MicrosoftHi FeroG440 ,
I think you may be combining two distinct issues.
The first issue I think you are describing, is that the password is rotated for the LAPS-managed account immediately after auth when ResetDelay=0? I cannot repro that behavior.
The second issue I think you are describing is a known bug where if the password for the LAPS-managed account is older than the local device's MaximumPasswordAge policy, attempted authentication results in the pwd-must-be-changed error.
As I said, I can't repro the first issue as described. Please feel free to PM me with more details on that if I've misunderstood.
I am working on a fix for the second issue and we will be shipping that to all supported platforms relatively soon (I can't say at this time when the fix will ship).
thx,
Jay