How to fix error The Group Policy settings for BitLocker startup options are in conflict and cannot be applied

Mert Ilis
2 min readNov 16, 2021

ERROR: An error occurred (code 0x8031005b): The Group Policy settings for BitLocker startup options are in conflict and cannot be applied. Contact your system administrator for more information.

I got this error when I attempted to encrypt a virtual hard drive (.vhd) that I created as a backup disk.

Platform: Microsoft Windows [Version 10.0.19043.1348]

FIX:

  • Open Policy settings:
gpedit.msc
  • Go to “Local Computer Policy > Administrative Templates > Windows Components > BitLocker Drive Encryption > Operating System Drives”
  • Select the following Item: “Require additional authentication at startup”
Local Group Policy Editor
  • Change the following:
  • Change it to “Enabled”
  • Uncheck “Allow BitLocker without a compatible TPM”
  • Change “Configure TPM startup” to “Do not allow TPM”
  • Change “Configure TPM startup PIN” to “Require startup PIN with TPM”
  • Change “Configure TPM startup key” to “Do not allow startup key with TPM”
  • Change “Configure TPM startup key and PIN” to “Do not allow startup key and PIN with TPM”
  • Click “Apply” and “OK”
Require additional authentication at startup
  • Open regedit
  • Find key: Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\FVE
  • Export for backup and delete it.
  • Open Terminal and execute:
gpupdate /force /target:computer
  • To encrypt the drive F:
manage-bde -on f: -rp

Result should be something like:

BitLocker Drive Encryption: Configuration Tool version 10.0.19041
Copyright © 2013 Microsoft Corporation. All rights reserved.

Volume F:
[Data Volume]

Hope it helps!

--

--

Mert Ilis

I’m a software development enthusiast who likes trying different web technologies and adding value to his team.