GPO to back up Bitlocker recovery passwords in AD for fixed data disks breaks Sophos encryption
Working with Sophos support, we've found that device encryption will not encrypt a Windows 10 fixed data disk when there's a group policy configured to back up the recovery password to Active Directory. This appears to be hard-coded in Sophos. This configuration works fine for OS disks, just not fixed data disks. We'd like to be able to back up recovery passwords for fixed data disks in Active Directory as well.