Why is the encrypted data in the sm.registry different for each policy server? For example, they connect to the same directories using the same username/password combination. But the registry entries are different for the passwords.

ANY

If the value was visibly the same, that would mean you could potentially derive the true password value by generating and comparing hash values. That is the difference between encoding a value and encrypting a value.

Encoding a value always generates the same output. With encryption, salt(random data) is added before the encryption process to ensure the end values are never the same.