"BitLocker couldn't contact the Domain" error during activation (Non-Domain system)

I get the error in the title when trying to activate BitLocker on my non-domain joined, Windows 11 Pro workstation (fully patched). I've researched the issue and most threads suggest changing Group Policy; however, both "Store Bitlocker Recovery to Active Directory Domain Services" and "Configure use of Passwords for Removable Data Drives" policies are disabled. The workstation should meet BitLocker system requirements and has TPM 2.0. It should be noted that the system has been hardened, but I don't see any other policies in BitLocker Drive Encryption that would cause it to reach out to a domain controller. Any help would be greatly appreciated.

Edit: Changing the "Choose how Bitlocker-protected operating system drives can be recovered" policy fixed the initial issue. It was trying to store Bitlocker recovery info to an AD. However, now the error message reads "There are conflicting settings for recovery options...When a recovery password is required backup to active directory should be turned on or the user should be required to save the recovery password." I assume this is a specific policy that needs disabling or enabling.

dcan said:

Windows 11 Pro workstation (fully patched).

Click to expand...

What do you mean by “Fully Patched”

I had this same issue, are you using a second hand device by any chance? What the issue was for me was that despite being factory reset, at some point in the devices lifecycle it was enrolled in an MDM solution, in this case Intune + Windows Autopilot. Even though the device was deleted from Intune, the sysadmin at the company who previously owned the device did not disable it on windows autopilot. Reach out to whoever you purchased it from with the serial number and ask them to remove it from their autopilot enrollment list