Why is the Password Manager Password Policy not being enforced? (103152)

After installing Password Manager and adding in a custom password policy why is it not being enforced in Active Directory (AD)?

The most common causes preventing password policy enforcement:

1. Incorrect configuration
2. Change Auditor Defect ID 617933 which impacts versions 6.7 and 6.8 when the Password Policy Manager (PPM) component is installed on the Windows 2012 R2 Domain Controller along with Change Auditor. This defect blocks PPM component from being loaded in Windows.

Please verify the following items are configured to enforce Password Policy:

1. The additional software component Password Policy Manager (PPM) is installed on every DC. 
2. Ensure the PPM version matches the installed version of Password Manager server.
3. Confirm the managed domain is listed with the Admin site.
4. Confirm the designated policy settings/Rules have been configured.
5. Confirm that the policy scope has been correctly configured. A security group is required as well as the Organizational unit.
6. Confirm the Group being used is a Security group type. Distribution groups are not currently supported.
7.  Is there a Microsoft Fine grained policy in the Domain?  If so, then it will take priority over all other Password Policies.  For more information on Microsoft Windows fine grained polices, please see the following:
   https://technet.microsoft.com/en-us/library/cc770394%28v=ws.10%29.aspx
8. Ensure Change Auditor components are at least version 6.9.x. There is a known defect that affects Change Auditor versions 6.7 and 6.8. Defect ID 617933.
9. If Password Manager Policy logs are enabled, you may see an error in the log such as this:
   1900-01-01 00:00:00:001 FLT>>> PasswFlt.cpp(697)[492:1076]: init(): initPpmEngine(): hRes: :80070677, s_bCreateFromDll: 1

For full details on installation and configuration, please refer to the Password Manager Admin Guide.