Hello,
It seems like you’re having an issue with Bitlocker recovery keys not being backed up in Azure AD or Intune. Below are some steps you could try to check:
Check the Device Configuration: If the encryption profile was successfully applied, it must be listed under the Device configuration. You can check this on the Intune or Azure portal by navigating to Devices > All devices > (Select the affected device) > Device Configuration.
Check the user who enrolled the device: The BitLocker key is stored in the profile of the user who enrolled the device in Azure AD. Make sure that you’re checking the correct user profile.
Ensure device Compliance: Another potential issue could be that the device is not compliant. Hence, the configuration may not have been applied successfully. Check the compliance status of the device on the Intune portal.
Verify your BitLocker settings: In the endpoint protection profile settings, make sure to set “Save BitLocker recovery information to AD DS” to “Require”. Also, confirm that the “BitLocker base settings” include “OS drive recovery” set to “Require”.
Update/Re-enroll the device: Sometimes, the issue could be due to the device enrollment process. You may want to try removing the device from Azure AD and Intune, then re-enroll it.
Check if the keys are backed up in Azure AD: Go to the Azure portal > Azure Active Directory > Devices > All devices > (select your device). Under the ‘Device’ section, the BitLocker key should be listed.
Best Regards,
Hania Lian
============================================
If the Answer is helpful, please click "Accept Answer" and upvote it.