We have a windows (7 pro) workstation LAN, managed via Group Policy. Lots of our users run Dropbox. Security concerns aside, one of our netadmins says that our routers/firewalls are handling and blocking tons of UDP broadcast traffic, and they want it to stop. We tracked the traffic to Dropbox's LAN Sync functionality.
Most users on our network don't use LAN Sync (they only have one workstation on the network), but almost everyone with Dropbox, it seems, has it turned on.
Is there a way to centrally disable LAN Sync for Dropbox, for all Windows workstations in a GPO-managed LAN?
The solution doesn't have to be nice and state-based like a true GPO; it can be as simple as a scheduled task that runs something on all workstations daily to disable LAN Sync. Heck, the solution doesn't even have to be a GPO--we can use PS_EXEC to push programs to workstations from the domain controllers. I am just hoping to avoid manually reconfiguring all users' Dropbox applications. Users are local admins, so if they really want to turn LAN Sync on, they can.
Aside: there is literally zero chance of getting management to agree to ban/remove either Dropbox or users' admin privileges.
What I've Tried:
Initially, I figured there would be a GPO-manageable registry key for it. No dice, it turns out; Dropbox keeps all of its configs in a SQLite file.
Then I tried using this script to modify the SQLite file, but newer versions of Dropbox don't seem to have an externally-modifiable config.