Authorized are:
Additionally employees, PhD students and lecturers can invite guest users (that cannot invite other guest users or own libraries) who can be given access to libraries by all users after they accepted the invitation.
It is not possible to use the service with project accounts / project numbers / project identifiers!
Basic storage quota:
Additionally employees can request a fee-based expansion of their quota up to a maximum of 5 TB. Please see the price calculator for details.
The accounts in heiBOX are only created after the first successful login via Uni-ID - before that the system does not know the user, therefore neither shares nor group memberships can be set up.
Yes, employees can invite guest users via the web interface -> "Invite People". Guest users to not have their own quota and they cannot create or own libraries. After an invitation has been accepted, files can be shared with external users as well.
Alternatively employees and (PhD) students can always create up- and download links (which can be set to expire after a certain time and can be protected with a password) for unencrypted libraries to enable users to upload / download files without requiring an account.
The possibility to access heiBOX ends as follows:
Due to the used authentication method there is no waiting period! Please make sure that the data you need is downloaded and safely stored in time. Employees should also remember to transfer ownership of shared libraries to a new person in charge (e.g. the supervisor).
At https://www.seafile.com/en/download/ .
Use "Add an account" -> "Single Sign-On" (lower left corner) -> Seafile Server Address: https://heibox.uni-heidelberg.de .
Use "Add an account" -> with Email / Username, Password and Server: https://heibox.uni-heidelberg.de .
The easiest solution would be to delete the profile in your desktop client. Your data in heiBOX will not be affected but all libraries will be desynchronized:
Desktop Syncing client:
Desktop Drive Client:
Conflict files are generated when a file is edited simultaneously on several end devices.
Example:
The changes from both files must now be consolidated in some way (e.g. copy the content from the conflict file to the original, or discard the changes in the conflict file by deleting it, etc.) To prevent conflict files, most Seafile clients protect the file with a lock (write protection) when it is opened locally. However, this lock must first be synchronized on all other devices as well, which is why conflicts can still occur occasionally.
Conflict files often arise when changes have been made on a device where a library is not (or no longer) synchronized and the library is then synchronized again. Connection problems can also facilitate the creation of conflict files, since in this case neither locks nor changes can be synchronized via the client.
In such a case the data never reached the server, so the usual option to restore data via the history / versions of the library is not available. If not too much time has passed already, the changes may still be in the SeaDrive cache, which you can locate as follows:
Depending on the configuration it may happen that for a KeePass file no versions are kept in the history of the library.
The two options for KeePassXC are:
With active backup, a new version of both files is always created, regardless of the first option. If no backup is created, "Safely safe database files" should be deactivated if a versioning in heiBOX is desired.
The folder recycle-bin
contains folders which were deleted by another user (via web interface or client) while the local client was still uploading files. This mechanism should prevent that changes on the local system are permanently lost.
All employees, PhD students and regular students of Heidelberg University automatically have access to heiBOX. However, the accounts will only be created during the first login.
Members of the university, who have never logged into heiBOX have therefore no account (yet) and do not yet exist in the system. Please do not send guest invites to these users! Simply ask them to log in to heiBOX for the first time. After login you can group-invite or share files with these users as usual.
Please also note the general instructions for sharing and inviting, especially that invitations and shares should always be done using the user's Uni-ID, i.e. by inviting Uni-ID@uni-heidelberg.de
Guests can be invited by the following groups:
Guest accounts can be used until they are either deleted by the inviter or automatically removed from the system after 1 year of inactivity.
There is a history and a trash bin for each library. By defeault, deleted files and library versions are saved for the last 30 days. You can find further information in the heiBOX short introduction -> "Restore deleted files or older file versions".
Yes, every user can transfer their own libraries to another person. Select "Transfer" in the dropdown menu of the library and type in the Uni-ID (this might require "\<Uni-ID>@uni-heidelberg.de") of the user you wish to transfer the library to.
Attention: This will irretrievably delete all previously existing shares! For a temporary transfer (e.g. for a vacation replacement), a share of the level 'Administration' might be better suited.
If the password is lost, the data is unrecoverably lost! Therefore, please make sure to store the password in a secure way.
In the login screen for the "Guest Login" there is a link with the text Forgot password?
below the input fields, which can be used to request a new password.
All unencrypted heiBOX libraries are regularly scanned for viruses in the background by the software ClamAV
. If a potential malware is detected, the owner of this file will be informed once via e-mail about the potentially compromised file and the detected signature. Please check the file again yourself, because every virus scan can always result in false positives.
