Multisite user management question

Hello, I am looking for a solution to a situation I have.

lets say i have 3 sites. site1 site2 site3. i want these sites to be able to share users by "group" or user role privileges set by each individual site.

I want users of site1 to be able to access site2 and site3. I want the users of site2 to have access to site2 and site3, but not site1.

it doesnt seem like multisite user manager does what i need it to. It sets a default user level. I need sites to share roles and access. and deny users by role as well.

Is there any way to accomplish this?

thanks