diff --git a/README.md b/README.md
index 7f5df8a..58fe2e3 100644
--- a/README.md
+++ b/README.md
@@ -47,11 +47,9 @@ YunoHost specific features
 
 This app support LDAP and the SSO authentification.
 
-The restriction is that the user ID in this app is an email address. So it's potentially possible to have multiple user account with the same username. By example you can have `john@yunohost.org` and `john@seafile.org`. You can see the issue [#5](https://github.com/YunoHost-Apps/seafile_ynh/issues/5) wich describe this problem. You can check that you are not in this case if by going in seafile admin page in the user tab can see all account.
-
-The best configuration is to give to each user an email which contains the domain used by seafile.
-
-**To fix this issue seahub don't allow any authentication from a user different than "username@seafile_domain.tld".**
+If you have Seafile installed before 7.x and you have more than one domain for users in Yunohost or Seafile app is installed on a different domain, you need to migrate accounts.
+You can use the provided action at https://domain.tld/yunohost/admin/#/apps/seafile/actions. See [issue#44](https://github.com/YunoHost-Apps/seafile_ynh/issues/44)
+for more information.
 
 ### Supported architectures
 
@@ -73,7 +71,7 @@ Additional informations
 
 ### Change URL
 
-Since now it's possible to change domain or the url of seafile but use it with precaution because it has not been tested enough for a big production installation. For the authentication and user every email for authentication will have the new domain name. For example `toto@old_domain.tld` will be `toto@new_domain.tld`.
+Since now it's possible to change domain or the url of seafile but use it with precaution because it has not been tested enough for a big production installation.
 
 To do this run : `yunohost app change-url seafile -d new_domain.tld -p PATH new_path
 
diff --git a/actions.json b/actions.json
new file mode 100644
index 0000000..44e4135
--- /dev/null
+++ b/actions.json
@@ -0,0 +1,20 @@
+[{
+        "id": "move_all_libraries",
+        "name": "Move user's libraries",
+        "command": "/opt/yunohost/seafile/seafile_api_loader.sh /opt/yunohost/seafile/move_library.py $YNH_ACTION_USER_TO_MIGRATE",
+        "user": "root",
+        "accepted_return_codes": [0],
+        "description": {
+            "en": "WARNING: Only use this feature if you know what you do.\n This action is only needed if you have installed Seafile before the version 7 AND your Seafile instance was installed under other domain than the user accounts. Move all user's libraries to the correct account, this action exists only for handling old created account with the old SSO behavior.\n See https://github.com/YunoHost-Apps/seafile_ynh/issues/44 for more information."
+        },
+        "arguments": [
+            {
+                "name": "user_to_migrate",
+                "type": "user",
+                "ask": {
+                    "en": "User account to be migrate from the old to the new behavior"
+                },
+                "example": "bob@domain.tld"
+            }
+        ]
+}]
diff --git a/scripts/_common.sh b/scripts/_common.sh
index ad14063..4c86ac5 100644
--- a/scripts/_common.sh
+++ b/scripts/_common.sh
@@ -17,6 +17,8 @@ install_source() {
         ynh_die --message "Error : this architecture is no longer supported by the upstream. Please create en issue here : https://github.com/YunoHost-Apps/seafile_ynh/issues to ask to discuss about a support of this architecture"
     fi
     ynh_setup_source "$final_path/seafile-server-$seafile_version" "$architecture"
+    cp ../sources/seafile_api_loader.sh $final_path/
+    cp ../sources/move_library.py $final_path/
 }
 
 install_dependance() {
diff --git a/scripts/change_url b/scripts/change_url
index 1d295b8..2e4a629 100644
--- a/scripts/change_url
+++ b/scripts/change_url
@@ -88,70 +88,6 @@ sed --in-place "s@REMOTE_USER_PROTECTED_PATH = \['$old_path', '$old_path/account
 
