Windows – Audit policy being overwritten by “something”

I'm installing vendor software which requires account auditing to be enabled on our DCs. The problem is Audit Policy is not being pushed. Checking secpol.msc shows Windows Settings->Security Settings->Local Policies->Audit Policy as "no auditing". I can not get this to unstick no matter what I do. I've tried:

• Setting the policy at the Default Domain Controllers level. Currently RSOP is showing this as the winning GPO with Success\Failure correctly being set. On the DC however secpol.msc is showing “no auditing” with greyed out options.
• We removed the policy from both default domain and defauly domain controlers policy. This allowed us to manipulate the policies locally in secpol.msc. These policies get reverted back to “no auditing” when running a GPUPDATE.
• We tried setting this at the default domain controllers policy, default domain policy, and a combination of these.
• We tried disabling "Force Audit Policy" in Windows Settings->Security Settings->Local Policies->Security Options in a variety of places.

There should be no other policies taking precedence and as stated RSOP shows the default domain controllers policy as winning.

I'm normally a Linux administrator and I am at a loss with this. Any help would be appreciated