I’m having difficulty resolving AD-specific SRV records and would like to confirm whether or not the DNS server I’m using is Microsoft-based or something else (e.g. BIND). Is there anyway to do this from the client side? Unfortunately I don’t have access to the DNS server itself and the internal IP is inconclusive.
Is there any way to find out from the client side?
Try one of
dig @nameserver version.bind txt chaos nslookup -type=txt -class=chaos version.bind nameserver
If you get an answer, it is a version of BIND and might give a clue to the OS as well.
For obvious security reasons, this sort of facility is usually disabled.
There is also fpdns, it may not have a Windows port but you could boot a Linux live CD.
Could you try running nmap against it for a OS fingerprint?
There is also this project, but it suffers from the same issue-you have to install something.