Server 2025 - GPUpdate triggers immediate LAPS reset

Hi JaySimmons
Apologies for the delayed response, I've been on holiday the last week or so and so was away from everything.
I hadn't seen your response before I found a workaround for this issue. I found that by temporarily adding a "PostAuthenticationResetDelay" registry key in HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\LAPS\Config with a value of 1 it prevented the LAPS reset being triggered immediately upon a GPUpdate being performed (Essentially putting a 1 hour delay on the reset of the password). Once our deployment processes are complete our automation then deletes the key to restore the original configuration.

I did manually take a look at the LAPS event logs when I was initially troubleshooting and the only thing that stood out was a notification that policies had changed and so it was triggering a LAPS password reset. The issue is that this notification was happening with every single GPUpdate, even when there had not been any changes to policy. All I can think is that perhaps there's some incompatibility with our Group policies and Server 2025 that is causing the policies to fail being applied, meaning that the system is seeing changes every time.