In Azure AD Free, you can check and rectify non-compliant devices by following these steps:
Sign in to the Azure portal (portal.azure.com) using your Azure AD administrator account.
Navigate to the Azure Active Directory service.
In the Azure AD portal, go to "Devices" under the "Manage" section in the left-hand menu.
On the Devices page, you will see a list of devices registered in your Azure AD tenant. Look for the devices that are marked as non-compliant.
Select a non-compliant device from the list to view its details and compliance status.
In the device details page, you will find information about the compliance issues and the reasons why the device is marked as non-compliant.
To rectify non-compliant devices, you have a few options:
a. Implement Intune: Azure AD Free does not include Intune, but you can consider upgrading to Azure AD Premium or purchasing Intune separately. With Intune, you can enforce compliance policies and manage devices more effectively.
b. Use a third-party Mobile Device Management (MDM) solution: You can integrate a third-party MDM solution with Azure AD to manage device compliance. These solutions often provide more advanced device management capabilities.
c. Manually remediate the compliance issues: If you prefer not to use an MDM solution, you can manually address the compliance issues on the non-compliant devices. This may involve installing necessary software updates, enabling security features, or configuring device settings to meet your organization's security requirements.
Once you have taken the necessary steps to rectify the compliance issues, re-evaluate the device's compliance status. It may take some time for the changes to reflect in Azure AD.
Remember that in a Workgroup network setup, managing device compliance can be more challenging compared to a domain-joined network where Group Policy can be used for enforcement. Consider the options mentioned above to ensure devices meet your organization's security standards, even in a Workgroup environment.
Note: Azure AD Free has limited device management capabilities, and to have more robust device management and compliance enforcement features, you may need to consider upgrading to Azure AD Premium or utilizing additional MDM solutions.