Microsoftharrys80 ,
Based on the data you've presented, I would guess that you have some automation in your environment that is regularly retrieving the password and performing an authentication to the managed device, which is then triggering a now+24 hours post-authentication-action-initiated password reset.
The PAA feature is actually on-by-default, so you have to explicitly disable it in order to keep this from happening. You can do that by setting the grace period to zero (0) hours. Please try that?
Alternatively, if it is unexpected that any authentication of the LAPS-managed account is happening, you might want to investigate why what is happening.
Please PM if you have further questions - I am going to close this issue out since it's more of a support issue than a feature request.
thanks,
Jay