you can use "Service-Type: Administrative-User" as one of the condition to match the respective policy.
can see the sample request attributes :
Jan 29 14:44:29 :124038: <INFO> |authmgr| Selected server qasecurity for method=Management; user=shabaresha, essid=<>, domain=<>, server-group=radius
Jan 29 14:44:29 :121031: <DBUG> |authmgr| |aaa| [rc_api.c:339] Radius authenticate user (shabaresha) PAP using server qasecurity
Jan 29 14:44:29 :121031: <DBUG> |authmgr| |aaa| [rc_api.c:1108] :L3 User lookup failed, skipping Aruba-Port-ID
Jan 29 14:44:29 :121031: <DBUG> |authmgr| |aaa| [rc_request.c:53] Add Request: id=140, srv=10.4.11.100, fd=74
Jan 29 14:44:29 :121031: <DBUG> |authmgr| |aaa| [rc_server.c:949] Sending radius request to qasecurity:10.4.11.100:1812 id:140,len:167
Jan 29 14:44:29 :121031: <DBUG> |authmgr| |aaa| [rc_server.c:958] NAS-IP-Address: 10.4.11.103
Jan 29 14:44:29 :121031: <DBUG> |authmgr| |aaa| [rc_server.c:958] NAS-Port-Id: 0
Jan 29 14:44:29 :121031: <DBUG> |authmgr| |aaa| [rc_server.c:958] NAS-Port-Type: 5
Jan 29 14:44:29 :121031: <DBUG> |authmgr| |aaa| [rc_server.c:958] User-Name: shabaresha
Jan 29 14:44:29 :121031: <DBUG> |authmgr| |aaa| [rc_server.c:962] Password: *****
Jan 29 14:44:29 :121031: <DBUG> |authmgr| |aaa| [rc_server.c:958] Calling-Station-Id: 10.4.11.250
Jan 29 14:44:29 :121031: <DBUG> |authmgr| |aaa| [rc_server.c:958] Called-Station-Id: 000B866D1B60
Jan 29 14:44:29 :121031: <DBUG> |authmgr| |aaa| [rc_server.c:958] Framed-IP-Address: 10.4.11.250
Jan 29 14:44:29 :121031: <DBUG> |authmgr| |aaa| [rc_server.c:958] Service-Type: Administrative-User
Jan 29 14:44:29 :121031: <DBUG> |authmgr| |aaa| [rc_server.c:958] Aruba-Essid-Name:
Jan 29 14:44:29 :121031: <DBUG> |authmgr| |aaa| [rc_server.c:958] Aruba-Location-Id: N/A
Jan 29 14:44:29 :121031: <DBUG> |authmgr| |aaa| [rc_server.c:958] Aruba-AP-Group: N/A
Jan 29 14:44:29 :121031: <DBUG> |authmgr| |aaa| [rc_server.c:958] NAS-Identifier: shabaresha
Jan 29 14:44:29 :121031: <DBUG> |authmgr| |aaa| [rc_server.c:958] Message-Auth: Yp\265\304\316\212\227\272\310u\346[pIVE
Jan 29 14:44:29 :121031: <DBUG> |authmgr| |aaa| [rc_request.c:76] Find Request: id=140, srv=10.4.11.100, fd=74
Jan 29 14:44:29 :121031: <DBUG> |authmgr| |aaa| [rc_request.c:82] Current entry: srv=10.4.11.100, fd=74