FAQ (English)

Who gets access to heiBOX?

Authorized are:

Additionally employees, PhD students and lecturers can invite guest users (that cannot invite other guest users or own libraries) who can be given access to libraries by all users after they accepted the invitation.

It is not possible to use the service with project accounts / project numbers / project identifiers.


How much storage space do I get?

Basic storage quota:

Additionally employees can request a fee-based expansion of their quota up to a maximum of 5 TB. Please see the price calculator for details.


I can't set up a share for a user despite using the Uni-ID - the system can't find the user. What could be the cause?

The accounts in heiBOX are only created after the first successful login via Uni-ID - before that the system does not know the user, therefore neither shares nor group memberships can be set up.


I would like to cooperate with external institutions / companies - can external users also use heiBOX?

Yes, employees can invite guest users via the web interface -> "Invite People". Guest users to not have their own quota and they cannot create or own libraries. After an invitation has been accepted, files can be shared with external users as well.

Alternatively employees and (PhD) students can always create up- and download links (which can be set to expire after a certain time and can be protected with a password) for unencrypted libraries to enable users to upload / download files without requiring an account.


When exactly does my access to heiBOX end after studies are completed / a contract is ending? Is there a waiting period?

The possibility to access heiBOX ends as follows:

Due to the used authentication method there is no waiting period! Please make sure that the data you need is downloaded and safely stored in time. Employees should also remember to transfer ownership of shared libraries to a new person in charge (e.g. the supervisor).


Where can I get the current Desktop Syncing or Drive client?

At https://www.seafile.com/en/download/ .


I am an employee/(PhD) student at Heidelberg University - how can I login via the Desktop client?

Use "Add an account" -> "Single Sign-On" (lower left corner) -> Seafile Server Address: https://heibox.uni-heidelberg.de .


I am an external guest user - how can I login via the Desktop client?

Use "Add an account" -> with Email / Username, Password and Server: https://heibox.uni-heidelberg.de .


I cannot login via the client after changing the password for my Uni-ID. Error message: "Failed to save current account". How can I fix this?

The easiest solution would be to delete the profile in your desktop client. Your data in heiBOX will not be affected but all libraries will be desynchronized:

  1. Open the main window of the desktop client.
  2. Left click your avatar to show your account(s).
  3. Select "delete" from the dropdown menu of the account you want to remove.
  4. Confirm the deletion. Please be aware that all your libraries will be desynchronized!
  5. Reconfigure your account. You can find instructions for this in our heiBOX short introduction -> "Login - Client".
  6. Resynchronize the libraries that you need.

What's the difference between the Desktop Syncing and the Desktop Drive Client?

Desktop Syncing client:

Desktop Drive Client:


When synchronizing a library, sometimes files with the extension "(SFConflict \<Uni-ID>@uni-heidelberg.de \<Date>)" are created - what is special about these files and how are they created?

Conflict files are generated when a file is edited simultaneously on several end devices.

Example:

The changes from both files must now be consolidated in some way (e.g. copy the content from the conflict file to the original, or discard the changes in the conflict file by deleting it, etc.) To prevent conflict files, most Seafile clients protect the file with a lock (write protection) when it is opened locally. However, this lock must first be synchronized on all other devices as well, which is why conflicts can still occur occasionally.

Conflict files often arise when changes have been made on a device where a library is not (or no longer) synchronized and the library is then synchronized again. Connection problems can also facilitate the creation of conflict files, since in this case neither locks nor changes can be synchronized via the client.


When using the SeaDrive Client, changes were not transferred to the server - my current data seems to have disappeared. Is there any way to restore it?

In such a case the data never reached the server, so the usual option to restore data via the history / versions of the library is not available. If not too much time has passed already, the changes may still be in the SeaDrive cache, which you can locate as follows:

  1. Right click on the SeaDrive icon in the task bar -> "Open logs folder".

  2. Change to the parent folder (".seadrive").

  3. Then change to the folders: "data" -> "file-cache".

  4. Here you will find folders named after the UUIDs of the libraries. You can find the UUID of a library via the web interface -> click on the library -> in the address line ("https://heibox.uni-heidelberg.de/library/<UUID>/").

