Samba 3 on OSX Lion - plus SWAT!

I run Ubuntu 10.4 on my old Acer T180 for backup porpoises. I use rsynch to copy .tgz files over from my Tiger and Lion machines.

However, using Samba Version 3.4.7 on Linux 2.6.32-38-generic with Gnome 2.28 and Nautilus 2.30.2, I was getting errors when trying to mount shares hosted on OSX Lion 10.7.2 and 10.7.3 like this (which works work fine with Tiger):

sudo mount -t cifs // /mnt/echo/WetMice -o username=mcook,password=PASSWORD

After lots of web-searching. I tried adding various extra parameters which some folks  claimed to work. For example:

mcook@cara:/mnt/echo$ sudo mount.cifs // /mnt/echo/mcook -o user=mcook,password=PASSWORD,nounix,sec=ntlmssp,noperm,rw

But this would result in:

mount error(126): Required key not available

Earlier, smbclient would fail:

Connection to echo failed (Error NT_STATUS_CONNECTION_REFUSED)
NetBIOS over TCP disabled -- no workgroup available

And Lion would complain with messages such as:

Feb  7 23:03:16 echo smbd[47992]: SMB client not supported - Unicode, NT Errors, Long Names and Extended Security are required
Feb  7 23:03:16 echo sandboxd[47995] ([47992]): smbd(47992) deny job-creation

In Nautilus (Linux) it would let me see the drive and even mount it read-only with SMB, but it would not let me create a file or write back to it, saying:

error creating new file / function not implemented

I could work around this using Nautilus to mount Lion shares using sftp.

I tried using avahi with netatalk to have Ubuntu be an AFP server, but I still could not write to a Lion share.

I tried using SMBup on Lion but it didn't work for me. Also, when uninstalling it it completely trashed my MacPorts GNUpg setup. Honest!

Long story short. After doing a lot of cleaning and re-installing MacPorts I decided to install Samba 3 on Lion.

The steps to do this and disable Lion's existing SMB, are very nicely written up already at Thanks!

To get SWAT working I had to do a little more:

1) Edit /etc/services:

– Uncomment existing lines for port 901
– add this line at the end of the file:

swat 901/tcp # swat

2) sudo vi /Library/LaunchDaemons/org.samba.swat.plist

3) Add this text

Note that in my example .plist the -a parameter starts SWAT in "demo mode". This is potentially very dangerous, so you should remove it after initial testing. See point 7 below.

4) Save the .plist

5) To start SWAT:
sudo launchctl load -F -w /Library/LaunchDaemons/org.samba.swat.plist

To stop SWAT:
sudo launchctl stop /Library/LaunchDaemons/org.samba.swat.plist
sudo launchctl unload -F -w /Library/LaunchDaemons/org.samba.swat.plist:

6) In your web browser, go to http://localhost:901/

7) My example .plist includes the -a parameter, specifying "demo mode" so your browser should take you right into SWAT with no login being required. Go back to step 2 and change the ,plist to remove the -a start parameter,  re-save the file, start then restart SWAT. It should prompt you for a user name and password. User name root and your root password should now work to let you access SWAT securely.

NOTE: As of 2012-02-19 removing -a does not work on OSX 10.7.3 and I am still looking for a solution.

I think that’s all for now.

Have a nice day!
2012-02-19, updated 2019-04-03 to correct local URLs for