Leveraging Python scripting is the way to go. Your concern about clear text passwords is valid but as the programmer you should write a function that provides for some form of reversible encryption to prevent the clear text storage of your passwords.
In other automation I have written to date I have developed an AES function to take a password and encrypt it while embedding the key in the resulting output. The user Id and password would be stored in an INI file and access by the program. This way you can easily change program data as required. These are actual userId and password I use in one of my programs:
It is not completely safe, but is far better than storing clear text data.
I found that this is more secure in Perl when the program can be compiled using ActiveState's Perl Development Kit which keeps the source code out of the hands other that may want to reverse engineer the password. So far I have not obtained a Python compiler to keep people from reading my code.
did you manage to export all? could you write down the script or tool needed to do that?
Create a new server task with the action of run query. then select the queries you want- i.e. scroll down to Policy Assignments (shared groups) and select for example: "applied policies by name"
sub action- export to file - enter file name, export chart data and drill down tables and selct your desired format.
That will get you some results you want, also, if you can create your own queries then you can export it through a task.
There are also queries for broken inheritance etc etc. have a look to see if this helps.