You are working in a network where the AD domain name is the same as your public Internet domain name. In other words, instead of using something like example.local for your AD domain and example.com for your public domain, you use example.com for both.
This can be okay except you now need to maintain two DNS domains, your AD one and your public one. The biggest issue in doing this is that sometimes a DNS change in one isn’t pushed to the other. So, why not check it with a script (by hand or via your monitoring system)?
In the attached script, I do some digging using nslookup to dig into both AD DNS and public DNS. This can be done because there are certain well-known public DNS servers that we can use. Google for example has 22.214.171.124.
To use it, just specify the DNS record you want to test, e.g., you could test it this way:
C:> TestLocalIPandRemoteIP.cmd mail.example.com