 ynh_script_progression --message="Updating seafile database" --weight=7
 
-# Update database
-
-# This fonction relplace all old domain name by the new domain name.
-# use : mysql_relpace_db db_name table collum
-mysql_relpace_db() {
-	sql_request='UPDATE `'"$2"'` SET '"$3 = replace($3, '$old_domain', '$domain')"
-	ynh_mysql_execute_as_root --sql "$sql_request" --database $1
-}
-
-# ccnet DB
-mysql_relpace_db ccnetdb EmailUser email
-mysql_relpace_db ccnetdb Group creator_name
-mysql_relpace_db ccnetdb GroupUser user_name
-mysql_relpace_db ccnetdb LDAPUsers email
-mysql_relpace_db ccnetdb Organization creator
-mysql_relpace_db ccnetdb OrgUser email
-mysql_relpace_db ccnetdb UserRole email
-
-# seafile DB
-mysql_relpace_db seafiledb OrgUserQuota user
-mysql_relpace_db seafiledb RepoGroup user_name
-mysql_relpace_db seafiledb RepoOwner owner_id
-mysql_relpace_db seafiledb RepoTrash owner_id
-mysql_relpace_db seafiledb RepoUserToken email
-mysql_relpace_db seafiledb SharedRepo from_email
-mysql_relpace_db seafiledb SharedRepo to_email
-mysql_relpace_db seafiledb UserQuota user
-mysql_relpace_db seafiledb UserShareQuota user
-
-# seahub DB
-mysql_relpace_db seahubdb api2_token user
-mysql_relpace_db seahubdb api2_tokenv2 user
-mysql_relpace_db seahubdb avatar_avatar emailuser
-mysql_relpace_db seahubdb base_clientlogintoken username
-mysql_relpace_db seahubdb base_devicetoken user
-mysql_relpace_db seahubdb base_filecomment author
-mysql_relpace_db seahubdb base_innerpubmsg from_email
-mysql_relpace_db seahubdb base_innerpubmsgreply from_email
-mysql_relpace_db seahubdb base_userenabledmodule username
-mysql_relpace_db seahubdb base_userlastlogin username
-mysql_relpace_db seahubdb base_userstarredfiles email
-mysql_relpace_db seahubdb group_groupmessage from_email
-mysql_relpace_db seahubdb group_messagereply from_email
-mysql_relpace_db seahubdb institutions_institutionadmin user
-mysql_relpace_db seahubdb notifications_usernotification to_user
-mysql_relpace_db seahubdb options_useroptions email
-mysql_relpace_db seahubdb post_office_attachment_emails email_id
-mysql_relpace_db seahubdb post_office_email from_email
-mysql_relpace_db seahubdb profile_profile user
-mysql_relpace_db seahubdb profile_profile login_id
-mysql_relpace_db seahubdb profile_profile contact_email
-mysql_relpace_db seahubdb registration_registrationprofile emailuser_id
-mysql_relpace_db seahubdb share_anonymousshare repo_owner
-mysql_relpace_db seahubdb share_fileshare username
-mysql_relpace_db seahubdb share_privatefiledirshare from_user
-mysql_relpace_db seahubdb share_privatefiledirshare to_user
-mysql_relpace_db seahubdb share_uploadlinkshare username
-mysql_relpace_db seahubdb sysadmin_extra_userloginlog username
-mysql_relpace_db seahubdb termsandconditions_usertermsandconditions username
-mysql_relpace_db seahubdb two_factor_phonedevice user
-mysql_relpace_db seahubdb two_factor_staticdevice user
-mysql_relpace_db seahubdb two_factor_totpdevice user
-mysql_relpace_db seahubdb wiki_personalwiki username
-
 # Avoid the current effect
 sleep 2
 
diff --git a/scripts/install b/scripts/install
index a529a5e..5c086a6 100644
--- a/scripts/install
+++ b/scripts/install
@@ -123,8 +123,9 @@ echo "TIME_ZONE = \"$(cat /etc/timezone)\"" | tee -a $final_path/conf/seahub_set
 
