Olivier Lasne's questions

I am creating an Active Directory lab, with a Windows Server 2022 as the Domain Controller.
I would like to remove complexity requirements for passwords on the domain with powershell.

I did try to use the following commands:

$passwordPolicy = Get-ADDefaultDomainPasswordPolicy
$passwordPolicy.ComplexityEnabled = $false
Set-ADDefaultDomainPasswordPolicy $passwordPolicy

There was no error messages. But the complexity requirements are still present, as indicated by ComplexityEnabled:

> Get-ADDefaultDomainPasswordPolicy


ComplexityEnabled           : True
DistinguishedName           : DC=poudlard,DC=wizard
LockoutDuration             : 00:30:00
LockoutObservationWindow    : 00:30:00
LockoutThreshold            : 0
MaxPasswordAge              : 42.00:00:00
MinPasswordAge              : 00:00:00
MinPasswordLength           : 0
objectClass                 : {domainDNS}
objectGuid                  : 6f5b0803-0227-4454-899f-28df34343bfa
PasswordHistoryCount        : 0
ReversibleEncryptionEnabled : False

And my user is part of the Domain admins:

PS C:\Users\vagrant> whoami /groups

GROUP INFORMATION
-----------------

Group Name                                      Type             SID                                          Attributes
=============================================== ================ ============================================ ===============================================================
Everyone                                        Well-known group S-1-1-0                                      Mandatory group, Enabled by default, Enabled group
BUILTIN\Administrators                          Alias            S-1-5-32-544                                 Mandatory group, Enabled by default, Enabled group, Group owner
BUILTIN\Users                                   Alias            S-1-5-32-545                                 Mandatory group, Enabled by default, Enabled group
BUILTIN\Pre-Windows 2000 Compatible Access      Alias            S-1-5-32-554                                 Mandatory group, Enabled by default, Enabled group
NT AUTHORITY\NETWORK                            Well-known group S-1-5-2                                      Mandatory group, Enabled by default, Enabled group
NT AUTHORITY\Authenticated Users                Well-known group S-1-5-11                                     Mandatory group, Enabled by default, Enabled group
NT AUTHORITY\This Organization                  Well-known group S-1-5-15                                     Mandatory group, Enabled by default, Enabled group
poudlard\Domain Admins                          Group            S-1-5-21-1683605283-797255120-3757226006-512 Mandatory group, Enabled by default, Enabled group
Authentication authority asserted identity      Well-known group S-1-18-1                                     Mandatory group, Enabled by default, Enabled group
poudlard\Denied RODC Password Replication Group Alias            S-1-5-21-1683605283-797255120-3757226006-572 Mandatory group, Enabled by default, Enabled group, Local Group
Mandatory Label\High Mandatory Level            Label            S-1-16-12288

What could be the issue ?

How can I see traffic while I am capturing it with tcpdump.

When I use -w, it doesn't show the packets during the capture.

sudo tcpdump -i enp2s0 -w test.pcap
tcpdump: listening on enp2s0, link-type EN10MB (Ethernet), capture size 262144 bytes
^C6 packets captured
7 packets received by filter
0 packets dropped by kernel