Thanks.  I'm assuming that I am seeing the limitations of my version of PowerCLI (4.0, U1) since extensiondata was introduced in 4.1.  When I run the below script (removed port group portion), the only feedback I get is the output text within the script itself (Promiscuous mode:, Forged transmits: etc..), but no data from the the vSwitch security settings.  Any other way you know of to get at this data?

foreach ($VMHost in Get-VMHost){
     foreach($vSwitch in $VMHost.ExtensionData.Config.Network.Vswitch){
          Write-Host $vSwitch.Name
          Write-Host "`tPromiscuous mode:" $vSwitch.Spec.Policy.Security.AllowPromiscuous
          Write-Host "`tForged transmits:" $vSwitch.Spec.Policy.Security.ForgedTransmits
          Write-Host "`tMAC Changes:" $vSwitch.Spec.Policy.Security.MacChanges
          }
     }

Thanks

Thanks.  I was getting a problem with the first foreach expression:

[vSphere PowerCLI] S:\SCRIPTS\TESTING> .\test.ps1
Unexpected token 'in' in expression or statement.
At S:\SCRIPTS\TESTING\test.ps1:1 char:85
+ foreach ($VMHost in Get-VMHost){     $esx = Get-View $VMHost     foreach($vSwitch in <<<<  $esx.Config.Network.Vswitc
h){
    + CategoryInfo          : ParserError: (in:String) [], ParseException
    + FullyQualifiedErrorId : UnexpectedToken

I took out the port group queries and removed the $esx = get-view $vmhost variable input and it seemed to work ok:

foreach ($VMHost in Get-VMHost){
      foreach ($vSwitch in $esx.Config.Network.Vswitch){
          Write-Host $vSwitch.Name
          Write-Host "`tPromiscuous mode:" $vSwitch.Spec.Policy.Security.AllowPromiscuous
          Write-Host "`tForged transmits:" $vSwitch.Spec.Policy.Security.ForgedTransmits
          Write-Host "`tMAC Changes:" $vSwitch.Spec.Policy.Security.MacChanges
     }
}

Thanks

I suspect the <CR><LF> got lost for that line during the copy/paste.

This

foreach ($VMHost in Get-VMHost){     $esx = Get-View $VMHost      foreach($vSwitch in <<<<  $esx.Config.Network.Vswitc
h){

should have been multiple lines

foreach ($VMHost in Get-VMHost){

     $esx = Get-View $VMHost

      foreach($vSwitch in $esx.Config.Network.Vswitch){

...

You need to get the $esx value, otherwise the expression '$esx.Config.Network.Vswitch' will not work.

I attached the file with the correct lines.

That one gave me some problems:

Promiscuous mode:
        Forged transmits:
        MAC Changes:
Get-View : 6/20/2011 2:28:03 PM    Get-View        Invalid object specified for parameter Id - 'VMHostImpl'. Valid type
s are ManagedObjectReference and string.
At S:\SCRIPTS\TESTING\test2.ps1:2 char:20
+     $esx = get-view <<<<  $vmhost
    + CategoryInfo          : InvalidArgument: (ftgdwlk308esx.fmr.com:VMHostImpl) [Get-View], VimException
    + FullyQualifiedErrorId : Core_GetVIView_TryGetIdParam_InvalidValue,VMware.VimAutomation.Commands.DotNetInterop.Ge
   tVIView

I altered the varible set to this: $esx = get-vmhost $VMHost | get-view.  It runs without error, but not sure it's working as I don't see names of hosts, but just vSwitch names and policies.

foreach ($VMHost in Get-VMHost){    
    $esx = get-vmhost $VMHost | get-view    
    foreach($vSwitch in $esx.Config.Network.Vswitch){
          Write-Host $vSwitch.Name
          Write-Host "`tPromiscuous mode:" $vSwitch.Spec.Policy.Security.AllowPromiscuous
          Write-Host "`tForged transmits:" $vSwitch.Spec.Policy.Security.ForgedTransmits
          Write-Host "`tMAC Changes:" $vSwitch.Spec.Policy.Security.MacChanges
     }
}

Try replacing the line

$esx = Get-View $VMHost

with

$esx = Get-View -Id $vmhost.id

I suspect the first format is also something that came with PowerCLI 4.1.

Problem is, I can't test it anymore since I don't have a PowerCLI pre-4.1 available anymore.

That did it.  Thanks again.