Summary
Using BitLocker to encrypt Exchange Server data volumes is a best practice and part of the preferred architecture (PA) for Exchange Server 2013.
However, using a scheduled script to encrypt the initially provisioned drivers is not possible because of uncertainty about when the AutoReseed feature might have to initialize and use the drivers.
This update adds support for the AutoReseed feature to work in a database availability group (DAG) environment that is BitLocker-enabled.
Resolution
To apply this update, install Cumulative Update 13 for Exchange Server 2013 or a later cumulative update for Exchange Server 2013.
Status
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.
References
Learn about the terminology that Microsoft uses to describe software updates.