Accientally setup with single user mode disabled, any way to pull users over and go back?

[Slickspacestech]

I accidentally setup selfhosted with the disable single user mode. I've realized I misunderstood what that was doing. Any way I can have users join my network?

I've tried having them delete their netbird account and re-sign in but it's still on their own "network".

I'm using Azure AD for my idp.

Thanks,

[VignRaph]

Just to chime in because I had to do this on my part to have to organisations with multiple users on each, if you are confident in your capabilities, you can go and edit the database records yourself, if you want to do so and need some guidance I'd be happy to help.

[laweschan]

Hi @VignRaph ,

yes I would also want to study and take a look in netbird and zitadel about multiple users in different orgranizations setting. since I don't have much idea on both products so your guidance would be helpful.

if possible please share it 

thanks very much

Lawes

[VignRaph]

I'll start with the basics of how Netbird stores users Netbird was also kind enough to provide us the full schema of the DB at NetBird SQLite Schema In short:

• users are linked to the emails
• accounts are the groupments of users / peers

Now, here's my little step by step to have multiple accounts with multiple users in each account (or just to change/correct users association with accounts) Firstly, the users we want to edit must have already created their accounts/logged in.

Tips:

• To help you identify which user is which from the DB files, add each user you want to edit an access token (aka an api key) with their name as the api key name
• Delete from the UI all the peers, routes, policies of accounts you that will no longer exist if you move their users to another account

Now, we want to export the user/accounts database, so from a terminal in the folder of your docker compose, whilst the netbird server is running, run these commands :

docker compose cp -a management:/var/lib/netbird/ backup/
docker compose down

This will put a copy of your database into an accessible folder backup alongside your docker-compose.yaml We'll make a copy of this folder and name it restore. This folder should contain another folder, named netbird which in turn contains 4 files. Now we'll use any tool to browse and edit the .\restore\netbird\store.db file to our liking. (I use DB Browser for SQLite) To find users :

• Open the personal_access_tokens table and find the token you created for the user, in the user_id column you'll find the user id

To find accounts :

• Find the user that is the owner and from the users table find the account_id it is associated to

Now we can change the account_id of a user to move it to another already existing account. If we removed the owner of an account, remember to:

1. make sure you do not put two users as owners of an account
2. don't leave an account with no users at all

To delete an account, you'll have to delete all references to its account_id which means going into the groups table and deleting the All group of this account and then deleting the account. (If you have not deleted everything you could from the web UI, you might have to check all tables that are linked to the account_ids)

And now to put our modified db files back into our netbird volume and restart our service we'll run:

docker run -d --rm --name dummy -v netbird_netbird_management:/var/lib/netbird alpine tail -f /dev/null
docker exec -ti dummy rm -rf /var/lib/netbird
docker cp -a restore/netbird/ dummy:/var/lib/
docker stop dummy
docker compose up -d