Domain Controller not updating from WSUS server

I have just inherited some existing issues in my new Sys Admin position, as i have never used WSUS before i thought i would ask you fine people for some input!

All servers are 2008R2, 2 physical servers running Hyper-V and these run 8 Virtual machines, each physical has one domain controller on it.

One of the virtual domain controllers is not taking MS Updates, a few months ago it did then something happened and it changed, so WSUS is not updating it and when i try it manually i am getting Error code: 8000FFFF, the other DC is updating fine

When i check C:Windows windowsupdate

Setup    Downloading setup package "WUClient-SelfUpdate-Core-TopLevel~31bf3856ad364e35~amd64~~7.6.7600.256"
Setup    Downloading setup package WUClient-SelfUpdate-Core-TopLevel~31bf3856ad364e35~amd64~~7.6.7600.256.cab from http:local/selfupdate/WSUS3/x64/Vista
Misc    Validating signature for C:\Windows\SoftwareDistribution\SelfUpdate\Packages\WUClient-SelfUpdate-Core-TopLevel~31bf3856ad364e35~amd64~~7.6.7600.256\WUClient-SelfUpdate-Core-TopLevel~31bf3856ad364e35~amd64~~7.6.7600.256.cab:
Misc     Microsoft signed: Yes

ABOVE IS JUST ONE EXAMPLE UPDATE, THERE ARE A FEW

WARNING: LoadLibrary failed for srclient.dll with hr:8007007E
Setup    Staging setup package "WUClient-SelfUpdate-ActiveX~31bf3856ad364e35~amd64~~7.6.7600.256"
Setup    WARNING: CBS staging operation failed, error = 0x8000FFFF
Setup    FATAL: Failed to stage setup package "WUClient-SelfUpdate-ActiveX~31bf3856ad364e35~amd64~~7.6.7600.256", error = 0x8000FFFF
Setup    WARNING: Failed to stage applicable setup packages, error = 0x8000FFFF
Setup    FATAL: Downloading binaries for SelfUpdate failed, err = 0x8000FFFF
Agent      * WARNING: Skipping scan, self-update check returned 0x8000FFFF
Agent      * WARNING: Exit code = 0x8000FFFF

I have checked the registry as suggested in KB946414 and the values were not in it on the server running WSUS and the values are not there.

I tried installing the SURT but it just hangs about half way through, I have also just tried updating as normal and im getting event ids 1001 and 256, any thoughts on this?

Could it be folder permissions?

I have also looked at the group policy and when i check the settings, I'm getting: An error has occured while collecting data for administrative templates

namespace 'Microsoft policies........' is already defined as the target namespace for another file in the store

Probably easier to start with a few standard things first, and then maybe rebuilding the Wnidows Update component, rather than rebuilding the DC totally (although this is a valid way of solving the problem, and probably not that much effort)

I would try running from an elevated command-prompt, the command 'wuauclt /detectnow /resetauthorization' you never know it may just fix it. But in this case, I do doubt it.

The next thing to do is to completely rebuild the Windows Update component. This has fixed problem-servers for me.

Follow the article KB971058

There is a fix-it utility on that page, or you can do it yourself (I prefer this method) by going to this link

Hope this helps.