1. Different between user access rules and login access rules
User access rules
A user access rule defines which users that will automatically be assigned user access when logging in.
Login access rules
One token equals a predefined amount of login access passes. The login access allows a user to access streams and apps for a predefined amount of time. This means that a single user may use several login access passes within a day. You create security rules specifying which users the login access is available for.
When you delete a login access (group), tokens are released immediately if the login access contains enough unused login access passes. The number of tokens that are released is dependent on the number of used login access passes. Used login access passes are not released until 28 days after last use. For example: If you allocated tokens giving 1000 login access passes to a group, they cannot use more than 1000 login access passes over 28 days. Also, if 100 login access passes are consumed on day 1, the 100 are available again on day 29. If no access passes are in use then all tokens assigned to the login access instance will be released when it is deleted.
3. Different roles for admin
The AuditAdmin has read access to all resources from the audit page. The SecurityAdmin has read rights on server node configuration.
As RootAdmin or SecurityAdmin you have the possibility to create new roles to suit your purposes.