Which authentication mechanism is compatible with an Active Directory identity store only?

The authentication mechanism compatible with an Active Directory identity store is Kerberos. Kerberos is a network authentication protocol designed to provide strong authentication for client-server applications through secret-key cryptography. It is particularly well-suited for environments using Windows, such as those incorporating Active Directory, because Kerberos is integrated into Active Directory for managing user credentials and enabling secure single sign-on (SSO) capabilities.

When a user logs into a Windows domain, Kerberos allows for the issuance of tickets that facilitate access to various services without repeatedly entering passwords. This seamless authentication process leverages the existing Active Directory environment, making it efficient and secure.

In contrast, Trusted Authentication, Mutual SSL, and Local Authentication do not rely on Active Directory in the same way. Trusted Authentication requires trust relationships and is used mainly in Tableau server environments without Active Directory dependencies. Mutual SSL is based on certificate exchange and doesn't inherently leverage Active Directory user accounts. Local Authentication manages user credentials directly on the system and does not pertain to Active Directory at all. Thus, Kerberos stands out as the authentication mechanism specifically designed to work within an Active Directory framework.