Azure domain joined machine.
Machine was encrypted fine for few months then showed error about not being able to complete encryption.
Machine was decrypted to try resolve. When trying to re-encrypt the machine the only option i get which ISN'T greyed out for saving the recovery key is 'save to USB drive' The options I should be able to choose is 'save to azure cloud account'.
The recovery key from the first time the machine was encrypted is still showing in Azure admin centre fine.
Troubleshooting that's been done:
All windows profiles have the same issue.
Removing machine from domain and re-adding, still has issue.
Enabling bitlocker through powershell, doesnt fix.
I have been passed from the Office 365 team, to the Azure team, to the Windows team, and now Windows have told me to go raise it with Azure again.