I figured this out in the end (almost). The code below uses a Username and Password supplied in an optional 'Settings' form to check whether the current user is a member of the built-in Administrators
group in our Domain.
Public Function IsAuthenticatedUser(ByVal Username As String,
Optional ByVal Group As String = "Administrators") As Boolean
Dim IsAuthenticated As Boolean = False
Try
Using RootContext2 As New PrincipalContext(ContextType.Domain,
"dynedrewett.com",
"DC=dynedrewett,DC=com",
Me.formSettings.txtUsername.Text,
Me.formSettings.txtPassword.Text & "XXX"), _
TheGroup As GroupPrincipal = GroupPrincipal.FindByIdentity(RootContext2, IdentityType.Name, Group), _
TheUser As UserPrincipal = UserPrincipal.FindByIdentity(RootContext2, IdentityType.SamAccountName, Username)
If TheGroup IsNot Nothing AndAlso TheUser IsNot Nothing Then
For Each SingleGroup As Principal In TheGroup.GetMembers(True)
If SingleGroup.Name = TheUser.DisplayName Then
IsAuthenticated = True
Exit For
End If
Next
Else
IsMember = False
End If
TheGroup.Dispose()
TheUser.Dispose()
End Using
Catch Ex As Exception
Dim ErrorForm As New formError(Ex, "Ensure that valid Administrator Credentials are specified in the application Settings.")
End Try
Return IsAuthenticated
End Function