Do you want to prevent users who have not changed their passwords from accessing Outlook? If so, I would suggest you let them try to log on OWA first, check whether password expiration policy applied on them.
If they don't need to change their password when logon OWA, it means this expiration policy hasn't applied to their mailboxes now.
If they need to change password from OWA, it means the expiration policy has applied on their mailboxes. But, for Outlook clients, there exists cache information, they may not get a reminder to change your password immediately. For more detailed information about it, you could have a look at this article.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.