Are you an Admin on the Network?

Some users in my network are on to nasty things trying to illegally enter in other's computers etc....i want to catch them red handed
Your running NT/2000 right?, go to the folders that are being abused and turn auditing on. (log successfull logins) then just check the event logs, find whoevers doing it and suspend their account - then they`ll find you

I want their passwords...........whenever they change........(i'm prepaired to go to extremem lengths to trace them down) and anyother information i can gather.
This wont get their passwords but it`ll get their user names. ( Its not really legal to "get their passwords"