The customer is evaluating moving his ITMS implementation to a cloud environment with Azure Active Directory.

He would like to know how these associations work when devices are Azure Active Directory joined and not joined in on-prem Active Directory?  With the move to Azure AD join on the horizon, they are not importing computer resources from on-prem Active Directory, only user resources (as these are still created in on-prem Active Directory). 

He has noticed that any user who is using an Azure Active Directory joined device is not being imported during the Active Directory import or is possibly being removed after import. Is this by design?

ITMS 8.6, 8.7

ITMS doesn't support Azure Active Directory at the moment as of ITMS 8.7 Release.
 
We are planning to research what it would require to add the support (see EM-84187), however as of now we can't commit it to any future release be it 8.7 RU1 or even later.
 
Hence customers must use on-prem Active Directory for ITMS.