User Names, SIDs and Active Directory

Let's go backwards.  We figured out how to get a user name out of a SID earlier:

[adsi]"LDAP://<SID=$sid>"

How do we get the SID from a user name?  It turns out that's not quite as easy: 

$ntAccount = new-object System.Security.Principal.NTAccount($env:userDomain, $env:userName) ;
$sid = $ntAccount.Translate([System.Security.Principal.SecurityIdentifier]).value;

The above assumes that I'm looking for my own SID.  Change $env:userName to suit.  Why did I look for this? So I can get the AD object for a given username.  Paired with the initial SID-to-username cryptogram earlier, this makes it easy.