the login. Department specific landing pages could do this automatically so they needn't be prompted.