Assuming you have an IP address and no other information. You're not allowed to use DNS as it may be reporting invalid information. Also assume that the destination machine is running a Microsoft OS and is currently online and booted.
Is there any way to query the machine directly using the IP address (some service/port) to find out what the hostname is of that machine?
Depending on the version of Windows and services enabled on the remote machine, you may be able to query its NetBIOS (WINS) identifier name. That won't give you a domain name, but it might get enough of a name so you can id the machine.
http://technet.microsoft.com/en-us/library/cc736703(WS.10).aspx
You can use NetBIOS Name service (UDP port 137)
I think that WINS is just another name / thin wrapper around NetBIOS NS.