We are using AD security groups to define access to our production QlikSense applications. However, I notice that in our license configuration we have created both a login access and user access rule for the AD group; e.g.
License.UserAccessGroup_fdf60759-bb4e-4175-b48c-bc2c525ce223
((user.group="QVSMGAR"))
and also
License.LoginAccessType_739c98d3-cefb-4f9c-aa6f-d59906700d76
((user.group="QVSMGAR"))
Now it seems to me we do not need both these rules and that since we have a limited number of tokens, we should delete the user access rule and manually allocate only the 1 or 2 power users directly.
Since we have allocated all our tokens anyway (between manual user access allocations and login access rules), does the first rule essentially "roll over" into granting login access?
I think we should not have any user access rules at all...not sure why these exist. Am I missing something?