The solution really depends on the environment. If you legally have the right to a keylogger like Nihil suggest actually may be the easiest and best way. If you do not want to install a keylogger for what ever reason then a combination of ARP poisoning and sniffing on the network should do the trick as Threads has mentioned. That is assuming of course the switch does not have security measures against that type of attack and if it does then they can be turned off.

And BTW Cain and Abel is a really easy program to do ARP poisioning with just run that along side something like wireshark.