 # SSO authentication
 echo 'ENABLE_REMOTE_USER_AUTHENTICATION = True' | tee -a $final_path/conf/seahub_settings.py
+echo "REMOTE_USER_HEADER = 'HTTP_EMAIL'" | tee -a $final_path/conf/seahub_settings.py
 echo 'REMOTE_USER_CREATE_UNKNOWN_USER = False' | tee -a $final_path/conf/seahub_settings.py
-echo "REMOTE_USER_DOMAIN = '$domain'" | tee -a $final_path/conf/seahub_settings.py
+echo "REMOTE_USER_DOMAIN = ''" | tee -a $final_path/conf/seahub_settings.py
 echo "REMOTE_USER_PROTECTED_PATH = ['$path_url', '$path_url/accounts/login']" | tee -a $final_path/conf/seahub_settings.py
 
 # LDAP configuration
@@ -172,7 +173,8 @@ ynh_debug_exec ls /opt/yunohost/seafile/ccnet
 su - $seafile_user -s /bin/bash -c "$final_path/seafile-server-$seafile_version/seafile.sh start"
 # We escape all char witch needed.
 ynh_replace_special_string --match_string __ADMIN_PASSWORD__ --replace_string "$admin_password" --target_file $final_path/first_launch.exp
-su - $seafile_user -s /bin/bash -c "$final_path/first_launch.exp $final_path/seafile-server-$seafile_version $admin@$domain"
+admin_email=$(ynh_user_get_info --username $admin --key 'mail')
+su - $seafile_user -s /bin/bash -c "$final_path/first_launch.exp $final_path/seafile-server-$seafile_version $admin_email"
 ynh_secure_remove --file="$final_path/first_launch.exp"
 
 #=================================================
diff --git a/scripts/upgrade b/scripts/upgrade
index e0551c9..2c70185 100644
--- a/scripts/upgrade
+++ b/scripts/upgrade
@@ -144,8 +144,9 @@ case $installed_version in
 	expect_scripts/upgrade_7.0.exp $final_path/seafile-server-$seafile_version $root_pwd
 	# SSO authentication
     echo 'ENABLE_REMOTE_USER_AUTHENTICATION = True' | tee -a $final_path/conf/seahub_settings.py
+    echo "REMOTE_USER_HEADER = 'HTTP_EMAIL'" | tee -a $final_path/conf/seahub_settings.py
     echo 'REMOTE_USER_CREATE_UNKNOWN_USER = False' | tee -a $final_path/conf/seahub_settings.py
-    echo "REMOTE_USER_DOMAIN = '$domain'" | tee -a $final_path/conf/seahub_settings.py
+    echo "REMOTE_USER_DOMAIN = ''" | tee -a $final_path/conf/seahub_settings.py
     echo "REMOTE_USER_PROTECTED_PATH = ['$path_url', '$path_url/accounts/login']" | tee -a $final_path/conf/seahub_settings.py
 
