We’ve discovered an issue with the BitLocker Key rotation feature in Intune on recently updated Windows 10 devices. When you configure a Windows 10 device version 1909 to support rotation of the BitLocker recovery key, you can select that particular device in the console and enable the “BitLocker Key rotation” remote action.
However, there is a Windows bug with devices that were recently upgraded from version 1903 to version 1909, where this remote action cannot be enabled. The action fails and you will see an error message in the console.
We are in the process of investigating a fix for this issue and we’ll update this post when the fix is live. More information on key rotation is available here: Rotate BitLocker recovery keys.
Blog post updates:
4/16/20: Engineering is continuing to investigate this issue. Though we don't have an ETA to share at this time, stay tuned for more information as we look into this!
7/9/20: The Windows team had rolled out a fix for this issue as part of the KB4532695 update. If you have devices that are still impacted post update, please open a new support request via the Help and support blade or any of the methods here: aka.ms/IntuneSupport.