This is far more dangerous than just gaining access to a server. Any Admins on here will undoubetdly have passwords stored for much or all of their other equipement .
Domain Admins passwords
RDP Sessions to other sites.
SSH login with possibly the keys.
Building access codes.
and the list goes on.
What advice does anyone have to offer ?