     # Clean connexion from the SSO. If we don't do this we could have some when the user was loged by the old SSO auth mecanisme
diff --git a/sources/move_library.py b/sources/move_library.py
new file mode 100644
index 0000000..0ecbd72
--- /dev/null
+++ b/sources/move_library.py
@@ -0,0 +1,31 @@
+#!/usr/bin/env python
+
+import sys
+import os
+from seaserv import seafile_api, ccnet_api
+
+seafile_local_emails = map(lambda user: user.email, ccnet_api.get_emailusers('DB', start=-1, limit=-1, is_active=None))
+active_user_emails = map(lambda user: user.email, ccnet_api.get_emailusers(source='LDAPImport', start=-1, limit=-1, is_active=True))
+ldap_user_emails = map(lambda user: user.email, ccnet_api.get_emailusers(source='LDAP', start=-1, limit=-1, is_active=None))
+non_active_user_emails = list(set(ldap_user_emails) - set(active_user_emails))
+
+seafile_domain = os.environ['SEAFILE_CURRENT_DOMAIN']
+source_user = sys.argv[1]
+source_user_email = source_user + '@' + seafile_domain
+assert (source_user_email in seafile_local_emails), 'The user must be in local seafile users list'
+
+# TODO we might want to use non_active_user_emails in place of ldap_user_emails here
+filtered_potencial_target_users = list(filter(lambda email: email.startswith(source_user + '@'), ldap_user_emails))
+assert (not len(filtered_potencial_target_users) > 1), 'This user have multiple target possible can\'t continue'
+assert (len(filtered_potencial_target_users) == 1), 'This user doesn\'t have any possible match in Yunohost LDAP'
+
+target_user_email = filtered_potencial_target_users[0]
+
+ccnet_api.get_emailuser_with_import(target_user_email)
+
+source_repositories = seafile_api.get_owned_repo_list(source_user_email);
+
+for repo in source_repositories:
+    seafile_api.set_repo_owner(repo.id, target_user_email)
+
+ccnet_api.remove_emailuser('DB', source_user_email)
diff --git a/sources/patches/arm-force_domain_email.patch b/sources/patches/arm-force_domain_email.patch
deleted file mode 120000
index 53cd67a..0000000
--- a/sources/patches/arm-force_domain_email.patch
+++ /dev/null
@@ -1 +0,0 @@
-x86-64-force_domain_email.patch
\ No newline at end of file
diff --git a/sources/patches/x86-64-force_domain_email.patch b/sources/patches/x86-64-force_domain_email.patch
deleted file mode 100644
index 4feca54..0000000
--- a/sources/patches/x86-64-force_domain_email.patch
+++ /dev/null
@@ -1,16 +0,0 @@
-diff --git a/seahub/base/accounts.py b/seahub/base/accounts.py
-index 4ebbb98c4..ba468d073 100644
---- a/seahub/seahub/base/accounts.py
-+++ b/seahub/seahub/base/accounts.py
-@@ -540,7 +540,11 @@ class User(object):
- 
- class AuthBackend(object):
- 
-+    allowed_domain = settings.REMOTE_USER_DOMAIN
-+
-     def get_user_with_import(self, username):
-+        if '@' in username and self.allowed_domain != username.split('@')[1]:
-+            raise User.DoesNotExist, 'Invalid domain for the email. Please use the seafile domain for the domain part of the email.'
-         emailuser = seaserv.get_emailuser_with_import(username)
-         if not emailuser:
-             raise User.DoesNotExist, 'User matching query does not exits.'
diff --git a/sources/seafile_api_loader.sh b/sources/seafile_api_loader.sh
new file mode 100755
index 0000000..d9a8847
--- /dev/null
+++ b/sources/seafile_api_loader.sh
@@ -0,0 +1,22 @@
+#!/bin/bash
+
+# Source YunoHost helpers
+source /usr/share/yunohost/helpers
+
+# Stop script if errors
+#ynh_abort_if_errors
+
+# Import common cmd
+#source ./experimental_helper.sh
+#source ./_common.sh
+
+final_path=$(ynh_app_setting_get --app $YNH_APP_INSTANCE_NAME --key final_path)
+
+export SEAFILE_CURRENT_DOMAIN=$(ynh_app_setting_get --app $YNH_APP_INSTANCE_NAME --key domain)
+export CCNET_CONF_DIR=$final_path/ccnet
+export SEAFILE_CONF_DIR=$final_path/conf
+export SEAFILE_CENTRAL_CONF_DIR=$final_path/conf
+
+export PYTHONPATH=$final_path/seafile-server-latest/seafile/lib/python2.7/site-packages:$final_path/seafile-server-latest/seafile/lib64/python2.7/site-packages:$PYTHONPATH
+
+python $*