If you have the policy action open, it should correct the non-compliant user even if the computer is not on the network. You won’t see the status of the action until it comes back on the network but the action should run regardless.
The action would be part of the action site the client received when it last gathered new content and that would include the fixlet giving the user admin and the fixlet removing that admin access and logging them out after 4 hours.