  5. Copy the data to another location immediately before the SeaDrive Client cleans up the cache.


When using KeePass, no new version of the KeePass database file is created when a change is made - is the error caused by heiBOX?

Depending on the configuration it may happen that for a KeePass file no versions are kept in the history of the library.

The two options for KeePassXC are:

With active backup, a new version of both files is always created, regardless of the first option. If no backup is created, "Safely safe database files" should be deactivated if a versioning in heiBOX is desired.


There is a folder named "recycle-bin" in my Seafile Folder which contains subfolders I did not create - how did this happen?

The folder recycle-bin contains folders which were deleted by another user (via web interface or client) while the local client was still uploading files. This mechanism should prevent that changes on the local system are permanently lost.


General information

All employees, PhD students and regular students of Heidelberg University automatically have access to heiBOX. However, the accounts will only be created during the first login.

Members of the university, who have never logged into heiBOX have therefore no account (yet) and do not yet exist in the system. Please do not send guest invites to these users! Simply ask them to log in to heiBOX for the first time. After login you can group-invite or share files with these users as usual.

Please also note the general instructions for sharing and inviting, especially that invitations and shares should always be done using the user's Uni-ID, i.e. by inviting Uni-ID@uni-heidelberg.de


Who can invite guests?

Guests can be invited by the following groups:


How long are guest accounts valid / usable?

Guest accounts can be used until they are either deleted by the inviter or automatically removed from the system after 1 year of inactivity.


I accidentally deleted something - is there a backup?

There is a history and a trash bin for each library. By defeault, deleted files and library versions are saved for the last 30 days. You can find further information in the heiBOX short introduction -> "Restore deleted files or older file versions".


Can library ownership be transferred to other people, e.g. when required by personnel changes?

Yes, every user can transfer their own libraries to another person. Select "Transfer" in the dropdown menu of the library and type in the Uni-ID (this might require "\<Uni-ID>@uni-heidelberg.de") of the user you wish to transfer the library to.

Attention: This will irretrievably delete all previously existing shares! For a temporary transfer (e.g. for a vacation replacement), a share of the level 'Administration' might be better suited.


What are the special features when using encrypted libraries?

If the password is lost, the data is unrecoverably lost! Therefore, please make sure to store the password in a secure way.


I have a guest account and have forgotten my password - how can I access my account again?

In the login screen for the "Guest Login" there is a link with the text Forgot password? below the input fields, which can be used to request a new password.


Why do I receive an e-mail with the subject "heiBOX: Potential malware detected during regular background scanning"?

All unencrypted heiBOX libraries are regularly scanned for viruses in the background by the software ClamAV. If a potential malware is detected, the owner of this file will be informed once via e-mail about the potentially compromised file and the detected signature. Please check the file again yourself, because every virus scan can always result in false positives.


Where is my data stored?

All data is processed and stored exclusively on the systems of the University Computing Center in Heidelberg. The servers are operated in our own IaaS Private Cloud heiCLOUD. The data itself is stored in two copies on systems in different fire compartments.


How is the data being transferred?

The web servers of heiBOX are exclusively accessible via HTTPS - all communication between clients and servers is encrypted.


How does an encrypted library work?

The encryption procedure is:

  1. Generate a 32-byte long cryptographically strong random number. This will be used as the file encryption key ("file key").
  2. Encrypt the file key with the user provided password. We first use PBKDF2 algorithm (1000 iterations of SHA256) to derive a key/iv pair from the password, then use AES 256/CBC to encrypt the file key. The result is called the "encrypted file key". This encrypted file key will be sent to and stored on the server. When you need to access the data, you can decrypt the file key from the encrypted file key.
  3. All file data is encrypted by the file key with AES 256/CBC. We use PBKDF2 algorithm (1000 iterations of SHA256) to derive key/iv pair from the file key. After encryption, the data is uploaded to the server.

The above encryption procedure can be executed on the desktop and the mobile client. The Seahub browser client uses a different encryption procedure that happens at the server. Because of this your password will be transferred to the server.

When you sync an encrypted library to the desktop, the client needs to verify your password. When you create the library, a "magic token" is derived from the password and library id. This token is stored with the library on the server side. The client use this token to check whether your password is correct before you sync the library. The magic token is generated by PBKDF2 algorithm with 1000 iterations of SHA256 hash.

