Different management policies for Intranet and Extranet

Question

Hello all, 
 I have the below case and i need your help on if it is possible and if yes how. 
 Can i have 2 management policies with the same user scope and when a user login from the internet to run management policy 1 and when he is inside the company's network to run management policy 2. This way i can have to completely different policies independent from each other. 
 I know that i can build a custom activity and with scripting i can say that if the user came from an ip 192.168.xxx.xxx then don't show the captcha and if he came from 10.2.xxx.xxx show the captcha. 
 But i would like to have two separate management policies in order to have two Q&A policies that can be completely different. 
 Is that possible? 
 Thank you.

Aidar.Karabalaev · Accepted Answer

Scenario: different Password Management workflows based on IP subnet (access from intranet vs. internet) makes perfect sense. 
#1. I don’t think current PM can do it. Supported scenario: end-user can belong to only to a single Password Management Workflow (say, member of either AD\PM_Allow_1 or AD\PM_Allow_2 group, but not both at once). It includes the *same* list of Q&A questions. 
#2. Potential and ugly workaround: split two independent deployments for intranet and internet: PM01 (comment attribute for Q&A storage) and PM02 (extentionAttribute10 for Q&A) with different encryption keys. End-user must support two separate Q&A profiles. (just and idea) 
#3. Definitely it will be great to have single PM deployment with single encryption key which will add *additional* Q&A02 profile if end-user accesses DMZ\PM02 from internet to an existing default Intranet\PM01 Q&A01 profile. (I recommend to submit a feature request via support)