They define the names of the groups that are used to store the logins of the people who get named licenses, not the users themselves (your question seems to lead in that direction).
The licenses themselves (how many of each type) are defined in your FlexNET license file.
1) You can use any name you want here, and it can be the same group if that's how your organization works. (That's how I'm set up, every named user uses both products so I have only one group to manage.)
2) You don't have to import these groups in Workflows and Documents, they can stay strictly domain/LDAP groups.
3) You should not have more names in your group than you have licenses. If you do, some logins don't get licenses but there's no way of knowing who by looking at the group's contents.
4) When you start your Integrity service, the server log show the list of logins that get a named license.