@Matthew Hedrick, Thanks for posting in Q&A. In General, we only configure one setting in one policy. If we configure same setting in two policies, it may cause conflict. So I suggest excluding one policy for the device or user group. And check the deploy status of the policy on the affected device. however, if the two policies are with different settings, please get screen shot of another policy.
For the affected device which needs BitLocker code, could you let us know if it means BitLocker recovery key or password?
Meanwhile, for these affected devices, are the BitLocker already enabled on the device side? Please get screen shot of the result of running command "manage-bde -status".
Please check the above information and if there's any update, feel free to let us know.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.