I shall plead the fifth on this one. I write so much, I have no idea what you are referring too.
Do you recall where I wrote this? I use the Internet as external memory storage. (Rather than bother to remember all the details, I write them down, get them published, and search for it, when I need to retrieve it).
Looking at an IDM4 packaged version of the GW driver, I see in Sub-Create, NOVLGRPWB-sub-cp-DefaultCreatePolicies policy object, a rule User Required Attribites that has a condition, if entitlement gwAccount available, then it requires Surname and CN.
So looks like the issue is still there in Packaged IDM4 drivers. Be nice to report this one.
anyway, workaround is trivial. If using Packages, make your own, add and link in a rule that does a veto if op attr Surname is not available. Or whatever you want. Then it works fine, and does not break entitlements.