Inbound mapping means that an AuthID (username) is mapped to a different value after logging in at an XDB Server. A request is received at either the remote server that references a location controlled by the remote server (using three-part names) or the server itself (using CONNECT).
The values in the SYSIBM.SYSLUNAME table indicate that requests coming from the primary XDB Server should be translated. If a password is present, the AuthID and password are checked against SYSXDB.SYSACFUSERS. See the section Trusting for more about password checking. Then, the SYSIBM.SYSUSERNAMES table is checked and the AuthID is mapped. Finally, the request is processed with the AuthID obtained by inbound mapping.
Mapping AuthIDs on an XDB Server that will accept requests from other XDB Servers allows you to have more control over which AuthIDs have access. If inbound mapping is not used, you must update the SYSXDB.SYSACFUSERS table with all AuthIDs that will have access. These users must also be given the appropriate privileges. In a distributed environment, this can mean keeping track of hundreds of individual AuthIDs. You can map incoming AuthIDs into a manageable number of AuthIDs. Then only the mapped AuthIDs must be given privileges to access data objects.