For maximum security, the plain-text password won't be saved on the client side, too. The client only saves the key/iv pair derived from the "file key", which is used to decrypt the data. So if you forget the password, you won't be able to recover it or access your data on the server.


I am an external guest user - how can I login via the web interface?

Via https://heibox.uni-heidelberg.de/accounts/login/ -> "Guest Login" -> dropdown "Login". The authentication is done directly via heiBOX itself.


Why can't Office files inside an encrypted library be accessed or downloaded by users with the permission "Online Read-Only" or "Online Read-Write"?

Office files (in contrast to markdown and other text files) are accessed via a dedicated Office Online server instead of being opened directly on a heiBOX webserver. This type of access is not possible when using an encrypted library - thus Office files would need to be downloaded by the user which is being prevented by the configured permissions.


Why can't I download files from Open Office even though they are shared as "Preview and download" or "Edit on cloud and download"?

Open Office unfortunately does not offer a download button or similar option, even for files that may be downloaded by the user. If you want to download this file directly, you can do this by appending ?dl=1 to the link. For example:

https://heibox.uni-heidelberg.de/f/xxxxxxxxxx/ ==> https://heibox.uni-heidelberg.de/f/xxxxxxxxxx/?dl=1


What is the meaning of the column "Expiration" in the overview "Invite People"?

Invitations that have not yet been accepted expire 14 days after the invitation is sent. Once the invitation has been accepted, this date no longer plays a role and guest accounts can be used until they are either deleted by the inviter or automatically removed from the system after one year of inactivity.


Which files can be viewed / edited with Office Online?

View:

Edit:

When editing Office documents a file lock named "locked by OnlineOffice" is created - why?

The lock is created automatically as soon as a file is opened via Office Online and ensures that the content cannot be changed simultaneously by another user (e.g. via the Desktop Client). Shared editing by several users at the same time is easily possible via the web interface. The lock expires 30 minutes after the last access via Office Online, but can also be removed manually via the drop-down menu of the file -> "Unlock".


If a tab that is used to edit Office documents is closed and the document is opened again, my user name appears several times as an editor - is this an error?

The following steps happen when editing Office documents via the Office Online server:

  1. The document is opened via the heiBOX web interface.
  2. HeiBOX sends the web browser a page that includes a file access call via the Office Online server.
  3. The resulting request is sent to the Office Online server via the browser.
  4. The Office Online server loads the document from heiBOX and the user can edit it online.

The document is marked in heiBOX as "locked by OnlineOffice". The corresponding lock can be removed at any time via the drop-down menu -> "Unlock". Requests are assigned a user name, but from the point of view of the Office Online Server they are not linked to each other - therefore, editors can appear here multiple times. The session for editing the document (and thus the lock) expires after 30 minutes.


The upload of a large file always aborts with an error - what is the reason for this?

Files can only be uploaded vie the web interface up to a a maximum file size of 5 GB. Please use Desktop Syncing or Desktop Drive Client to upload larger files.


Is there a limit when downloading something via the web interface?

Yes, only folders up to a maximum size of 2 GB can be downloaded via the web interface. Please use Desktop Syncing or Desktop Drive Client to download larger folders.


How can I use heiBOX via WebDAV?

First you have to set a separate password for access under "Settings" -> "WebDav Password". For the login the following values must be used:


Are there any limitations when using WebDAV?

Yes, encrypted libraries cannot be accessed and the access is slower compared to using the web interface or the desktop clients.


Which files can be searched with the full text search?

The contents of the following files are currently indexed in the full text search, provided the files are located in an unencrypted library:

Office files:

Text files:

All other files are indexed by file name only.


Since files can be uploaded via an upload link worldwide and without any authentication, they are checked by a virus scanner by default before they are saved in the library. If a potential malware is detected, the file is not saved and the message "File has virus." appears. To be on the safe side, the file should be checked again by yourself with an up-to-date virus scanner. If a file was wrongly classified as a virus, please send an e-mail to our IT-Service.

If you'd like to upload the file anyway, please encrypt and then upload it.


