Conditional Access - User GUID Import Issue

Hello PowerShell Gurus

Task
I am currently working on building Conditional Access - As Code.

Issue
I have run into a problem where one of the Object ID’s for Windows Update Deployment Administrator - ObjectID: 32696413-001a-46ae-978c-ce0f6b3620d2) is not accepted as a built in role.

Issue explanation
I want to assign a certain CA policy to all "Administrative Roles. Instead of manually hardcoding all ObjectID’s into my script i use the following code, to get a comma separated and readable list of Built-In administrators:

$AllAdmins = get-msolrole | Where-Object {$_.Name -clike "*Administrator*"} | Select-Object -ExpandProperty ObjectId | ForEach-Object {"'$_'"}
$AllAdminsComma = $AllAdmins -join ', '

I then use the variable $AllAdminsComma in the code in my CA below.

$conditions = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessConditionSet

$conditions.Applications = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessApplicationCondition

$conditions.Applications.IncludeApplications = "All"

$conditions.Users = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessUserCondition

$conditions.Users.IncludeRoles = @($AllAdminsComma)

$conditions.Users.IncludeUsers = 'GuestsOrExternalUsers'

$conditions.Users.ExcludeGroups = $UserGroupsExcluded

$conditions.Locations = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessLocationCondition

$conditions.Locations.IncludeLocations = "All"

$conditions.Locations.ExcludeLocations = $NamedLocationProActive

$controls = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessGrantControls

$controls._Operator = "OR"

$controls.BuiltInControls = "MFA"

$sessions = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessSessionControls

$sessions.SignInFrequency = New-Object -TypeName Microsoft.Open.MSGraph.Model.ConditionalAccessSignInFrequency

$sessions.SignInFrequency.IsEnabled = $true

$sessions.SignInFrequency.Type = "Days"

$sessions.SignInFrequency.Value = "1"

New-AzureADMSConditionalAccessPolicy -DisplayName "GRANT - General MFA required - Admins and externals" -State "Disabled" -Conditions $conditions -GrantControls $controls -SessionControls $sessions

All roles ObjectIDs are accepted except for the Windows Update Deployment Administrator - ObjectID: 32696413-001a-46ae-978c-ce0f6b3620d2).
I have even tried to hardcode the this value only and gets the same error.
I have tried with the other ObjectID’s and All works.

Error Output from Powershell
Code: BadRequest
Message: 1103: ‘users’ condition contains non-built in role ids: 32696413-001a-46ae-978c-ce0f6b3620d2.

Any ideas on how to solve this?

Thanks in advance.