Sever 2012 Enable RDP In the spirit of indempotent commands

I have not posted anything for a while, and I have been trying to get up to speed on DSC, which makes you think a little differently about the tools you make.  I recently had to build a few new servers, I did all the work within the PoweShell ISE.  When I was done, I thought I better RDP onto the server to see if I forgot anything.  I was not able to RDP to the servers.  I actually think this is cool, but someone else may want to use these server...lol  So I looked up the commands to enable RDP on a 2012 server. 

I have also been working with REST lately and between that and DSC, I have learned this new concept of "Idempotent", which I have come to understand means you can run the command more than once and it will not do any harm. 

I don't know why, but I decided to make the three things that need to be set for RDP in 2012 like that.  You can run these sections once, or 100 times, it won't hurt anything.  After it makes the changed, if there are changes to make, it just tells you that the key or setting is already set.

 #In the spirit of test, set, get - idempotent
#RDP Setup on New Server:
if((get-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server'-name "fDenyTSConnections").fDenyTSConnections -eq 1){
    set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server'-name "fDenyTSConnections" -Value 0
        if((get-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server'-name "fDenyTSConnections").fDenyTSConnections -eq 0){
            Write-Output "Configuration changed to value 0, now configured for RDP."
        }else{
            Write-Output "Configuration failed attempt to change setting."
        }
}else{
    Write-Output "Currently configured for RDP, value 0."
}

#Check for RDP Secure connections only.
if((get-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp' -name "UserAuthentication").UserAuthentication -eq 1){
    Write-Output "This server is set for Secure connections only, value 1."
}else{
    Write-Output "Either this key doesnt' exist, or it is set to a value other than 1, which is Secure connections only"
        if($test = get-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp' -name "UserAuthentication"){
            Write-Output "Tested path and item, key exists, Value set to $test.UserAuthentication"
        }else{
            New-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp' -name "UserAuthentication" -Value 1 -PropertyType dword
            $test = get-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp' -name "UserAuthentication"
            Write-Ouput "The key UserAuthentication was just created and value set to $test.UserAuthentication"
        }
}

#set the firewall rules for RDP to enalbled
get-netfirewallrule -DisplayGroup "Remote Desktop" | foreach{
    If($_.Enabled -eq "False"){
        $_ | Enable-NetFirewallRule
        Write-Output "Firewall rule $($_.name) set to enalbed"
    }else{
        Write-Output "Firewall rule $($_.Name) already enalbled"
    }
}#foreach

enjoy!