Not directly related to hacking, but in terms of "social engineering"... the Gardner Museum in Boston was robbed in 1990 by two men who came to the door, after hours, pressed the buzzer, and said "Police! Let us in!". The guards did, and the two men made off with over a dozen priceless works of art.
And I can't even count the number of times I've read about students who changed their grades by logging into the teacher's account using the password written on a post-it note and stuck to the computer monitor!
Of course, this all depends on how "criminal" your guy is. He could just call them, like Clee suggested, and demand a password. He could kidnap them and threaten to kill them if they don't give him the password. Or he could kidnap someone else (the IT guy's spouse/child/friend) and threaten to torture/kill them if he doesn't get the password.
Depending on the size of the company/security system, he could also dress up like an IT guy, pretend like he knows what he's doing, and just walk into the IT department. Then he could ask someone (maybe a lower-level employee?) something like, "Oh, shoot, I left my notebook at home. Can you tell me the password for xyz?" If he looks like he is supposed to be there, the other employees probably won't question him.