How was this supposebit locker? Every time an admin changed the group policy it would trigger a recompile of bitlocker?

No, the group policy checks are runtime checks, not compile time checks.

It meant that when a user enables BitLocker on a drive, the BitLocker setup flow would check if group policy defined a minimum password length. If it did, BitLocker would enforce that minimum. Otherwise, BitLocker would use the default minimum.

If you have a Windows system, you can play with this easily as long as you have an admin user account for the OS. The Windows system doesn't need to be part of an org or need Active Directory. You can edit group policy by opening gpedit.msc from an elevated command prompt.

	▲	charcircuit a day ago \| parent [-]
		My confusion was that I thought they wanted to put a group policy value into an error message, and doing so via the preprocessor didn't make any sense.

▲

charcircuit 2 days ago | parent | prev [-]

Supposed to work.

	▲	justusthane 2 days ago \| parent [-]
		I believe that the article is referring to a maximum which is hardcoded into Bitlocker (not user configurable). If the administrator configures via GPO a minimum key length which is longer than the hardcoded maximum, then it spits out the error in question.