Sooo, uh, yeah, there are some tasks from DS that will not work in a policy because of how they're processed.
When a DS task with an "@" token in it (e.g. @Compname) is run, it is NOT evaluated at the server, and it is NOT evaluated at the client. It is evaluated by the DS Task Server Handler DLL on the Site Server.
So, when you run these in a policy, sure the SMP sees it, and the client sees it, but since it doesn't go THROUGH the task server, the tokens are not populated and the tasks fail.
<sigh>
Like the KB mentioned indicates, this is, indeed, a rather complex fix to make work and is a feature request.
Why do I sigh? Because in many cases we would prefer if post deployment tasks were run via policy - OH - but WAIT - you can't.
<double-sigh>