Disable Kubernetes local accounts azurerm_kubernetes_cluster

Looking for some insight on disabling Kubernetes local accounts in Azure aks.
I have the following definition short version:

resource "azurerm_kubernetes_cluster" "cluster" {
  name                             = var.cluster_name
  node_resource_group              = var.node_resource_group
  location                         = var.region
  resource_group_name              = var.resource_group_name
  kubernetes_version               = var.kubernetes_version
  dns_prefix                       = var.dns_prefix
  local_account_disabled           = true

  azure_active_directory_role_based_access_control {
    managed = true

Also experimented with additional options
role_based_access_control_enabled = true
and setting admin_group_object_ids

However, no matter what, in Azure portal I still see “Kubernetes local accounts” checked.

Local account is a legacy config and is important to insure this is disabled.

azurerm version is 3.5.0
k8s version 1.25.5

Any pointers are much appreciated. Thank you!