If you encounter the error ‘The Group Policy settings for BitLocker startup options are in conflict and cannot be applied’ while setting up BitLocker in Windows 11, this article is intended to help you fix this issue. This error occurs due to Group Policy or registry changes made related to BitLocker, for example, Using BitLocker PIN at the startup is disabled by default in Windows, if you want to enable the BitLocker PIN, you have to configure the BitLocker Policy settings, then if you try to enable BitLocker then you may receive this kind of error. This article will guide you to fix The Group Policy Settings for BitLocker startup options are in conflict.
Fix The Group Policy Settings for BitLocker startup options are in conflict:
Once you encounter this issue you’ll receive the following full error message,
The Group Policy settings for BitLocker startup options are in conflict and cannot be applied. Contact your system administrator for more information.
To resolve this error, you have to verify each Local Group Policy and Windows Registry settings regarding BitLocker, if any policy or registry settings were enabled or disabled, you have to make those settings default.
Verify Group Policy Settings:
As I mentioned above this error occurs due to the Policy conflict, If any Group Policy or Registry settings related to BitLocker is enabled, then while enabling a BitLocker you may receive a Policy Conflict error. Mostly check the following Policy, this was enabled in most of the organizations, follow the below-mentioned steps to Disable the policy.
Open Run command by pressing Windows + R and type gpedit.msc and hit enter, this command will open the Group Policy Editor.
Local Computer Policy > Computer Configuration > Administrative Templates > Windows Components > Bitlocker Drive Encryption > Operating System Drives
From the left-hand side Click on the Operating System Drives folder, and from the right-hand side check for Require additional authentication at startup.
Double-click on Open the Policy Settings, If the policy is enabled, Choose Not Configured. Click on Apply and OK.
Open Command Prompt and type gpupdate /force, once you updated the policy restart your system and try to encrypt the drive.
Check if any other Policy is enabled or not that is related to BitLocker, if any policy enabled, check and set to Not Configured.
Verify Registry Files:
Check the Registry settings that is related to BitLocker, if you are not sure which registry is enabled, just try the following registry settings.
Open Run command by pressing Windows + R and type regedit and hit enter, this command will open Registry Editor.
Navigate to the following registry path.
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE
Find any Registry DWROD related to BitLocker, set the Value data to 0 or 1, and click on OK.
If you don’t want any registry related to BitLocker, Delete the Registry setting.
Close the Registry Console and restart your system once.
Read Also:
Fix Group Policy do not permit the user of PIN at startup
How to Disable BitLocker using cmd or PowerShell?
How to Enable Bitlocker using PowerShell in Windows 11?
Prevent Users from Decrypting BitLocker in Windows 11
