diff --git a/apps/files_encryption/appinfo/register_command.php b/apps/files_encryption/appinfo/register_command.php
new file mode 100644
index 0000000000..dfb7f5c375
--- /dev/null
+++ b/apps/files_encryption/appinfo/register_command.php
@@ -0,0 +1,12 @@
+<?php
+/**
+ * Copyright (c) 2015 Thomas Müller <deepdiver@owncloud.com>
+ * This file is licensed under the Affero General Public License version 3 or
+ * later.
+ * See the COPYING-README file.
+ */
+
+use OCA\Files_Encryption\Command\MigrateKeys;
+
+$userManager = OC::$server->getUserManager();
+$application->add(new MigrateKeys($userManager));
diff --git a/apps/files_encryption/command/migratekeys.php b/apps/files_encryption/command/migratekeys.php
new file mode 100644
index 0000000000..200d7367da
--- /dev/null
+++ b/apps/files_encryption/command/migratekeys.php
@@ -0,0 +1,74 @@
+<?php
+/**
+ * Copyright (c) 2015 Thomas Müller <thomas.mueller@tmit.eu>
+ * This file is licensed under the Affero General Public License version 3 or
+ * later.
+ * See the COPYING-README file.
+ */
+
+namespace OCA\Files_Encryption\Command;
+
+use OCA\Files_Encryption\Migration;
+use OCP\IUserBackend;
+use Symfony\Component\Console\Command\Command;
+use Symfony\Component\Console\Input\InputArgument;
+use Symfony\Component\Console\Input\InputInterface;
+use Symfony\Component\Console\Output\OutputInterface;
+
+class MigrateKeys extends Command {
+
+	/** @var \OC\User\Manager */
+	private $userManager;
+
+	public function __construct(\OC\User\Manager $userManager) {
+		$this->userManager = $userManager;
+		parent::__construct();
+	}
+
+	protected function configure() {
+		$this
+			->setName('encryption:migrate-keys')
+			->setDescription('migrate encryption keys')
+			->addArgument(
+				'user_id',
+				InputArgument::OPTIONAL | InputArgument::IS_ARRAY,
+				'will migrate keys of the given user(s)'
+			);
+	}
+
+	protected function execute(InputInterface $input, OutputInterface $output) {
+
+		// perform system reorganization
+		$migration = new Migration();
+		$output->writeln("Reorganize system folder structure");
+		$migration->reorganizeSystemFolderStructure();
+
+		$users = $input->getArgument('user_id');
+		if (!empty($users)) {
+			foreach ($users as $user) {
+				if ($this->userManager->userExists($user)) {
+					$output->writeln("Migrating keys   <info>$user</info>");
+					$migration->reorganizeFolderStructureForUser($user);
+				} else {
+					$output->writeln("<error>Unknown user $user</error>");
+				}
+			}
+		} else {
+			foreach($this->userManager->getBackends() as $backend) {
+				$name = get_class($backend);
+
+				if ($backend instanceof IUserBackend) {
+					$name = $backend->getBackendName();
+				}
+
+				$output->writeln("Migrating keys for users on backend <info>$name</info>");
+				$users = $backend->getUsers();
+				foreach ($users as $user) {
+						$output->writeln("   <info>$user</info>");
+						$migration->reorganizeFolderStructureForUser($user);
+				}
+			}
+		}
+
+	}
+}
diff --git a/apps/files_encryption/lib/migration.php b/apps/files_encryption/lib/migration.php
index 1bab1dfe4a..cf5552f84a 100644
--- a/apps/files_encryption/lib/migration.php
+++ b/apps/files_encryption/lib/migration.php
@@ -40,6 +40,15 @@ class Migration {
 	}
 
 	public function reorganizeFolderStructure() {
+		$this->reorganizeSystemFolderStructure();
+
+		$users = \OCP\User::getUsers();
+		foreach ($users as $user) {
+			$this->reorganizeFolderStructureForUser($user);
+		}
+	}
+
+	public function reorganizeSystemFolderStructure() {
 
 		$this->createPathForKeys('/files_encryption');
 
@@ -60,27 +69,28 @@ class Migration {
 		$this->view->deleteAll('/owncloud_private_key');
 		$this->view->deleteAll('/files_encryption/share-keys');
 		$this->view->deleteAll('/files_encryption/keyfiles');
+	}
 
-		$users = \OCP\User::getUsers();
-		foreach ($users as $user) {
-			// backup all keys
-			if ($this->backupUserKeys($user)) {
-				// create new 'key' folder
-				$this->view->mkdir($user . '/files_encryption/keys');
-				// rename users private key
-				$this->renameUsersPrivateKey($user);
-				// rename file keys
-				$path = $user . '/files_encryption/keyfiles';
-				$this->renameFileKeys($user, $path);
-				$trashPath = $user . '/files_trashbin/keyfiles';
-				if (\OC_App::isEnabled('files_trashbin') && $this->view->is_dir($trashPath)) {
-					$this->renameFileKeys($user, $trashPath, true);
-					$this->view->deleteAll($trashPath);
-					$this->view->deleteAll($user . '/files_trashbin/share-keys');
-				}
-				// delete old folders
-				$this->deleteOldKeys($user);
+
+	public function reorganizeFolderStructureForUser($user) {
+		// backup all keys
+		\OC_Util::setupFS($user);
+		if ($this->backupUserKeys($user)) {
+			// create new 'key' folder
+			$this->view->mkdir($user . '/files_encryption/keys');
+			// rename users private key
+			$this->renameUsersPrivateKey($user);
+			// rename file keys
+			$path = $user . '/files_encryption/keyfiles';
+			$this->renameFileKeys($user, $path);
+			$trashPath = $user . '/files_trashbin/keyfiles';
+			if (\OC_App::isEnabled('files_trashbin') && $this->view->is_dir($trashPath)) {
+				$this->renameFileKeys($user, $trashPath, true);
+				$this->view->deleteAll($trashPath);
+				$this->view->deleteAll($user . '/files_trashbin/share-keys');
 			}
+			// delete old folders
+			$this->deleteOldKeys($user);
 		}
 	}
 
@@ -277,6 +287,4 @@ class Migration {
 			}
 		}
 	}
-
-
 }