I recently upgraded my two zentyal domain controllers to 3.4 from 3.3.10.
I was unable to successfully upgrade by just clicking the "Upgrade to 3.4" button. I upgraded by backing up my configuration and then installing 3.4 onto both servers and then restoring their respective configurations.
Everything works fine when the Additional Domain Controller is turned completely off. But when it is on, some people cannot login to their workstation.
Both of these servers are providing DHCP and DNS. I have two dhcp pools, one on each server.
In 3.3.10, I could turn off either one of these servers and users could function normally as long as one of them is on. With either server on, they could successfully:
1) Log into their workstations
2) Access file shares located on windows servers
3) Received a DHCP issued IP address
4) Access Internet Web Pages
In 3.4.3, if I turn off the Primary Zentyal domain controller (while leaving the additional domain controller on):
1) Some users cannot Login to their workstations, but some can oddly enough.
2) Many users who can login to their workstations cannot access all of the file shares located on windows servers on the LAN
I've confirmed however, that Active Directory replications is occurring, for example
1) If I add a user on the Primary Domain Controller, it promptly appears in the Zentyal Web Interface of the Additional Domain controller
2) If I add a user using the Additional Domain Controller, it promptly appears in the Web Interface of the Primary Domain Controller
3) Same is true when I delete users from either of these servers.
So, the additional domain controller is working to some degree, but when it is turned on it has a negative effect on some user's ability to login to their workstations and those who can have issues accessing certain windows shares.
In 3.3.10, this additional domain controller worked flawlessly as a fail over. I could turn either of my domain controllers off and users would keep accessing every thing they needed to. Since upgrading to 3.4.3, I have to turn this additional domain controller completely off to not experience access problems.
The next thing I'm going to try, is just redoing the additional domain controller from scratch (freshly joining it to the domain).
I'll report back here what that accomplishes.
To me, these services in Zentyal should be priority number one; nothing is more fundamental than having a healthy domain controller and a fail over domain controller (so that the whole LAN doesn't come to a halt if the primary goes down).