I am setting up a site for a small non-profit of which I am a member. Our organization has branches in a handful of countries, each with at least one representative.

For members of our organization, the site is intended to

1. allow our organization's members interact with one another in a private group
2. allow each member to blog, upload files and create pages via their profile
3. assign org members to administration of a group corresponding with their country

The site is also open to the people we serve but I want to limit their access to site functions. Registers on the site may join groups, create groups, choose friends, comment, participate in forums.

I will administer the site but I need to create a distinction between registered site users and organization members in order to limit access and distinguish permissions.

Is there anyone out there who can walk me through how I might do this?