> Or at the very least create a script that will be able to take
> encrypted password and store it in cleartext as another attribute.
Waste of time. You should use social engineering (hint: password policies)
Not to mention it may be difficult to acheive if all the passwords are
strong enough and well encrypted.
If you absolutely need access to the cleartext passwords, the easiest
way is to ask your users (with a way to force them to provide it to
you: for example the next time they login, you force them to change
their password and this time you store it in cleartext).