How to Configure Active Directory Network Security Groups and Firewall Rules in Azure using Terraform
18 min readJan 19, 2023
This story will list all the ports required to communicate with Active Directory Domain Controllers and how to create network security groups and firewall rules using Terraform to secure communications to AD Domain Controllers.
We are going to talk about the following:
- Description of Ports used by Active Directory
- List of ports used required for Client Machines to connect to AD Domain Controllers
- Terraform Code to Create Azure Network Security Groups (NSGs) for Clients to AD Domain Controllers
- List of ports used for communication between AD Domain Controllers
- Terraform Code to Create Azure Network Security Groups (NSGs) for communication between AD Domain Controllers
Description of Ports
Below is the list of all ports in the Active Directory with a short description of the role.
- 53 — TCP/UDP — DNS: map IP addresses to host names. Client machines use DNS to locate resource records in the domain and look up external domain names.
- 88 — TCP/UDP-Kerberos: This authentication protocol authenticates requests between a client and server…