Admins can plug into network switches with new PowerShell module

Administrators looking for added flexibility in their environment can tap the NetworkSwitchManager module to work with network switches.

Since its inception in 2006, PowerShell has been designed and built to help system administrators manage and automate...

various tasks on Windows servers and clients. Now Microsoft has decided to expand the reach of PowerShell by introducing a feature in an area that is not familiar to many Windows server administrators: the network switch.

In 2012, Microsoft introduced availability of Open Management Infrastructure (OMI), which is an industry initiative that opens up management of hardware devices. Microsoft created OMI to reduce proprietary protocols and tools vendors were creating to manage products by providing a standard, open protocol. Microsoft implemented support for OMI by creating the Datacenter Abstraction Layer (DAL), which provides a way to apply the OMI standard. At that time, Microsoft also added OMI support to PowerShell.

As part of Microsoft's DAL effort, it implemented a program named Certified for Windows Network Switches. This program helped network appliance vendors verify that the management APIs they wrote for their hardware worked with DAL and could be managed with PowerShell.

As of PowerShell 3.0, Microsoft introduced a set of Common Information Model (CIM) cmdlets. These cmdlets let PowerShell users interact with Windows systems and other network appliances. With PowerShell 3.0, Microsoft gave administrators the ability to manage network switches and other network devices with no extra software required. However, many users found using the CIM cmdlets cumbersome. Microsoft tried to improve the user experience in 2014 by introducing the NetworkSwitch PowerShell module in version 5.0 of the Windows Management Framework (WMF). (Note: As of WMF 5.0 Production Preview, the NetworkSwitch module is called NetworkSwitchManager.)

Working with the NetworkSwitchManager PowerShell module

Managing network switches via native PowerShell is a huge leap forward in administrator efficiency. What if you'd like to try out this new functionality today? How would you go about it? First, don't scrap your network management software in lieu of doing everything in PowerShell. To manage devices with the NetworkSwitchManager PowerShell module, the switches need to support being managed with OMI via PowerShell; check with the switch vendor on this.

If you can manage the switch with OMI, then you need to install WMF 5.0.  At the time this article was written, that version is the WMF 5.0 Production Preview. After installing WMF 5.0, get the NetworkSwitchManager PowerShell module. To verify the module is available, open the PowerShell console and run Get-Module.

PowerShell console
Run the Get-Module from the PowerShell console to see if the NetworkSwitchManager module is available.

While you can manage ports, VLANs and other features, not all functionality is included. Keep in mind that this is still very new and Microsoft will most likely add more cmdlets as time goes on.

To get started, first establish a CIM session with the supported network switch using the New-CimSession cmdlet. Depending on the method used, you might also use the New-CimSessionOption cmdlet to set various options for use at the time of session connection. The following code establishes a CIM session to a host called MYHOST using HTTPS with a username of admin:

$option = New-CimSessionOption -UseSsl -SkipCACheck -SkipCNCheck -SkipRevocationCheck

$session = New-CimSession -CN MYHOST -port 5986 -Auth Basic -Credential admin -SessionOption $sessionOption

Once you've established the CIM session, you must then specify this session using the –CimSession parameter when using any of the module cmdlets. For example, to enumerate all the ports on the switch, you would use the Get-NetworkSwitchEthernetPort cmdlet:

Get-NetworkSwitchEthernetPort –CimSession $session

By passing $session to the CimSession parameter, this points the cmdlet to the appropriate host on the network along with the proper credentials which will be authenticated and authorized to enumerate all the switch ports. This is much easier than using the old method of enumerating switch ports.

Get-CimInstance CIM_EthernetPort -CimSession $Session

Before the NetworkSwitchManager PowerShell module arrived, an administrator needed to know the CIM Class name (CIM_EthernetPort), which was cumbersome.

As another example, to disable a port on that switch, then we use the Disable-NetworkSwitchEthernetPort cmdlet and specify the CIM Session again -- this time using the PortNumber parameter.

Disable-NetworkSwitchEthernetPort -CimSession $Session -PortNumber 21

This method of managing switches is much easier than installing different software packages and memorizing several ways to configure various switch models. Not all switch vendors support OMI yet. If the switches you own don't support OMI, send a request to the vendor to see if they can implement this feature.

Next Steps

Using PowerShell for virtualization tasks

Managing remote servers with PowerShell

Windows Management Framework 5 update gives uers advanced PowerShell cmdlets


Dig Deeper on Windows administration tools