/vol/secgroup_group     -sec=sys,rw=mfanfs,root=x.x.x.x,nosuid

Qtree is mounted on linux box:
> mount -o vers=4,acl secgroup:/vol/secgroup_group /secgroup
> grep secgroup /proc/mounts
secgroup:/vol/secgroup_group/ /secgroup nfs4 rw,relatime,vers=4,rsize=65536,wsize=65536,namlen=255,hard,proto=tcp,port=0,timeo=600,retrans=2,sec=sys,clientaddr=x.x.x.x,minorversion=0,local_lock=none,addr=x.x.x.x 0 0

NFS option on filer:
> options nfs.ntacl
nfs.ntacl_display_permissive_perms on

From a windows box, using the CIFS share to that qtree, I can right click on a file, select security, and then see/set the usual NTFS style ACLs.

When use getfacl from the unix box, I still only see the unix style (User,Group,Other) permissions.

What I'm hoping to see is the Windows style ACLs that are on the files.

I can see them from the filer:

secgroup@testfs1>  fsecurity show /vol/secgroup_group/ccc/pit
[/vol/secgroup_group/ccc/pit - File (inum 28476)]
  Security style: NTFS
  Effective style: NTFS

  DOS attributes: 0x0020 (---A----)

  Unix security:
    uid: xxxx(username)
    gid: 101 (groupname)
    mode: 0777 (rwxrwxrwx)

  NTFS security descriptor:
    Owner: DOMAIN\username
    Group: DOMAIN\Domain Users
    DACL:
      Allow - DOMAIN\budget - 0x001f01ff (Full Control)
      Allow - Everyone - 0x001200a9 (Read and Execute) - (Inherited)
      Allow - DOMAIN\username - 0x001f01ff (Full Control) - (Inherited)
      Allow - DOMAIN\group - 0x001f01ff (Full Control) - (Inherited)

I am hoping to be able to see the above output, from the linux client.  I'm looking for a way for users on linux clients to see the windows ACLs that are on this NTFS qtree.

Any suggestions?

Thanks.