I would like to delete a guest account that I created - what do I have to do?

Guest accounts created before 08/2019 can be removed upon request by email to IT-Service. All other guests can be deleted autonomously under "Invite people" -> "Revoke Access".


Yes, this is indeed a bug. Unfortunately the full text search does not work for logged in users at the moment. To use the full text search without having to log out every time, the FAQ can be opened in a separate, anonymous browser window.


I would like to add someone to a group / library, but I can't find the person in the list - what could be the error?

Users can only be added after their first login. Employees will then be able to search for people using the global address book. Students, PhD students and guests do not have access to the global address book and need the Uni-ID of the user(s) for direct sharing.

Direct sharing using the unique "\<Uni-ID>@uni-heidelberg.de" is always possible for all users.


Downloading multiple files as a ZIP archive is not possible, the error message "Please check the network connection" is displayed - what could be the cause?

In most cases certain functions are blocked by a browser addon, e.g. an adblocker. We recommend to exclude heiBOX from adblockers.


I have used a Web API Auth Token and would like to reset it, but cannot find a way to do so.

Unfortunately, it is currently not possible to reset Web API tokens on your own. In this case, please contact our IT Service by e-mail.

Last modified by Marc Brendel, 2022-06-24

Who gets access to heiBOX?
How much storage space do I get?
I can't set up a share for a user despite using the Uni-ID - the system can't find the user. What could be the cause?
I would like to cooperate with external institutions / companies - can external users also use heiBOX?
When exactly does my access to heiBOX end after studies are completed / a contract is ending? Is there a waiting period?
Where can I get the current Desktop Syncing or Drive client?
I am an employee/(PhD) student at Heidelberg University - how can I login via the Desktop client?
I am an external guest user - how can I login via the Desktop client?
I cannot login via the client after changing the password for my Uni-ID. Error message: "Failed to save current account". How can I fix this?
What's the difference between the Desktop Syncing and the Desktop Drive Client?
When synchronizing a library, sometimes files with the extension "(SFConflict \<Uni-ID>@uni-heidelberg.de \<Date>)" are created - what is special about these files and how are they created?
When using the SeaDrive Client, changes were not transferred to the server - my current data seems to have disappeared. Is there any way to restore it?
When using KeePass, no new version of the KeePass database file is created when a change is made - is the error caused by heiBOX?
There is a folder named "recycle-bin" in my Seafile Folder which contains subfolders I did not create - how did this happen?
General information
Who can invite guests?
How long are guest accounts valid / usable?
I accidentally deleted something - is there a backup?
Can library ownership be transferred to other people, e.g. when required by personnel changes?
What are the special features when using encrypted libraries?
I have a guest account and have forgotten my password - how can I access my account again?
Why do I receive an e-mail with the subject "heiBOX: Potential malware detected during regular background scanning"?
Where is my data stored?
How is the data being transferred?
How does an encrypted library work?
I am an external guest user - how can I login via the web interface?
Why can't Office files inside an encrypted library be accessed or downloaded by users with the permission "Online Read-Only" or "Online Read-Write"?
Why can't I download files from Open Office even though they are shared as "Preview and download" or "Edit on cloud and download"?
What is the meaning of the column "Expiration" in the overview "Invite People"?
Which files can be viewed / edited with Office Online?
When editing Office documents a file lock named "locked by OnlineOffice" is created - why?
If a tab that is used to edit Office documents is closed and the document is opened again, my user name appears several times as an editor - is this an error?
The upload of a large file always aborts with an error - what is the reason for this?
Is there a limit when downloading something via the web interface?
How can I use heiBOX via WebDAV?
Are there any limitations when using WebDAV?
Which files can be searched with the full text search?
The upload via an upload link aborts with the error message "File has virus." - what's that all about?
I would like to delete a guest account that I created - what do I have to do?
The full text search in a published library / wiki does not work for some / all users - is this an error / bug?
I would like to add someone to a group / library, but I can't find the person in the list - what could be the error?
Downloading multiple files as a ZIP archive is not possible, the error message "Please check the network connection" is displayed - what could be the cause?
I have used a Web API Auth Token and would like to reset it, but cannot find a way to do so.