The goal is to make an NFS share on NetApp accessible to two different hosts for a user having the same name but different uid on those hosts

Host1 

user10 uid=1011

Host2

user10 uid=1012

nfs path is 10.10.10.10:/vol1/exchange

volume vol1 that hosts the share 

User ID: 0
Group ID: 0
Security Style: unix
UNIX Permissions: ---rwxr-xr-x

the directory exchange that has to be writable by both has:

File Path: /vol1/exchange

Security Style: unix
Effective Style: unix
DOS Attributes: 10
DOS Attributes in Text: ----D---
Expanded Dos Attributes: -
UNIX User Id: 1012
UNIX Group Id: 1012
UNIX Mode Bits: 750
UNIX Mode Bits in Text: rwxr-x---
ACLs: -

I thought that nfsv4 can do the job. client will pass user10@mydomain.com instead of their uid and it will work

What was done:

     - created user10 on SVM with uid 1012

     - set v4-id-domain to mydomain.com

     - changed idmapd.conf on both hosts to add domain = mydomain.com

mount -t nfs 10.10.10.10:/vol1/exchange /mnt/exchange

But when user10 on host1 tries to make "ls /mnt/exchange" it gets Permission denied.

in logs I see 

Cluster1::*> vserver security trace trace-result show -volume-name vol1 -client-ip 10.10.10.2 -fields unix-user,result,security-style
node vserver seqnum security-style result unix-user
--------------- --------------- ------ ----------------- -------------------------------------------------------- ---------
Cluster1 SVM_01 365 SECURITY_MODEBITS Access is not granted for: "Modify", "Extend", "Delete" 1011
Cluster1 SVM_01 366 SECURITY_MODEBITS Access is not granted for: "Lookup", "Modify", "Extend", "Delete", "Read" 1011
2 entries were displayed.

Do I misunderstand completely how nfs4 authentication works?

Thanks