because of a pending hardware maintenance on one of our domain controller i edit the "Default Domain Controller Security Policy" so that the Group Server Operators can log on through Terminal Services.
After the Maintenance successfully finished i reseted the Policy Right and set the Log on through Terminal Services Policy to the original state (not defined).
Now no one can log on through terminal services to all Domain Controllers. Even the Domain Administrators can.
Gpupdate doesn't help. I have taken this change 4 hours ago.
Thanks for your assistence.