Well for the first one: Active directory user accounts properties can allow you to specify which computers a user can log into.
As far as keeping track of login duration , you can audit logon and logoff events for each user so you can see when they logon and logoff.
For the autoshutdown, you might need to write your own script which needs to run in the background, but I am sure if you search online you can come across a program which does what you need.
With the use of fingerprint authentication, the software which comes with it should allow you to make sure that user uses the fingerprint reader first and then is allowed to login.
Hope this helps