While performing a Pen test for a client i needed to catch a domain user name and password, there are several ways to gain users passwords and it really depends on a lot of factors on how to get it in my case i didn't had time to wait for the user to enter his credentials and get it using a key logger so I and @Roni_Bachar created a fake windows domain login window to tried to force and trick the user to enter his password.
more here.......http://sourceforge.net/projects/wdcpt/
more here.......http://sourceforge.net/projects/wdcpt/