dumping domain password hashes

 
netbiosX did a great article about the different ways of dumping hashes.
This goes further then the two well known ways of using mimikatz of the VSS.

Have a read.