All data is processed and stored exclusively on the systems of the University Computing Center in Heidelberg. The servers are operated in our own IaaS Private Cloud heiCLOUD. The data itself is stored in two copies on systems in different fire compartments.
The web servers of heiBOX are exclusively accessible via HTTPS - all communication between clients and servers is encrypted.
The encryption procedure is:
The above encryption procedure can be executed on the desktop and the mobile client. The Seahub browser client uses a different encryption procedure that happens at the server. Because of this your password will be transferred to the server.
When you sync an encrypted library to the desktop, the client needs to verify your password. When you create the library, a "magic token" is derived from the password and library id. This token is stored with the library on the server side. The client use this token to check whether your password is correct before you sync the library. The magic token is generated by PBKDF2 algorithm with 1000 iterations of SHA256 hash.
For maximum security, the plain-text password won't be saved on the client side, too. The client only saves the key/iv pair derived from the "file key", which is used to decrypt the data. So if you forget the password, you won't be able to recover it or access your data on the server.
Via https://heibox.uni-heidelberg.de/accounts/login/ -> "Guest Login" -> dropdown "Login". The authentication is done directly via heiBOX itself.
Office files (in contrast to markdown and other text files) are accessed via a dedicated Office Online server instead of being opened directly on a heiBOX webserver. This type of access is not possible when using an encrypted library - thus Office files would need to be downloaded by the user which is being prevented by the configured permissions.
Open Office unfortunately does not offer a download button or similar option, even for files that may be downloaded by the user. If you want to download this file directly, you can do this by appending ?dl=1
to the link. For example:
https://heibox.uni-heidelberg.de/f/xxxxxxxxxx/ ==> https://heibox.uni-heidelberg.de/f/xxxxxxxxxx/?dl=1
Invitations that have not yet been accepted expire 14 days after the invitation is sent. Once the invitation has been accepted, this date no longer plays a role and guest accounts can be used until they are either deleted by the inviter or automatically removed from the system after one year of inactivity.
View:
Edit:
The lock is created automatically as soon as a file is opened via Office Online and ensures that the content cannot be changed simultaneously by another user (e.g. via the Desktop Client). Shared editing by several users at the same time is easily possible via the web interface. The lock expires 30 minutes after the last access via Office Online, but can also be removed manually via the drop-down menu of the file -> "Unlock".
The following steps happen when editing Office documents via the Office Online server:
The document is marked in heiBOX as "locked by OnlineOffice". The corresponding lock can be removed at any time via the drop-down menu -> "Unlock". Requests are assigned a user name, but from the point of view of the Office Online Server they are not linked to each other - therefore, editors can appear here multiple times. The session for editing the document (and thus the lock) expires after 30 minutes.
Files can only be uploaded vie the web interface up to a a maximum file size of 5 GB. Please use Desktop Syncing or Desktop Drive Client to upload larger files.
Yes, only folders up to a maximum size of 2 GB can be downloaded via the web interface. Please use Desktop Syncing or Desktop Drive Client to download larger folders.
First you have to set a separate password for access under "Settings" -> "WebDav Password". For the login the following values must be used:
Yes, encrypted libraries cannot be accessed and the access is slower compared to using the web interface or the desktop clients.
The contents of the following files are currently indexed in the full text search, provided the files are located in an unencrypted library:
Office files:
Text files:
All other files are indexed by file name only.
Since files can be uploaded via an upload link worldwide and without any authentication, they are checked by a virus scanner by default before they are saved in the library. If a potential malware is detected, the file is not saved and the message "File has virus." appears. To be on the safe side, the file should be checked again by yourself with an up-to-date virus scanner. If a file was wrongly classified as a virus, please send an e-mail to our IT-Service.
If you'd like to upload the file anyway, please encrypt and then upload it.
Guest accounts created before 08/2019 can be removed upon request by email to IT-Service. All other guests can be deleted autonomously under "Invite people" -> "Revoke Access".
Yes, this is indeed a bug. Unfortunately the full text search does not work for logged in users at the moment. To use the full text search without having to log out every time, the FAQ can be opened in a separate, anonymous browser window.
Users can only be added after their first login. Employees will then be able to search for people using the global address book. Students, PhD students and guests do not have access to the global address book and need the Uni-ID of the user(s) for direct sharing.
Direct sharing using the unique "\<Uni-ID>@uni-heidelberg.de" is always possible for all users.
In most cases certain functions are blocked by a browser addon, e.g. an adblocker. We recommend to exclude heiBOX from adblockers.
Unfortunately, it is currently not possible to reset Web API tokens on your own. In this case, please contact our IT Service by e-mail.
Last modified by Marc Brendel, 2024-03-01