there are ways to get the password for a system in a domain, but those include hacking the DC and i don't think it would be such a good thing to explain how to do that!
Actually, it's not as hard as you think. The link I provided has a really scary but easy way to change the admin pass in an ADS. And, IMO, I don't think there really is one standard that is the most common scenario. What I often see is hodge-podge setups and praying that it doesn't fall to pieces.

it's in an admins best interests to mitigate any holes, last time i checked!!!
Oh. Certainly. But let's not kid ourselves and assume that admins are doing this. There are lots of admins that don't check password strength and barely give themselves a decent password. I've actually run into an admin who's password for his Lotus Notes ID was still the default (the default was "password+username"). This is going on right now. Regardless of how secure MS or anyone else makes it, the human element will always be the way into a system.