diff --git a/source/orchestrationLogic/HEAT/fileserver.sh b/source/orchestrationLogic/HEAT/fileserver.sh
index 1b94a39f68ad0f396cd906c9773ce6e074f8dda3..15951862634cd795e02d68ed9c20f48c42d2e18e 100644
--- a/source/orchestrationLogic/HEAT/fileserver.sh
+++ b/source/orchestrationLogic/HEAT/fileserver.sh
@@ -19,9 +19,8 @@ mkdir /opt/data/shared
 # this directory should be owned by root for security reasons
 # http://lists.mindrot.org/pipermail/openssh-unix-dev/2009-May/027651.html
 chown root:root /opt/data
-chmod u=rwx,g=rx,o=rwx /opt/data
+chmod 755 /opt/data
 
-sudo service smbd restart
 
 # Everything below is based on the great top answer for this stack exchange question
 # https://unix.stackexchange.com/questions/503312/is-it-possible-to-grant-users-sftp-access-without-shell-access-if-yes-how-is-i
@@ -30,6 +29,11 @@ sudo service smbd restart
 addgroup --system allowssh
 addgroup --system sftponly
 
+chown <owern>:allowssh /opt/data/shared
+chmod 775 /opt/data
+
+sudo service smbd restart
+
 # creates a user with no no password
 # /sbin/nologin is not needed but is done just to be safe
 adduser --disabled-password --gecos "" --home /home/project_owner <owner>