I’m having similar issues on a newly created Windows 11 24H2 FOG image. (Please note that the sysprep answer file I created is bypassing the Secure Boot check allowing FOG to pxeboot from the VM for capture). Once I bring the image down on a physical device and try to encrypt the drive I get the identical error shown above. If I go into the BIOS and enable Secure Boot the device begins encrypting automatically after a restart. NOTE: The drive will fully encrypt and the recovery key is populated successfully in Active Directory. I was feeling confident until I restarted again, then got a BSOD (unrecoverable). Windows 10/11 without secure boot enabled at the time of installation/imaging does not like having secure boot suddenly enabled.
So, if my thinking is correct this has something to do with secure boot, or more precisely the act of bypassing the secure boot check during Windows setup that was done in the sysprep answer file.
FOG can’t pxe boot on devices with secure boot enabled, but those same machines can’t be encrypted without secure boot and enabling secure boot after imaging only ends in a BSOD (unrecoverable).
FOG 1.5.10 on Ubuntu 2204