Sure would be easier under Unix where you could just recreate users and copy the encrypted passwords over.

Remember...he doesn't control the other system. I'm assuming that means he can't add or delete users and certainly couldn't access the passwd and shadow files.