Set-ADAccountPassword issues after password reset

I found a wonderful script that allows me to bulk reset users passwords using the set-adaccountpassword cmdlet.  The passwords change just fine but then when I set the user accounts to force a password change even if they are following the complexity requirements of our password policy they still cannot change their password.

I have even tested this out on a user account that wasn't changed by the cmdlet and it works fine, so it's following the password policy like it should.  I am assuming that the cmdlet changes some ad attributes on the user account but for the life of me can't fine which ones it changes.

I even went as far as to change our password policy so that it was more relaxed, turn off password memory and changed the number of required characters, and I amd still having the same issue.

The password that I used is an 8 character complex password and works for any other users that were not changed by the cmdlet.

Here is the script that I used, it's modified script that I found online possibly even in this forum: 

# import the AD module
if (-not (Get-Module ActiveDirectory)){     
 Import-Module ActiveDirectory -ErrorAction Stop
}   
# set new default password 
$password = ConvertTo-SecureString -AsPlainText "aaa4123!" -Force    
# get list of account names (1 per line) 
$list = Get-Content -Path c:\users\users.txt
# loop through the list 

ForEach ($u in $list) {       
 if ( -not (Get-ADUser -LDAPFilter "(sAMAccountName=$u)")) {          
  Write-Host "Can't find $u"
 }     
 else {
  $user = Get-ADUser -Identity $u        
  $user | Set-ADAccountPassword -NewPassword $password -Reset        
  $user | Set-AdUser -ChangePasswordAtLogon $false       
  Write-Host "changed password for $u"    
 } 

Here is the password policy that I am using:

Any help on the would be great.