The pre-boot authentication will not expire the passphrase, so the user would still log in through pre-boot as normal, then Windows would greet them with the familiar password change. Note that they must then use Ctrl+Alt+Delete to change the password or it will not immediately sync with pre-boot auth.
If there is another method for password change in place, they could log off (not reboot or shut down), and the password will sync when they log back in with the new password. Or, if they do shut down or reboot, they could simply enter their old passphrase once at pre-boot, and it will take them to the Windows login. Then when they log into Windows, it should sync properly.
Basically, the method for updating the pre-boot passphrase with the Windows passphrase only kicks off on a successful login, so until they log into Windows, their pre-boot passphrase will be the same, regardless of whether or not it expired in AD.