I can see in Azure AD the device can store Bitlocker encryption keys. I have been able to directly store bitlocker keys to Azure. My issue is that I have computers with bitlocker enabled and the bitlocker information stored in on-prem AD. Currently there is no way to synchronize the on-prem bitlocker keys with the Azure Hybrid connected device. I think this should be included in the ADconnect tool, especially since the msFVE-RecoveryInformation object is a sub-object of the device.
We are currently working with Intune to provide a cloud based Bitlocker management solution that will work for both Azure AD joined and Hybrid Azure AD joined devices. We will update this thread once we have more information to share.
Brian Arkills commented
AUs for Bitlocker Recovery Keys would also be great. See https://feedback.azure.com/forums/169401-azure-active-directory/suggestions/33715615-bitlocker-recovery.
DJ Barbieri commented
1. Enabling the bitlocker key stored in AD on-prem to sync to Azure using AADC
2. Enabling a key in Group Policy to have devices with status "Hybrid AD joined" in Intune to backup their bitlocker keys directly to the cloud. The later can currently be done manually in Control Panel - Bitlocker Drive Encryption - Backup your recovery key - Save to your cloud domain account.
Either of these would be enormously helpful.
Adding writeback for the bitlocker keys to on premise AD would be useful.