Another way could be to dump the contents of both directories to LDIF files (e.g. with Net::LDAP::LDIF or ldap server tools), sorted by dn (e.g. with Net::LDAP::Control::SortResult) and then iterate over the two LDIF files and compare objects one by one.
if o1 eq o2: no change, read next both objects
if o1 lt o2: add, read next object from LDIF1
if o1 gt o2: delete, read next object from LDIF2
Disadvantage: this way you usually can't compare values from userPassword.
perl -e "s>>*F>e=>y)\*martinF)stronat)=>print,print v220.127.116.11.11.32"