Basically these are the two type of rules - system and user based:
System based can use either tag or a System Tree location/group while user based apply either to specific tag applied, tree location or the user who is currently logged on a machine in System Tree. Assignment rule takes precedence over ordinary applied policies to a machine or a group.
If you need to force a specific user to use token or password, you just create such UBP and in the criteria point that user/group/membership:
User based criterias
In case above information was useful or answered your question, please select "Accept as Solution" in my reply, or give a Kudo. Thanks! Nino
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.
Community Help Hub
New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.