i believe you sometimes need to have apm (advanced power management) enabled for the computer to physically turn off after shutting down.
as far as having users hatl or reboot the system, why would you want to do that? if anyone cracks your system, they can just shut it down. is it that difficult to switch to root to reboot?
if you really have to do it, you can chown/chmod your reboot and shutdown scripts. there are probably a lot of other ways to do it, too.