I’m planning to use SP 2013 (Server) to set up an extranet portal.
We have a set of about 10 product platforms, which some customers have, some don’t. We have hundreds of customer organisations, each with usually 2 -5 individual members.
What I want to do is set up permissions so that each organisation can see only content they have permission for. There are 2 possible ways to do this, as far as I see:
1) Set up a user group for each product platform, and add the relevant individual customers to each platform group. Then assign the relevant group permission to new content, so only the relevant customers have access to it. Seems to be the easiest approach.
The problem with 1) is, there are only two options for who can see the members of the group: everyone, or group members. I don’t want ANY group members to know who else is in the group, because it’s commercially-sensitive information (obviously).
2) Set up a user group for each customer organisation, and when I publish new content, specify which groups have access to it.
The problem with 2) is, every time I publish something I would have to add potentially hundreds of customer permissions.
Has anyone found a solution to the group membership visibility problem in 1) ?
Or alternatively, does anyone have any better ideas? I could possibly do it using libraries – 1 library for each platform, set up user groups for each customer, assign the relevant groups to each library. That sort of disperses the content though, and I would like customers to see all their approved content in 1 place – I guess I could get around that with a web part..?
