LocalAccountTOkenFilterPolicy and MS Security Guide GPO

I am able to connect to my Windows 2016 system that is based of the AWS STIG AMI up until it reboots. I have narrowed it down to the setting for “LocalAccountTOkenFilterPolicy” which is set by default. Even if I change this setting to “1” or Disabled it still gets reset back to “0” or Enabled on reboot. Is there anyway to fix this?