We could not upgrade the Domain to 2016 Functionality due to 2012R2 DC Being on the Domain https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/active-directory-functional-levels

LAPS password encryption is required but the Active Directory domain is not yet at 2016 domain functional level. The password was not updated and no changes will be made until this is corrected.
 
 See https://go.microsoft.com/fwlink/?linkid=2220550 for more information.

LAPS failed to update Active Directory with the new password. The current password has not been modified.
 
 Error code: 0x800721D1
 
 See https://go.microsoft.com/fwlink/?linkid=2220550 for more information.

Disabling Encryption in the GPO Fixed this