You don't mention what type of domain you have, which makes this question a bit difficult to address. Older domains may store the passwords with reversible encryption, which is useful for things like synchronizing passwords with other types of directory services. Most newer domains store hashed versions of passwords, which are much more difficult to identify.
While there are many legitimate reasons to access the usernames and passwords of users on your domain (such as migrating to a new directory service), there are many more malicious reasons. There are lots of tools to do password cracking, but I can't point you to them directly. I recommend contacting Microsoft Product Support Services.
This was first published in July 2003