in mixed mode (in both 7-mode and cdot) each object (folder or a file) will have both a unix and a windows ACL. with only one of them is effective(the one last created or ACL modified on). it's sounds like in your cdot environment the permission is not yet set via windows client and that's why you see the ACL mapping of the unix one - to a windows one.
you can see the effective ACL with "security show /vol/name" on the 7-mode and "vserver security file-directory show -vserver SVM -path /vol_name" on Cdot
You can go ahead and change it now, and it will take place.
i will also add that mixed mode can be very confusing, and there's very few good use cases to use it.
for access the same dataset from both linux and windows - it should not be used, a user mapping, or mounting via a single protocol (nfs or smb via any OS) is the right way.