Symantec Encryption Desktop has a known behavior when you are using Group Keys as the "Group Admin" role. The Group Admin role provides elevated permissions to allow encryption/decryption of protected folders.
While each protected folder can only have one user or group key with the Admin role, multiple Group Admins are supported.
When the File Share Group Key on Encryption Management Server is designated as Group Admin, re-encryption may fail with these error messages:
Folder authentication failed
Folder initialization failed
In the Encryption Desktop log you see this error:
File Share: Folder authentication failed
File Share: Folder initialization failed
The same error messages appear in the Client log of Encryption Management Server:
Symantec Encryption Management Server 10.5 MP1 and above.
Symantec Enterprise Division is aware of this issue and is currently reviewing this issue. Please contact Symantec Encryption Support for more information on this.
A potential workaround is to first reencrypt the share without adding users, and then reencrypt the share and add the users.
Another workaround is to designate one group key as type Admin and other group keys as type User. In other words, to stop using the Group Admin type. This may involve increasing the number of users in the group that has Admin permissions.