更新时间:2023-02-12 11:28:03
要停止此日志记录,您可以通过
将其禁用审核政策。
auditpol / set / SubCategory:" Filtering Platform Packet Drop" / success:disable / failure:disable请注意,这将禁用所有阻止流量的记录(不仅仅限定为SharePoint流量)。
以下组策略链接可以帮助您禁用Groove通信:
http://technet.microsoft.com/en-us/library/ee649104(v = office.14).aspx希望这个帮助,
I have three domain controllers (two 2008R2 and one 2012).
I am seeing a lot of WFP blocked packets from SharePoint workspaces on workstations on the network.
Ideally I would like to stop the workstations sending these packets, since they have not need for these "Groove" functions
I have not found out how to stop the SharePoint Workspace sending the packets, so I would like to stop logging them in my domain controller security log which is for other more important events.
The Windows Filtering Platform has blocked a packet.
Application Information:
Process ID: 0
Application Name: -
Network Information:
Direction: Inbound
Source Address: 10.141.1.36
Source Port: 54118
Destination Address: 255.255.255.255
Destination Port: 1211
Protocol: 17
Filter Information:
Filter Run-Time ID: 456686
Layer Name: Transport
Layer Run-Time ID: 13
CarolChi
To stop this logging, you can disable it via the audit policy.
auditpol /set /SubCategory:"Filtering Platform Packet Drop" /success:disable /failure:disableNote that this will disable logging of all blocked traffic (not just scoped to the SharePoint traffic).
The following Group Policy link may help you disable the Groove communication from happening:
http://technet.microsoft.com/en-us/library/ee649104(v=office.14).aspxHope this helps,