I have a domaincontroller that controles a domain via een LAN.

It has also a second nic, connected to the internet.

What i want is to block all unused ports on that nic. Also those needed voor AD like 389.  

Is it possible to close all ports on one nic and enable just those for own services.

How to do that?

It is not recommended to have a dual hommed domain controller.  It can cause several issues like registering unreachable IPs on the domainDNS zone.

It would be best to use a firewall/router to control access to the internet and let your DC only work about the clients.

I'm sure it can technically be accomplished, but you're unlikely to find help from Microsoft supporting this configuration.