the "password" stored in the database is a sha-1 ("Secure Hash Algorithm") hash of the actual password and a random token... if you're able to reverse that hash there's probably a very nicely paying job waiting for you at the NSA... :)
this is one of the things I don't like about the "all passwords are encrypted in the database" approach - there are authentication schemes that require the server to know the plaintext password, and we're not able to use any of them... I've been meaning to put together a patch to make "encrypt passwords in the database" a configurable parameter for the site like it used to be in the ACS-3 days... in my copious free time... :)
In the meantime, one way of handling your need here is to require users to enter their password to "enable" the IMAP mailbox - check the password against the DB, and if it's right then store the plaintext they entered somewhere for IMAP authentication... you'll also need to patch ad_change_password to keep your plaintext in sync with the encrypted ones when users change their passwords...
cheers
russell
