AD Users do not log into the QlikView AP, they log into the AD network (Windows) and their credentials are automatically and invisibly forwarded to the QlikView Accesspoint. That trick is called SSO or Single Sign-On ("No multiple logons required, a single one will do")
Are you sure you want to kick out of AD all users that haven't visited the QlikView AP in the last 3 months? They won't be able to access their laptop/desktop machines anymore... or any other Windows resource on your network for that matter.
If you want to find out when different users have last used their QlikView Server license(s), check out the license overviews in the QMC (QMC->System->Licenses->QlikView Server->Client Access Licenses->Assigned CALs->Last Used for Named CALs, and the corresponding Document CAL assignment overview for Document CALs). Or install and run the Governance Dashboard or a similar license reporting tool.