/* * Azure Firewall Rule Collection for Active Directory */ [ { "name": "ActiveDirectory_NW", "priority": 150, "ruleCollectionType": "FirewallPolicyFilterRuleCollection", "action": { "type": "Allow" }, "rules": [ { "ruleType": "NetworkRule", "name": "DomainControllers", "ipProtocols": ["TCP", "UDP", "ICMP"], "sourceIpGroups": ["{{ipAddressPool}}"], "destinationAddresses": "{{domainControllerIPAddresses}}", "destinationPorts": [ "88", // Kerberos "123", // NTP "135", // RPC "138", // NetBIOS name resolution "389", // LDAP "445", // SMB, SAM/LSA "636", // LDAPS "3268-3269", // Global Catalog "9389", // ADWS "49152-65535" // RCP high TCP ports ] } ] } ]