Ok.. So I've learned the hard way that BitLocker doesn't automatically backup the security keys to Active Directory if you join the domain AFTER you've encrypted your machine. Or if you start encryption before the group policy has been pushed to your machine. And backup of keys to Skydrive doesn't