Same kind of response as before (this time from VSphere console for better text resolution):

Granted we do not have any machines named 'MyVM' in your example, but I get the same result when searching for actual VMs that do exist in our environment.  Adding wildcard/*'s doesn't seem to impact the results either.

edit - remove userID

And which Horizon View version are you using?

7.0.3 build-4709455

Just tried against the same Horizon View version, and for me it seems to work.

I did the Connect-HVServer with the Domain/User/Password parameters.

Another possible difference, I'm using PowerCLI 6.5.1, and you seem to be using 6.5R1 (which are not the same).

Not sure if the issue comes from the difference in version, but perhaps worth a try? Perhaps on another station?

I found the following link for downloading the 6.5.1 source code:

https://my.vmware.com/group/vmware/details?downloadGroup=PCLI651_OSS&productId=491#os_version_histor...

Then I checked the readme and ran this command to automatically install everything (pretty slick):

Install-Module VMware.PowerCLI -Scope CurrentUser

Now my PowerCLI header has updated to 6.5.1 build 5377412.  However I get the same errors as before when calling get-HVMachine with or without any arguments/parameters.

Its odd that the cmdlet would be complaining about cannot find user or group in AD.  The machines are all registered in AD, I wonder if the query itself doesn't have permissions to execute on the view server.  But then again i don't see why it would be any different calling the function provided in the helper script against the same view server.

Run as Admin did not share the updated modules so i had to rerun the same command above for all users. Then use the import-module function to point back to the original repository of modules I had setup so that I could call get-HVMachine.  Same errors as before.

I also tried from a server we plan to run these script from in production and I get the same errors.

The issue might be related to the account you use to connect to the Connection Server, and the permissions on the Connection Server, but also on the related vCenter.

When you logon to the Horizon View Admin interface with the same account you use for the Connect-HVServer, does show you everything?

Yup, I am signing in with Connect-HVServer with the same credentials I use to log into the View Admin interface.  All areas of View are available to me with that ID.

For comparison here is the helper script that does successfully return info on the machines (doesn't seem to format correctly but the key parts are here):

Function Get-HVDesktop {

Param (

$State

$ViewAPI = $global:DefaultHVServers[0].ExtensionData

$query_service = New-Object "Vmware.Hv.QueryServiceService"

$query = New-Object "Vmware.Hv.QueryDefinition"

$query.queryEntityType = 'MachineSummaryView'

if ($State) {

[VMware.Hv.QueryFilter []] $filters = @()

foreach ($filterstate in $State) {

$filters += new-object VMware.Hv.QueryFilterEquals -property @{'memberName' = 'base.basicState'; 'value' = $filterstate}

$orFilter = new-object VMware.Hv.QueryFilterOr -property @{'filters' =  $filters}

$query.Filter = $orFilter

$Desktops = $query_service.QueryService_Query($ViewAPI,$query)

$Desktops.Results.Base

Based on this it would appear that the same QueryService_Query getting called from the built in Get-HVDesktop is using 2 arguments, ViewAPI and a Query.  The Query doesn't seem to be anything that would require credentials.  That suggests the problem is with calling or creating the ViewAPI object, or the Query_service itself.  Yet nowhere in here are there prompts for credentials.

If I break it down:

$global:DefaultHVServers[0].ExtensionData will return a list of methods

New-Object "Vmware.Hv.QueryServiceService" will return a QueryService object

New-Object "Vmware.Hv.QueryDefinition" will give me an empty query object

$query.queryEntityType = 'MachineSummaryView' will enter some data into the QueryEntityType field but also confirms the kind of info that will be returned

Seems pretty straight forward but now I notice that I am not calling the same module against the View Connection server as I thought.  Instead this is a query is using the normal View API against (what I assume is) vCenter that retrieves the same info.  Now I can go back to the View API documentation for more info.

I noticed another clue now that I found QueryService_Query in the View API documentation.  The exception I am receiving is "EntityNotFound - Thrown if any specified entity cannot be found."  There is a different exception for permission issues " InsufficientPermission - Thrown if the user does not have sufficient permission to perform the operation."

So then I started to pull apart the actual module looking at the specific line that was throwing the exception.  It was our friend the QueryService_Query and it was getting called twice when no parameters were fed into it.  but By giving Get-HVMachine one parameter of 'myVM' I did not receive any errors and actually got a clean result.

Here is the summarized discovery progression:

It seems that get-HVMachine can only search for specific machine names.  Although its coded to handle wildcards something blows up every time you try to use them in the machinename parameter.

TLDR; Get-HVMachine seems to not be handling wildcards correctly.  If you query for specific machines by name then you get results.  What is the proper syntax to return a list of all the VMs from a View Connection Server?

I hate to contradict you, but for me Get-HVMachine works without specifying a machine name.

And masking works as well.

There must be something else that is causing the limitations you see.

I'm on PowerCLI 6.5.1, I use the VMware.Hv.Helper module v1.1 and I run against Horizon View 7.0.3 (build 4709455).

> There must be something else that is causing the limitations you see.

Its been a few days of digging and playing.  This is the conclusion I am coming to as well.  I suspect that the results that are returned have something to do with my userID security since you confirmed it works for you as it is documented.  I do not have any other ideas on what security I am missing though.

I did discover one other nugget of info.  Get-HVMachine does not appear to have permissions to return results on the linked clone pools that we have created.  When I eliminate the linked clone pools from the searches then wild cards begin to function for the -PoolName argument.  I suspect the reason why is that our Linked Clones are sourced from View Composer and not vCenter.  Perhaps the empty argument for Get-HVMachines fails because it hits these linked clone machines.  The query is already returning info about a missing userID or group in AD in these scenarios.  The only way I can return info on the individual linked clone machines is through a custom API call with the filters modified for that area.

If I can ever figure it out I'll respond and confirm.

I was able to explore a 2nd View environment and compare the results of my queries.  This time everything worked as expected.  Both get-hvpools and get-hvmachines returned results with no arguments as documented.  This isolates it down to something related to the specific pool I am trying to query into from before.

The linked-clone pool mentioned here happens to be in an isolated firewall environment separate from the rest due to PCI compliancy.  We block off ties from View to the machines after they are created so the View server can no longer query the agents or those machines.  When I get a chance to open up the connections again to modify that pool I'll test the theory on the agent communication.

Still, it seems silly that the query would break for something like this.  View knows the machines exist and have a pool assigned to them.  I don't want a status update, just inventory records.  I should be able to get results from the rest of the machines even if this one pool is treated differently.

Thanks for the feedback.

Keep us up to date, curious to see if your theory is correct.