at the moment this is not possible from what I can see ...
The "User based policies" apply as you mentioned correctly only to Users / Groups that can be queried from the Active Directory ...
However it seems to be a feature that we possibly should have a look at ...
Please feel free to submit a FMR for this: https://secure.nai.com/apps/downloads/products/product.asp
Yes it is possible.
Create your custom policy.
Create your tag.
Run Tag Criteria.
Under 'Systems with tag:' section, click # systems with tag.
Click 'Select all in this page' or 'Select all in all pages'.
Click Assign Policy button.