SOLVED: How to Disable Event 5156: Windows Filtering Platform has permitted a connection

Home
How To’s
- Windows 11 & Windows 10Windows 2000, XP, Vista, 7 and more How Tos
- Windows Serverwindows 2003, 2008, R2 how tos
- Microsoft 365, Azure & HostingHelp with Office 365 Issues
- Office: Word, Excel, Outlook…Office Apps like Word, Excel, Visio, Outlook, Project, Powerpoint, 2003, 2007 and 2010
- Mobile: Android, Samsung, LGBlackberry, BES, and BIS news and how tos
- Microsoft Exchange ServerExchange 2003, 2007, 2010 how to and demos
- System CenterEndpoint Protection
- JokesThis category is for I.T. relates gags and practical jokes
- Product Reviews & Other TechnologiesOther Technologies like firewalls, VoIP, Skype, Hardware Comparisons and other how tos
Windows 10, 11 & Server
- Windows 11 & Windows 10Windows 2000, XP, Vista, 7, Windows 8 and more How Tos
- Windows Serverwindows 2003, 2008, R2 how tos
Office 365 & Azure
- 25 User FREE Office 365 Trial
- Office365 & Azure HelpHelp with Office 365 Issues
IT Business News
YouTube Channel
Contact
- Discount Hosting
- On Site SupportHARDWARE & SOFTWARE We have found that most customers are tired of the excuses from ICT vendors… “… it’s the softwares fault” “…it’s Dell’s fault”. Fault is not important when you are having problems… getting it fixed is. We typically take end to end responsibily for anything that plugs into the wall, from desktops and laptops, to photocopiers and phone systems… it’s all our problem. Server hardware Server Software (like Exchange, Server 2008, Print Sharing, Sharepoint, Dynamics…) Desktops (from any vendor, IBM/Lenovo, Dell, Toshiba, White box…) Laptops Switches and Firewalls (from any vendor, like Dlink, Cisco, Linksys, FortiNet, Netgear…) Uninteruptable Power Supplies (UPS) network, phone and electrical cabling land line systems (like Nortel, Avaya and Toshiba) photocopiers (like Xerox, Kyocera, Mita, Canon, Toshiba…) cell phones Blackberry’s Blackberry Enterprise Server and even the Apple Mac’s… we handle it all CONTRACT MANAGEMENT & NEGOTIATIONS Many companies simply take the “rack rate” on their purchases and leases. We are skilled and experienced at managing and renegotiating all sorts of contracts. Cell contracts will Telus, Bell, Rogers… are often Service contracts with photocopy companies Land Line contracts with Bell, Telus, Rogers, All-stream Evergreen renewals and sooo much more We can reduce your costs and increase…
- Computer Recycling
- Hardware & SoftwareNEW HARDWARE & SOFTWARE We sell and support all of the ‘Tier 1′ and ‘Tier 2′ brands. Toshiba, HP, Dell, Samsung, Logitech, Lenovo, Intel, AMD, Colubris, AOC, Kingston, Microsoft, Symantec, Kaspersky, McAfee and on and on… HARDWARE REPAIR AND UPGRADE We will support, repair, and upgrade hardware from any brand or manufacturer. From Dell to Toshiba, to Lenovo/IBM we service it all. Up & Running will also perform a security wipe and dispose of your old hardware, networking equipment and software to all firms in the Calgary Region. DATA RECOVERY Our qualified technicians provide full data recovery from failed or deleted hard drives and memory sticks for anyone in Southern Alberta.
- Privacy Policy
Search for:

If you are like me, your 125MB Windows Server 2008 R2 logs are jammed with “Event 5156: Windows Filtering Platform has permitted a connection”:

Event 5156: Windows Filtering Platform has permitted a connection

I could not figure out how to disable this because in LOCAL SECURITY POLICY it was greyed out, which I know means it is controlled by a Group Policy:

I was working on the DEFAULT DOMAIN POLICY which was not correcting the problem. The solution was to change the DEFAULT DOMAIN CONTROLLER POLICY > POLICIES > WINDOWS SETTINGS > SECURITY SETTINGS > AUDIT POLICY > AUDIT OBJECT ACCESS settings:

event-5156-The-Windows-Filtering-Platform-has-permitted-a-connection-domain-controller-gp

Categories: Windows Server

Tags: AUDIT OBJECT ACCESSDEFAULT DOMAIN CONTROLLER POLICYEvent 5156Windows Filtering Platform has permitted a connection

1 Comment

DAC · September 23, 2013 at 10:01 am

If you would like to get rid of this Filtering Platform Connection event 5156 then you need to run the following commands in an elevated command prompt (Run As Administrator):

Auditpol /set /subcategory:”Filtering Platform Connection” /Success:disable

Then update gpo by this command

gpupdate /force

Published by Ian Matthews on September 17, 2012September 17, 2012

1 Comment

DAC · September 23, 2013 at 10:01 am

Leave a Reply Cancel reply

SOLVED: Easy PowerShell Scripts To Delete Disabled User Accounts

SOLVED: MABService vs MABServer & How It Affects VSS Shadow Copies

SOLVED: How To Enable A Device After A User Disables It In M365

SOLVED: How to Disable Event 5156: Windows Filtering Platform has permitted a connection

Published by Ian Matthews on September 17, 2012September 17, 2012

1 Comment

DAC · September 23, 2013 at 10:01 am

Leave a Reply Cancel reply

Related Posts

SOLVED: Easy PowerShell Scripts To Delete Disabled User Accounts

SOLVED: MABService vs MABServer & How It Affects VSS Shadow Copies

SOLVED: How To Enable A Device After A User Disables It In M365