Enable this policy.
Check "Save BitLocker recovery information to Active Directory Domain Services." bitlocker in active directory
:
There are three main ways for an administrator to retrieve the keys stored in AD. Enable this policy
BitLocker in Active Directory is not glamorous. It does not stop zero-day malware or predict the next APT. It does something far more boring and far more critical: it ensures that when the worst happens—a stolen device, a failed motherboard, a corrupted boot sector—the enterprise is not locked out of its own data. a failed motherboard
Ensure the client has a clear line of sight to a Domain Controller. If the device is off-network (VPN only), the backup may fail.