Logging for the Password Policy Manager (PPM) can be enabled in order to further troubleshoot password reset/policy and PPM problems.
To enable Password Policy Manager (PPM) logging output:
1. If it does not already exist, create the key below in the local registry of one of the affected DCs:
For versions 5.6.x and 5.7.0:
For version 5.7.1:
HKEY_LOCAL_MACHINE\Software\One Identity\Password Manager\Logging
2. Then create the following string values (REG_SZ) respectively:
a) LogFolder and set the “Value data” to C:\ (You can specify any location/folder, but the folder needs to be created beforehand)
b) LogLevel and set the “Value data” to All
2. Restart the DC (Domain Controller)
3. Reproduce the experienced issue
NOTE: See attached screenshot for reference.