I have BitLocker setup and running in my environment.
I can pull a drive out, install it in another laptop, I get the BitLocker prompt requesting the password.
The issue is here: I pull a BitLockered drive out of a computer, install it in a USB dock or enclosure, plug it in, I get no BitLocker prompts, I can access all data.
This kind of makes BitLocker useless at this point.
For my GPO I have these options enabled:
"Choose default folder for recovery password" - Network path
"Store BitLocker recovery information in Active Directory Domain Services" - Required BitLocker backup to AD DS
"Enforce drive ecnruption type on operating system drives" - Used Space Only encryption.
Community Chosen Answer
"Enforce drive encryption type on operating system drives" is the problem, that is not the OS drive when slaved in the boot drive is the OS drive
Did you also configure the GPO for Fixed data drive and removable data drives?