From 01d84e09a235d75757235ad5829f45f3e688683c Mon Sep 17 00:00:00 2001
From: Christian Hartmann <christian.hartmann@qbeyond.de>
Date: Mon, 29 Apr 2024 14:55:51 +0200
Subject: [PATCH 1/3] add missing ad rules

---
 main.tf | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/main.tf b/main.tf
index 39270e7..89162db 100644
--- a/main.tf
+++ b/main.tf
@@ -60,7 +60,7 @@ resource "azurerm_firewall_policy_rule_collection_group" "this" {
         destination_ip_groups = var.ipg_onpremise_dc_id != null ? [var.ipg_azure_dc_id, var.ipg_onpremise_dc_id] : [var.ipg_azure_dc_id]
         destination_ports = [
           "53", "88", "123", "135", "137", "138", "139",
-          "389", "445", "464", "636", "3268", "3269", "9389"
+          "389", "445", "464", "636", "3268", "3269", "9389", "49152-65535"
         ]
       }
     }
@@ -75,7 +75,7 @@ resource "azurerm_firewall_policy_rule_collection_group" "this" {
 
       rule {
         name                  = "allow-dc-to-dnsresolver-inbound"
-        protocols             = ["UDP","TCP"]
+        protocols             = ["UDP", "TCP"]
         source_ip_groups      = var.ipg_onpremise_dc_id != null ? [var.ipg_azure_dc_id, var.ipg_onpremise_dc_id] : [var.ipg_azure_dc_id]
         destination_ip_groups = [var.ipg_dnsprivateresolver_id]
         destination_ports     = ["53"]

From 08b325a551f0e5c3408f442514bc1dc6d9e8ddde Mon Sep 17 00:00:00 2001
From: Christian Hartmann <christian.hartmann@qbeyond.de>
Date: Mon, 29 Apr 2024 14:57:50 +0200
Subject: [PATCH 2/3] changelog

---
 CHANGELOG.md | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index b82cfce..8d5cd8d 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -7,6 +7,11 @@ and this module adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.
 
 ## [Unreleased]
 
+## [2.0.1] - 2024-04-29
+
+### Fixed
+- add missing AD ports
+
 ## [2.0.0] - 2024-04-09
 
 ### Added

From c518ced7cf694ede0783e1526231f698b9c78caa Mon Sep 17 00:00:00 2001
From: QBY-ChristianHartmann
 <127933001+QBY-ChristianHartmann@users.noreply.github.com>
Date: Tue, 30 Apr 2024 08:45:18 +0200
Subject: [PATCH 3/3] Update CHANGELOG.md

Co-authored-by: Thimo Limpert <104893472+QBY-ThimoLimpert@users.noreply.github.com>
---
 CHANGELOG.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 8d5cd8d..f921773 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -10,7 +10,7 @@ and this module adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.
 ## [2.0.1] - 2024-04-29
 
 ### Fixed
-- add missing AD ports
+- add missing RPC randomly allocated high TCP ports for AD (`49152 – 65535`) between domain controllers.
 
 ## [2.0.0] - 2024-04-09